New testcase for network ls --filter and inspect --format
added. Also bash completion options updated.
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
In FIPS Mode we expect to work off of the Mountpath not the Rundir path.
This is causing FIPS Mode checks to fail.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add information about podman with SELinux and using container_init_t.
Add informantion about Centos7 as well as RHEL7 init containers not working
on a cgroups V2 system.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The links to latest windows and MAC versions are broken, and snapd version is i
out of date. Users should just go to release and grab packages from there.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add support for /exec/{id}/resize
* Add support for ErrSessionNotFound
* Resize container TTY as stdin changes size
* Refactor all resize functions into one handler
Signed-off-by: Jhon Honce <jhonce@redhat.com>
To terminate a connection of varlink, say after sending a file, we need to send a message containing a delimiter of ':' so the client knows to hang up.
Fixes: #6237
Signed-off-by: Brent Baude <bbaude@redhat.com>
the endpoint for single image removal (on the libpod side) should be as follows:
versionedPath/libpod/images/IMAGENAME
The DELETE method then signifies the removal of the image.
Fixes: #6261
Signed-off-by: Brent Baude <bbaude@redhat.com>
Jhon is working on an alternative version that will combine
container and exec session resize, so we'll wait for that.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
for the remote client, add the ability to attach to a container, start a container, and run a container.
Signed-off-by: Brent Baude <bbaude@redhat.com>
During the initial workup of HTTP exec, I duplicated most of the
existing exec handling code so I could work on it without
breaking normal exec (and compare what I was doing to the nroaml
version). Now that it's done and working, we can switch over to
the refactored version and ditch the original, removing a lot of
duplicated code.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Most importantly, note the pruning behavior of compat Inspect.
Less importantly, note that the Tty parameter to Start is only
ignored, as opposed to being not supported.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
The usual flow for exec is going to be:
- Create exec session
- Start and attach to exec session
- Exec session exits, attach session terminates
- Client does an exec inspect to pick up exit code
The safest point to remove the exec session, without doing any
database changes to track stale sessions, is to remove during the
last part of this - the single inspect after the exec session
exits.
This is definitely different from Docker (which would retain the
exec session for up to 10 minutes after it exits, where we will
immediately discard) but should be close enough to be not
noticeable in regular usage.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
With APIv2, we cannot guarantee that exec sessions will be
removed cleanly on exit (Docker does not include an API for
removing exec sessions, instead using a timer-based reaper which
we cannot easily replicate). This is part 1 of a 2-part approach
to providing a solution to this. This ensures that exec sessions
will be reaped, at the very least, on container restart, which
takes care of any that were not properly removed during the run
of a container.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
If not overridden, we should use the attach configuration given
when the exec session was first created.
Also, setting streams should not conflict with a TTY - the two
are allowed together with Attach and should be allowed together
here.
Signed-off-by: Matthew Heon <mheon@redhat.com>
This is still very early not not well tested, and missing resize
capability, but it does provide the first bits of exec.
Signed-off-by: Matthew Heon <mheon@redhat.com>
This is heavily based off the existing exec implementation, but
does not presently share code with it, to try and ensure we don't
break anything.
Still to do:
- Add code sharing with existing exec implementation
- Wire in the frontend (exec HTTP endpoint)
- Move all exec-related code in oci_conmon_linux.go into a new
file
- Investigate code sharing between HTTP attach and HTTP exec.
Signed-off-by: Matthew Heon <mheon@redhat.com>
The pkg/network/files.go methods currently use the constant '/etc/cni/net.d'
for network handling. This results in the unability of podman-network-inspect
and podman-network-rm to locate the cni network configuration files.
This commit propagates the libpod.Runtime through the networking methods and
finally makes use of its configuration (config.Network.NetworkConfigDir).
Closes#6212
Signed-off-by: Maximilian Müller <maxm123@techie.com>
This properly prints out image-name hints when executing the hack script
without any arguments. It is required due to changes made by Ed for
test-name beatification. An identical change was made and reviewed by
Ed in the containers/storage repo.
Signed-off-by: Chris Evich <cevich@redhat.com>
