The package golang-github-cpuguy83-go-md2man has been renamed into golang-github-cpuguy83-md2man
in f31 repository.
That leads to an Error: Unable to find a match: golang-github-cpuguy83-go-md2man
This patch handles the renaming of this package and fixes the command for f31 and the one that will
follows without breaking compatibility with older versions.
Signed-off-by: Allan Jacquet-Cretides <allan.jacquet@gmail.com>
We attempted to share all logic for parsing labels and
environment variables, which on the surface makes lots of sense
(both are formatted key=value so parsing logic should be
identical) but has begun to fall apart now that we have added
additional logic to environment variable handling. Environment
variables that are unset, for example, are looked up against
environment variables set for the process. We don't want this for
labels, so we have to split parsing logic.
Fixes#3854
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
add the ability to cache images instead of pull them. makes tests faster and less network use when we flip on CI.
Also added list images with filter test
Signed-off-by: Brent Baude <bbaude@redhat.com>
Add pkg/signal to deal with parts of signal processing and translating
signals from string to numeric representations. The code has been
copied from docker/docker (and attributed with the copyright) but been
reduced to only what libpod needs (on Linux).
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Add pkg/capabibilities to deal with capabilities. The code has been
copied from Docker (and attributed with the copyright) but changed
significantly to only do what we really need. The code has also been
simplified and will perform better due to removed redundancy.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
If we attempt to label a volume and the file system
does not support labeling, then just warn. SELinux
may or may not work, on the volume.
There is no way to setup a private label on a newly
created volume without using the container mountlabel.
If we don't have a mount label at the time of creation of
the volume, the only option we have is to create a shared
label.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
I saw some bad formatting when reading "man podman-run" and
proceeded to fix it. I have now opened a can of worms...
This commit tries to fix some of the formatting, wording and
other bugs I came across (unfortunately not all of them).
Can't list every fix that I made here, but in general:
- format lists as such (prepend items with "- ");
- format examples as such (enclose in ```...```);
- format literal values (option names, literal values) as **bold**;
- format man page references as **page**(1).
- format replacements (option values) and file names as _italic_;
- remove some duplicate info (such as what's the default value);
- move option value description to option syntax;
- end sentences with a period.
To test:
```console
$ make docs
$ man ./docs/build/man/podman-run.1 ### check terminal formatting
$ man -Tps ./docs/build/man/podman-run.1 > podman-run.ps
$ ps2pdf podman-run.ps ### optional
$ evince podman-run.pdf ### check printer formatting (or use ps viewr
```
NOTE
- there is much more to do here;
- I haven't checked any factual contents, this is about formatting
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
fix#5166
This patch enables `--detach-keys ""` to disable the feature. "ctrl-p, ctrl-q" will not work after this command.
Signed-off-by: Qi Wang <qiwan@redhat.com>
When I input podman start in bash , and then type tab , cannot automatically complete container name , this pr will fix the bug .
Signed-off-by: 李俊杰 <phpor@users.noreply.github.com>
The `fuse-overlayfs` package provided by Ubuntu up to 19.10, is not
recent enough and causes errors on `buildah commit`, for instance.
Adjust the rootless tutorial to point this out and to provide more
detailed instructions on how to obtain `fuse-overlayfs` and configure it
for use by `libpod`.
Signed-off-by: Leonardo Rochael Almeida <leorochael@gmail.com>
The changes in #5075 turn out to be too aggressive; we should
only be setting --all if a status= filter is given. Otherwise
only running containers are filtered.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
when filtering containers, if a status= is provided as an input filter, then we should override the all to always be true.
Signed-off-by: Brent Baude <bbaude@redhat.com>
fix#4876
Add `--device-cgroup-rule` to podman create and run. This enables to add device rules after the container has been created.
Signed-off-by: Qi Wang <qiwan@redhat.com>
there is a race condition where the child process is immediately
killed:
[pid 2576752] arch_prctl(0x3001 /* ARCH_??? */, 0x7ffdf612f170) = -1 EINVAL (Invalid argument)
[pid 2576752] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
[pid 2576752] --- SIGTERM {si_signo=SIGTERM, si_code=SI_USER, si_pid=2576742, si_uid=0} ---
[pid 2576752] +++ killed by SIGTERM +++
this happens because the parent process here really means the "parent
thread".
Since there is no way of running it on the main thread,
let's skip this functionality altogether and use kill(2).
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
write to the error pipe only in case of an error. Otherwise we may
end up in a race condition in the select statement below as the read
from errChan happens before initComplete and the function returns
immediately nil.
Closes: https://github.com/containers/libpod/issues/5182
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Add pkg/seccomp to consolidate all seccomp-policy related code which is
currently scattered across multiple packages and complicating the
creatconfig refactoring.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
When Docker performs a copy up, it first verifies that the volume
being copied into is empty; thus, for volumes that have been
modified elsewhere (e.g. manually copying into then), the copy up
will not be performed at all. Duplicate this behavior in Podman
by checking if the volume is empty before copying.
Furthermore, move setting copyup to false further up. This will
prevent a potential race where copy up could happen more than
once if Podman was killed after some files had been copied but
before the DB was updated.
This resolves CVE-2020-1726.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
