when a sigpipe is received the stdout/stderr pipe was closed, so
reopen them with /dev/null.
Closes: https://github.com/containers/libpod/issues/5541
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
when /proc is mounted with hidepid=1 a process doesn't see processes
from the outer user namespace. This causes an issue reading the
cmdline from the parent process.
To address it, always read the command line from /proc/self instead of
using /proc/PARENT_PID.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Add second go routine for when a Timer is not needed.
* goimports updated some project files
Fixes#5531
Signed-off-by: Jhon Honce <jhonce@redhat.com>
this is a temporary fix for the flake that has been troubling us. once conmon is in fedora 30 and 31 stable, we can remove this fix. the images will just need to be rebuilt.
Signed-off-by: Brent Baude <bbaude@redhat.com>
Add support to auto-update containers running in systemd units as
generated with `podman generate systemd --new`.
`podman auto-update` looks up containers with a specified
"io.containers.autoupdate" label (i.e., the auto-update policy).
If the label is present and set to "image", Podman reaches out to the
corresponding registry to check if the image has been updated. We
consider an image to be updated if the digest in the local storage is
different than the one of the remote image. If an image must be
updated, Podman pulls it down and restarts the container. Note that the
restarting sequence relies on systemd.
At container-creation time, Podman looks up the "PODMAN_SYSTEMD_UNIT"
environment variables and stores it verbatim in the container's label.
This variable is now set by all systemd units generated by
`podman-generate-systemd` and is set to `%n` (i.e., the name of systemd
unit starting the container). This data is then being used in the
auto-update sequence to instruct systemd (via DBUS) to restart the unit
and hence to restart the container.
Note that this implementation of auto-updates relies on systemd and
requires a fully-qualified image reference to be used to create the
container. This enforcement is necessary to know which image to
actually check and pull. If we used an image ID, we would not know
which image to check/pull anymore.
Fixes: #3575
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Move the dbus-connection code from libpod's healthcheck to pkg/systemd
to allow for sharing the logic. Needed for the auto-updates work.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
make clearer that the warning could also happen because the logger is
set to use systemd.
Closes: https://github.com/containers/libpod/issues/5443
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
1) 'podman system info' (in logcollector): has been silently
failing in special_testing_rootless, with:
logcollector.sh: line 16: podman: command not found
Use ./bin/podman instead of just podman; this is probably
the right thing to do in the general case anyway
2) logformatter: highlight 'panic:', seen in bindings test:
https://storage.googleapis.com/cirrus-ci-5385732420009984-fcae48/artifacts/containers/libpod/6693715108429824/html/integration_test.log.html
3) logformatter: handle Unicode bullet in front of 'Running',
seen in bindings test.
4) logformatter: turn down contrast on BATS 'ok' results,
for legibility
Signed-off-by: Ed Santiago <santiago@redhat.com>
add endpoints for create, add, remove, inspect, and push. this allows manifests to be managed through the restful interfaces.
also added go-bindings and tests
Signed-off-by: Brent Baude <bbaude@redhat.com>
when building images, we can now add the os and arch of the image using overrides from the commandline. the commandline options set sane defaults so we use those as well.
Fixes: #5503
Signed-off-by: Brent Baude <bbaude@redhat.com>
the podman generated systemd service file has `Type=forking` service,
so the command after `ExecStart=` should not run in front.
if someone created a container and has the detach(`-d`) param missing
like this
```
podman create --name ngxdemo -P nginxdemos/hello
```
and generate the file with `--new` param:
```
podman generate systemd --name --new ngxdemo
```
because `podman run xxx` has no `-d` param,
so the container is not run in background and nerver exit.
and systemd will fail to start the service:
```
sudo systemctl start container-ngxdemo.service
Job for container-ngxdemo.service failed because a timeout was exceeded.
See "systemctl status container-ngxdemo.service" and "journalctl -xe" for details.
```
Signed-off-by: 荒野無燈 <ttys3@outlook.com>
Giuseppe Scrivano
OpenShift Merge Robot
Brent Baude
Ed Santiago
Daniel J Walsh
Jhon Honce
Matthew Heon
Matthew Heon
Valentin Rothberg
Tony Benoy
荒野無燈
dependabot-preview[bot]