This is basically a partial backport of commit b14e833ef6
("machine: add test to check config mount").
It seems on the ubuntu github actions runners we have XDG_CONFIG_HOME
set so the tests do not actually use its own private dir but a shared
one for the configs which breaks the test assumptions.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Commit cf021c4ba9 switched the logic to also allow golangci-lint in
$PATH but forgot to update the call here.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
(cherry picked from commit 13c6b5d786)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The interfacer linter was removed a few years ago.
Remove the annotations as well.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit a7886d1fe8)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Using os.Is{Exist,NotExist,Permission} checks is not recommended in the
new code (see official documentation). While using it in the existing
code is OK, it may still result in a subtle errors later (for a specific
example of that, see [1]).
Replace those with errors.Is.
Generated by:
gofmt -r 'os.IsExist(a) -> errors.Is(a, os.ErrExist)' -w .
gofmt -r 'os.IsNotExist(a) -> errors.Is(a, os.ErrNotExist)' -w .
gofmt -r 'os.IsPermission(a) -> errors.Is(a, os.ErrPermission)' -w .
goimports -w .
git diff vendor test/tools/vendor | patch -p1 -R
[1]: https://github.com/opencontainers/runc/pull/5061
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 7f7b35356f)
[Added extra replacements manually that were only in the 5.8 tree]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The server already does validate this so this is not strictly needed and
the client must trust the server no matter what.
But adding an extra check here does not hurt and may help prevent future
bugs.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
(cherry picked from commit 12bec19426)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Just as additional hardening.
Note chrootarchive does not work on macos/windows, in that case it still
falls back to the regular pkg/archive.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
(cherry picked from commit 25aee24cbd)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Under normal circumstances this is not a problem as the archive file
created podman container checkpoint will no create symlinks.
However if a user passes a custom archive they could contain symlinks
that point outside our root. To resolve them within the root use
securejoin.
Note this is not a security problem because the full archive must be
trusted by a user to begin with as it contain the full container config.
Fixes: #27977
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
(cherry picked from commit abb5120624)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The go std os package to will always make sure to use O_CLOEXEC, however
in cases where we directly call unix.Open() we need to pass that flag
explicitly.
I looked at this as there was a report of a leaked fd on the pasta list,
though I am not sure this will address it.
But anyway doing this should be rather safe and avoid leaks into other
processes.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
(cherry picked from commit d20933df02)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When creating a secret with driver=shell via the API, the file driver's
default DriverOpts (including path) were applied because DriverOpts was
empty. The shell driver rejects path as an unknown option, making it
impossible to create shell-driver secrets via the REST API or
podman-remote.
Only apply default DriverOpts from config when the requested driver
matches the configured default driver.
Signed-off-by: Joe Doss <joe@solidadmin.com>
(cherry picked from commit 667f55c2ce)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
In the SystemCheck HTTP handler, when parsing the
unreferenced_layer_max_age query parameter fails, the error response is
sent but execution continues to `unreferencedLayerMaximumAge = &duration`
where `duration` is the zero value. This causes the system check to run
with a zero duration instead of returning the 400 error to the client.
Add the missing `return` after the error response.
Fixes#28350
Signed-off-by: crawfordxx <crawfordxx@users.noreply.github.com>
(cherry picked from commit 29d80a26af)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Setting Entrypoint= (empty value) in a quadlet .container file should
produce --entrypoint "" in the generated podman command, which clears
the image's default entrypoint. Previously this was silently ignored
because lookupAndAddString skips empty values.
Move the Entrypoint key out of the generic stringKeys map and handle
it separately so that an empty value is passed through.
Closes#28213
Signed-off-by: umut-polat <52835619+umut-polat@users.noreply.github.com>
(cherry picked from commit 926f562bd5)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Previously, using --secret=id=foo,env=BAR in remote mode would fail because the client sent the env var name to the server, which tried to resolve it locally. This patch modifies the client to resolve the environment variable locally, write it to a temp file, and send it as a file-based secret.
Fixes#27494
Signed-off-by: ZuhairM7 <ZuhairM7>
Signed-off-by: ZuhairM7 <zuhairmerali@gmail.com>
- Update documentation: Differentiate `unless-stopped` from `always` - containers stopped by the user before a reboot will not restart.
- Add `should-start-on-boot` filter: Identify containers that require a restart after a system reboot.
- Update command documentation: Add `restart-policy` and `label!` filters to the documentation for container commands (rm, ps, start, stop, pause, unpause, restart).
- Add `restart-policy` and `shoud-start-on-boot` to completions.
- Update service: Update `podman-restart.service` to use the `needs-restart=true` filter.
- Preserve state: Preserve the `StoppedByUser` state across reboots.
- Update API: Add a `ShouldStartOnBoot()` method to the Container API.
- Update documentation: Add descriptions for the `should-start-on-boot` filter.
Fixes: https://issues.redhat.com/browse/RHEL-129405
Fixes: https://github.com/containers/podman/issues/20418
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
<MH: Fixed cherry-pick conflicts>
Signed-off-by: Matt Heon <matthew.heon@pm.me>
- remove old CLI validation that only checked --pod flag
- add validation in namespaces.go to catch all paths (cli, quadlet, api)
- block userns mixing for all pods with infra, not just ipc/net
- update error message to be clearer
- fix test cleanup to use PodmanExitCleanly()
- use dynamic pod names in system tests to avoid conflicts
fixes#26848
Signed-off-by: 0xdvc <neilohene@gmail.com>
<MH: Fixed cherry-pick conflicts>
Signed-off-by: Matt Heon <matthew.heon@pm.me>
Fixes: #26588
For use cases like HPC, where `podman exec` is called in rapid succession, the standard exec process can become a bottleneck due to container locking and database I/O for session tracking.
This commit introduces a new `--no-session` flag to `podman exec`. When used, this flag invokes a new, lightweight backend implementation that:
- Skips container locking, reducing lock contention
- Bypasses the creation, tracking, and removal of exec sessions in the database
- Executes the command directly and retrieves the exit code without persisting session state
- Maintains consistency with regular exec for container lookup, TTY handling, and environment setup
- Shares implementation with health check execution to avoid code duplication
The implementation addresses all performance bottlenecks while preserving compatibility with existing exec functionality including --latest flag support and proper exit code handling.
Changes include:
- Add --no-session flag to cmd/podman/containers/exec.go
- Implement lightweight execution path in libpod/container_exec.go
- Ensure consistent container validation and environment setup
- Add comprehensive exit code testing including signal handling (exit 137)
- Optimize configuration to skip unnecessary exit command setup
Signed-off-by: Ryan McCann <ryan_mccann@student.uml.edu>
Signed-off-by: ryanmccann1024 <ryan_mccann@student.uml.edu>
Quadlets installed from `.quadlet` file now belongs to a single
application, anyone file removed from this application removes all the
other files as well.
Assited by: claude-4-sonnet
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
Enable installing multiple quadlets from one file using '---' delimiters.
Each section requires '# FileName=<name>' comment for custom naming.
Single quadlet files remain unchanged for backward compatibility.
Assited by: claude-4-sonnet
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
The remote client (podman --remote) was incorrectly throwing an error
when --detach-keys="" was specified for attach, run, or start commands.
According to documentation and the v1.7.0 release notes, specifying an
empty string should disable detaching, not cause an error.
Fixes: #27414
Signed-off-by: shiavm006 <shivammittal42006@gmail.com>
I happened to run `podman run --config=/path/to/file` and got
an error without a trailing newline, which was a bit jarring.
Fix the instances I noticed.
Assisted-by: OpenCode (Claude Opus 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
This is gated behind a new option in `podman system migrate`,
`--migrate-db`.
The basic logic is simple:
* Podman is already configured to use BoltDB
* Open a new, fresh SQLite database to write into
* Migrate all database contents as they exist in BoltDB, to
SQLite.
** Do this as simply as possible: grab the object from the old DB
and write it into the new DB using the standard Add and Save
functions.
* Set the new database in the Runtime, close the old one.
* Move the old database file so it won't be reused
* Show a warning if the user explicitly configured BoltDB in
containers.conf
Our ability to test complex migration scenarios is limited, but
this should handle simple migrations easily.
Fixes#27628
Signed-off-by: Matt Heon <matthew.heon@pm.me>
The local API path optimization is ineffective on WSL because of NTFS mounting overhead.
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
(cherry picked from commit d889aeb6af)