This reverts commit 9d2b8d2791 since
catatonit's new pause functionality can replace the `pause` binary
entirely.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Add the k8s pause binary to `pause/pause.c` and do the plumbing in the
Makefile to install it in $libexec/podman/pause/pause. It is intended to
replace the k8s pause image and hence the need for network connectivity
when creating pods.
[NO NEW TESTS NEEDED] since it will be tested in a following commit.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Don't use reexec for the rootlessport process, instead make it a
separate binary to reduce the memory usage. The problem with reexec is
that it will import all packages that podman uses and therefore loads a
lot of stuff into the heap. The rootlessport process however only needs
the rootlesskit library.
The memory usage is a concern since the rootlessport process will spawn
two process per container which has ports forwarded. The processes stay
until the container dies. On my laptop the current reexec version uses
47800 KB RSS. The new separate binary only uses 4540 KB RSS. This is
more than a 90% improvement.
The Makefile has been updated to compile the new binary and install it
to the libexec directory.
Fixes#10790
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Don't hardcode /usr/bin/podman in unit files: instead, use
template files with a path replaced at install time.
Because 'make' can be invoked repeatedly, with different
PREFIX, do not leave the generated files behind in our
work directory: wipe them immediately after install.
To get this to work, fix a longstanding bug in podman.spec.in,
a PREFIX that should've been DESTDIR.
Side note: #7023 made contrib/systemd/user a symlink
to .../system but did not update paths in Makefile.
The unrelated-looking path change you see here is
a belated correction for that.
Fixes: #10787
Signed-off-by: Ed Santiago <santiago@redhat.com>
We no longer need to install /etc/cni/net.d/87-podman-bridge.conflist
so install.cni isn't needed either.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* Add podman-restart systemd unit file and add it to podman RPM package
* Fix podman start to filter all containers + unit test
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
Distro builds on Fedora and Kubic projects use GO111MODULE=off
by default which are currently failing. This commit fixes it and
going forward, podman CI will also indicate failures in rpm builds.
The additional LDFLAGS have been removed from the spec file
which is not ideal. But, currently we only use the spec file
to check if the rpm builds fine. We can fix the LDFLAGS in a
later commit when we're working on packit integration.
conmon build has also been removed from podman.spec.in because the COPR
for which it was provided has been discontinued.
[NO TESTS NEEDED]
Fixes: #10009
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
This commit sets the CGO_CFLAGS variable for hardening the Fedora rpm
binaries.
The flags used are the same as those in the official Fedora rpms.
Setting the flags in upstream spec would provide early warnings for
flag adjustments or other hardening issues.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Add a new make target (completion) to generate the shell
completion scripts. This will generate the scripts for bash,
zsh and fish for both podman and podman-remote with `podman completion`.
The scripts are put into the completions directory and can be
installed system wide with `sudo make install.completions`.
This commit replaces the current handwritten scripts for bash and zsh.
The `validate.completion` target has been adjusted to make sure nobody
edits these scripts directly.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
We need to block systemd from cleaning up this directory
by dropping a /usr/lib/tmpfiles.d/podman.conf file in place.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
xz package is required by buildah and podman when building a
image and ADD a tar.xz file archive is used
See https://github.com/containers/buildah/issues/2525
Signed-off-by: Job Cespedes Ortiz <jobcespedes@gmail.com>
Issue gh#6286 was already fixed in a prior commit but the Makefile still
ran some varlink steps by default.
This commit makes any varlink build steps dependent on the varlink
build tag and also makes the contrib rpm spec file independent of
varlink.
Endpoint tests will be run only if BUILDTAGS contains varlink.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Now that we're shipping containers.conf, we don't want to provide
a libpod.conf anymore. This removes libpod.conf from the repo and
as many direct uses as I can find.
There are a few more mentions in the documentation, but someone
more familiar with containers.conf should make those edits.
Signed-off-by: Matthew Heon <mheon@redhat.com>
Distro packaging often uses non-default build and linker flags.
The current Makefile cannot be used in the package build process as it
will end up rebuilding the binaries with the default flags.
This commit introduces install targets which do not depend on the build
targets. Distro packages should prefer these if they want to use any
non-default flags.
NOTE: This commit effectively leaves prior targets unchanged, so users
won't notice any difference.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Without the systemd build tag, podman will fail with the error "No
support for journald logging".
This commit adds the `systemd` build tag explicitly, rather than
relying on `hack/systemd_tag.sh` (because we're building an rpm and
we've explicitly included systemd-devel as a dependency).
Signed-off-by: Lars Kellogg-Stedman <lars@redhat.com>
As the title says. I renamed the old file from the lower case to the
upper case name. This makes it appear higher up in the listing on GitHub
and also is in line with the rest of the containers projects. Due to this
change, I also had to change a few references in a couple of build related
files.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Valentin Rothberg
José Guilherme Vanz
Paul Holzinger
Ed Santiago
Lokesh Mandvekar
Boaz Shuster
Matthew Heon
Matthew Heon
Thomas Montague
OpenShift Merge Robot
Daniel J Walsh
Paul Holzinger
Job Cespedes
Peter Oliver
Brent Baude
Lars Kellogg-Stedman
Jhon Honce
TomSweeneyRedHat