Getting a list of containers, and then deleting them are two separate
fallible steps that can run into different sets of errors. eg., in the
case of a bogus missing container and a container that's running or
paused, the first step will only trigger libpod.ErrNoSuchCtr. At this
point it might appear that the exit code ought to be 1. However, when
attempting the deletion, it will fail once more due to the status of
the running or paused container. Since libpod.ErrNoSuchCtr is no longer
the only error encountered, the exit code should be reset to 125.
This problem is currently masked for rootless usage due to commit
35432ecaae ("rootless: fix rm when uid in the container != 0").
Fixes: 85db895012 ("rm: set exit code to 1 if a specified ...")
e41279b902 ("Change exit code to 1 on podman rm ...")
Signed-off-by: Debarshi Ray <rishi@fedoraproject.org>
...in order to silence Cobra's usually-helpful "(default xxx)"
message.
Initialization is now done in code, by testing for empty string
and setting that to /dev/std{in,out} as appropriate; make special
note of load.go where there's mild duplication between a local
variable and cliconfig.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Remove hardcoded '(default: true)' strings from bool flags,
and '(default this-or-that)' from string flags.
First because it's unmaintainable duplication that would cause
confusion should someone ever change the default and not notice
the message.
Second, because cobra[1] already prints '(default XXXX)' for
all options with non-false non-nil default. So in each of
these cases, current podman help behavior is:
$ podman login --help
...
--tls-verify Require HTTPS ... (default: true) (default true)
This PR eliminates that duplication.
[1] actually spf13/pflag/flag.go
The only nontrivial one of these is start.go, where the default
for sigProxy depends on the --attach flag. Solution: change
the command-line default to false, and implement the new
conditional default in logic. Bonus: removed unnecessary
check, because now if sigProxy is set without --attach,
we can guarantee that it was done by the user. But please
pay close scrutiny to this particular section in case
there's something I missed.
Signed-off-by: Ed Santiago <santiago@redhat.com>
we fire the cleanup process asynchronously so we might race with a
command like: podman run --rm --name foo ... && podman run --rm --name foo
Fix it by ensuring the container is deleted before we exit. This
will race with the "cleanup" process, but it is fine as one of the two
commands will fail with ErrNoSuchCtr while the other succeeds.
Closes: https://github.com/containers/libpod/issues/2619
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Also: enforce noSubArgs for podman events
Also: remove unnecessary '[flags]' from Use message (Cobra
adds it automatically)
Signed-off-by: Ed Santiago <santiago@redhat.com>
Make the usage messages (and options) different between
podman inspect, podman image inspect, and podman container inspect.
Disable inapplicable options (-l, -s) for podman image inspect
Disable -t (type) when the type is implicit through the subcommand.
Update man page to reflect differences in usage.
Fix broken test.
Uglier than desirable due to Go and Cobra limitations
Signed-off-by: Ed Santiago <santiago@redhat.com>
integration of healthcheck into create and run as well as inspect.
healthcheck enhancements are as follows:
* add the following options to create|run so that non-docker images can
define healthchecks at the container level.
* --healthcheck-command
* --healthcheck-retries
* --healthcheck-interval
* --healthcheck-start-period
* podman create|run --healthcheck-command=none disables healthcheck as
described by an image.
* the healthcheck itself and the healthcheck "history" can now be
observed in podman inspect
* added the wiring for healthcheck history which logs the health history
of the container, the current failed streak attempts, and log entries
for the last five attempts which themselves have start and stop times,
result, and a 500 character truncated (if needed) log of stderr/stdout.
The timings themselves are not implemented in this PR but will be in
future enablement (i.e. next).
Signed-off-by: baude <bbaude@redhat.com>
In lipod, we now log major events that occurr. These events
can be displayed using the `podman events` command. Each
event contains:
* Type (container, image, volume, pod...)
* Status (create, rm, stop, kill, ....)
* Timestamp in RFC3339Nano format
* Name (if applicable)
* Image (if applicable)
The format of the event and the varlink endpoint are to not
be considered stable until cockpit has done its enablement.
Signed-off-by: baude <bbaude@redhat.com>
to prepare for being able to remotely run a container, we need to
perform a refactor to get code out of main because it is not
reusable. the shared location is a good starting spot though
eventually some will likely end up in pkg/spec/ at some point.
Signed-off-by: baude <bbaude@redhat.com>
join the user namespace where the pod is running, so that we can both
manage the storage and correctly send the kill signal to a process
which is not running as root in the namespace.
Closes: https://github.com/containers/libpod/issues/2577
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
allow to configure the path to the network-cmd binary, either via an
option flag --network-cmd-path or through the libpod.conf
configuration file.
This is currently used to customize the path to the slirp4netns
binary.
Closes: https://github.com/containers/libpod/issues/2506
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
if an input YAML file lacks securitycontext and working dir for
a container, we need to be able to handle that. if no default for
working dir is provided, we use a default of "/".
fixes issue #2209
Signed-off-by: baude <bbaude@redhat.com>
When doing environment variable substitution, we need to make sure
$PWD is replaced with the current working directory.
fixes issue #2171
Signed-off-by: baude <bbaude@redhat.com>
Podman has no concept of a "restarting" container - such a
container is just transitioning from running to stopped and
then back to running through our ordinary state machine.
As such, filtering "restarting" containers doesn't work and does
nothing.
Also, make "stopped" containers show as exited - this is a
momentary state we transition to before proper exited.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Currently in podman if a user specifies a command that does not exist
the tool shows the help information. This patch changes it to show
information like:
$ ./bin/podman foobar
Error: unrecognized command 'podman foobar'
Try 'podman --help' for more information.
$ ./bin/podman volume foobar
Error: unrecognized command `podman volume foobar`
Try 'podman volume --help' for more information.
$ ./bin/podman container foobar
Error: unrecognized command `podman container foobar`
Try 'podman container --help' for more information.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
it is not enough to join the user namespace where the container is
running. We also need to join the mount namespace so that we can
correctly look-up inside of the container rootfs. This is necessary
to lookup the mounted /etc/passwd file when --user is specified.
Closes: https://github.com/containers/libpod/issues/2566
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
