Podman: A tool for managing OCI containers and pods.
APACHE-2.0 License
Bot releases are hidden (Show)
Published by mheon over 3 years ago
This is the first release candidate for Podman v3.1.0. Release is expected later this week.
Published by mheon over 3 years ago
WARN
level log messages have been downgraded to INFO
or DEBUG
to not clutter terminal output.Created
field of podman ps --format=json
was formatted as a string instead of an Unix timestamp (integer) (#9315).podman images
command would cause the whole command to fail without printing output.--cgroups=split
did not function properly on cgroups v1 systems.--entrypoint=[""]
option to podman run
and podman create
as a literal empty string in the entrypoint, when instead it should have been ignored (#9377).HOME
environment variable to ""
when the container ran as a user without an assigned home directory (#9378).podman pod create
to panic (#9374).--runtime
option was not properly handled by the podman build
command (#9365).podman generate systemd --new
command would incorrectly escape %t
when generating the path for the PID file (#9373).podman build
command (including but not limited to --jobs
) were nonfunctional (#9247).docker-java
library.Published by mheon over 3 years ago
podman rename
command, which allows containers to be renamed after they are created (#1925).podman copy
command.podman network reload
, has been added. This command will re-configure the network of all running containers, and can be used to recreate firewall rules lost when the system firewall was reloaded (e.g. via firewall-cmd --reload
).podman network ls
and can be used when removing and inspecting networks. Existing networks receive IDs automatically.--label
option to network create
, and podman network ls
can filter labels based on them.podman network create
command now supports setting bridge MTU and VLAN through the --opt
option (#8454).podman container checkpoint
and podman container restore
commands can now checkpoint and restore containers that include volumes.podman container checkpoint
command now supports the --with-previous
and --pre-checkpoint
options, and the podman container restore
command now support the --import-previous
option. These add support for two-step checkpointing with lowered dump times.podman push
command can now push manifest lists. Podman will first attempt to push as an image, then fall back to pushing as a manifest list if that fails.podman generate kube
command can now be run on multiple containers at once, and will generate a single pod containing all of them.podman generate kube
and podman play kube
commands now support Kubernetes DNS configuration, and will preserve custom DNS configuration when exporting or importing YAML (#9132).podman generate kube
command now properly supports generating YAML for containers and pods creating using host networking (--net=host
) (#9077).podman kill
command now supports a --cidfile
option to kill containers given a file containing the container's ID (#8443).podman pod create
command now supports the --net=none
option (#9165).podman volume create
command can now specify volume UID and GID as options with the UID
and GID
fields passed to the the --opt
option.containers.conf
and use them to create volumes with podman volume create --driver
.podman run
and podman create
commands now support a new option, --platform
, to specify the platform of the image to be used when creating the container.--security-opt
option to podman run
and podman create
now supports the systempaths=unconfined
option to unrestrict access to all paths in the container, as well as mask
and unmask
options to allow more granular restriction of container paths.podman stats --format
command now supports a new format specified, MemUsageBytes
, which prints the raw bytes of memory consumed by a container without human-readable formatting #8945.podman ps
command can now filter containers based on what pod they are joined to via the pod
filter (#8512).podman pod ps
command can now filter pods based on what networks they are joined to via the network
filter.podman pod ps
command can now print information on what networks a pod is joined to via the .Networks
specifier to the --format
option.podman system prune
command now supports filtering what containers, pods, images, and volumes will be pruned.podman volume prune
commands now supports filtering what volumes will be pruned.podman system prune
command now includes information on space reclaimed (#8658).podman info
command will now properly print information about packages in use on Gentoo and Arch systems.containers.conf
file now contains an option for disabling creation of a new kernel keyring on container creation (#8384).podman image sign
command can now sign multi-arch images by producing a signature for each image in a given manifest list.podman image sign
command, when run as rootless, now supports per-user registry configuration files in $HOME/.config/containers/registries.d
.slirp4netns
can now be set system-wide via the NetworkCmdOptions
configuration option in containers.conf
.slirp4netns
can now be configured via the mtu=
network command option (e.g. podman run --net slirp4netns:mtu=9000
).127.0.0.1
as the source address for all traffic forwarded into rootless containers by a forwarded port; this has been changed to address the issue.podman load
command no longer accepts a NAME[:TAG]
argument. The presence of this argument broke CLI compatibility with Docker by making docker load
commands unusable with Podman (#7387).podman network create
command can now create macvlan
networks using the --driver macvlan
option for Docker compatibility. The existing --macvlan
flag has been deprecated and will be removed in Podman 4.0 some time next year.podman inspect
command has had the LogPath
and LogTag
fields moved into the LogConfig
structure (from the root of the Inspect structure). The maximum size of the log file is also included.podman generate systemd
command no longer generates unit files using the deprecated KillMode=none
option (#8615).podman stop
command now releases the container lock while waiting for it to stop - as such, commands like podman ps
will no longer block until podman stop
completes (#8501).podman network create --internal
no longer use the dnsname
plugin. This configuration never functioned as expected.podman run
when an invalid SELinux is specified have been improved.containers.conf
allowing for advanced configuration of the namespaces they will share.podman history --no-trunc
command would truncate the Created By
field (#9120).Networks
field of the output of podman inspect
(#6618).WORKDIR
instruction) but not present in the image, would not be created (#9040).podman generate systemd
command would generate invalid unit files if the container was creating using a command line that included doubled braces ({{
and }}
), e.g. --log-opt-tag={{.Name}}
(#9034).podman generate systemd --new
command could generate unit files including invalid Podman commands if the container was created using merged short options (e.g. podman run -dt
) (#8847).podman generate systemd --new
command could generate unit files that did not handle Podman commands including some special characters (e.g. $
) (#9176
Containerfile
when sending build context to the server (#8374)./sys
as a new sysfs
in some circumstances where it was acceptable.podman play kube
command did not properly handle CMD
and ARGS
from images (#8803).podman play kube
command did not properly handle environment variables from images (#8608).podman play kube
command did not properly print errors that occurred when starting containers.podman play kube
command errored when hostNetwork
was used (#8790).podman play kube
command would always pull images when the :latest
tag was specified, even if the image was available locally (#7838).podman play kube
command did not properly handle SELinux configuration, rending YAML with custom SELinux configuration unusable (#8710).podman generate kube
command incorrectly populated the args
and command
fields of generated YAML (#9211)./etc/hosts
file every time the container restarted (#8921).podman search --list-tags
command did not support the --format
option (#8740).http_proxy
option in containers.conf
was not being respected, and instead was set unconditionally to true (#8843).podman images
command would break and fail to display any images if an empty manifest list was present in storage (#8931).--uidmap
option that included a mapping beginning with UID 0
.podman logs
command using the k8s-file
backend did not properly handle partial log lines with a length of 1 (#8879).podman logs
command with the --follow
option did not properly handle log rotation (#8733).HOSTNAME
environment variables were overwritten by Podman (#8886).containers.conf
in too many situations (e.g. applying network sysctls when the container shared its network with a pod).--privileged
option to podman run
and podman create
would, under some circumstances, not disable Seccomp (#8849).podman exec
command did not properly add capabilities when the container or exec session were run with --privileged
.--enable-sandbox
option to slirp4netns
unconditionally, even when pivot_root
was disabled, rendering slirp4netns
unusable when pivot_root
was disabled (#8846).podman build --logfile
did not actually write the build's log to the logfile.podman system service
command did not close STDIN, and could display user-interactive prompts (#8700).podman system reset
command could, under some circumstances, remove all the contents of the XDG_RUNTIME_DIR
directory (#8680).podman network create
command created CNI configurations that did not include a default gateway (#8748).podman.service
systemd unit provided by default used the wrong service type, and would cause systemd to not correctly register the service as started (#8751).TMPDIR
environment variable was set for the container engine in containers.conf
, it was being ignored.podman events
command did not properly handle future times given to the --until
option (#8694).podman logs
command wrote container STDERR
logs to STDOUT
instead of STDERR
(#8683).--cap-add=all
and --user
options to podman create
and podman run
were combined.--layers
option to podman build
was nonfunctional (#8643).podman system prune
command did not act recursively, and thus would leave images, containers, pods, and volumes present that would be removed by a subsequent call to podman system prune
(#7990).--publish
option to podman run
and podman create
did not properly handle ports specified as a range of ports with no host port specified (#8650).--format
did not support JSON output for individual fields (#8444).podman stats
command would fail when run on root containers using the slirp4netns
network mode (#7883).podman stats
command would fail if the system did not support one or more of the cgroup controllers Podman supports (#8588).--mount
option to podman create
and podman run
did not ignore the consistency
mount option.podman network disconnect
command could cause the podman inspect
command to fail for a container until it was restarted (#9234).--rootfs
option to podman create
and podman run
) would fail (#9230).--format
option to multiple Podman commands did not support the join
function (#8773).podman rmi
command could, when run in parallel on multiple images, return layer not known
errors (#6510).podman inspect
command on containers displayed unlimited ulimits incorrectly (#9303).container:
, correctly.containers.conf
is now used).journald
backend was in use, resulting in a leak of file descriptors (#8864).index out of range
error under certain circumstances (#8870).Published by mheon over 3 years ago
Please note that these release notes are preliminary until v3.0.0 final is released
podman rename
command, which allows containers to be renamed after they are created (#1925).podman copy
command.podman network reload
, has been added. This command will re-configure the network of all running containers, and can be used to recreate firewall rules lost when the system firewall was reloaded (e.g. via firewall-cmd --reload
).podman network ls
and can be used when removing and inspecting networks. Existing networks receive IDs automatically.--label
option to network create
, and podman network ls
can filter labels based on them.podman network create
command now supports setting bridge MTU and VLAN through the --opt
option (#8454).podman container checkpoint
and podman container restore
commands can now checkpoint and restore containers that include volumes.podman container checkpoint
command now supports the --with-previous
and --pre-checkpoint
options, and the podman container restore
command now support the --import-previous
option. These add support for two-step checkpointing with lowered dump times.podman push
command can now push manifest lists. Podman will first attempt to push as an image, then fall back to pushing as a manifest list if that fails.podman generate kube
command can now be run on multiple containers at once, and will generate a single pod containing all of them.podman generate kube
and podman play kube
commands now support Kubernetes DNS configuration, and will preserve custom DNS configuration when exporting or importing YAML (#9132).podman generate kube
command now properly supports generating YAML for containers and pods creating using host networking (--net=host
) (#9077).podman kill
command now supports a --cidfile
option to kill containers given a file containing the container's ID (#8443).podman pod create
command now supports the --net=none
option (#9165).podman volume create
command can now specify volume UID and GID as options with the UID
and GID
fields passed to the the --opt
option.containers.conf
and use them to create volumes with podman volume create --driver
.podman run
and podman create
commands now support a new option, --platform
, to specify the platform of the image to be used when creating the container.--security-opt
option to podman run
and podman create
now supports the systempaths=unconfined
option to unrestrict access to all paths in the container, as well as mask
and unmask
options to allow more granular restriction of container paths.podman stats --format
command now supports a new format specified, MemUsageBytes
, which prints the raw bytes of memory consumed by a container without human-readable formatting #8945.podman ps
command can now filter containers based on what pod they are joined to via the pod
filter (#8512).podman pod ps
command can now filter pods based on what networks they are joined to via the network
filter.podman pod ps
command can now print information on what networks a pod is joined to via the .Networks
specifier to the --format
option.podman system prune
command now supports filtering what containers, pods, images, and volumes will be pruned.podman volume prune
commands now supports filtering what volumes will be pruned.podman system prune
command now includes information on space reclaimed (#8658).podman info
command will now properly print information about packages in use on Gentoo and Arch systems.containers.conf
file now contains an option for disabling creation of a new kernel keyring on container creation (#8384).podman image sign
command can now sign multi-arch images by producing a signature for each image in a given manifest list.podman image sign
command, when run as rootless, now supports per-user registry configuration files in $HOME/.config/containers/registries.d
.slirp4netns
can now be set system-wide via the NetworkCmdOptions
configuration option in containers.conf
.slirp4netns
can now be configured via the mtu=
network command option (e.g. podman run --net slirp4netns:mtu=9000
).127.0.0.1
as the source address for all traffic forwarded into rootless containers by a forwarded port; this has been changed to address the issue.podman load
command no longer accepts a NAME[:TAG]
argument. The presence of this argument broke CLI compatibility with Docker by making docker load
commands unusable with Podman (#7387).podman network create
command can now create macvlan
networks using the --driver macvlan
option for Docker compatibility. The existing --macvlan
flag has been deprecated and will be removed in Podman 4.0 some time next year.podman inspect
command has had the LogPath
and LogTag
fields moved into the LogConfig
structure (from the root of the Inspect structure). The maximum size of the log file is also included.podman generate systemd
command no longer generates unit files using the deprecated KillMode=none
option (#8615).podman stop
command now releases the container lock while waiting for it to stop - as such, commands like podman ps
will no longer block until podman stop
completes (#8501).podman network create --internal
no longer use the dnsname
plugin. This configuration never functioned as expected.podman run
when an invalid SELinux is specified have been improved.containers.conf
allowing for advanced configuration of the namespaces they will share.podman history --no-trunc
command would truncate the Created By
field (#9120).Networks
field of the output of podman inspect
(#6618).WORKDIR
instruction) but not present in the image, would not be created (#9040).podman generate systemd
command would generate invalid unit files if the container was creating using a command line that included doubled braces ({{
and }}
), e.g. --log-opt-tag={{.Name}}
(#9034).podman generate systemd --new
command could generate unit files including invalid Podman commands if the container was created using merged short options (e.g. podman run -dt
) (#8847).podman generate systemd --new
command could generate unit files that did not handle Podman commands including some special characters (e.g. $
) (#9176
Containerfile
when sending build context to the server (#8374)./sys
as a new sysfs
in some circumstances where it was acceptable.podman play kube
command did not properly handle CMD
and ARGS
from images (#8803).podman play kube
command did not properly handle environment variables from images (#8608).podman play kube
command did not properly print errors that occurred when starting containers.podman play kube
command errored when hostNetwork
was used (#8790).podman play kube
command would always pull images when the :latest
tag was specified, even if the image was available locally (#7838).podman play kube
command did not properly handle SELinux configuration, rending YAML with custom SELinux configuration unusable (#8710).podman generate kube
command incorrectly populated the args
and command
fields of generated YAML (#9211)./etc/hosts
file every time the container restarted (#8921).podman search --list-tags
command did not support the --format
option (#8740).http_proxy
option in containers.conf
was not being respected, and instead was set unconditionally to true (#8843).podman images
command would break and fail to display any images if an empty manifest list was present in storage (#8931).--uidmap
option that included a mapping beginning with UID 0
.podman logs
command using the k8s-file
backend did not properly handle partial log lines with a length of 1 (#8879).podman logs
command with the --follow
option did not properly handle log rotation (#8733).HOSTNAME
environment variables were overwritten by Podman (#8886).containers.conf
in too many situations (e.g. applying network sysctls when the container shared its network with a pod).--privileged
option to podman run
and podman create
would, under some circumstances, not disable Seccomp (#8849).podman exec
command did not properly add capabilities when the container or exec session were run with --privileged
.--enable-sandbox
option to slirp4netns
unconditionally, even when pivot_root
was disabled, rendering slirp4netns
unusable when pivot_root
was disabled (#8846).podman build --logfile
did not actually write the build's log to the logfile.podman system service
command did not close STDIN, and could display user-interactive prompts (#8700).podman system reset
command could, under some circumstances, remove all the contents of the XDG_RUNTIME_DIR
directory (#8680).podman network create
command created CNI configurations that did not include a default gateway (#8748).podman.service
systemd unit provided by default used the wrong service type, and would cause systemd to not correctly register the service as started (#8751).TMPDIR
environment variable was set for the container engine in containers.conf
, it was being ignored.podman events
command did not properly handle future times given to the --until
option (#8694).podman logs
command wrote container STDERR
logs to STDOUT
instead of STDERR
(#8683).--cap-add=all
and --user
options to podman create
and podman run
were combined.--layers
option to podman build
was nonfunctional (#8643).podman system prune
command did not act recursively, and thus would leave images, containers, pods, and volumes present that would be removed by a subsequent call to podman system prune
(#7990).--publish
option to podman run
and podman create
did not properly handle ports specified as a range of ports with no host port specified (#8650).--format
did not support JSON output for individual fields (#8444).podman stats
command would fail when run on root containers using the slirp4netns
network mode (#7883).podman stats
command would fail if the system did not support one or more of the cgroup controllers Podman supports (#8588).--mount
option to podman create
and podman run
did not ignore the consistency
mount option.podman network disconnect
command could cause the podman inspect
command to fail for a container until it was restarted (#9234).--rootfs
option to podman create
and podman run
) would fail (#9230).container:
, correctly.containers.conf
is now used).journald
backend was in use, resulting in a leak of file descriptors (#8864).index out of range
error under certain circumstances (#8870).Published by mheon over 3 years ago
This is the second release candidate of Podman v3.0.
Published by rhatdan over 3 years ago
--list-tags
option in podman search
command.KillMode
podman logs --since
podman stats
slirp check more robustpodman play kube
actually reports errorspodman images...
missing headers in table templatesPublished by mheon almost 4 years ago
--mount type=image
) were handled in the database. As a result, containers created in Podman 2.2.0 with image volumes will not have them in v2.2.1, and these containers will need to be re-created.XDG_RUNTIME_DIR
environment variable defined, use an incorrect path for the PID file of the Podman pause process, causing Podman to fail to start (#8539).podman system reset
command would print a warning about a duplicate shutdown handler being registered.sysfs
in circumstances where it was not allowed; some OCI runtimes (notably crun
) would fall back to alternatives and not fail, but others (notably runc
) would fail to run containers.podman run
and podman create
commands would fail to create containers from untagged images (#8558).podman exec
command did not move the Conmon process for the exec session into the correct cgroup.ancestor
option to podman ps --filter
did not work correctly.--rm
was set) if the Podman command that created them was invoked with --log-level=debug
.Binds
and Mounts
parameters in HostConfig
.Name
query parameter.NetworkMode
(this value is used extensively by docker-compose
) (#8544).target
query parameter as the image's tag.github.com/spf13/cobra
package; this has been reverted to the latest upstream release to aid in packaging.Published by mheon almost 4 years ago
CONTAINERS_SHORT_NAME_ALIASING
to on
. Documentation is available here and here.podman network connect
and podman network disconnect
commands, which allow existing containers to modify what networks they are connected to. At present, these commands can only be used on running containers that did not specify --network=none
when they were created.podman run
command now supports the --network-alias
option to set network aliases (additional names the container can be accessed at from other containers via DNS if the dnsname
CNI plugin is in use). Aliases can also be added and removed using the new podman network connect
and podman network disconnect
commands. Please note that this requires a new release (v1.1.0) of the dnsname
plugin, and will only work on newly-created CNI networks.podman generate kube
command now features support for exporting container's memory and CPU limits (#7855).podman play kube
command now features support for setting CPU and Memory limits for containers (#7742).podman play kube
command now supports persistent volumes claims using Podman named volumes.podman play kube
command now supports Kubernetes configmaps via the --configmap
option (#7567).podman play kube
command now supports a --log-driver
option to set the log driver for created containers.podman play kube
command now supports a --start
option, enabled by default, to start the pod after creating it. This allows for podman play kube
to be more easily used in systemd unitfiles.podman network create
command now supports the --ipv6
option to enable dual-stack IPv6 networking for created networks (#7302).podman inspect
command can now inspect pods, networks, and volumes, in addition to containers and images (#6757).--mount
option for podman run
and podman create
now supports a new type, image
, to mount the contents of an image into the container at a given location.podman-remote
executable have been added.--log-opt
option for podman create
and podman run
now supports the max-size
option to set the maximum size for a container's logs (#7434).--network
option to the podman pod create
command now allows pods to be configured to use slirp4netns
networking, even when run as root (#6097).podman pod stop
, podman pod pause
, podman pod unpause
, and podman pod kill
commands now work on multiple containers in parallel and should be significantly faster.podman search
command now supports a --list-tags
option to list all available tags for a single image in a single repository.podman search
command can now output JSON using the --format=json
option.podman diff
and podman mount
commands now work with all containers in the storage library, including those not created by Podman. This allows them to be used with Buildah and CRI-O containers.podman container exists
command now features a --external
option to check if a container exists not just in Podman, but also in the storage library. This will allow Podman to identify Buildah and CRI-O containers.--tls-verify
and --authfile
options have been enabled for use with remote Podman./etc/hosts
file now includes the container's name and hostname (both pointing to localhost) when the container is run with --net=none
(#8095).podman events
command now supports filtering events based on the labels of the container they occurred on using the --filter label=key=value
option.podman volume ls
command now supports filtering volumes based on their labels using the --filter label=key=value
option.--volume
and --mount
options to podman run
and podman create
now support two new mount propagation options, unbindable
and runbindable
.name
and id
filters for podman pod ps
now match based on a regular expression, instead of requiring an exact match.podman pod ps
command now supports a new filter status
, that matches pods in a certain state.podman network rm --force
command will now also remove pods that are using the network (#7791).podman volume rm
, podman network rm
, and podman pod rm
commands now return exit code 1 if the object specified for removal does not exist, and exit code 2 if the object is in use and the --force
option was not given./dev/fuse
is passed into Podman containers as a device, Podman will open it before starting the container to ensure that the kernel module is loaded on the host and the device is usable in the container.podman-remote
(e.g. --cgroup-manager
, --storage-driver
).--storage
option to podman rm
is now enabled by default, with slightly changed semantics. If the given container does not exist in Podman but does exist in the storage library, it will be removed even without the --storage
option. If the container exists in Podman it will be removed normally. The --storage
option for podman rm
is now deprecated and will be removed in a future release.--storage
option to podman ps
has been renamed to --external
. An alias has been added so the old form of the option will continue to work.podman save
command now strips signatures from images it is exporting, as the formats we export to do not support signatures (#7659).Degraded
state has been added to pods. Pods that have some, but not all, of their containers running are now considered to be Degraded
instead of Running
.--publish
and --net=host
) are specified when creating a container.--restart on-failure
and --rm
options for containers no longer conflict. When both are specified, the container will be restarted if it exits with a non-zero error code, and removed if it exits cleanly (#7906).containers.conf
; defaults will instead be provided by the server's containers.conf
(#7657).podman network rm
command now has a new alias, podman network remove
(#8402).podman load
on the remote client did not error when attempting to load a directory, which is not yet supported for remote use.newuidmap
binary was not installed (#7776).--pull
option to podman run
, podman create
, and podman build
did not match Docker's behavior.containers.conf
configuration file were applied, even if the container did not join the namespace associated with a sysctl.containers
environment variable in addition to the expected container
environment variable.podman untag --all
command was not supported with remote Podman.podman system service
command could time out even if active attach connections were present (#7826).podman system service
command would sometimes never time out despite no active connections being present.podman run
would fail if the image specified was a manifest list and had already been pulled (#7798).podman manifest inspect
command would fail for images that had already been pulled (#7726).--user
option to podman create
and podman run
and sufficient GIDs were available to add the groups (#7782).podman image prune
could leave images ready to be pruned after podman image prune
was run (#7872).podman logs
command with the journald
log driver would not read all available logs (#7476).--rm
and --restart
options to podman create
and podman run
did not conflict when a restart policy that is not on-failure
was chosen (#7878).--format "table {{ .Field }}"
option to numerous Podman commands ceased to function on Podman v2.0 and up.--namespace
option to podman ps
did not work with the remote client (#7903)./etc/hosts
file would not be correctly populated for containers in a user namespace (#7490).podman network create
and podman network remove
commands could race when run in parallel, with unpredictable results (#7807).-p
option to podman run
, podman create
, and podman pod create
would, when given only a single number (e.g. -p 80
), assign the same port for both host and container, instead of generating a random host port (#7947).containers.conf
or with the --cgroup-manager
option (#7830).podman inspect
command did not include information on the CNI networks a container was connected to if it was not running.podman attach
command would not print a newline after detaching from the container (#7751).HOME
environment variable was not set properly in containers when the --userns=keep-id
option was set (#8004).podman container restore
command could panic when the container in question was in a pod (#8026).podman image trust show --raw
command was not properly formatted.podman runlabel
command could panic if a label to run was not given (#8038).podman run
and podman start --attach
commands would exit with an error when the user detached manually using the detach keys on remote Podman (#7979).dnsname
CNI plugin if it was not available on the host, despite it always being available in the container used for rootless networking (#8040).$PATH
on subsequent invocations.--net=host
option to podman create
and podman run
would cause the /etc/hosts
file to be incorrectly populated (#8054).podman inspect
command did not include container network information when the container shared its network namespace (IE, joined a pod or another container's network namespace via --net=container:...
) (#8073).podman ps
command did not include information on all ports a container was publishing.podman build
command incorrectly forwarded STDIN
into build containers from RUN
instructions.podman wait
command's --interval
option did not work when units were not specified for the duration (#8088).--detach-keys
and --detach
options could be passed to podman create
despite having no effect (and not making sense in that context)./etc/resolv.conf
file (which occurs on some WSL2 images) (#8089).--extract
option to podman cp
was nonfunctional.--cidfile
option to podman run
would, when the container was not run with --detach
, only create the file after the container exited (#8091).podman images
and podman images -a
commands could panic and not list any images when certain improperly-formatted images were present in storage (#8148).podman events
command could, when the journald
events backend was in use, become nonfunctional when a badly-formatted event or a log message that container certain string was present in the journal (#8125).podman attach
command would not exit when containers stopped (#8154)./
characters (#8160).known_hosts
file on the host for establishing connections (#8159).podman image exists
command would return non-zero (false) when multiple potential matches for the given name existed.podman manifest inspect
command on images that are not manifest lists would error instead of inspecting the image (#8023).podman system service
command would fail if the directory the Unix socket was to be created inside did not exist (#8184)./dev/shm
filesystem between all containers in the pod (#8181).podman volume list
were not inclusive (#6765).podman volume create
command would fail when the volume's data directory already existed (as might occur when a volume was not completely removed) (#8253).podman run
and podman create
commands would deadlock when trying to create a container that mounted the same named volume at multiple locations (e.g. podman run -v testvol:/test1 -v testvol:/test2
) (#8221).--net
option to podman build
was incorrect (#8322).podman build
command would print the ID of the built image twice when using remote Podman (#8332).podman stats
command did not show memory limits for containers (#8265).podman pod inspect
command printed the static MAC address of the pod in a non-human-readable format (#8386).--tls-verify
option of the podman play kube
command had its logic inverted (false
would enforce the use of TLS, true
would disable it).podman network rm
command would error when trying to remove macvlan
networks and rootless CNI networks (#8491).XDG_
environment variables.podman manifest create
and podman manifest add
commands on local images would drop any images in the manifest not pulled by the host.podman network create
did not include the tuning
plugin, and as such did not support setting custom MAC addresses (#8385).$PATH
when searching for the Podman executable to run the healthcheck.--ip-range
option to podman network create
did not properly handle non-classful subnets when calculating the last usable IP for DHCP assignment (#8448).podman container ps
alias for podman ps
was missing (#8445).GET /images/get
, has been added (#7950).X-Registry-Config
header to specify registry authentication configuration.httpproxy
query parameter which, if set to true, will forward the server's HTTP proxy settings into the build container for RUN
instructions.Libpod-Buildha-Version
instead of Libpod-Buildah-Version
).CAP_
(Docker does not do so).driver
parameter if it was not provided by the client.RootFS
field of the response.ParentId
field if the image had no parent, and the Created
field if the image did not have a creation time.Force
query parameter.Published by rhatdan almost 4 years ago
APIv2
podman top
Published by mheon almost 4 years ago
This is the first release candidate for Podman v2.2.0. Preliminary release notes are below:
CONTAINERS_SHORT_NAME_ALIASING
to on
. Documentation is available here.podman generate kube
command now features support for exporting container's memory and CPU limits (#7855).podman play kube
command now features support for setting CPU and Memory limits for containers (#7742).podman play kube
command now supports Kubernetes configmaps via the --configmap
option (#7567).podman play kube
command now supports a --log-driver
option to set the log driver for created containers.podman play kube
command now supports a --start
option, enabled by default, to start the pod after creating it. This allows for podman play kube
to be more easily used in systemd unitfiles.podman run
command now supports the --network-alias
option to set network aliases (additional names the container can be accessed at from other containers via DNS if the dnsname
CNI plugin is in use). Please note that this requires a new release (v1.1.0) of the dnsname
plugin, and will only work on newly-created CNI networks.podman network create
command now supports the --ipv6
option to enable dual-stack IPv6 networking for created networks (#7302).podman inspect
command can now inspect pods, networks, and volumes, in addition to containers and images (#6757).--mount
option for podman run
and podman create
now supports a new type, image
, to mount the contents of an image into the container at a given location.podman-remote
executable have been added.--log-opt
option for podman create
and podman run
now supports the max-size
option to set the maximum size for a container's logs (#7434).--network
option to the podman pod create
command now allows pods to be configured to use slirp4netns
networking, even when run as root (#6097).podman pod stop
, podman pod pause
, podman pod unpause
, and podman pod kill
commands now work on multiple containers in parallel and should be significantly faster.podman search
command now supports a --list-tags
option to list all available tags for a single image in a single repository.podman search
command can now output JSON using the --format=json
option.podman diff
and podman mount
commands now work with all containers in the storage library, including those not created by Podman. This allows them to be used with Buildah and CRI-O containers.podman container exists
command now features a --external
option to check if a container exists not just in Podman, but also in the storage library. This will allow Podman to identify Buildah and CRI-O containers.--tls-verify
and --authfile
options have been enabled for use with remote Podman./etc/hosts
file now includes the container's name and hostname (both pointing to localhost) when the container is run with --net=none
(#8095).podman events
command now supports filtering events based on the labels of the container they occurred on using the --filter label=key=value
option.podman volume ls
command now supports filtering volumes based on their labels using the --filter label=key=value
option.--volume
and --mount
options to podman run
and podman create
now support two new mount propagation options, unbindable
and runbindable
.name
filter for podman pod ps
now matches based on a regular expression, instead of requiring an exact match.podman network rm --force
command will now also remove pods that are using the network (#7791).podman volume rm
, podman network rm
, and podman pod rm
commands now return exit code 1 if the object specified for removal does not exist, and exit code 2 if the object is in use and the --force
option was not given./dev/fuse
is passed into Podman containers as a device, Podman will open it before starting the container to ensure that the kernel module is loaded on the host and the device is usable in the container.podman-remote
(e.g. --cgroup-manager
, --storage-driver
).--storage
option to podman rm
is now enabled by default, with slightly changed semantics. If the given container does not exist in Podman but does exist in the storage library, it will be removed even without the --storage
option. If the container exists in Podman it will be removed normally. The --storage
option for podman rm
is now deprecated and will be removed in a future release.--storage
option to podman ps
has been renamed to --external
. An alias has been added so the old form of the option will continue to work.podman save
command now strips signatures from images it is exporting, as the formats we export to do not support signatures (#7659).Degraded
state has been added to pods. Pods that have some, but not all, of their containers running are now considered to be Degraded
instead of Running
.podman load
on the remote client did not error when attempting to load a directory, which is not yet supported for remote use.newuidmap
binary was not installed (#7776).--pull
option to podman run
, podman create
, and podman build
did not match Docker's behavior.containers.conf
configuration file were applied, even if the container did not join the namespace associated with a sysctl.containers
environment variable in addition to the expected container
environment variable.podman untag --all
command was not supported with remote Podman.podman system service
command could time out even if active attach connections were present (#7826).podman system service
command would sometimes never time out despite no active connections being present.podman run
would fail if the image specified was a manifest list and had already been pulled (#7798).podman manifest inspect
command would fail for images that had already been pulled (#7726).--user
option to podman create
and podman run
and sufficient GIDs were available to add the groups (#7782).podman image prune
could leave images ready to be pruned after podman image prune
was run (#7872).podman logs
command with the journald
log driver would not read all available logs (#7476).--rm
and --restart
options to podman create
and podman run
did not conflict when a restart policy that is not on-failure
was chosen (#7878).--format "table {{ .Field }}"
option to numerous Podman commands ceased to function on Podman v2.0 and up.--namespace
option to podman ps
did not work with the remote client (#7903)./etc/hosts
file would not be correctly populated for containers in a user namespace (#7490).podman network create
and podman network remove
commands could race when run in parallel, with unpredictable results (#7807).-p
option to podman run
, podman create
, and podman pod create
would, when given only a single number (e.g. -p 80
), assign the same port for both host and container, instead of generating a random host port (#7947).containers.conf
or with the --cgroup-manager
option (#7830).podman inspect
command did not include information on the CNI networks a container was connected to if it was not running.podman attach
command would not print a newline after detaching from the container (#7751).HOME
environment variable was not set properly in containers when the --userns=keep-id
option was set (#8004).podman container restore
command could panic when the container in question was in a pod (#8026).podman image trust show --raw
command was not properly formatted.podman runlabel
command could panic if a label to run was not given (#8038).podman run
and podman start --attach
commands would exit with an error when the user detached manually using the detach keys on remote Podman (#7979).dnsname
CNI plugin if it was not available on the host, despite it always being available in the container used for rootless networking (#8040).$PATH
on subsequent invocations.--net=host
option to podman create
and podman run
would cause the /etc/hosts
file to be incorrectly populated (#8054).podman inspect
command did not include container network information when the container shared its network namespace (IE, joined a pod or another container's network namespace via --net=container:...
) (#8073).podman ps
command did not include information on all ports a container was publishing.podman build
command incorrectly forwarded STDIN
into build containers from RUN
instructions.podman wait
command's --interval
option did not work when units were not specified for the duration (#8088).--detach-keys
and --detach
options could be passed to podman create
despite having no effect (and not making sense in that context)./etc/resolv.conf
file (which occurs on some WSL2 images) (#8089).--extract
option to podman cp
was nonfunctional.--cidfile
option to podman run
would, when the container was not run with --detach
, only create the file after the container exited (#8091).podman images
and podman images -a
commands could panic and not list any images when certain improperly-formatted images were present in storage (#8148).podman events
command could, when the journald
events backend was in use, become nonfunctional when a badly-formatted event or a log message that container certain string was present in the journal (#8125).podman attach
command would not exit when containers stopped (#8154)./
characters (#8160).known_hosts
file on the host for establishing connections (#8159).podman image exists
command would return non-zero (false) when multiple potential matches for the given name existed.podman manifest inspect
command on images that are not manifest lists would error instead of inspecting the image (#8023).podman system service
command would fail if the directory the Unix socket was to be created inside did not exist (#8184)./dev/shm
filesystem between all containers in the pod (#8181).podman volume list
were not inclusive (#6765).podman volume create
command would fail when the volume's data directory already existed (as might occur when a volume was not completely removed) (#8253).podman run
and podman create
commands would deadlock when trying to create a container that mounted the same named volume at multiple locations (e.g. podman run -v testvol:/test1 -v testvol:/test2
) (#8221).--net
option to podman build
was incorrect (#8322).podman build
command would print the ID of the built image twice when using remote Podman (#8332).podman stats
command did not show memory limits for containers (#8265).podman pod inspect
command printed the static MAC address of the pod in a non-human-readable format (#8386).--tls-verify
option of the podman play kube
command had its logic inverted (false
would enforce the use of TLS, true
would disable it).GET /images/get
, has been added (#7950).X-Registry-Config
header to specify registry authentication configuration.httpproxy
query parameter which, if set to true, will forward the server's HTTP proxy settings into the build container for RUN
instructions.driver
parameter if it was not provided by the client.RootFS
field of the response.Published by mheon about 4 years ago
podman info
command now includes the cgroup manager Podman is using.varlink
build tag enabled.podman save
command could, when asked to save multiple images, write its progress bar to the archive instead of the terminal, producing a corrupted archive.json-file
log driver did not write logs.podman-remote start --attach
did not properly handle detaching using the detach keys.podman pod ps --filter label=...
did not work.podman build
command did not respect the --runtime
flag.Published by mheon about 4 years ago
podman image mount
, has been added. This allows for an image to be mounted, read-only, to inspect its contents without creating a container from it (#1433).podman save
and podman load
commands can now create and load archives containing multiple images (#2669).podman network
commands, and rootless containers can now be joined to networks.podman build
on ADD
and COPY
instructions has been greatly improved, especially when a .dockerignore
is present.podman run
and podman create
commands now support a new mode for the --cgroups
option, --cgroups=split
. Podman will create two cgroups under the cgroup it was launched in, one for the container and one for Conmon. This mode is useful for running Podman in a systemd unit, as it ensures that all processes are retained in systemd's cgroup hierarchy (#6400).podman run
and podman create
commands can now specify options to slirp4netns by using the --network
option as follows: --net slirp4netns:opt1,opt2
. This allows for, among other things, switching the port forwarder used by slirp4netns away from rootlessport.podman ps
command now features a new option, --storage
, to show containers from Buildah, CRI-O and other applications.podman run
and podman create
commands now feature a --sdnotify
option to control the behavior of systemd's sdnotify with containers, enabling improved support for Podman in Type=notify
units.podman run
command now features a --preserve-fds
opton to pass file descriptors from the host into the container (#6458).podman run
and podman create
commands can now create overlay volume mounts, by adding the :O
option to a bind mount (e.g. -v /test:/test:O
). Overlay volume mounts will mount a directory into a container from the host and allow changes to it, but not write those changes back to the directory on the host.podman play kube
command now supports the Socket HostPath type (#7112).podman play kube
command now supports read-only mounts.podman play kube
command now supports setting labels on pods from Kubernetes metadata labels.podman play kube
command now supports setting container restart policy (#7656).podman play kube
command now properly handles HostAlias
entries.podman generate kube
command now adds entries to /etc/hosts
from --host-add
generated YAML as HostAlias
entries.podman play kube
and podman generate kube
commands now properly support shareProcessNamespace
to share the PID namespace in pods.podman volume ls
command now supports the dangling
filter to identify volumes that are dangling (not attached to any container).podman run
and podman create
commands now feature a --umask
option to set the umask of the created container.podman create
and podman run
commands now feature a --tz
option to set the timezone within the container (#5128).containers.conf
configuration file.--mount
option of podman run
and podman create
now supports a new mount type, type=devpts
, to add a devpts
mount to the container. This is useful for containers that want to mount /dev/
from the host into the container, but still create a terminal.--security-opt
flag to podman run
and podman create
now supports a new option, proc-opts
, to specify options for the container's /proc
filesystem.crun
OCI runtime now supports a new option to podman run
and podman create
, --cgroup-conf
, which allows for advanced configuration of cgroups on cgroups v2 systems.podman create
and podman run
commands now support a --override-variant
option, to override the architecture variant of the image that will be pulled and ran.--runtime-flags
, which allows for setting flags to use when the OCI runtime is called.podman manifest add
command now supports the --cert-dir
, --auth-file
, --creds
, and --tls-verify
options.podman exec
command would previously print error messages (e.g. exec session exited with non-zero exit code -1
) when the command run exited with a non-0 exit code. It no longer does this. The podman exec
command will still exit with the same exit code as the command run in the container did./run
. This was previously limited to 65k in size and mounted noexec
, but is now unlimited size and mounted exec
.podman system reset
command no longer removes configuration files for rootless Podman./etc/hosts
for a container if it joined another container's network namespace (#66782).podman save --format oci-dir
saved the image in an incorrect format (#6544).--format
option of podman system df
was not properly interpreting format codes that included backslashes (#7149).newuidmap
and newgidmap
, even if /etc/subuid
and /etc/subgid
contained valid mappings for the user running Podman.podman commit
command did not properly handle single-character image names (#7114).podman ps --format=json
did not include a Status
field (#6980).--log-level
option was no longer case-insensitive.podman images
could segfault when an image pull was aborted while incomplete, leaving an image without a manifest (#7444).~/.config
directory when it did not exist, despite not placing any configuration files inside the directory.podman system df
was inconsistent based on whether the -v
option was specified (#7405).--security-opt apparmor=unconfined
would error if Apparmor was not enabled on the system (#7545).podman stop
on multiple containers starting with --rm
could sometimes cause no such container
errors (#7384).podman-remote
would still try to contact the server when displaying help information about subcommands.podman build --logfile
command would segfault.podman generate systemd
command did not properly handle containers which were created with a name given as --name=$NAME
instead of --name $NAME
(#7157).podman ps
was ignoring the --latest
flag.podman-remote kill
command would hang when a signal that did not kill the container was specified (#7135).--oom-score-adj
option of podman run
and podman create
was nonfunctional.--display
option of podman runlabel
was nonfunctional.podman runlabel
command would not pull images that did not exist locally on the system.podman-remote run
would not exit with the correct code with the container was removed by a podman-remote rm -f
while podman-remote run
was still running (#7117).podman-remote run --rm
command would error attempting to remove containers that had already been removed (e.g. by podman-remote rm --force
) (#7340).podman --user
with a numeric user and podman run --userns=keepid
could create users in /etc/passwd
in the container that belong to groups without a corresponding entry in /etc/group
(#7389).podman run --userns=keepid
could create entries in /etc/passwd
with a UID that was already in use by another user (#7503).podman --user
with a numeric user and podman run --userns=keepid
could create users that could not be logged into (#7499).--userns container:$ID
would fail (#7547).podman play kube
command would trim underscores from container names (#7020).podman attach
command would not show output when attaching to a container with a terminal (#6523).podman system df
command could be extremely slow when large quantities of images were present (#7406).podman images -a
would break if any image pulled by digest was present in the store (#7651).--mount
option to podman run
and podman create
required the type=
parameter to be passed first (#7628).--infra-command
parameter to podman pod create
was nonfunctional.podman auto-update
would fail for any container started with --pull=always
(#7407).podman wait
command would only accept a single argument.--volumes-from
option to podman run
and podman create
was broken, making it impossible to use multiple mount options at the same time (#7701).podman exec
command would not join executed processes to the container's supplemental groups if the container was started with both the --user
and --group-add
options.--iidfile
option to podman-remote build
was nonfunctional.last
parameter to the Libpod container list endpoint now has an alias, limit
(#6413).filter
query parameter (#6797).noTrunc
option to the Libpod image search endpoint.Published by mheon about 4 years ago
This is the second release candidate for Podman v2.1.0.
Published by mheon about 4 years ago
This is the first release candidate of Podman v2.1.0. Preliminary release notes are attached below:
podman image mount
, has been added. This allows for an image to be mounted, read-only, to inspect its contents without creating a container from it (#1433).podman save
and podman load
commands can now create and load archives containing multiple images (#2669).podman network
commands, and rootless containers can now be joined to networks.podman build
on ADD
and COPY
instructions has been greatly improved, especially when a .dockerignore
is present.podman run
and podman create
commands now support a new mode for the --cgroups
option, --cgroups=split
. Podman will create two cgroups under the cgroup it was launched in, one for the container and one for Conmon. This mode is useful for running Podman in a systemd unit, as it ensures that all processes are retained in systemd's cgroup hierarchy (#6400).podman run
and podman create
commands can now specify options to slirp4netns by using the --network
option as follows: --net slirp4netns:opt1,opt2
. This allows for, among other things, switching the port forwarder used by slirp4netns away from rootlessport.podman ps
command now features a new option, --storage
, to show containers from Buildah, CRI-O and other applications.podman run
and podman create
commands now feature a --sdnotify
option to control the behavior of systemd's sdnotify with containers, enabling improved support for Podman in Type=notify
units.podman run
command now features a --preserve-fds
opton to pass file descriptors from the host into the container (#6458).podman run
and podman create
commands can now create overlay volume mounts, by adding the :O
option to a bind mount (e.g. -v /test:/test:O
). Overlay volume mounts will mount a directory into a container from the host and allow changes to it, but not write those changes back to the directory on the host.podman play kube
command now supports the Socket HostPath type (#7112).podman play kube
command now supports read-only mounts.podman play kube
command now properly handles HostAlias
entries.podman generate kube
command now adds entries to /etc/hosts
from --host-add
generated YAML as HostAlias
entries.podman play kube
and podman generate kube
commands now properly support shareProcessNamespace
to share the PID namespace in pods.podman volume ls
command now supports the dangling
filter to identify volumes that are dangling (not attached to any container).podman run
and podman create
commands now feature a --umask
option to set the umask of the created container.podman create
and podman run
commands now feature a --tz
option to set the timezone within the container (#5128).containers.conf
configuration file.--mount
option of podman run
and podman create
now supports a new mount type, type=devpts
, to add a devpts
mount to the container. This is useful for containers that want to mount /dev/
from the host into the container, but still create a terminal.--security-opt
flag to podman run
and podman create
now supports a new option, proc-opts
, to specify options for the container's /proc
filesystem.crun
OCI runtime now supports a new option to podman run
and podman create
, --cgroup-conf
, which allows for advanced configuration of cgroups on cgroups v2 systems.podman create
and podman run
commands now support a --override-variant
option, to override the architecture variant of the image that will be pulled and ran.--runtime-flags
, which allows for setting flags to use when the OCI runtime is called.podman manifest add
command now supports the --cert-dir
, --auth-file
, --creds
, and --tls-verify
options.podman exec
command would previously print error messages (e.g. exec session exited with non-zero exit code -1
) when the command run exited with a non-0 exit code. It no longer does this. The podman exec
command will still exit with the same exit code as the command run in the container did./run
. This was previously limited to 65k in size and mounted noexec
, but is now unlimited size and mounted exec
.podman system reset
command no longer removes configuration files for rootless Podman./etc/hosts
for a container if it joined another container's network namespace (#66782).podman save --format oci-dir
saved the image in an incorrect format (#6544).--format
option of podman system df
was not properly interpreting format codes that included backslashes (#7149).newuidmap
and newgidmap
, even if /etc/subuid
and /etc/subgid
contained valid mappings for the user running Podman.podman commit
command did not properly handle single-character image names (#7114).podman ps --format=json
did not include a Status
field (#6980).--log-level
option was no longer case-insensitive.podman images
could segfault when an image pull was aborted while incomplete, leaving an image without a manifest (#7444).~/.config
directory when it did not exist, despite not placing any configuration files inside the directory.podman system df
was inconsistent based on whether the -v
option was specified (#7405).--security-opt apparmor=unconfined
would error if Apparmor was not enabled on the system (#7545).podman stop
on multiple containers starting with --rm
could sometimes cause no such container
errors (#7384).podman-remote
would still try to contact the server when displaying help information about subcommands.podman build --logfile
command would segfault.podman generate systemd
command did not properly handle containers which were created with a name given as --name=$NAME
instead of --name $NAME
(#7157).podman ps
was ignoring the --latest
flag.podman-remote kill
command would hang when a signal that did not kill the container was specified (#7135).--oom-score-adj
option of podman run
and podman create
was nonfunctional.--display
option of podman runlabel
was nonfunctional.podman runlabel
command would not pull images that did not exist locally on the system.podman-remote run
would not exit with the correct code with the container was removed by a podman-remote rm -f
while podman-remote run
was still running (#7117).podman-remote run --rm
command would error attempting to remove containers that had already been removed (e.g. by podman-remote rm --force
) (#7340).podman --user
with a numeric user and podman run --userns=keepid
could create users in /etc/passwd
in the container that belong to groups without a corresponding entry in /etc/group
(#7389).podman run --userns=keepid
could create entries in /etc/passwd
with a UID that was already in use by another user (#7503).podman --user
with a numeric user and podman run --userns=keepid
could create users that could not be logged into (#7499).--userns container:$ID
would fail (#7547).podman play kube
command would trim underscores from container names (#7020).podman attach
command would not show output when attaching to a container with a terminal (#6523).podman system df
command could be extremely slow when large quantities of images were present (#7406).last
parameter to the Libpod container list endpoint now has an alias, limit
(#6413).filter
query parameter (#6797).noTrunc
option to the Libpod image search endpoint.Published by mheon about 4 years ago
/etc/passwd
could be re-created every time a container is restarted if the container's /etc/passwd
did not contain an entry for the user the container was started as./etc/passwd
file specifying a non-root user would not start.--remote
flag would sometimes not make remote connections and would instead attempt to run Podman locally.Published by mheon about 4 years ago
This is the first release candidate for Podman v2.0.6. It includes several small bugfixes for issues identified with v2.0.5.
Published by mheon about 4 years ago
/etc/passwd
for the user who ran Podman if run with --userns=keep-id
.podman system connection
command has been reworked to support multiple connections, and reenabled for use!--connection
, to specify a connection to a remote Podman API instance.--systemd=true
flag, set by default) will now activate for containers using /usr/local/sbin/init
as their command, instead of just /usr/sbin/init
and /sbin/init
(and any path ending in systemd
).--security-opt seccomp=...
flag to podman create
and podman run
will now be honored even if the container was created using --privileged
.podman play kube
would not honor the hostIP
field for port forwarding (#5964).podman generate systemd
command would panic on an invalid restart policy being specified (#7271).podman images
command could take a very long time (several minutes) to complete when a large number of images were present.podman logs
command with the --tail
flag would not work properly when a large amount of output would be printed ((#7230)[https://github.com/containers/podman/issues/7230]).podman exec
command with remote Podman would not return a non-zero exit code when the exec session failed to start (e.g. invoking a non-existent command) (#6893).podman load
command with remote Podman would did not honor user-specified tags (#7124).podman system service
command, when run as a non-root user by Systemd, did not properly handle the Podman pause process and would not restart properly as a result (#7180).--publish
flag to podman create
, podman run
, and podman pod create
did not properly handle a host IP of 0.0.0.0 (attempting to bind to literal 0.0.0.0, instead of all IPs on the system) (#7104).podman start --attach
command would not print the container's exit code when the command exited due to the container exiting.podman rm
command with remote Podman would not remove volumes, even if the --volumes
flag was specified (#7128).podman run
command with remote Podman and the --rm
flag could exit before the container was fully removed.--pod new:...
flag to podman run
and podman create
would create a pod that did not share any namespaces.--preserve-fds
flag to podman run
and podman exec
could close the wrong file descriptors while trying to close user-provided descriptors after passing them into the container.$PATH
and $TERM
) were not set in containers when not provided by the image.podman network create
with an IPv6 subnet did not properly set an IPv6 default route.podman save
command would not work properly when its output was piped to another command (#7017)./sys/fs/cgroup/systemd
to the host.podman build
would not generate an event on completion (#7022).podman history
command with remote Podman printed incorrect creation times for layers (#7122).CMD
from the container image if the user overrode ENTRYPOINT
(#7115).podman images
command with remote Podman did not support printing image tags in Go templates supplied to the --format
flag (#7123).podman rmi --force
command would not attempt to unmount containers it was removing, which could cause a failure to remove the image.podman generate systemd --new
command could incorrectly quote arguments to Podman that contained whitespace, leading to nonfunctional unit files (#7285).podman version
command did not properly include build time and Git commit.systemd
cgroup manager would fail (#6734).--cap-add
were not properly added when a container was started as a non-root user via --user
.application/tar
content type (instead only accepting application/x-tar
) (#7185)._ping
endpoint (e.g. http://localhost/v1.40/_ping
).podman system service
shut down due to its idle timeout (#7294).Pod
URL parameter to the Libpod Container List endpoint has been deprecated; the information previously gated by the Pod
boolean will now be included in the response unconditionally.Published by mheon about 4 years ago
podman image search
did not populate the Description field as it was mistakenly assigned to the ID field.podman build -
and podman build
on an HTTP target would fail.podman start --attach --interactive
command would print the container ID of the container attached to when exiting (#7068).podman run --ipc=host --pid=host
would only set --pid=host
and not --ipc=host
(#7100).--publish
argument to podman run
, podman create
and podman pod create
would not allow binding the same container port to more than one host port (#7062).podman images --format
could cause Podman to segfault.podman rmi --force
on an image ID with more than one name and at least one container using the image would not completely remove containers using the image (#7153).podman stats --format=json
.CgroupVersion
field in responses from the compat Info endpoint was prefixed by "v" (instead of just being "1" or "2", as is documented).Published by mheon about 4 years ago
podman search
command now allows wildcards in search terms.podman play kube
command now supports the IfNotPresent
pull type.--disable-content-trust
flag has been added to Podman for Docker compatibility. This is a Docker-specific option and has no effect in Podman; it is provided only to ensure command line compatibility for scripts (#7034)./sys/dev
folder is now masked in containers to prevent a potential information leak from the host.podman play kube
(#6995).--pids-limit
flag to podman create
and podman run
was parsed incorrectly and was unusable (#6908).podman system df
command would error if untagged images were present (#7015).podman images
command would display incorrect tags if a port number was included in the repository.podman pod inspect
.--systemd=true
flag) would not flag a container for systemd mode if systemd was part of the entrypoint, not the command (#6920).podman start --attach
was not defaulting --sig-proxy
to true (#6928).podman inspect
would show an incorrect command (podman system service
, the command used to start the server) for containers created by a remote Podman client.podman exec
command with the remote client would not print output if the -t
or -i
flags where not provided.--format {{ json . }}
to podman info
(involving added or removed whitespace) would not be accepted (#6927).--entrypoint=""
, it would be reset to the image's entrypoint) (#6935).Published by mheon over 4 years ago
podman system connection
command has been temporarily disabled, as it was not functioning as expected.podman ps
command would not truncate long container commands, resulting in display issues as the column could become extremely wide (the --no-trunc
flag can be used to print the fullpodman pod
commands operationg on multiple containers (e.g. podman pod stop
and podman pod kill
) would not print errors from individual containers, but only a warning that some containpodman system service
command would panic if a connection to the Events endpoint hung up early (#6805).--user
directive.TMPDIR
environment variable (used for storing temporary files while pulling images) was not being defaulted (if unset) to /var/tmp
.--publish
flag to podman create
and podman run
required that a host port be specified if an IP address was given (#6806).podman-remote
commands performing an attach (podman run
, podman attach
, podman start --attach
, podman exec
) did not properly configure the terminal on Windows.--remote
flag to Podman required an argument, despite being a boolean (#6704).podman generate systemd --new
command could generate incorrect unit files for a pod if a container in the pod was created using the --pod=...
flag (with an =, instead of a space, befNPROC
and NOFILE
rlimits could be improperly set for rootless Podman containers, causing them to fail to start.podman mount
as rootless did not error (the podman mount
command cannot be run rootless unless it is run inside a podman unshare
shell).