Made a mistake in my earlier patch. I though that if you add an empty string
to an array, the length of the array would still be 0...
Realised this when vendoring the secrets pkg into cri-o.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #685
Approved by: mheon
The hidden flag is used to override the path of the default mounts file
for testing purposes.
Also modified the secrets pkg to allow for this override to happen.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #678
Approved by: mheon
In the case where podman needs to pull an image, if that registry that the image
resides on is known to be insesure (as defined in /etc/containers/registries.conf),
tls-verify should be altered on the fly.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #626
Approved by: mheon
This fixes the situation where we fail to create a container when a name already exists.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #517
Approved by: baude
The SQLite DB backend has become an unmanageable nightmare. I
like having the option for DB work, but it's become an active
hindrance to further development, and it's definitely not in any
shape to be actively used.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #548
Approved by: baude
Migrate the podman create and commit subcommandis to leverage the images library. I also had
to migrate the cmd/ portions of run and rmi.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #498
Approved by: mheon
The standard config has moved to /usr/share/containers/ per
discussion. An override configuration file is allowed at the
previous /etc/containers/ location. This override will be used in
place of the normal config if both are present, and exists to
override distro packaged configs without modifying the standard
config.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #430
Approved by: rhatdan
This allows more graceful handling of multiple paths in a config
file.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #430
Approved by: rhatdan
add registries and insecure registries to the podman info output. this gives us
some capatibility with other container runtimes.
Resolves issue #420
Signed-off-by: baude <bbaude@redhat.com>
Closes: #422
Approved by: mheon
Also consider "/usr/lib/cni" as a potential directory for CNI plugins.
On some distributions, e.g., on openSUSE, %{_libexecdir} evaluates to
"/usr/lib".
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #416
Approved by: mheon
The packages in Lokesh's ppa that is currently used for podman puts the
conmon and runc binaries in /usr/lib/crio/bin/conmon and /usr/lib/cri-o-runc/sbin/runc
respectively.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #406
Approved by: baude
To account for more path possibilities, we now iterate
a string array of possible paths to try and find paths
to runc and conmon.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #278
Approved by: baude
Ubuntu installs runc to /usr/sbin/runc so we now account
for that. Also, added small check when creating a new
runtime that if we cannot find the runc binary, we bail
out.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #276
Approved by: baude
Normal Stop should not need a timeout, and should use the default
Add a function that does accept a timeout aside it
Signed-off-by: Matthew Heon <mheon@redhat.com>
Closes: #272
Approved by: rhatdan
If user does not specify seccomp file or seccomp file does not exist,
then use the default seccomp settings.
Still need to not hard code /etc/crio/seccomp.json, should move this to
/usr/share/seccomp/seccomp.json
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #233
Approved by: baude
This can now be handled by CNI plugins, so let them manage ports
instead.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #189
Approved by: mheon
podman run/create have the ability to set the stop timeout flag.
We need to stop it in the database.
Also Allowing negative time for stop timeout makes no sense, so switching
to timeout of uint, allows user to specify huge timeout values.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #158
Approved by: TomSweeneyRedHat
Given that we don't have a good way of cleaning up locks, these
could potential cause issues if we ever reuse a container or pod
ID
Also changes locks dir to use tmpfs, as we can't directly clean
up locks
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #138
Approved by: rhatdan
