they allow to override the owner of the volume. Differently from
-o=uid= and -o=gid= they are not passed down to the mount operation.
Closes: https://issues.redhat.com/browse/RHEL-76452
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This patch adds an example of using the `--ingore` option to the podman-secret-rm.1 man page.
Fixes: #26361
Signed-off-by: shu-kitamura <shusei3316@yahoo.co.jp>
This patch adds an example of using the --time option to the podman-network-rm.1 man page.
Fixes: #26373
Signed-off-by: shu-kitamura <shusei3316@yahoo.co.jp>
This patch adds two usage examples to the podman-system-migrate.1 man page:
- Normal invocation, with no expected output
- Migration to a new OCI runtime (e.g., from crun to runc)
Fixes: #26359
Signed-off-by: Arthur Wu <lion811004@gmail.com>
An artifact without the title annoation just gets the digest as name
which is less than ideal. While it is a decent default to avoid
conflicts users would like to configure the name.
With the name=abc option we will call the file abc in case of a signle
artifact and otherwise we use abc-x where x is the layer index starting
at 0 to avoid conflicts.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
If the artifact has a single blob then use the dst path directly as
mount in case it does not exist.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The prior commit that expanded the examples added an out of
place heading to the manpage for podman-ps, which looks like
a probable AI tool hallucination.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The --pod flag is important for users working with pods but lacked
documentation examples. Added examples showing:
- Basic --pod usage to display pod information
- Using --pod with -a to show all containers and their pods
- Filtering containers by pod name
- Custom formatting with pod-related placeholders
Also: removed trailing whitespace on a few lines
Fixes#26367
Assisted-by: Claude Sonnet 4
Removed trailing whitespace on a few lines
Signed-off-by: Mike McGrath <mmcgrath@fedoraproject.org>
MH: Squashed, force-pushed to reset CI
Signed-off-by: Matt Heon <mheon@redhat.com>
The following manpages were missing examples of the `--all` flag:
* podman init
* podman pod pause
* podman secret rm
* podman system connection remove
* podman system prune
Added examples of all.
Fixes#26354
Signed-off-by: Matt Heon <mheon@redhat.com>
Mainly this fixes an issue of using /dev/zero for block device examples.
Also:
* fix section title;
* remove separate cgroup v2 and v1 examples, only leaving one;
* break long lines.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
The prior version talked about potential access to DBus, but this is a
bogus warning: default OS setups do not bind DBus to localhost or to an
abstract Unix socket. It is possible that the original author was
thinking of CVE-2020–15257, which affected containerd's abstract Unix
socket; they fixed it by switching to a named socket, just as DBus
always (?) has done.
Signed-off-by: Warren Young <wyoung@tangentsoft.com>
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
podman system check --quick currently only skips layer contents, but
practically it's not much quicker than without the flag.
This changes the flag to also skip checking layer digests which speed up
the check significantly.
In some cases, it is useful to opt for a quicker check if we prioritize
detecting and fixing severe corruption and can tolerate minor damage.
The check option is derived from CRI-O's internal repair:
9e4d86d823/internal/lib/container_server.go (L860)
Signed-off-by: Sonny Sasaka <sonnysasaka@gmail.com>
Given I wrote this and I still mess it up on a regular basis, I
cannot be alone in forgetting whether "dst" or "dest" is the
correct short option for "destination". Let's just make both
valid, I don't see a reason not to.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Remove no longer correct statement that quadlet that does not translate
our own custom unit types
Fixes: e498c652 ("Quadlet - translate dependencies on other quadlet units")
Fixes: #26243
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This commit adds two new annotations named
io.podman.annotations.cpuset/$ctrname and
io.podman.annotations.memory-nodes/$ctrname
The first one allows restricting a container's execution to specific
CPU cores while the second restricts memory allocations to specific
NUMA memory nodes. They are also added automatically when the
--cpuset-cpus and --cpuset-mems options are used.
Fixes: containers#26172
Signed-off-by: François Poirotte <clicky@erebot.net>
runc is not the only runtime supporting --pre-checkpoint
crun commit 0683fec8b mentions
"This commit takes the interface as implemented in runc and implements it
for crun. "
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
Previously, the HealthCheck exec session would not terminate on timeout, allowing the healthcheck to run indefinitely.
Fixes: https://issues.redhat.com/browse/RHEL-86096
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
openshift-merge-bot[bot]
Giuseppe Scrivano
shu-kitamura
Benjamin Akhras
Arthur Wu
Paul Holzinger
Daniel P. Berrangé
Jitka Obselkova
Marek Libra
Mike McGrath
Jarek Górny
Matt Heon
Penghao
Alessandro Grassi
Till Maas
Fernando Fernandez Mancera
Kir Kolyshkin
Warren Young
Erik Sjölund
Sonny Sasaka
Matthew Heon
François Poirotte
Jan Rodák