We had a breaking change to rootless containers' temporary files
directories in Podman 0.11.1. Document a workaround to make the
change no longer working.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
For the shell examples related to building and installing podman, remove the
shell prompt indicator character '$'.
This makes copying and pasting lines much easier.
Retain the prompt indicator for the post-install shell examples, since they
(often) mix shell commands and shell command output, so it serves a useful
purpose to distinguish them.
Signed-off-by: Jonathan Dowland <jdowland@redhat.com>
While we have these string literals on repeated on multiple places in the
library, I cannot see real tangible benefit extracting these to constants
considering following facts:
(1) while 'unknown' or 'host' are repeated, they are often times used in
different context and thus perhaps worth extra const per each use.
(2) while these string literals repeat, the library is full of string literals
with special meaning that should be made constants too
(3) readability would suffer
Signed-off-by: Šimon Lukašík <slukasik@redhat.com>
Redefining err by := operator within block makes this err variable block local.
Addressing lint:
libpod/oci.go:368:3⚠️ ineffectual assignment to err (ineffassign)
Signed-off-by: Šimon Lukašík <slukasik@redhat.com>
Not just nil.
Addressing:
pkg/varlinkapi/images.go:273:15⚠️ ineffectual assignment to err (ineffassign)
Signed-off-by: Šimon Lukašík <slukasik@redhat.com>
We fixated on old metalinter dependency in past based on experience of
metalinter being oftentimes broke and hence broking our build. See
762f508d9ca97cdbaee6053b663e98aee9cae081 in cri-o for more details.
Now, dated metalinter is messing up with my environment (like it is
panicing on containters/storage) so let's see if we can move to more
current version of metalinter.
Signed-off-by: Šimon Lukašík <slukasik@redhat.com>
Need to return an error pointing user in right direction if rootless podman
fails, because of no /etc/subuid or /etc/subgid files.
Also fix up man pages to better describe rootless podman.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add a rootless field to the info data (e.g., `podman info`) to indicate
if the executing user is root or not. In most cases, this can be
guessed but now it is clear and may aid in debugging, reporting and
understanding certain issues.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
We are seeing some issues where, when part of prepare() fails
(originally noticed due to a bad static IP), the other half does
not successfully clean up, and the state can be left in a bad
place (not knowing about an active SHM mount for example).
Signed-off-by: Matthew Heon <mheon@redhat.com>
This one is tricky. By using `:=` operator we have made err variable to be local
in the gorutine and different from `err` variable in the surrounding function.
And thus `createContainer` function returned always nil, even in cases when
some error occurred in the gorutine.
Signed-off-by: Šimon Lukašík <slukasik@redhat.com>
We now can remove a paused container by sending it a kill signal while it
is paused. We then unpause the container and it is immediately killed.
Also, reworked how the parallelWorker results are handled to provide a
more consistent approach to how each subcommand implements it. It also
fixes a bug where if one container errors, the error message is duplicated
when printed out.
Signed-off-by: baude <bbaude@redhat.com>
once we changed configureNetNS to return a result beyond an error,
we need to make sure that we used locals instead of ctr attributes
when determining networks.
Resolves#1752
Signed-off-by: baude <bbaude@redhat.com>
Since we use buildah containers for the build process, the
user will not know if we have any buildah containers lingering
due to a failed build. Setting this to true by default till
we figure out a better way to solve this.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Merge the following changes from the upstream Moby seccomp profile:
* commit b2a907c8cab6 ("Whitelist statx syscall for libseccomp-2.3.3
onward")
* commit 47dfff68e436 ("Whitelist syscalls linked to CAP_SYS_NICE in
default seccomp profile")
* commit ccd22ffcc8b5 ("Move the syslog syscall to be gated by
CAP_SYS_ADMIN or CAP_SYSLOG")
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
If fuse-overlayfs is present, rootless containers default to use it.
This can still be overriden either via the command line with
--storage-driver or in the ~/.config/containers/storage.conf
configuration file.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
