This allows things like compose project names to be associated with log
messages and later used in log processing and analysis.
Signed-off-by: Povilas Kanapickas <povilas@radix.lt>
For remote operation, start the remote service with --tls-details:
using --tls-details on the client side will only affect client's
connection.
This should eventually include many more tests - track down all current
uses of libpod.Runtime.{SystemContext,imageContext,LibimageRuntime}.
That will come later
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Quadlet list always reports the heading, even when using custom
formatting strings. This doesn't follow the behavior of other podman
list commands. Borrow some logic and the "--noheading" flag from the
container list command to make this behavior uniform.
Signed-off-by: Randolph Sapp <rs@ti.com>
The `ServiceName=` Quadlet option was only documented for `.pod` and
`.artifact` units. However, it applies to all Quadlet types as it is a
global option.
Added `ServiceName=` listing and description to the `[Container]`,
`[Kube]`, `[Network]`, `[Volume]`, `[Build]`, and `[Image]` sections.
Fixes: #27015
Signed-off-by: Paul Nettleton <k9@k9withabone.dev>
Add a per-volume 'nocreate' option that prevents automatic creation of
named volumes when they don't exist. When specified, Podman will fail
if the volume is not found instead of creating it automatically.
Usage: -v myvolume:/data:nocreate
--mount type=volume,src=myvolume,dst=/data,nocreate
See: #27862
Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
Pass --mount settings and the contents of the --source-policy-file
argument to remote builds.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The original text was added in 518daef in 2023-08. Later, in 0d4a148
in 2025-04, a new option has been introduced without the text being
updated.
Signed-off-by: mhorky <mhorky@redhat.com>
Given the new config file logic will read many files pritning one
specific one here has no meaning anymore, just delete it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This is useful for triggering the execution of a healthcheck
without caring about it's result as long as no fatal error occured.
Signed-off-by: Patrick Wicki <patrick.wicki@siemens.com>
now that we use `bootc switch` for changing out-of-band updates, we can
consider also using some of their supported transports.
* containers-storage
* oci
* oci-archive
* registry
RUN-3963
Signed-off-by: Brent Baude <bbaude@redhat.com>
Removed all CNI-specific documentation from man pages:
- podman.1.md: Simplified --network-config-dir to only mention
netavark directories
- podman-network.1.md: Removed dual backend description, now states
netavark is the only backend
- podman-network-create.1.md: Removed CNI-specific notes about DNS
and DHCP socket configuration
- podman-network-connect.1.md: Removed CNI limitation note about
network aliases
- options/network-alias.md: Removed CNI limitation note about
network aliases
- podman-info.1.md: Updated example output to show netavark backend
information instead of CNI
All man pages now reflect netavark as the sole network backend.
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
use name_to_handle_at and open_by_handle_at to persist rootless
namespaces without needing a pause process.
The namespace file handles are stored in a file and can be used to
rejoin the namespaces, as long as the namespaces still exist.
Fall back to the pause process approach only when the kernel doesn't
support nsfs handles (EOPNOTSUPP).
The feature is currently only enabled when the PODMAN_NO_PAUSE_PROCESS
environment variable is set.
These changes in the kernel are required (landed in Linux 6.18):
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ab378cfa793
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Implements automatic OS upgrade functionality for Podman machines that requires no user input beyond running the command. The upgrade logic automatically determines the appropriate upgrade path using a three-way comparison between client version, machine version, and OCI registry:
* When the client version is older than the machine version, no action is taken and an error is returned.
* When the client version matches the machine version, the OCI registry is queried to check for in-band updates by comparing image digests. This handles minor, patch level, and updates oci image use cases.
* When the client version is newer than the machine version, the machine is upgraded to match the client's major.minor version.
* No manual image selection or version specification required.
The command supports dry-run mode and JSON (only) output format for automation.
Signed-off-by: Brent Baude <bbaude@redhat.com>
