As well as added tests, man pages, and completions.
Also reformatted and refactored a couple of other small things in the other pod commands.
Signed-off-by: haircommander <pehunt@redhat.com>
Use github.com/containers/psgo instead of execing `ps (1)`. The psgo
library enables a much more flexible interface with respect to which
data to be printed (e.g., capabilities, seccomp mode, PID, PCPU, etc.)
while the output can be parsed reliably. The library does not use
ps (1) but parses /proc and /dev instead. To list the processes of a
given container, psgo will join the mount namespace of the given
container and extract all data from there.
Notice that this commit breaks compatibility with docker-top.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1113
Approved by: rhatdan
vendor in containers/storage
vendor in containers/image
vendor in projectatomic/buildah
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1114
Approved by: mheon
Bind all the specified TCP and UDP ports so that another process
cannot reuse them. The fd of the listener is then leaked into conmon
so that the socket is kept busy until the container exits.
Closes: https://github.com/projectatomic/libpod/issues/210
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1100
Approved by: mheon
Homu merged a commit without a signoff, update our Gitvalidation
epoch to after said commit to prevent problems.
Signed-off-by: Matthew Heon <mheon@redhat.com>
Closes: #1105
Approved by: vrothberg
Most images won't work without multiple ids/gids. Error out
immediately if there are no multiple ids available.
The error code when the user is not present in /etc/sub{g,u}id looks
like:
$ bin/podman run --rm -ti alpine echo hello
ERRO[0000] No subuid ranges found for user "gscrivano"
Closes: https://github.com/projectatomic/libpod/issues/1087
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1097
Approved by: rhatdan
There's no reason --size cannot be used together with a Go
template - in fact, using a Go template for {{.Size}} without
--size being passed will not work.
Allow use of --namespace and --size with Go templates, but not
with --quiet. Do not allow --namespace and --size at the same
time.
Signed-off-by: Matthew Heon <mheon@redhat.com>
I don't know how the previous test was succeeding, as we never
actually fetched the sizes to sort with. The test now does.
Signed-off-by: Matthew Heon <mheon@redhat.com>
We're printing them unconditionally now, even if --size is not
passed, which is confusing (you see a pair of 0s for container
size, when it is clearly not 0).
This may introduce bugs related to containers with an rwsize of 0
(freshly created from an image) and --size specified, but is
definitely better than what we have now.
Signed-off-by: Matthew Heon <mheon@redhat.com>
A number of fields were never being populated. Populate them as
best we can.
Add a new field, exited, to indicate whether the exit code has
meaning (IE, the container has exited).
Fix handling of running time - it stops ticking when the
container stops. There is further work needed here, I suspect.
Signed-off-by: Matthew Heon <mheon@redhat.com>
Use this to supplement exit codes returned from containers, to
make sure we know when exit codes are invalid (as the container
has not yet exited)
Signed-off-by: Matthew Heon <mheon@redhat.com>
unshare the mount namespace as well when creating an user namespace so
that we are the owner of the mount namespace and we can mount FUSE
file systems on Linux 4.18. Tested on Fedora Rawhide:
podman --storage-opt overlay.fuse_program=/usr/bin/fuse-overlayfs run alpine echo hello
hello
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This fixes a race condition where conmon is still writing the exit
file and the container is exiting.
Also we should not be ignoring the -a stdin flag if the user specifies
--interactive mode.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1086
Approved by: baude
This way ^c will actually kill the host process if the container is not
actually running.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1086
Approved by: baude
when pulling an image that includes a sha such as:
centos/nginx-112-centos7@sha256:42330f7f29ba1ad67819f4ff3ae2472f62de13a827a74736a5098728462212e7
the final image name in libpod should not contain portions of the sha itself nor the sha
identifier. and like docker, we provide a 'none' tag as well.
this should fix#877
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1085
Approved by: mheon
This is a refresh of Dan William's PR #974 with a rebase and proper
vendoring of ocicni and containernetworking/cni. It adds the ability
to define multiple networks as so:
podman run --network=net1,net2,foobar ...
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1082
Approved by: baude
podman rmi was deleting an image even if it was a parent of
another image. This fix just untags the image instead.
This also fixes podman rmi to remove intermediate images of
an image when the image is removed.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #1055
Approved by: mheon
when using the getattachsockets endpoint, which returns the sockets needed
to create and use a terminal, we should check if the container is just in the
configured state. if so, we need to perform a container init to have conmon
create the required sockets so we can attach to them prior to starting the container.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1067
Approved by: jwhonce
