We do not want to bind mount storage.conf anymore.
Generally a podman with old config should work with the upgrade to new
podman with new config. The old podman with new config however may not
work as such we should not make them use the same config.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Add support for `default_host_ips` in containers.conf to set default
host IP(s) if no IP is set when forwarding ports. Multiple IPs can be
configured, and passing explicit IP with -p will always override
the configured defaults.
Signed-off-by: Danish Prakash <contact@danishpraka.sh>
It is not really needed as the storage options are overriden via the cli
anyway and the older podman does not like that the new file has explicit
runroot set.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We no longer generate a warning for an empty driver in storage.conf so
remove that.
Also update the test to use CONTAINERS_STORAGE_CONF_OVERRIDE instead to
just add a single setting there.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The BUILDAH_ISOLATION env var is not propagated to the server via
podman-remote. The buildah bud test (added in buildah PR #6697) sets
BUILDAH_ISOLATION=chroot to verify the --network conflict, which
silently has no effect on remote, causing the test to fail.
Ref: https://github.com/containers/buildah/pull/6697
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
rootlessport: clarify RootlessCNI comment
Update the comment for the RootlessCNI conditional to clarify that
the flag is for rootless bridge networking, not CNI specifically.
The bool is set when netStatus != nil in slirp4netns and will be
removed when slirp4netns and rootlessport are fully dropped.
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
When a pause process dies and its PID gets recycled by an unrelated
process, the stale pause.pid file causes join failures. Detect this
by checking /proc/<pid>/environ for _PODMAN_PAUSE=1 after a failed
join attempt.
Closes: https://github.com/containers/podman/issues/28157
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Docker treats EndpointSettings.IPAddress as operational/state, not desired create input.
Static address requests should come from IPAMConfig fields. Using both can duplicate
the same IPv4 request and trigger already allocated IPAM errors in compose scenarios.
Ref: moby/moby#46183 (daemon validation), docker/cli#4493 (CLI IPAMConfig), moby/moby#19001 (static IP feature).
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
Add tests for multiple static IPs per container across single and multi-subnet networks.
Document --network option for comma-separated IPs and subnet-based IP ordering.
Fixes: https://issues.redhat.com/browse/RHEL-98277
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
The Docker API spec defines HTTP 409 for POST /containers/create when
the requested name is already in use. The handler was returning 500 for
all errors from ContainerCreate, including ErrCtrExists.
This mismatch breaks buildx parallel builds on Podman: buildx checks
for a conflict response to safely converge multiple concurrent builders
onto the already-running BuildKit container. With 500 it treats the
conflict as a fatal error instead, causing all but the first parallel
build to fail.
The fix follows the same pattern already used in the rename handler,
which correctly returns 409 for ErrCtrExists. The swagger annotation
for this endpoint already documents the 409 response.
Signed-off-by: Jordan Rodgers <com6056@gmail.com>
In remote mode, `podman version` currently returns a connection error before
printing any version information if it cannot connect to the service.
Introduce a reusable `PrintVersion` helper and invoke it at the root level
when a `ConnectionError` is encountered. This ensures that client information
is still shown even when the server cannot be reached.
Fixes: #28222
Signed-off-by: KyounghoonJang <matkimchi_@naver.com>
Setting Entrypoint= (empty value) in a quadlet .container file should
produce --entrypoint "" in the generated podman command, which clears
the image's default entrypoint. Previously this was silently ignored
because lookupAndAddString skips empty values.
Move the Entrypoint key out of the generic stringKeys map and handle
it separately so that an empty value is passed through.
Closes#28213
Signed-off-by: umut-polat <52835619+umut-polat@users.noreply.github.com>
Some architectures (i.e., arm64) do not implement the link(2) system
call and ln(1) uses linkat(2) instead.
Use the names array to block both syscalls so the tests works on all
architectures.
Signed-off-by: Ricardo Branco <rbranco@suse.de>
Replace github.com/docker/docker API imports with github.com/moby/moby
across compat handlers, swagger models, and tests to align with upstream
type definitions.
Fixes: #27536.
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
