the podman generate systemd command will generate a systemd unit file
based on the attributes of an existing container and user inputs. the
command outputs the unit file to stdout for the user to copy or
redirect. it is enabled for the remote client as well.
users can set a restart policy as well as define a stop timeout
override for the container.
Signed-off-by: baude <bbaude@redhat.com>
When running inside Podman, we get an extra `nodev` mount option.
It doesn't seem to be a bug, more an artifact of running in a
somewhat locked-down container. So instead of checking explicitly
for a set of mount options, just verify the ones we set are
present.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
As part of this, rework the number of workers used by various
Podman tasks to match original behavior - need an explicit
fallthrough in the switch statement for that block to work as
expected.
Also, trivial change to Podman cleanup to work on initialized
containers - we need to reset to a different state after cleaning
up the OCI runtime.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
add the ability for podman to read and write events to journald instead
of just a logfile. This can be controlled in libpod.conf with the
`events_logger` attribute of `journald` or `file`. The default will be
set to `journald`.
Signed-off-by: baude <bbaude@redhat.com>
None of the stop tests actually verified that containers were in
a stopped state after they finished. We shouldn't take a 0 exit
code to indicate that things worked - verify that ps shows no
running containers.
Signed-off-by: Matthew Heon <mheon@redhat.com>
- podman-remote:
- enable log, run and build tests, they're working now
- well, except build + rootless. Skip that one.
- add explanation of why info test is skipped
- Giuseppe's permission test:
- validate GraphRoot and RunRoot values
- add verbose logging, to enable seeing full directory tree
permissions on error
Signed-off-by: Ed Santiago <santiago@redhat.com>
Currently in Docker if you commit with --change 'CMD a b c'
The command that gets added is
[/bin/sh -c "a b c"]
If you commit --change 'CMD ["a","b","c"]'
You get
[a b c]
This patch set makes podman match this behaviour.
Similar change required for Entrypoint.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
enable the ability to start containers from the remote-client. also,
enable start integration tests for remote testing.
Signed-off-by: baude <bbaude@redhat.com>
podman system prune would leave pods be, and not prune them if they were stopped.
Fix this by adding a `podman pod prune` command that prunes stopped pods similarly to containers.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
do not try to use ctr if there was an error. It fixes a segfault when
there is already a container with the same name.
regression introduced by: ba65301c95
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Various problems, one of which was causing the test to fail
completely (otherwise I wouldn't have caught the others):
- option is --uidmap, not --uidmapping
- run_podman cannot be piped (| grep /sys/kernel). That's
an unfortunate limitation of BATS. Any invocation of 'run'
saves results to $output, which then has to be tested
in a separate step.
- do so, using 'run' and 'grep' and 'is' to produce
readable messages on failure
- remove "$expected_rc", that looks like a copy/paste bug
from a few lines above.
Skip entire test if rootless. (The one without --net=host
passes, but it also passes with older podman as both root
and rootless. I don't think it's actually testing anything,
but agree with leaving it in to catch weird regressions).
We really need to get these tests running in CI.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The 'docker commit' will never include a container's volumes when
committing, without an explicit request through '--change'.
Podman, however, defaulted to including user volumes as image
volumes.
Make this behavior depend on a new flag, '--include-volumes',
and make the default behavior match Docker.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
when we run in a user namespace, there are cases where we have not
enough privileges to mount a fresh sysfs on /sys. To circumvent this
limitation, we rbind /sys from the host. This carries inside of the
container also some mounts we probably don't want to. We are also
limited by the kernel to use rbind instead of bind, as allowing a bind
would uncover paths that were not previously visible.
This is a slimmed down version of the intermediate mount namespace
logic we had before, where we only set /sys to slave, so the umounts
done to the storage by the cleanup process are propagated back to the
host. We also don't setup any new directory, so there is no
additional cleanup to do.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
podman-remote now supports rm! That's what we needed to start
running BATS tests.
Although most tests don't actually work, some do, and maybe
the rest will start working over time. For now, disable them.
The only significant difference found is that podman-remote
strips fractional seconds from timestamps in JSON output.
Probably not something worth caring about.
Signed-off-by: Ed Santiago <santiago@redhat.com>
* refactor command output to use one function
* Add new worker pool parallel operations
* Implement podman-remote umount
* Refactored podman wait to use printCmdOutput()
Signed-off-by: Jhon Honce <jhonce@redhat.com>
`podman cp` used to copy the contents under the source directory to the destination. But according to the specification in podman-cp.md. it should copy the whole directory to the destination if the destination directory already exists.
- src dir ends with /., copy the contents to dest dir
- src dir does not end with /.
- dest dir /home does not exist, copy the contents
- dest dir /home exists, copy the directory
```
$ sudo podman cp /home/qiwan/Documents/empty 7c47:/home
$ sudo podman exec -it 7c47 ls /home
$
$ sudo podman cp /home/qiwan/Documents/empty 7c47:/home
$ sudo podman exec -it 7c47 ls /home
empty
```
Signed-off-by: Qi Wang <qiwan@redhat.com>