It has not been in use since commit f218f8430a and should have been
removed there. It seems somehow it is causing a bug since our env file
is empty. In that case it triggers a segfault and since that happens
from within pam we are unable to login in any way.
I reported the issue[1] but because we don't need this just remove it so
we don't have to wait for a fix.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=2370858
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Do not write /etc/environment.d files, something is broken in the new
image that causes the boot to fail when any basic var is set there.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Two incomptable changes, they removed the BridgeNfIP6tables
and BridgeNfIptables fields so we must drop them. As they are not
important ones that should not cause problems.
Second, they moved to using DockerOCIImageConfig from another new module.
The json format did not chnage so this is not an external API break.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This patch adds a new endpoint to the REST API called "artifacts" with
the following methods:
- Add
- Extract
- Inspect
- List
- Pull
- Push
- Remove
This API will be utilised by the Podman bindings to add OCI Artifact
support to our remote clients.
Jira: https://issues.redhat.com/browse/RUN-2711
Signed-off-by: Lewis Roy <lewis@redhat.com>
Netavark v1.15 added new warnings on some invalid names and that
triggerd a new test failure in podman e2e test.
The "Podman kube play with disabled cgroup" case now complains about an
empty name:
podman [options] kube play /tmp/CI_aM20/podman-e2e-3156601197/subtest-3441376193/p/kube.yaml
[WARN netavark::network::bridge] invalid network alias "": name is empty, ignoring this name
This is because this test does not set a container name thus the code
was adding an empty string so to fix it check if the name is not empty
first.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Docker does not require `--type` to be passed, defaulting to
`type=volume` in cases where it's not passed. Do the same in our
volume parsing, and add a test to verify this works as expected.
Fixes#26101
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Given I wrote this and I still mess it up on a regular basis, I
cannot be alone in forgetting whether "dst" or "dest" is the
correct short option for "destination". Let's just make both
valid, I don't see a reason not to.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
When using `docker compose run --entrypoint ''`, docker sends
`"Entrypoint": []` in the JSON. Podman currently treats that
as `nil` and fallback to default image entrypoint.
This is not what is expected by the user. Instead, it should
not use any entrypoint.
This commit fixes it by properly propagating the `[]` downstream
to libpod.
Fixes: #26078
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
The Windows source folder path was not converted in the corresponding
machine folder path when the volume was of type overlay as it does for
other bind mount volumes.
Fix#25988
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
Hard coding to none without checking containers.conf is not a good idea
as users who liked the previous behavior and the podman default behavior
of keeping the hosts entries can no longer do that.
With this commit they can set base_hosts_file = "/etc/hosts" to restore
the previous behavior.
Fixes: https://issues.redhat.com/browse/RHEL-92995
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This commit adds two new annotations named
io.podman.annotations.cpuset/$ctrname and
io.podman.annotations.memory-nodes/$ctrname
The first one allows restricting a container's execution to specific
CPU cores while the second restricts memory allocations to specific
NUMA memory nodes. They are also added automatically when the
--cpuset-cpus and --cpuset-mems options are used.
Fixes: containers#26172
Signed-off-by: François Poirotte <clicky@erebot.net>
There is no reason to deifne a dummy service to run sleep just to get
the podman.socket enabled. Enabeling a service is just creating the
symlink so we can do that for the user sessions as well.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When a custom username is requested we must stil enable lingering for
it. The linger setup in the coreos image with the hard coded core user
doesn't really make sense as it doesn't work when another name is used.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The podman machine copy test "attempt copying file to a new directory"
was failing because on recent version of Windows the error message
doesn't match the expected error message. To make it work on new and
old version of Windows both old and new error messages are now
considered as valid.
Fixes https://github.com/containers/podman/issues/26056
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
The image quay.io/libpod/alpine_nginx doesn't have a `linux/arm64` version
and the test "Single character volume mount" on Windows ARM64 was
failing. Changing it to TESTIMAGE (quay.io/libpod/testimage) fixes it.
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
When podman restarts config values within the Engine are lost.
Add --hook-dirs arguments as appropriate to the cleanup command
so that hooks are preserved on restarts due to the on-restart setting
Tests: add a check that prestart/poststop hooks ran every time after 2
restarts.
`wait_for_restart_count` was re-used to wait for restarts and moved to
helpers file.
Signed-off-by: Dominique Martinet <dominique.martinet@atmark-techno.com>
Fixes: #17935
The conditions are always true so they can be removed. And in the case
of exportCheckpoint() the scope means addToTarFiles was overwritten and
thus when it looped over it later the slice was always empty.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This fixes an issue where multiple paths separated by a colon were
treated as a single path, contrary to what docs say and unlike how mask
option works.
Test was updated with a case that fails without this commit.
Signed-off-by: Šimon Škoda <ver4a@uncontrol.me>
