For containers using host networking, 'kube generate' crashed in
(*Container).HostNetwork which dereferenced config.Spec.Linux without
checking if its non-nil, which is the case for FreeBSD containers.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
The socket can already exist and is not removed by disabling the systemd unit,
hence it needs to be deleted to get a "vanilla" system. This is a temporary
workaround suggested in:
https://github.com/containers/podman/pull/19478#issuecomment-1665350945
[NO NEW TESTS NEEDED] - this is a CI fix
Signed-off-by: Dan Čermák <dcermak@suse.com>
The `Exists` field of the `RemoteSocket` struct is marshaled to json with the
`omitempty` setting. This has the disadvantage that by default `podman info`
shows a `remotePath` entry (the remote path is set in
`pkg/domain/infra/abi/systems.go`: `(*ContainerEngine).Info`) but not that this
path does not exist:
```
❯ podman info --format json | jq .host.remoteSocket
{
"path": "/run/user/1000/podman/podman.sock"
}
```
By removing the `omitempty`, we ensure that the existence is always shown:
```
❯ bin/podman info --format json | jq .host.remoteSocket
{
"path": "/run/user/1000/podman/podman.sock",
"exists": false
}
```
Signed-off-by: Dan Čermák <dcermak@suse.com>
when init'ing a machine, if the ssh key already exists, then we get a
somewhat oblique error. here we make it clear what the problem was and
early return.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
the method caller for creating the ignition file was accidently
misordered for hyperv. this regression was caused by aa6827a6.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
`git describe` is lagging on main so this commit updates
`rpm/update-sepc-version.sh` to generate the expected version.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Fixes non-blocking nits that were in the PR that consolidated some of
the machine code into common areas.
Fixes a capitalization error in documentation, inverts the logic in
`AddSSHConnectionsToPodmanSocket`, and uses raw strings in
`WaitAPIAndPrintInfo` instead of printing the messages line-by-line.
[NO NEW TESTS NEEDED]
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
On FreeBSD, each container has its own devfs instance with a ruleset
that controls what the container can see. To expose devices to a
container we add rules to its devfs to make the requested devices
visible. For privileged containers, we use 'ruleset=0' which makes
everything visible.
This shares the ParseDevice function with Linux so it moves to
config_common.go from config_linux.go.
Signed-off-by: Doug Rabson <dfr@rabson.org>
Remove "HTTP if one registry" test. It is a NOP, has been skipped
for two months, and nobody knows what its original purpose was.
Closes: #18768
Signed-off-by: Ed Santiago <santiago@redhat.com>
First, all the defaults for TERM=xterm were removed from c/common, then accordingly the same will be added if encountered a set tty flag.
Signed-off-by: Chetan Giradkar <cgiradka@redhat.com>
Adds support for --add-compression which accepts multiple compression
formats and when used it will add all instances in a manifest list with
requested compression formats.
Signed-off-by: Aditya R <arajan@redhat.com>
Some people might expect this to work:
systemctl --wait start foo
journalctl -u foo ---> displays output from foo
Well, it does not. Not reliably, anyway:
https://github.com/systemd/systemd/issues/28650
Shrug, okay, deal with it: write value of %T to a tmpfile
instead of relying on journal. I tested with TMPDIR=<many values>
on an SELinux system and, by golly, it works fine.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Neither `release` nor `workflow_dispatch` triggers may be tested inside
a PR context. The workflow steps always run from what's already
committed to `main`. Rather than waiting for a release to discover
some unforeseen workflow problem, allow manual runs to optionally skip
the release upload step (by default).
Also, update the windows workflow to store an artifact of the signed
build, and migrate away from the deprecated "set-output" command.
Signed-off-by: Chris Evich <cevich@redhat.com>
Currently, due to sphinx smart quote features being enabled, fancy quotes are used in the commands. This means the docs are harder to use as the commands cannot be copy/pasted into a terminal.
Wrapping the code in code blocks fixes this. An alternative would be to disable smart quotes entirely, but this seems over-the-top (especially considering wrapping commands in code blocks harmonises this page with most of the other documentation)
Signed-off-by: Adam Jones <domdomegg+git@gmail.com>
Forcing users to set --rm when setting --rmi is just bad UI.
If I want the image to be removed, it implies that I want the
container removed that I am creating.
Fixes: https://github.com/containers/podman/issues/15640
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
After a failed start, we can run into (somehow inconsistent) states
where the machine won't start because a previous QEMU process is still
running and the PID file is being used. Stop didn't resolve the issue
as this state wasn't detected.
Allow to recover from this state by a) detecting it during start and
error out with a more helpful message than the error QEMU would
otherwise spit out, and b) by enabling stop to kill the dangling QEMU
process - even after a failed stop.
With the changes, a recovery may look as follows:
```
_ podman git:(main) _ ./bin/darwin/podman machine start
Starting machine "podman-machine-default"
Error: cannot start VM "podman-machine-default": another instance of "/opt/homebrew/bin/qemu-system-aarch64" is already running with process ID 970: please stop and restart the VM
_ podman git:(main) _ ./bin/darwin/podman machine stop
Machine "podman-machine-default" stopped successfully
_ podman git:(main) _ ./bin/darwin/podman machine start
Starting machine "podman-machine-default"
Waiting for VM ...
```
Please note that this change does not prevent us from running into such
inconsistent states but only allows for recovering from them.
[NO NEW TESTS NEEDED] - there is no reliable reproducer.
Fixes: #16054
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
