This changes /run to /var/run for .containerenv and secrets in FreeBSD
containers for consistency with FreeBSD path conventions. Running Linux
containers on FreeBSD hosts continue to use /run for compatibility.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
port Commit 55397de (cgroups: use SessionBusPrivateNoAutoStartup)
from cgroups.go to cgroups_linux.go
do not start up a dbus daemon if it is not already running.
[NO NEW TESTS NEEDED] the fix is in a dependency.
Signed-off-by: Joni Korhonen <joni.korhonen@gmail.com>
Switch man page to user USERID instead of UID, since UID environment
variable is set at login, and is not allowed to be changed.
UID=foobar
bash: UID: readonly variable
Fixes: https://github.com/containers/podman/issues/19646
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
IPv6 test has been hard-skipped for six months.
IPv4 test is flaking in Cirrus and hard-failing in Gating.
Absent a reliable way to test in CI and gating, and absent
a strong reason to test ICMP in pasta anyway, the solution
is simple.
Closes: #19612
Signed-off-by: Ed Santiago <santiago@redhat.com>
This just sets the flag in the runtime spec - the actual implementation
is in the OCI runtime.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
Support a new concept in containers.conf called "modules". A "module"
is a containers.conf file located at a specific directory. More than
one module can be loaded in the specified order, following existing
override semantics.
There are three directories to load modules from:
- $CONFIG_HOME/containers/containers.conf.modules
- /etc/containers/containers.conf.modules
- /usr/share/containers/containers.conf.modules
With CONFIG_HOME pointing to $HOME/.config or, if set, $XDG_CONFIG_HOME.
Absolute paths will be loaded as is, relative paths will be resolved
relative to the three directories above allowing for admin configs
(/etc/) to override system configs (/usr/share/) and user configs
($CONFIG_HOME) to override admin configs.
Pulls in containers/common/pull/1599.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
container/common Config was recently updated to use FCOS
default names, since Windows HyperV backend needs them,
and these are common with other providers.
Map this to values the WSL backend expects.
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
now that we have public hypverv fcos artifacts, we can download them
instead of requiring a special build.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
The git repo that was used for the example of a git build:
`podman build https://github.com/scollier/purpletest`
no longer exists. Someone reached out to @rhatdan about this
and he suggested using the Podman Hello World repo. However,
that didn't exist until a little bit ago, so I've updated
the man page with a pointer there. That should be a lot more
stable.
[NO NEW TESTS NEEDED]
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Flake suppression: going with the one-basket model of egg storage,
switch manifest_test to use an image on quay.io (was: k8s.io).
Closes: #19148
Signed-off-by: Ed Santiago <santiago@redhat.com>
Tell sphinx not to process the "options" dir, those files
are not to be published.
Context: websearching for podman volume info, I stumbled upon:
https://docs.podman.io/en/latest/markdown/options/volume.html
...and panicked because I saw '<<container|pod>>', the options
include-file syntax that should never be seen by users. I thought
the filter script was broken.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The newly introduced `idmap` section of rootfs lacked a header
(comparable to Overlay Rootfs Mounts), had odd formatting, and
wording that differed from other instances of idmap, e.g., the
one in the --volume section. This commits addresses those issues.
Signed-off-by: Peter Whittaker <PeterWhittaker@SphyrnaSecurity.com>
This reverts commit 5b148a0a68360892f57603b77e73c69e32fb7b7e.
Reverting to treating the `pull` query parameter as a boolean.
Because of deceiving Docker API documentation it was assumed that the
parameter is pull-policy, however that is not true. Docker does treat
`pull` as a boolean. What is interesting is that Docker indeed accepts
strings like `always` or `never` however Docekr both of these strings
treat as `true`, not as pull-policy. As matter of the fact it seems
there is no such a thing as pull-policy in Docker.
More context https://github.com/containers/podman/issues/17778#issuecomment-1673931925
Signed-off-by: Matej Vasek <mvasek@redhat.com>
