`/usr/lib/systemd/system` should only be used by the package manager
administrators should use: `/etc/systemd/system` or
`/usr/local/lib/systemd/system`
see: man systemd.unit
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
The define package under Libpod is intended to be an extremely
minimal package, including constants and very little else.
However, as a result of some legacy code, it was dragging in all
of libpod/image (and, less significantly, the util package).
Fortunately, this was just to ensure that error constants were
not duplicating, and there's nothing preventing us from
importing in the other direction and keeping libpod/define free
of dependencies.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Documentation and unit files call for a millisecond timeout while the
code was using a second resolution. Code change is smaller given
varlink has been deprecated.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
When you execute podman create/run with the --pod new:<name> syntax
the pod was created but the namespaces where not shared and
therefore containers could not communicate over localhost.
Add the default namespaces and pass the network options to the
pod create options.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
They are needed in support of future testing additions.
Also reduce unnecessary output by not printing the downloaded package
list. The set can be examined using other tooling if/when necessary.
Signed-off-by: Chris Evich <cevich@redhat.com>
`podman image search` returned wrong results for the image "Description" as
it was mapped to the wrong field ("ID") in the search results.
Basically cherry-picked into the api from
commit cf5c63b5c492e41d72b6e3b6d75b5f39b0a957fd.
Signed-off-by: Ralf Haferkamp <rhafer@suse.com>
Currently you can only specify multiple character for image names
when executing podman-remote commit
podman-remote commit a b
Will complete, but will save the image without a name.
podman-remote commit a bb
Works.
This PR fixes and now returns an error if the user doees not specify an
image name to commit to.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
when setting up the user namespace do not ignore errors from
newuidmap/newgidmap if there are mappings configured.
The single user mapping is a fallback only when there are not mappings
specified for the user.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Test flakes mentioned in #6987 might be caused by uncorrect closing of file descriptor.
Fix the code to close file descriptors for podman run since it may close those used by other processes.
Signed-off-by: Qi Wang <qiwan@redhat.com>
The logic for `podman rmi --force` includes a bit of code that
will remove Libpod containers using Libpod's container removal
logic - this ensures that they're cleanly and completely removed.
For other containers (Buildah, CRI-O, etc) we fall back to
manually removing the containers using the image from c/storage.
Unfortunately, our logic for invoking the Podman removal function
had an error, and it did not properly handle cases where we were
force-removing an image with >1 name. Force-removing such images
by ID guarantees their removal, not just an untag of a single
name; our code for identifying whether to remove containers did
not proper detect this case, so we fell through and deleted the
Podman containers as storage containers, leaving traces of them
in the Libpod DB.
Fixes#7153
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
- New test for #6991 - passwd file is writable even when
run with --userns=keep-id
- Enable another keep-id test, commented out due to #6593
- New test for podman system df
Also, independently, removed this line:
apt-get -y upgrade conmon
...because it's causing CI failures, probably because of the
boothole CVE, probably because the Ubuntu grub update was
rushed out. I believe it is safe to remove this, because
both Ubuntu 19 and 20 report:
conmon is already the newest version (2.0.18~1).
Signed-off-by: Ed Santiago <santiago@redhat.com>
The initial version of the new port code mistakenly restricted
this, so un-restrict it. We still need to maintain the map of
container ports, unfortunately (need to verify if the port in
question is a duplicate, for example).
Fixes#7062
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
We are returning bogus data in podman-remote images --format json.
This change will match the same data returned my podman images --format json.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Currently if you give a bogus flag to --format it will crash
the formatter. With this change we will get a nice error.
podman images --format '{{ bogus }}'
Error: template: list:1: function "bogus" not defined
versus
/bin/podman.old images --format '{{ bogus }}'
panic: template: list:1: function "bogus" not defined
goroutine 1 [running]:
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
