(make localunit) complains about the unbuildable subpackage; silence that.
Actually, I can't find any user of checkseccomp in this repo; maybe
it is entirely unused?
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1115
Approved by: rhatdan
None of the functions are used within the package, and it does not build
on non-Linux systems.
(Similar code continues to exist in pkg/chrootuser, and is unaffected.)
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1115
Approved by: rhatdan
Moved contents of RestartWithTimeout to restartWithTimeout in container_internal to be able to call restart without locking in function.
Refactored startNode to be able to either start or restart a node.
Built pod Restart() with new startNode with refresh true.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1152
Approved by: rhatdan
Per https://www.sqlite.org/src/artifact/c230a7a24?ln=994-1081,
POSIX file advisory locks are unsafe to use within a single
process if multiple file descriptors are open for the same file.
Unfortunately, this has a strong potential to happen for
multithreaded usage of libpod, and could result in DB corruption.
To prevent this, wrap all access to BoltDB within a single
libpod instance in a mutex to ensure concurrent access cannot
occur.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
If more than one volume was mounted using the --volume flag in
podman run, the second and onwards volumes were picking up options
of the previous volume mounts defined. Found out that the options were
not be cleared out after every volume was parsed.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #1142
Approved by: mheon
* Some of the pedantic errors were not corrected
* Clean up prep for porting to MacOS and PyPi hosting
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #1155
Approved by: baude
Better explain the inner workings of both state types in comments
to make reviews and changes easier.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
New containers and pods will default to the namespace of the
runtime, but this can be overridden by With... options if
desired.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
All BoltDB access and update functions now understand namespaces.
Accessing containers outside of your namespace will produce
errors, except for Lookup and All functions, which will perform
their tasks only on containers within your namespace.
The "" namespace remains a reserved, no-restrictions namespace.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Dependency containers must be in the same namespace, to ensure
there are never problems resolving a dependency.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Add basic awareness of namespaces to the database. As part of
this, add constraints so containers can only be added to pods in
the same namespace.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Addresses a regression in `podman mount` due to our mount changes
to allow concurrency by letting c/storage handle mounting and
unmounting.
Combine Mounted() and Mountpoint() into one function and query
c/storage directly to ensure we get accurate information.
Fixes: #1143
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #1144
Approved by: baude
Trying to play with podman top, I had a hard time
finding info on format options.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1134
Approved by: umohnani8
Before, errors in containers would never be printed, and a generic error would only be shown.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1132
Approved by: mheon
No need to do a separate string search when reference.Parse has already
determined this.
Changes behavior: non-SHA256 digest formats are now recognized as well.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
... which finally makes it very easy to add comprehensive tests; so do that.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
The functionality only depends on Image.InputName, and we will want
to make the only user of this independent of the fairly complex Image type.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
One part creates []*pullRefName; the other just trivially converts it
into []*pullRefPair.
Also use much more explicit names to explain the functionality.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #1112
Approved by: rhatdan
