containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,849 Commits 51 Branches 248 Tags 259 MiB
Commit Graph

870 Commits

Author SHA1 Message Date
OpenShift Merge Robot 5f41ffdd19
Merge pull request #11322 from Luap99/network-libpod 
Wire network interface into libpod
 2021-09-15 16:11:14 -04:00
Paul Holzinger b906b9d858
Drop OCICNI dependency 
We do not use the ocicni code anymore so let's get rid of it. Only the
port struct is used but we can copy this into libpod network types so
we can debloat the binary.

The next step is to remove the OCICNI port mapping form the container
config and use the better PortMapping struct everywhere.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
 2021-09-15 20:00:28 +02:00
Paul Holzinger 85e8fbf7f3
Wire network interface into libpod 
Make use of the new network interface in libpod.

This commit contains several breaking changes:
- podman network create only outputs the new network name and not file
  path.
- podman network ls shows the network driver instead of the cni version
  and plugins.
- podman network inspect outputs the new network struct and not the cni
  conflist.
- The bindings and libpod api endpoints have been changed to use the new
  network structure.

The container network status is stored in a new field in the state. The
status should be received with the new `c.getNetworkStatus`. This will
migrate the old status to the new format. Therefore old containers should
contine to work correctly in all cases even when network connect/
disconnect is used.

New features:
- podman network reload keeps the ip and mac for more than one network.
- podman container restore keeps the ip and mac for more than one
  network.
- The network create compat endpoint can now use more than one ipam
  config.

The man pages and the swagger doc are updated to reflect the latest
changes.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
 2021-09-15 20:00:20 +02:00
Daniel J Walsh 3e77f960f6
Set default storage from containers.conf for temporary images 
Fixes: https://github.com/containers/podman/issues/11107

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2021-09-15 10:43:51 -04:00
Aditya Rajan d0c605cd3d build: mirror --authfile to filesystem if pointing to FD instead of file 
Following commit makes sure that podman mirrors --authfile to a temporary
file in filesystem if arg is pointing to an FD instead of actual file
as FD can be only consumed once.

Reference:
* https://github.com/containers/buildah/pull/3498
* https://github.com/containers/buildah/issues/3070

[NO TESTS NEEDED]

Signed-off-by: Aditya Rajan <arajan@redhat.com>
 2021-09-15 14:58:48 +05:30
Aditya Rajan 222b62e7b0 vendor: Bump github.com/containers/buildah from 1.22.3 to 1.23.0 
[NO TESTS NEEDED]

Signed-off-by: Aditya Rajan <arajan@redhat.com>
 2021-09-15 13:30:49 +05:30
OpenShift Merge Robot 6a34045c67
Merge pull request #11170 from flouthoc/support-rootfs-overlay 
rootfs: Add support for rootfs-overlay.
 2021-09-14 13:14:11 -04:00
Jhon Honce d7256be807 Enhance bindings for IDE hints 
* Follow https://pkg.go.dev/cmd/go#hdr-Generate_Go_files_by_processing_source
  for leading comment
* Add godoc strings for all exposed methods for IDE support
* Copy field godoc strings into generated code as function godoc string
* Remove unused/unnecessary fields from generator.go structures
* Cleanup code regarding template usage

Signed-off-by: Jhon Honce <jhonce@redhat.com>
 2021-09-14 07:47:24 -07:00
flouthoc a55e2a00fc rootfs: Add support for rootfs-overlay and bump to buildah v1.22.1-0.202108 
Allows users to specify a readonly rootfs with :O, in exchange podman will create a writable overlay.

bump builah to v1.22.1-0.20210823173221-da2b428c56ce

[NO TESTS NEEDED]

Signed-off-by: flouthoc <flouthoc.git@gmail.com>
 2021-09-14 13:31:39 +05:30
OpenShift Merge Robot 55a7f89fca
Merge pull request #11549 from containers/dependabot/go_modules/github.com/json-iterator/go-1.1.12 
Bump github.com/json-iterator/go from 1.1.11 to 1.1.12
 2021-09-13 14:51:29 -04:00
dependabot[bot] 9ae947654f
Bump github.com/json-iterator/go from 1.1.11 to 1.1.12 
Bumps [github.com/json-iterator/go](https://github.com/json-iterator/go) from 1.1.11 to 1.1.12.
- [Release notes](https://github.com/json-iterator/go/releases)
- [Commits](https://github.com/json-iterator/go/compare/v1.1.11...v1.1.12)

---
updated-dependencies:
- dependency-name: github.com/json-iterator/go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-13 17:25:11 +00:00
Paul Holzinger b0cbcd1d09
bump c/common to v0.44.0 
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
 2021-09-13 18:49:38 +02:00
dependabot[bot] eec59cea2c
Bump github.com/containers/storage from 1.35.0 to 1.36.0 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.35.0 to 1.36.0.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.35.0...v1.36.0)

---
updated-dependencies:
- dependency-name: github.com/containers/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-13 12:29:39 +00:00
OpenShift Merge Robot f785d8d194
Merge pull request #11517 from jwhonce/issues/10053 
Refactor API server emphasis on logging
 2021-09-12 02:07:36 -04:00
Jhon Honce deaf969243 Refacter API server emphasis on logging 
* To aid in debugging log API request and response bodies at trace
  level. Events can be correlated using the X-Reference-Id.
* Server now echos X-Reference-Id from client if set, otherwise
  generates an unique id.
* Move logic for X-Reference-Id into middleware
* Change uses of Header.Add() to Set() when setting Content-Type
* Log API operations in Apache format using gorilla middleware
* Port server code to use BaseContext and ConnContext

Fixes #10053

Signed-off-by: Jhon Honce <jhonce@redhat.com>
 2021-09-10 15:07:25 -07:00
dependabot[bot] 81751bebc6
Bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5 
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.4 to 1.8.5.
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.8.4...v1.8.5)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-10 15:18:53 +00:00
OpenShift Merge Robot 923648b487
Merge pull request #11509 from containers/dependabot/go_modules/github.com/containers/psgo-1.6.0 
Bump github.com/containers/psgo from 1.5.2 to 1.6.0
 2021-09-10 11:00:51 -04:00
dependabot[bot] 309d989712 Bump github.com/containers/psgo from 1.5.2 to 1.6.0 
Bumps [github.com/containers/psgo](https://github.com/containers/psgo) from 1.5.2 to 1.6.0.
- [Release notes](https://github.com/containers/psgo/releases)
- [Commits](https://github.com/containers/psgo/compare/v1.5.2...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/containers/psgo
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

[NO TESTS NEEDED] since it's migrating to a new version.

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2021-09-10 15:23:43 +02:00
dependabot[bot] c65b43a0fa
Bump github.com/godbus/dbus/v5 from 5.0.4 to 5.0.5 
Bumps [github.com/godbus/dbus/v5](https://github.com/godbus/dbus) from 5.0.4 to 5.0.5.
- [Release notes](https://github.com/godbus/dbus/releases)
- [Commits](https://github.com/godbus/dbus/compare/v5.0.4...v5.0.5)

---
updated-dependencies:
- dependency-name: github.com/godbus/dbus/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-09 16:16:56 +00:00
Valentin Rothberg 78c5a47fc9 vendor mpb@v7.1.4 
Fixes a race condition leading to a deadlock.

Thanks to @mtrmac and @vbauerster for fixing the issue!

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2021-09-09 14:19:21 +02:00
Aditya Rajan cba114dd36 manifest: rm should not remove referenced images. 
Following PR makes sure that `podman manifest rm <list>` only removes
the named manifest list and not referenced images.

Bumping and squashing c/common to v0.43.3-0.20210902095222-a7acc160fb25
in same commit in order to make sure build commit test passes.

Signed-off-by: Aditya Rajan <arajan@redhat.com>
 2021-09-02 17:30:02 +05:30
Miloslav Trmač 9f7bad7dac Use UNMERGED vbauerster/mpb PR to fix a pull deadlock 
> go mod edit -replace github.com/vbauerster/mpb/v7=github.com/mtrmac/mpb/v7@abort-deadlock
> make vendor

See https://github.com/vbauerster/mpb/issues/100 and
https://github.com/vbauerster/mpb/pull/101 .

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2021-08-31 15:51:36 +02:00
dependabot[bot] f5ce02b227
Bump github.com/containers/image/v5 from 5.15.2 to 5.16.0 
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.15.2 to 5.16.0.
- [Release notes](https://github.com/containers/image/releases)
- [Commits](https://github.com/containers/image/compare/v5.15.2...v5.16.0)

---
updated-dependencies:
- dependency-name: github.com/containers/image/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-26 13:21:26 +00:00
dependabot[bot] c6e12a2e44
Bump github.com/fsnotify/fsnotify from 1.4.9 to 1.5.1 
Bumps [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify) from 1.4.9 to 1.5.1.
- [Release notes](https://github.com/fsnotify/fsnotify/releases)
- [Changelog](https://github.com/fsnotify/fsnotify/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fsnotify/fsnotify/compare/v1.4.9...v1.5.1)

---
updated-dependencies:
- dependency-name: github.com/fsnotify/fsnotify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-25 12:28:54 +00:00
Nalin Dahyabhai fc6a020330 bump github.com/containers/common 
Update github.com/containers/common from 0.43.0 to 0.43.2.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
 2021-08-23 17:59:58 -04:00
Daniel J Walsh 6b06e9b77c Switch eventlogger to journald by default 
[NO TESTS NEEDED] Since we are just testing the default.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2021-08-23 17:59:42 -04:00
OpenShift Merge Robot d1137664fe
Merge pull request #11311 from containers/dependabot/go_modules/github.com/containers/buildah-1.22.3 
Bump github.com/containers/buildah from 1.22.0 to 1.22.3
 2021-08-23 15:00:21 -04:00
dependabot[bot] d24a5d9fdd
Bump github.com/opencontainers/runc from 1.0.1 to 1.0.2 
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Commits](https://github.com/opencontainers/runc/compare/v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-23 14:26:28 +00:00
OpenShift Merge Robot ac5f2e1162
Merge pull request #11310 from containers/dependabot/go_modules/github.com/onsi/gomega-1.16.0 
Bump github.com/onsi/gomega from 1.15.0 to 1.16.0
 2021-08-23 10:11:10 -04:00
dependabot[bot] fe4dc452ec
Bump github.com/containers/buildah from 1.22.0 to 1.22.3 
Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.22.0 to 1.22.3.
- [Release notes](https://github.com/containers/buildah/releases)
- [Changelog](https://github.com/containers/buildah/blob/v1.22.3/CHANGELOG.md)
- [Commits](https://github.com/containers/buildah/compare/v1.22.0...v1.22.3)

---
updated-dependencies:
- dependency-name: github.com/containers/buildah
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-23 12:24:00 +00:00
dependabot[bot] 1493b86c75
Bump github.com/onsi/gomega from 1.15.0 to 1.16.0 
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-23 12:23:29 +00:00
dependabot[bot] 57a0ed182d
Bump k8s.io/api from 0.22.0 to 0.22.1 
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.22.0 to 0.22.1.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.22.0...v0.22.1)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-21 12:36:22 +00:00
dependabot[bot] db7eaa98b2
Bump k8s.io/apimachinery from 0.22.0 to 0.22.1 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.22.0 to 0.22.1.
- [Release notes](https://github.com/kubernetes/apimachinery/releases)
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.22.0...v0.22.1)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-20 12:26:41 +00:00
dependabot[bot] 82bb999e36
Bump github.com/containers/image/v5 from 5.15.1 to 5.15.2 
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.15.1 to 5.15.2.
- [Release notes](https://github.com/containers/image/releases)
- [Commits](https://github.com/containers/image/compare/v5.15.1...v5.15.2)

---
updated-dependencies:
- dependency-name: github.com/containers/image/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-19 12:28:10 +00:00
OpenShift Merge Robot 23804d95f6
Merge pull request #11242 from containers/dependabot/go_modules/github.com/containers/image/v5-5.15.1 
Bump github.com/containers/image/v5 from 5.15.0 to 5.15.1
 2021-08-19 06:42:11 -04:00
dependabot[bot] f0247df89d
Bump github.com/rootless-containers/rootlesskit from 0.14.4 to 0.14.5 
Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.14.4 to 0.14.5.
- [Release notes](https://github.com/rootless-containers/rootlesskit/releases)
- [Commits](https://github.com/rootless-containers/rootlesskit/compare/v0.14.4...v0.14.5)

---
updated-dependencies:
- dependency-name: github.com/rootless-containers/rootlesskit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-18 12:25:27 +00:00
dependabot[bot] c1b7787a28
Bump github.com/containers/image/v5 from 5.15.0 to 5.15.1 
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.15.0 to 5.15.1.
- [Release notes](https://github.com/containers/image/releases)
- [Commits](https://github.com/containers/image/compare/v5.15.0...v5.15.1)

---
updated-dependencies:
- dependency-name: github.com/containers/image/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-17 19:29:15 +00:00
dependabot[bot] e9f4d81790
Bump github.com/containers/storage from 1.34.0 to 1.34.1 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.34.0 to 1.34.1.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.34.0...v1.34.1)

---
updated-dependencies:
- dependency-name: github.com/containers/storage
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-17 12:21:23 +00:00
dependabot[bot] 4e4c4b62fd
Bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4 
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.8.3 to 1.8.4.
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.8.3...v1.8.4)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-10 15:01:34 +00:00
dependabot[bot] f7de8bc809
Bump github.com/containers/storage from 1.33.1 to 1.34.0 
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.33.1 to 1.34.0.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.33.1...v1.34.0)

---
updated-dependencies:
- dependency-name: github.com/containers/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-10 13:00:34 +00:00
dependabot[bot] 79e4baf4ca
Bump github.com/onsi/gomega from 1.14.0 to 1.15.0 
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.14.0...v1.15.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-06 12:21:04 +00:00
dependabot[bot] 88b9cbd5e5
Bump k8s.io/api from 0.21.3 to 0.22.0 
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.21.3 to 0.22.0.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.21.3...v0.22.0)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-05 18:02:04 +00:00
openshift-ci[bot] faf489b7b2
Merge pull request #11143 from containers/dependabot/go_modules/k8s.io/apimachinery-0.22.0 
Bump k8s.io/apimachinery from 0.21.3 to 0.22.0
 2021-08-05 17:43:25 +00:00
dependabot[bot] adee0ca599
Bump github.com/BurntSushi/toml from 0.3.1 to 0.4.1 
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 0.3.1 to 0.4.1.
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](https://github.com/BurntSushi/toml/compare/v0.3.1...v0.4.1)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-05 12:20:26 +00:00
dependabot[bot] eb2e99101a
Bump k8s.io/apimachinery from 0.21.3 to 0.22.0 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.21.3 to 0.22.0.
- [Release notes](https://github.com/kubernetes/apimachinery/releases)
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.21.3...v0.22.0)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-05 12:20:04 +00:00
TomSweeneyRedHat ddc360fe17
Bump Buildah to v1.22.0 [NO TESTS NEEDED] 
Bump Buildah to v1.22.0 in preparation for RHEL 8.5 and
RHEL 9.0beta.  Also bump c/common to v0.42.1
[NO TESTS NEEDED]

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2021-08-04 12:52:34 -04:00
dependabot[bot] e78f3e8c47
Bump github.com/docker/docker 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.7+incompatible to 20.10.8+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.7...v20.10.8)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-04 10:04:27 +00:00
dependabot[bot] bd29ec4c3b
Bump github.com/rootless-containers/rootlesskit from 0.14.3 to 0.14.4 
Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 0.14.3 to 0.14.4.
- [Release notes](https://github.com/rootless-containers/rootlesskit/releases)
- [Commits](https://github.com/rootless-containers/rootlesskit/compare/v0.14.3...v0.14.4)

---
updated-dependencies:
- dependency-name: github.com/rootless-containers/rootlesskit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-04 07:48:36 +00:00
openshift-ci[bot] cbad561696
Merge pull request #11091 from Luap99/connect-disconnect 
fix rootless port forwarding with network dis-/connect
 2021-08-03 18:59:01 +00:00
Paul Holzinger e88d8dbeae
fix rootless port forwarding with network dis-/connect 
The rootlessport forwarder requires a child IP to be set. This must be a
valid ip in the container network namespace. The problem is that after a
network disconnect and connect the eth0 ip changed. Therefore the
packages are dropped since the source ip does no longer exists in the
netns.
One solution is to set the child IP to 127.0.0.1, however this is a
security problem. [1]

To fix this we have to recreate the ports after network connect and
disconnect. To make this work the rootlessport process exposes a socket
where podman network connect/disconnect connect to and send to new child
IP to rootlessport. The rootlessport process will remove all ports and
recreate them with the new correct child IP.

Also bump rootlesskit to v0.14.3 to fix a race with RemovePort().

Fixes #10052

[1] https://nvd.nist.gov/vuln/detail/CVE-2021-20199

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
 2021-08-03 16:29:09 +02:00