do not automatically enable the controllers for the last path
component. It is necessary as once there are enabled controllers in a
cgroup, it won't possible to add processes to it.
Fix conmon being moved to the correct cgroup path when using
--cgroup-manager cgroupfs.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
when the container is running in a user namespace, check if gid=5 is
available, otherwise drop the option gid=5 for /dev/pts.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This flag passes the host environment into the container. The basic idea is to
leak all environment variables from the host into the container.
Environment variables from the image, and passed in via --env and --env-file
will override the host environment.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
be sure to load all the existing handlers, so that they can also be
freed in addition to the handlers we treat differently.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Using pod removal worked, but container removal was missing the
most critical step - the actual removal. Must have been
accidentally removed during a refactor.
Fixes#3556
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
During 'podman container checkpoint' the finished time was not set. This
resulted in a strange container status after checkpointing:
Exited (0) 292 years ago
During checkpointing FinishedTime is now set to time.now().
Signed-off-by: Adrian Reber <areber@redhat.com>
Normally when testing PRs, the final task to run is 'success'. It's
purpose is three-fold:
- Notify on IRC that a PR passed all testing.
- Block merging of a PR unless all dependent tasks are successful.
- When successful, publish cached binary release archives.
Mistakenly, the 'release' task was not made dependent upon the 'success'
task. Since 'success' only runs for PRs, this was causing post-merge
failures due to the 'release' task not finding any release archives -
the tasks which generate them are still running.
Fix this by making the 'release' task depend upon the same items as
the 'success' task. This will ensure it only runs as the very last
step, for both PRs and on branches (post-merge).
Signed-off-by: Chris Evich <cevich@redhat.com>
the commit and pull varlink endpoints were not working correctly when
'more' was not being specified.
Fixes: #3317Fixes: #3318Fixes: #3526
Signed-off-by: baude <bbaude@redhat.com>
drop the limitation of not supporting creating new cgroups v2 paths.
Every controller enabled /sys/fs/cgroup will be propagated down to the
created path. This won't work for rootless cgroupsv2, but it is not
an issue for now, as this code is used only by CRI-O.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
CI is experiencing failures in the system_test step, caused by
podman commands issuing the following warning:
time="2019-07-09T13:30:19-04:00" level=error msg="User-selected graph driver \"overlay\" overwritten by graph driver \"vfs\" from database - delete libpod local files to resolve
Hypothesis: integration tests, which run just before us, are
leaving user config files in an unstable state.
Workaround: delete all user cache and config and db before
running system tests. This should be safe, and should be
a NOP when running as root.
Signed-off-by: Ed Santiago <santiago@redhat.com>
now that dbus authentication works fine from a user namespace (systemd
241 works fine), we can enable rootless healthchecks.
It uses "systemd-run --user" for creating the healthcheck timer and
communicates with the user instance of systemd listening at
$XDG_RUNTIME_DIR/systemd/private.
Closes: https://github.com/containers/libpod/issues/3523
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This tries to reduce CI errors which might happen due to parallel CI
runs which all are using the same IP addresses. Using random addresses
should reduce the possibility of parallel tests using the same IP address.
Signed-off-by: Adrian Reber <areber@redhat.com>
