We want to add the latest support for COPY --chown UID:GID.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1289
Approved by: TomSweeneyRedHat
I think a created container which was never run will have no size struct
we should just return 0
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1288
Approved by: TomSweeneyRedHat
Currently if the socket was never started you get an error about
the service being started. But if the service was started and later
stopped, you get a useless error.
This change causes the error to always be the same for connection refused.
The error message was also repeating the address twice which looked bad.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1287
Approved by: baude
Do not set any hostname value in the OCI configuration when --uts=host
is used and the user didn't specify any value. This prevents an error
from the OCI runtime as it cannot set the hostname without a new UTS
namespace.
Differently, the HOSTNAME environment variable is always set. When
--uts=host is used, HOSTNAME gets the value from the host.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1280
Approved by: baude
To better reflect it's usage: to share functions between podman and varlink.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1275
Approved by: mheon
Change way to PodContainerErrors are handled
Remove PodNoContainers and PodHasContainers, because there is no way to differentiatefrom a standard error
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1275
Approved by: mheon
This fixes a couple of issues with podman top.
podman top --latest USER HUSER
Now shows you the User inside of the containers usernamespace as well as the user on the host.
podman top --latest capeff capbnd
Now has headings that differentiatiate between the Capabiltiies. We also have support for
ambient capabilities.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1286
Approved by: vrothberg
Need to get some small changes into libpod to pull back into buildah
to complete buildah transition.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1270
Approved by: mheon
We need to pass the image format OCI or docker in the varlink commit command.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1281
Approved by: mheon
Default settings for storage can be overriden by setting these environment
variables.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1282
Approved by: mheon
Hostname should be set to the hosts hostname when network is none.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1274
Approved by: giuseppe
Specifically, pod.Start() always returned CtrErrors, even if none failed. This cause podman start to not return the successfully started pod id.
Also, pod.Kill() didn't return an error along with ctrErrors.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1272
Approved by: rhatdan
* Rename id_ to ident, make non-PEP8'ers happier
* Fix bug where port was required on local connections
* Improve error messages for exceptions
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #1246
Approved by: rhatdan
Use a pipe instead of a temporary file to load the apparmor profile.
This change has a measurable speed improvement for apparmor users.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1262
Approved by: mheon
Move all Linux-related data under the corresponding buildtags to reduce
the memory footprint and speed up compilation for non-apparmor builds.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1262
Approved by: mheon
If user does not pass in cgroup manager and running in rootless mode,
then we need to force the cgroupfs support until/unless we get support
for rootless systemd support.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1261
Approved by: mheon
when searching multiple registries for images, if we get an error on one
of the searches, we should keep going and complete the search. if there
is only one search registry however, we will return an error.
Resolves: #1255
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1257
Approved by: mheon
Also, don't return the internal podState struct - instead return
a public inspect struct.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1258
Approved by: rhatdan
Currently we add mounts from images, volumes and internal.
We can accidently over mount an existing mount. This patch sorts the mounts
to make sure a parent directory is always mounted before its content.
Had to change the default propagation on image volume mounts from shared
to private to stop mount points from leaking out of the container.
Also switched from using some docker/docker/pkg to container/storage/pkg
to remove some dependencies on Docker.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1243
Approved by: mheon
