Make sure we use the config field to know if we should use pasta or
slirp4netns as default.
While at it fix broken code which sets the default at two different
places, also do not set in Validate() as this should not modify the
specgen IMO, so set it directly before that.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
[October 2022] While mucking around in this test, I noticed that
a test was being unnecessarily skipped in rootless. Reason was,
test was creating a /etc/systemd file, which it really shouldn't
have been doing anyway.
[Flash forward to June 2023] Ugh. This got complicated, so I
abandoned it. But it's flaking in CI, so one focus-push later,
here's everything that this PR fixes:
- create systemd unit file in proper (safe) path.
- create it *with proper podman options!!!* As in, the
whole --this --that --root --tmpdir options! Sheesh!
- use a pseudorandom service name, not just "redis"
- invoke systemctl/journalctl with --system or --user
as appropriate.
- remove unnecessary "bash -c"
- remove SkipIfRootless, but add SkipIfRemote
Signed-off-by: Ed Santiago <santiago@redhat.com>
Sometimes this tests flakes but in the CI log I see all expected lines
printed but still for some reason the matcher fails.
Right now it will truncate the array so it is not possible to verify
what the matcher sees. Change this be removing the truncate limit for
this specific test only.
see #18501
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Replace /dev/foodevdir with unique paths, to avoid one
test's RemoveAll() from stepping on another test.
Closes: #18958
Signed-off-by: Ed Santiago <santiago@redhat.com>
Add header comment suggesting podman network create instead.
Stop using it in checkpoint tests. Turned out to be much more
complicated than expected.
Also, fix two issues caught while scanning the code:
- remove obsolete f28-and-earlier code.
- remove seccomp workaround needed for RHEL7
Signed-off-by: Ed Santiago <santiago@redhat.com>
A few tests were doing "podman run -d" + "podman logs".
This is racy. Remove the unnecessary "-d".
And, as long as we're mucking around in here:
- remove the "-t" from the 800-lines test, so we get
clean output without ^Ms
- remove unnecessary "sh", "-c" from simple echo commands
- add actual error-message checks to two places that
were only checking exit status
Resolves one (not all) of the flakes tracked in #18501
Signed-off-by: Ed Santiago <santiago@redhat.com>
Which revealed that absent --authfile's are ignored but shouldn't.
The issue is now being tracked in #18938.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Add support for `--imagestore` in podman which allows users to split the filesystem of containers vs image store, imagestore if configured will pull images in image storage instead of the graphRoot while keeping the other parts still in the originally configured graphRoot.
This is an implementation of
https://github.com/containers/storage/pull/1549 in podman.
Signed-off-by: Aditya R <arajan@redhat.com>
The backend allows for any start/end ip in the subnet. There is no
reason to limit the cli to only CIDR subnets. This allows for much more
flexibility.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
For tests that use '--ip XX', random IP allocation is not
working well. Switch instead to a deterministic algorithm
with CPU affinity and a fudge factor for CNI.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This commit creates a new command `podmansh` command which can be used by
administrators to provide a confined shell to their users.
The user will only have access to the volumes and capabilities for that
user.
Co-authored-by: Paul Holzinger <pholzing@redhat.com>
Co-authored-by: Daniel Walsh <dwalsh@redhat.com>
Co-authored-by: Petr Lautrbach <lautrbach@redhat.com>
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
podman info prints the network information about binary path,
package version, program version and DNS information.
Fixes: #18443
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
There is weird issue #18856 which causes the version check to fail.
Return the underlying error in these cases so we can see it and debug
it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
One feature needed for podmansh is the ability to set the default
homedir to be the workingdir when you login.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
add routes using the --route flag.
the no_default_route option in --opt prevents a default route from
getting added automatically.
Signed-off-by: Jan Hendrik Farr <github@jfarr.cc>
The Sysctl=name=value entry can be used to set --sysctl=name=value
directly without the need to use PodmanArgs=--sysctl=name=value.
Signed-off-by: Laurenz Kruty <git@laurenzkruty.de>
