opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-10-25 18:25:59 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
podman/libpod
History
Doug Rabson f06869168e libpod: Use O_CLOEXEC for descriptors returned by (*Container).openDirectory 
Since mountStorage and createNetNS run in parallel, the directory file
descriptors used by mountStorage were (rarely) propagated to the CNI
plugins. On FreeBSD, the CNI bridge plugin needs to make changes to the
network jail. This fails if there are any descriptors to open directories
to protect against host directories being visible to the jail's chroot.

Adding O_CLOEXEC to the unix.Open call in openDirectory ensures that these
descriptors are not visible to podman's child processes.

[NO NEW TESTS NEEDED]

Signed-off-by: Doug Rabson <dfr@rabson.org>
2022-11-26 13:55:18 +00:00
..
define
bump golangci-lint to v1.49.0
2022-10-17 09:19:41 +02:00
driver
bump go module to version 4
2022-01-18 12:47:07 +01:00
events
Events for containers in pods now include the pod's ID
2022-09-22 14:18:56 -04:00
layers
linkmode
go fmt: use go 1.18 conditional-build syntax
2022-03-18 09:11:53 +01:00
lock
libpod/lock: Fix build and tests for SHM locks on FreeBSD
2022-11-14 14:22:36 +00:00
logs
libpod: switch to golang native error wrapping
2022-07-05 16:06:32 +02:00
plugin
bump golangci-lint to v1.49.0
2022-10-17 09:19:41 +02:00
shutdown
libpod: switch to golang native error wrapping
2022-07-05 16:06:32 +02:00
boltdb_state_freebsd.go
libpod: Re-work the container's network state to help code sharing
2022-09-12 16:11:25 +01:00
boltdb_state_internal.go
Add support for 'image' volume driver
2022-09-22 13:07:40 -04:00
boltdb_state_linux.go
Fix stutters
2022-09-10 07:52:00 -04:00
boltdb_state_unsupported.go
libpod: Add definition of containerPlatformState for FreeBSD
2022-08-23 15:31:00 +01:00
boltdb_state.go
Add support for 'image' volume driver
2022-09-22 13:07:40 -04:00
common_test.go
bump go module to version 4
2022-01-18 12:47:07 +01:00
container_api.go
Ensure that StartAndAttach locks while sending signals
2022-10-27 10:52:55 -04:00
container_commit.go
Fix stutters
2022-09-10 07:52:00 -04:00
container_config.go
health check: add on-failure actions
2022-09-09 13:02:05 +02:00
container_copy_common.go
libpod: Implement 'podman cp' for FreeBSD
2022-09-20 08:36:23 +01:00
container_copy_freebsd.go
libpod: Implement 'podman cp' for FreeBSD
2022-09-20 08:36:23 +01:00
container_copy_linux.go
libpod: Move jointMountAndExec to container_copy_linux.go
2022-09-20 08:36:23 +01:00
container_copy_unsupported.go
libpod: Implement 'podman cp' for FreeBSD
2022-09-20 08:36:23 +01:00
container_exec.go
Replace deprecated ioutil
2022-09-20 15:34:27 -04:00
container_freebsd.go
libpod: Re-work the container's network state to help code sharing
2022-09-12 16:11:25 +01:00
container_graph_test.go
bump go module to version 4
2022-01-18 12:47:07 +01:00
container_graph.go
Introduce graph-based pod container removal
2022-09-14 13:44:48 -04:00
container_inspect_freebsd.go
libpod: Factor out platform-specfic code from generateInspectContainerHostConfig
2022-09-15 08:10:34 +01:00
container_inspect_linux.go
libpod: Factor out platform-specfic code from generateInspectContainerHostConfig
2022-09-15 08:10:34 +01:00
container_inspect.go
container inspect: include image digest
2022-09-30 14:10:21 +02:00
container_internal_common.go
deps: bump go-criu to v6
2022-11-01 13:57:24 +05:30
container_internal_freebsd.go
libpod: Use O_CLOEXEC for descriptors returned by (*Container).openDirectory
2022-11-26 13:55:18 +00:00
container_internal_linux_test.go
test: use T.TempDir to create temporary test directory
2022-05-05 21:09:41 +08:00
container_internal_linux.go
libpod: Factor out the call to PidFdOpen from (*Container).WaitForExit
2022-10-14 13:24:32 +01:00
container_internal_test.go
Replace deprecated ioutil
2022-09-20 15:34:27 -04:00
container_internal_unsupported.go
libpod: Add FreeBSD implementation of container internals
2022-09-05 10:12:12 +01:00
container_internal.go
kill: wait for the container
2022-10-14 13:21:52 +02:00
container_linux.go
libpod: Move networkDisable to container_linux.go
2022-09-05 10:12:12 +01:00
container_log_linux.go
fix goroutine leaks in events and logs backend
2022-07-20 12:55:34 +02:00
container_log_unsupported.go
libpod: switch to golang native error wrapping
2022-07-05 16:06:32 +02:00
container_log.go
fix goroutine leaks in events and logs backend
2022-07-20 12:55:34 +02:00
container_path_resolution_test.go
libpod: fix lookup for subpath in volumes
2022-09-14 17:09:04 +02:00
container_path_resolution.go
bump golangci-lint to v1.49.0
2022-10-17 09:19:41 +02:00
container_stat_common.go
libpod: Implement 'podman cp' for FreeBSD
2022-09-20 08:36:23 +01:00
container_stat_freebsd.go
libpod: Implement 'podman cp' for FreeBSD
2022-09-20 08:36:23 +01:00
container_stat_linux.go
libpod: Move part of (*Container).stat to container_stat_linux.go
2022-09-20 08:36:23 +01:00
container_stat_unsupported.go
libpod: Implement 'podman cp' for FreeBSD
2022-09-20 08:36:23 +01:00
container_top_freebsd.go
libpod: Add support for 'podman top' on FreeBSD
2022-10-17 16:43:53 +01:00
container_top_linux.go
Fix stutters
2022-09-10 07:52:00 -04:00
container_top_unsupported.go
libpod: Add support for 'podman top' on FreeBSD
2022-10-17 16:43:53 +01:00
container_unsupported.go
libpod: Add definition of containerPlatformState for FreeBSD
2022-08-23 15:31:00 +01:00
container_validate.go
Fix language. Mostly spelling a -> an
2022-11-20 19:41:06 +01:00
container.go
Fix language. Mostly spelling a -> an
2022-11-20 19:41:06 +01:00
diff.go
libpod: switch to golang native error wrapping
2022-07-05 16:06:32 +02:00
doc.go
document that using libpod package directly is not supported
2022-03-23 19:05:29 +01:00
events.go
Events for containers in pods now include the pod's ID
2022-09-22 14:18:56 -04:00
healthcheck_linux.go
health checks: restart timers
2022-09-13 10:56:44 +02:00
healthcheck_unsupported.go
libpod: Add stubs for non-linux builds
2022-08-17 11:45:07 +01:00
healthcheck.go
health checks: make on-failure action retry aware
2022-10-07 15:43:48 +02:00
info_freebsd.go
Fix stutters
2022-09-10 07:52:00 -04:00
info_linux.go
Fix stutters
2022-09-10 07:52:00 -04:00
info_test.go
libpod: Make unit test for statToPercent Linux only
2022-11-13 10:56:15 +00:00
info_unsupported.go
libpod: Enable 'podman info' for FreeBSD
2022-08-24 10:55:52 +01:00
info.go
Fix stutters
2022-09-10 07:52:00 -04:00
kube.go
Add and use Container.LinuxResource() helper
2022-10-12 13:45:49 +02:00
mounts_linux.go
go fmt: use go 1.18 conditional-build syntax
2022-03-18 09:11:53 +01:00
networking_common.go
Fix language. Mostly spelling a -> an
2022-11-20 19:41:06 +01:00
networking_freebsd.go
libpod: Report network setup errors properly on FreeBSD
2022-11-21 14:16:51 +00:00
networking_linux_test.go
enable unparam linter
2022-04-25 13:23:20 +02:00
networking_linux.go
Fix language. Mostly spelling a -> an
2022-11-20 19:41:06 +01:00
networking_machine.go
Replace deprecated ioutil
2022-09-20 15:34:27 -04:00
networking_pasta_linux.go
libpod: Add pasta networking mode
2022-11-08 00:16:35 +01:00
networking_slirp4netns.go
Replace deprecated ioutil
2022-09-20 15:34:27 -04:00
networking_unsupported.go
Fix language. Mostly spelling a -> an
2022-11-20 19:41:06 +01:00
oci_conmon_attach_common.go
bump golangci-lint to v1.49.0
2022-10-17 09:19:41 +02:00
oci_conmon_attach_freebsd.go
libpod: Build oci_conmon_common.go and oci_conmon_attach_common on FreeBSD
2022-08-18 08:07:30 +01:00
oci_conmon_attach_linux.go
libpod: Move openUnixSocket to oci_conmon_attach_linux.go
2022-08-18 08:05:42 +01:00
oci_conmon_common.go
bump golangci-lint to v1.49.0
2022-10-17 09:19:41 +02:00
oci_conmon_exec_common.go
Replace deprecated ioutil
2022-09-20 15:34:27 -04:00
oci_conmon_exec_freebsd.go
libpod: Factor out capabilites code from prepareProcessExec
2022-09-07 07:58:37 +01:00
oci_conmon_exec_linux.go
libpod: Factor out capabilites code from prepareProcessExec
2022-09-07 07:58:37 +01:00
oci_conmon_freebsd.go
libpod: Make sure writeConmonPipeData is called on FreeBSD
2022-08-29 13:04:04 +01:00
oci_conmon_linux.go
Add and use Container.LinuxResource() helper
2022-10-12 13:45:49 +02:00
oci_conmon_unsupported.go
libpod: Build oci_conmon_common.go and oci_conmon_attach_common on FreeBSD
2022-08-18 08:07:30 +01:00
oci_conmon.go
podman: add new cgroup mode split
2020-06-25 17:16:12 +02:00
oci_missing.go
implement podman update
2022-09-01 13:02:01 -04:00
oci_util.go
libpod: switch to golang native error wrapping
2022-07-05 16:06:32 +02:00
oci.go
bump golangci-lint to v1.49.0
2022-10-17 09:19:41 +02:00
options.go
Fix language. Mostly spelling a -> an
2022-11-20 19:41:06 +01:00
pod_api.go
Fix deadlock between 'podman ps' and 'container inspect' commands
2022-10-28 10:12:34 +03:00
pod_internal_freebsd.go
libpod: Factor out cgroups handling from (*Pod).refresh
2022-10-07 08:26:10 +01:00
pod_internal_linux.go
libpod: Factor out cgroups handling from (*Pod).refresh
2022-10-07 08:26:10 +01:00
pod_internal.go
libpod: Factor out cgroups handling from (*Pod).refresh
2022-10-07 08:26:10 +01:00
pod_status.go
bump go module to version 4
2022-01-18 12:47:07 +01:00
pod_top_linux.go
libpod/pod_top_linux.go: s/TODO/NOTE/
2022-05-25 12:30:19 +02:00
pod_top_unsupported.go
libpod: Add stubs for non-linux builds
2022-08-17 11:45:07 +01:00
pod.go
resource limits for pods
2022-07-21 14:50:01 -04:00
reset.go
Merge pull request #16336 from rhatdan/VENDOR
2022-10-31 09:42:08 -04:00
runtime_cstorage.go
Add support for 'image' volume driver
2022-09-22 13:07:40 -04:00
runtime_ctr_freebsd.go
libpod: Don't mount /dev/shm in containers on FreeBSD
2022-09-05 10:20:50 +01:00
runtime_ctr_linux.go
libpod: Don't mount /dev/shm in containers on FreeBSD
2022-09-05 10:20:50 +01:00
runtime_ctr.go
Removing the RawInput from the API output
2022-11-17 15:41:01 +09:00
runtime_img.go
Add support for 'image' volume driver
2022-09-22 13:07:40 -04:00
runtime_migrate_unsupported.go
libpod: Add stubs for non-linux builds
2022-08-17 11:45:07 +01:00
runtime_migrate.go
Replace deprecated ioutil
2022-09-20 15:34:27 -04:00
runtime_pod_common.go
libpod: Add support for 'podman pod' on FreeBSD
2022-10-07 08:27:27 +01:00
runtime_pod_freebsd.go
libpod: Add support for 'podman pod' on FreeBSD
2022-10-07 08:27:27 +01:00
runtime_pod_linux.go
libpod: Factor out cgroup validation from (*Runtime).NewPod
2022-10-07 08:27:27 +01:00
runtime_pod_unsupported.go
libpod: Add support for 'podman pod' on FreeBSD
2022-10-07 08:27:27 +01:00
runtime_pod.go
libpod/runtime: switch to golang native error wrapping
2022-07-04 15:39:00 +02:00
runtime_renumber.go
Fix stutters
2022-09-10 07:52:00 -04:00
runtime_test.go
libpod: Ensure that generated container names are random
2022-09-01 10:27:04 +01:00
runtime_volume_common.go
Add podman volume create --ignore
2022-10-24 17:30:31 +02:00
runtime_volume_unsupported.go
libpod: Add volume support for FreeBSD
2022-09-27 16:31:40 +01:00
runtime_volume.go
libpod/runtime: switch to golang native error wrapping
2022-07-04 15:39:00 +02:00
runtime_worker.go
work queue: simplify and use a wait group
2022-05-25 10:17:46 +02:00
runtime.go
Fix language. Mostly spelling a -> an
2022-11-20 19:41:06 +01:00
service.go
libpod: switch to golang native error wrapping
2022-07-05 16:06:32 +02:00
state_test.go
Replace deprecated ioutil
2022-09-20 15:34:27 -04:00
state.go
bump golangci-lint to v1.49.0
2022-10-17 09:19:41 +02:00
stats_common.go
libpod: Split out the common code from GetContainerStats
2022-09-14 08:29:26 +01:00
stats_freebsd.go
libpod: Factor out jail name construction from stats_freebsd.go
2022-10-17 15:33:18 +01:00
stats_linux.go
Add and use Container.LinuxResource() helper
2022-10-12 13:45:49 +02:00
stats_unsupported.go
libpod: Add support for 'podman stats' on FreeBSD
2022-09-14 08:29:26 +01:00
storage.go
libpod: switch to golang native error wrapping
2022-07-05 16:06:32 +02:00
util_freebsd.go
libpod: Add support for 'podman pod' on FreeBSD
2022-10-07 08:27:27 +01:00
util_linux_test.go
Fix mismatch between log messages and behavior of libpod.LabelVolumePath.
2020-09-13 23:24:15 -04:00
util_linux.go
Fix stutters
2022-09-10 07:52:00 -04:00
util_test.go
bump go module to version 4
2022-01-18 12:47:07 +01:00
util_unsupported.go
libpod: Add volume support for FreeBSD
2022-09-27 16:31:40 +01:00
util.go
libpod: Add FreeBSD support in packageVersion
2022-11-10 08:37:29 +00:00
volume_inspect.go
Add support for 'image' volume driver
2022-09-22 13:07:40 -04:00
volume_internal_common.go
libpod: Add volume support for FreeBSD
2022-09-27 16:31:40 +01:00
volume_internal_freebsd.go
libpod: Add volume support for FreeBSD
2022-09-27 16:31:40 +01:00
volume_internal_linux.go
libpod: Factor out usage of unix.MNT_DETACH from (*Volume).unmount
2022-09-27 16:31:40 +01:00
volume_internal_unsupported.go
libpod: Add volume support for FreeBSD
2022-09-27 16:31:40 +01:00
volume_internal.go
Add support for 'image' volume driver
2022-09-22 13:07:40 -04:00
volume.go
Merge pull request #16243 from alexlarsson/volume-create-ignore
2022-10-26 15:00:51 -04:00