podman

Changes

• The podman system connection command was mistakenly omitted from the 2.0 release, and has been included here.
• The podman ps --format=json command once again includes container's creation time in a human-readable format in the CreatedAt key.
• The podman inspect commands on containers now displays forwarded ports in a format compatible with docker inspect.
• The --log-level=debug flag to podman run and podman exec will enable syslog for exit commands, ensuring that debug logs are collected for these otherwise-unlogged commands.

Bugfixes

• Fixed a bug where podman build did not properly handle the --http-proxy and --cgroup-manager flags.
• Fixed a bug where error messages related to a missing or inaccessible /etc/subuid or /etc/subgid file were very unclear (#6572).
• Fixed a bug where the podman logs --follow command would not stop when the container being followed exited.
• Fixed a bug where the --privileged flag had mistakenly been marked as conflicting with --group-add and --security-opt.
• Fixed a bug where the PODMAN_USERNS environment variable was not being honored (#6705).
• Fixed a bug where the podman image load command would require one argument be passed, when no arguments is also valid (#6718).
• Fixed a bug where the bash completions did not include the podman network command and its subcommands.
• Fixed a bug where the mount command would not work inside of rootless containers (#6735).
• Fixed a bug where SSH agent authentication support was not properly working in the podman-remote and podman --remote commands.
• Fixed a bug where the podman untag command was not erroring when no matching image was found.
• Fixed a bug where stop signal for containers was not being set properly if not explicitly provided.
• Fixed a bug where the podman ps command was not showing port mappings for containers which share a network namespace with another container (e.g. are part of a pod).
• Fixed a bug where the --remote flag could unintentionally be forwarded into containers when using podman-remote.
• Fixed a bug where unit files generated for pods by podman generate systemd would not allow individual containers to be restarted (#6770).
• Fixed a bug where the podman run and podman create commands did not support all transports that podman pull does (#6744).
• Fixed a bug where the label option to --security-opt would only be shown once in podman inspect, even if provided multiple times.

API

• Fixed a bug where network endpoint URLs in the compatability API were mistakenly suffixed with /json.
• Fixed a bug where the Libpod volume creation endpoint returned 200 instead of 201 on success.

Misc

• Updated containers/common to v0.14.3

Features

• The REST API and podman system service are no longer experimental, and ready for use!
• The Podman command now supports remotely connections via the REST API using the --remote flag.
• The Podman remote client has been entirely rewritten to use the HTTP API instead of Varlink.
• The podman system connection command has been added to allow configuring the endpoint that podman-remote and podman --remote will connect to.
• The podman generate systemd command now supports the --new flag when used with pods, allowing portable services for pods to be created.
• The podman play kube command now supports running Kubernetes Deployment YAML.
• The podman exec command now supports the --detach flag to run commands in the container in the background.
• The -p flag to podman run and podman create now supports forwarding ports to IPv6 addresses.
• The podman run, podman create and podman pod create command now support a --replace flag to remove and replace any existing container (or, for pod create, pod) with the same name
• The --restart-policy flag to podman run and podman create now supports the unless-stopped restart policy.
• The --log-driver flag to podman run and podman create now supports the none driver, which does not log the container's output.
• The --mount flag to podman run and podman create now accepts readonly option as an alias to ro.
• The podman generate systemd command now supports the --container-prefix, --pod-prefix, and --separator arguments to control the name of generated unit files.
• The podman network ls command now supports the --filter flag to filter results.
• The podman auto-update command now supports specifying an authfile to use when pulling new images on a per-container basis using the io.containers.autoupdate.authfile label.

Changes

• Varlink support, including the podman varlink command, is deprecated and will be removed in the next release.
• As part of the implementation of the REST API, JSON output for some commands (podman ps, podman images most notably) has changed.
• Named and anonymous volumes and tmpfs filesystems added to containers are no longer mounted noexec by default.

Bugfixes

• Fixed a bug where the podman exec command would log to journald when run in containers loggined to journald (#6555).
• Fixed a bug where the podman auto-update command would not preserve the OS and architecture of the original image when pulling a replacement (#6613).
• Fixed a bug where the podman cp command could create an extra merged directory when copying into an existing directory (#6596).
• Fixed a bug where the podman pod stats command would crash on pods run with --network=host (#5652).
• Fixed a bug where containers logs written to journald did not include the name of the container.
• Fixed a bug where the podman network inspect and podman network rm commands did not properly handle non-default CNI configuration paths (#6212).
• Fixed a bug where Podman did not properly remove containers when using the Kata containers OCI runtime.
• Fixed a bug where podman inspect would sometimes incorrectly report the network mode of containers started with --net=none.
• Podman is now better able to deal with cases where conmon is killed before the container it is monitoring.

Misc

• The default Podman CNI configuration now sets HairpinMode to allow communication between containers by connecting to a forwarded port on the host.
• Updated Buildah to v1.15.0
• Updated containers/storage to v1.20.2
• Updated containers/image to v5.5.1
• Updated containers/common to v0.14.0

This will be the final release candidate for Podman v2.0.

Highlights of the v2.0 release:

• The REST API provided by podman system service is no longer experimental. Endpoints are now tested and working, with few exceptions.
• podman-remote has been migrated to use the REST API instead of Varlink
• The podman exec command now supports the --detach flag to run commands in the background
• Kubernetes Deployments are now supported by podman play kube
• The podman generate systemd --new command now works with pods
• Podman can now forward IPv6 ports
• podman run, podman create, and podman pod create now support a --replace flag, that will remove any container (or pod for pod create) that already exists with the same name and replace it with the newly-create container
• A new log driver, none, has been added, allowing containers to not write logs
• Podman now supports the unless-stopped restart policy
• Unit files generated by podman generate systemd are now able to survive conditions where conmon is killed while the container is running
• Named and anonymous volumes and tmpfs filesystems are no longer mounted noexec by default
• The podman auto-update command's handling of images has been improved, and it now uses the same architecture/OS and authfile that were used to pull the original image

This is the sixth release candidate of Podman v2.0.0.

Podman v2.0.0 contains an extensive rewrite of Podman's frontend to better integrate support for remotely managing Podman installations using our new HTTP API.

We are approaching the release of Podman v2.0. Thanks to all our contributors and users for helping us to reach this milestone!

This is the fifth release candidate of Podman v2.0.0.

Podman v2.0.0 contains an extensive rewrite of Podman's frontend to better integrate support for remotely managing Podman installations using our new HTTP API.

We are approaching the release of Podman v2.0. Thanks to all our contributors and users for helping us to reach this milestone!

This is the fourth release candidate of Podman v2.0.0.

Podman v2.0.0 contains an extensive rewrite of Podman's frontend to better integrate support for remotely managing Podman installations using our new HTTP API.

We are approaching the release of Podman v2.0. Thanks to all our contributors and users for helping us to reach this milestone!

This is the third release candidate of Podman v2.0.0.

Podman v2.0.0 contains an extensive rewrite of Podman's frontend to better integrate support for remotely managing Podman installations using our new HTTP API.

This is still an early release candidate, and we are expecting some regressions.

Bugfixes

• Fixed a bug where, on FIPS enabled hosts, FIPS mode secrets were not properly mounted into containers
• Fixed a bug where builds run over Varlink would hang (#6237)

Misc

• Named volumes and tmpfs filesystems will no longer default to mounting noexec for improved compatibility with Docker
• Updated Buildah to v1.14.9

This is the second release candiate for Podman v2.0.0.

Podman v2.0.0 contains an extensive rewrite of Podman's frontend to better integrate support for remotely managing Podman installations using our new HTTP API.

This is still an early release candidate, and we are expecting some regressions.

This is the first release candidate for Podman v2.0. The core Podman CLI has received an extensive rewrite to improve support for managing remote Podman instances over the new HTTP API. Full release notes are still being compiled, and will be available for the final release.

This is an early RC, and we are expecting some bugs and regressions - please report any you find!

Bugfixes

• Fixed a bug where podman save would fail when the target image was specified by digest (#5234)
• Fixed a bug where rootless containers with ports forwarded to them could panic and dump core due to a concurrency issue (#6018)
• Fixed a bug where rootless Podman could race when opening the rootless user namespace, resulting in commands failing to run
• Fixed a bug where HTTP proxy environment variables forwarded into the container by the --http-proxy flag could not be overridden by --env or --env-file (#6017)
• Fixed a bug where rootless Podman was setting resource limits on cgroups v2 systems that were not using systemd-managed cgroups (and thus did not support resource limits), resulting in containers failing to start

Misc

• Rootless containers will now automatically set their ulimits to the maximum allowed for the user running the container, to match the behavior of containers run as root
• Packages managed by the core Podman team will no longer include a default libpod.conf, instead defaulting to containers.conf. The default libpod.conf will remain available in the Github repository until the release of Podman 2.0
• The default Podman CNI network configuration now sets HairpinMode to allow containers to access other containers via ports published on the host
• Updated containers/common to v0.8.4

Bugfixes

• Fixed a bug where healthchecks could become nonfunctional if container log paths were manually set with --log-path and multiple container logs were placed in the same directory (#5915)
• Fixed a bug where rootless Podman could, when using an older libpod.conf, print numerous warning messages about an invalid CGroup manager config
• Fixed a bug where rootless Podman would sometimes fail to close the rootless user namespace when joining it (#5873)

Misc

• Updated containers/common to v0.8.2

Features

• Experimental support has been added for podman run --userns=auto, which automatically allocates a unique UID and GID range for the new container's user namespace
• The podman play kube command now has a --network flag to place the created pod in one or more CNI networks
• The podman commit command now supports an --iidfile flag to write the ID of the committed image to a file
• Initial support for the new containers.conf configuration file has been added. containers.conf allows for much more detailed configuration of some Podman functionality

Changes

• There has been a major cleanup of the podman info command resulting in breaking changes. Many fields have been renamed to better suit usage with APIv2
• All uses of the --timeout flag have been switched to prefer the alternative --time. The --timeout flag will continue to work, but man pages and --help will use the --time flag instead

Bugfixes

• Fixed a bug where some volume mounts from the host would sometimes not properly determine the flags they should use when mounting
• Fixed a bug where Podman was not propagating $PATH to Conmon and the OCI runtime, causing issues for some OCI runtimes that required it
• Fixed a bug where rootless Podman would print error messages about missing support for systemd cgroups when run in a container with no cgroup support (#5488
  )
• Fixed a bug where podman play kube would not properly handle container-only port mappings (#5610)
• Fixed a bug where the podman container prune command was not pruning containers in the created and configured states
• Fixed a bug where Podman was not properly removing CNI IP address allocations after a reboot (#5433)
• Fixed a bug where Podman was not properly applying the default Seccomp profile when --security-opt was not given at the command line

HTTP API

• Many Libpod API endpoints have been added, including Changes, Checkpoint, Init, and Restore
• Resolved issues where the podman system service command would time out and exit while there were still active connections
• Stability overall has greatly improved as we prepare the API for a beta release soon with Podman 2.0

Misc

• The default infra image for pods has been upgraded to k8s.gcr.io/pause:3.2 (from 3.1) to address a bug in the architecture metadata for non-AMD64 images
• The slirp4netns networking utility in rootless Podman now uses Seccomp filtering where available for improved security
• Updated Buildah to v1.14.8
• Updated containers/storage to v1.18.2
• Updated containers/image to v5.4.3
• Updated containers/common to v0.8.1

This is the second release candidate for the Podman v1.9.0 release. There is one major change from Podman v1.9.0 is a fix for a major bug where Seccomp profiles were not properly handled when --security-opt was not passed.

This is the first release candidate for Podman v1.9.0

Features

• Experimental support has been added for podman run --userns=auto, which automatically allocates a unique UID and GID range for the new container's user namespace
• The podman play kube command now has a --network flag to place the created pod in one or more CNI networks
• The podman commit command now supports an --iidfile flag to write the ID of the committed image to a file
• Initial support for the new containers.conf configuration file has been added. containers.conf allows for much more detailed configuration of some Podman functionality

Changes

• There has been a major cleanup of the podman info command resulting in breaking changes. Many fields have been renamed to better suit usage with APIv2
• All uses of the --timeout flag have been switched to prefer the alternative --time. The --timeout flag will continue to work, but man pages and --help will use the --time flag instead

Bugfixes

• Fixed a bug where some volume mounts from the host would sometimes not properly determine the flags they should use when mounting
• Fixed a bug where Podman was not propagating $PATH to Conmon and the OCI runtime, causing issues for some OCI runtimes that required it
• Fixed a bug where rootless Podman would print error messages about missing support for systemd cgroups when run in a container with no cgroup support (#5488
  )
• Fixed a bug where podman play kube would not properly handle container-only port mappings (#5610)
• Fixed a bug where the podman container prune command was not pruning containers in the created and configured states
• Fixed a bug where Podman was not properly removing CNI IP address allocations after a reboot (#5433)

HTTP API

• Many Libpod API endpoints have been added, including Changes, Checkpoint, and Restore
• Stability overall has greatly improved as we prepare the API for a beta release soon with Podman 2.0

Misc

• The default infra image for pods has been upgraded to k8s.gcr.io/pause:3.2 (from 3.1) to address a bug in the architecture metadata for non-AMD64 images
• The slirp4netns networking utility in rootless Podman now uses Seccomp filtering where available for improved security
• Updated Buildah to v1.14.8
• Updated containers/storage to v1.18.2
• Updated containers/image to v5.4.3
• Updated containers/common to v0.8.1

Features

• Initial support for automatically updating containers managed via Systemd unit files has been merged. This allows containers to automatically upgrade if a newer version of their image becomes available

Bugfixes

• Fixed a bug where unit files generated by podman generate systemd --new would not force containers to detach, causing the unit to time out when trying to start
• Fixed a bug where podman system reset could delete important system directories if run as rootless on installations created by older Podman (#4831)
• Fixed a bug where image built by podman build would not properly set the OS and Architecture they were built with (#5503)
• Fixed a bug where attached podman run with --sig-proxy enabled (the default), when built with Go 1.14, would repeatedly send signal 23 to the process in the container and could generate errors when the co
  ntainer stopped (#5483)
• Fixed a bug where rootless podman run commands could hang when forwarding ports
• Fixed a bug where rootless Podman would not work when /proc was mounted with the hidepid option set
• Fixed a bug where the podman system service command would use large amounts of CPU when --timeout was set to 0 (#5531)

HTTP API

• Initial support for Libpod endpoints related to creating and operating on image manifest lists has been added
• The Libpod Healthcheck and Events API endpoints are now supported
• The Swagger endpoint can now handle cases where no Swagger documentation has been generated

Misc

• Updated Buildah to v1.14.3
• Updated containers/storage to v1.16.5
• Several performance improvements have been made to creating containers, which should somewhat improve the performance of podman create and podman run

Bugfixes

• Fixed a bug where unit files generated by podman generate systemd --new would not force containers to detach, causing the unit to time out when trying to start
• Fixed a bug where podman system reset could delete important system directories if run as rootless on installations created by older Podman (#4831)
• Fixed a bug where image built by podman build would not properly set the OS and Architecture they were built with (#5503)
• Fixed a bug where attached podman run with --sig-proxy enabled (the default), when built with Go 1.14, would repeatedly send signal 23 to the process in the container and could generate errors when the container stopped ([#5483](https://github.com/containers/libpod/issues/54\
  83))
• Fixed a bug where rootless podman run commands could hang when forwarding ports

HTTP API

• Initial support for Libpod endpoints related to creating and operating on image manifest lists has been added
• The Libpod Healthcheck and Events API endpoints are now supported

Misc

• Updated vendored containers/storage to v1.16.5
• Several performance improvements have been made to creating containers, which should somewhat improve the performance of podman create and podman run

Features

• Many networking-related flags have been added to podman pod create to enable customization of pod networks, including --add-host, --dns, --dns-opt, --dns-search, --ip, --mac-address, --network
  , and --no-hosts
• The podman ps --format=json command now includes the ID of the image containers were created with
• The podman run and podman create commands now feature an --rmi flag to remove the image the container was using after it exits (if no other containers are using said image) ([#4628](https://github.com/c\
  ontainers/libpod/issues/4628))
• The podman create and podman run commands now support the --device-cgroup-rule flag (#4876)
• While the HTTP API remains in alpha, many fixes and additions have landed. These are documented in a separate subsection below
• The podman create and podman run commands now feature a --no-healthcheck flag to disable healthchecks for a container (#5299)
• Containers now recognize the io.containers.capabilities label, which specifies a list of capabilities required by the image to run. These capabilities will be used as long as they are more restrictive than
  the default capabilities used
• YAML produced by the podman generate kube command now includes SELinux configuration passed into the container via --security-opt label=... (#4950)

Bugfixes

• Fixed CVE-2020-1726, a security issue where volumes manually populated before first being mounted into a container could have those contents overwritten on first being mounted into a container
• Fixed a bug where Podman containers with user namespaces in CNI networks with the DNS plugin enabled would not have the DNS plugin's nameserver added to their resolv.conf ([#5256](https://github.com/contain\
  ers/libpod/issues/5256))
• Fixed a bug where trailing / characters in image volume definitions could cause them to not be overridden by a user-specified mount at the same location ([#5219](https://github.com/containers/libpod/issues/\
  5219))
• Fixed a bug where the label option in libpod.conf, used to disable SELinux by default, was not being respected (#5087)
• Fixed a bug where the podman login and podman logout commands required the registry to log into be specified (#5146)
• Fixed a bug where detached rootless Podman containers could not forward ports (#5167)
• Fixed a bug where rootless Podman could fail to run if the pause process had died
• Fixed a bug where Podman ignored labels that were specified with only a key and no value (#3854)
• Fixed a bug where Podman would fail to create named volumes when the backing filesystem did not support SELinux labelling (#5200)
• Fixed a bug where --detach-keys="" would not disable detaching from a container (#5166)
• Fixed a bug where the podman ps command was too aggressive when filtering containers and would force --all on in too many situations
• Fixed a bug where the podman play kube command was ignoring image configuration, including volumes, working directory, labels, and stop signal (#5174)
• Fixed a bug where the Created and CreatedTime fields in podman images --format=json were misnamed, which also broke Go template output for those fields ([#5110](https://github.com/containers/libpod/issu\
  es/5110))
• Fixed a bug where rootless Podman containers with ports forwarded could hang when started (#5182)
• Fixed a bug where podman pull could fail to parse registry names including port numbers
• Fixed a bug where Podman would incorrectly attempt to validate image OS and architecture when starting containers
• Fixed a bug where Bash completion for podman build -f would not list available files that could be built (#3878)
• Fixed a bug where podman commit --change would perform incorrect validation, resulting in valid changes being rejected (#5148)
• Fixed a bug where podman logs --tail could take large amounts of memory when the log file for a container was large (#5131)
• Fixed a bug where Podman would sometimes incorrectly generate firewall rules on systems using firewalld
• Fixed a bug where the podman inspect command would not display network information for containers properly if a container joined multiple CNI networks ([#4907](https://github.com/containers/libpod/issues/49\
  07))
• Fixed a bug where the --uts flag to podman create and podman run would only allow specifying containers by full ID (#5289)
• Fixed a bug where rootless Podman could segfault when passed a large number of file descriptors
• Fixed a bug where the podman port command was incorrectly interpreting additional arguments as container names, instead of port numbers
• Fixed a bug where units created by podman generate systemd did not depend on network targets, and so could start before the system network was ready (#4130)
• Fixed a bug where exec sessions in containers which did not specify a user would not inherit supplemental groups added to the container via --group-add
• Fixed a bug where Podman would not respect the $TMPDIR environment variable for placing large temporary files during some operations (e.g. podman pull) ([#5411](https://github.com/containers/libpod/issues\
  /5411))

HTTP API

• Initial support for secure connections to servers via SSH tunneling has been added
• Initial support for the libpod create and logs endpoints for containers has been added
• Added a /swagger/ endpoint to serve API documentation
• The json endpoint for containers has received many fixes
• Filtering images and containers has been greatly improved, with many bugs fixed and documentation improved
• Image creation endpoints (commit, pull, etc) have seen many fixes
• Server timeout has been fixed so that long operations will no longer trigger the timeout and shut the server down
• The stats endpoint for containers has seen major fixes and now provides accurate output
• Handling the HTTP 304 status code has been fixed for all endpoints
• Many fixes have been made to API documentation to ensure it matches the code

Misc

• Updated vendored Buildah to v1.14.2
• Updated vendored containers/storage to v1.16.2
• The Created field to podman images --format=json has been renamed to CreatedSince as part of the fix for (#5110). Go templates using the old name shou
  ld still work
• The CreatedTime field to podman images --format=json has been renamed to CreatedAt as part of the fix for (#5110). Go templates using the old name sho
  uld still work
• The before filter to podman images has been renamed to since for Docker compatibility. Using before will still work, but documentation has been changed to use the new since filter
• Using the --password flag to podman login now warns that passwords are being passed in plaintext
• Some common cases where Podman would deadlock have been fixed to warn the user that podman system renumber must be run to resolve the deadlock

This is the first release candidate of Podman v1.8.1
Preliminary release notes:

Features

• Many networking-related flags have been added to podman pod create to enable customization of pod networks, including --add-host, --dns, --dns-opt, --dns-search, --ip, --mac-address, --network, and --no-hosts
• The podman ps --format=json command now includes the ID of the image containers were created with
• The podman create and podman run commands now support the --device-cgroup-rule flag (#4876)
• While the HTTP API remains in alpha, many fixes and additions have landed. These are documented in a separate subsection below

Bugfixes

• Fixed CVE-2020-1726, a security issue where volumes manually populated before first being mounted into a container could have those contents overwritten on first being mounted into a container
• Fixed a bug where Podman containers with user namespaces in CNI networks with the DNS plugin enabled would not have the DNS plugin's nameserver added to their resolv.conf (#5256)
• Fixed a bug where trailing / characters in image volume definitions could cause them to not be overridden by a user-specified mount at the same location (#5219)
• Fixed a bug where the label option in libpod.conf, used to disable SELinux by default, was not being respected (#5087)
• Fixed a bug where the podman login and podman logout commands required the registry to log into be specified (#5146)
• Fixed a bug where detached rootless Podman containers could not forward ports (#5167)
• Fixed a bug where rootless Podman could fail to run if the pause process had died
• Fixed a bug where Podman ignored labels that were specified with only a key and no value (#3854)
• Fixed a bug where Podman would fail to create named volumes when the backing filesystem did not support SELinux labelling (#5200)
• Fixed a bug where --detach-keys="" would not disable detaching from a container (#5166)
• Fixed a bug where the podman ps command was too aggressive when filtering containers and would force --all on in too many situations
• Fixed a bug where the podman play kube command was ignoring image configuration, including volumes, working directory, labels, and stop signal (#5174)
• Fixed a bug where the Created and CreatedTime fields in podman images --format=json were misnamed, which also broke Go template output for those fields (#5110)
• Fixed a bug where rootless Podman containers with ports forwarded could hang when started (#5182)
• Fixed a bug where podman pull could fail to parse registry names including port numbers
• Fixed a bug where Podman would incorrectly attempt to validate image OS and architecture when starting containers
• Fixed a bug where Bash completion for podman build -f would not list available files that could be built (#3878)
• Fixed a bug where podman commit --change would perform incorrect validation, resulting in valid changes being rejected (#5148)
• Fixed a bug where podman logs --tail could take large amounts of memory when the log file for a container was large (#5131)
• Fixed a bug where Podman would sometimes incorrectly generate firewall rules on systems using firewalld

HTTP API

• Initial support for secure connections to servers via SSH tunneling has been added
• Initial support for the libpod create and logs endpoints for containers has been added
• Added a /swagger/ endpoint to serve API documentation
• The json endpoint for containers has received many fixes
• Filtering images and containers has been greatly improved, with many bugs fixed and documentation improved
• Image creation endpoints (commit, pull, etc) have seen many fixes
• Server timeout has been fixed so that long operations will no longer trigger the timeout and shut the server down
• The stats endpoint for containers has seen major fixes and now provides accurate output
• Handling the HTTP 304 status code has been fixed for all endpoints
• Many fixes have been made to API documentation to ensure it matches the code

Misc

• Updated vendored Buildah to v1.14.1
• Updated vendored containers/storage to v1.16.0
• The Created field to podman images --format=json has been renamed to CreatedSince as part of the fix for (#5110). Go templates using the old name should still work
• The CreatedTime field to podman images --format=json has been renamed to CreatedAt as part of the fix for (#5110). Go templates using the old name should still work
• The before filter to podman images has been renamed to since for Docker compatibility. Using before will still work, but documentation has been changed to use the new since filter
• Using the --password flag to podman login now warns that passwords are being passed in plaintext

Features

• The podman system service command has been added, providing a preview of Podman's new Docker-compatible API. This API is still very new, and not yet ready for production use, but is available for early test
  ing
• Rootless Podman now uses Rootlesskit for port forwarding, which should greatly improve performance and capabilities
• The podman untag command has been added to remove tags from images without deleting them
• The podman inspect command on images now displays previous names they used
• The podman generate systemd command now supports a --new option to generate service files that create and run new containers instead of managing existing containers
• Support for --log-opt tag= to set logging tags has been added to the journald log driver
• Added support for using Seccomp profiles embedded in images for podman run and podman create via the new --seccomp-policy CLI flag (#4806)
• The podman play kube command now honors pull policy (#4880)

Bugfixes

• Fixed a bug where the podman cp command would not copy the contents of directories when paths ending in /. were given (#4717)
• Fixed a bug where the podman play kube command did not properly locate Seccomp profiles specified relative to localhost (#4555)
• Fixed a bug where the podman info command for remote Podman did not show registry information (#4793)
• Fixed a bug where the podman exec command did not support having input piped into it (#3302)
• Fixed a bug where the podman cp command with rootless Podman on CGroups v2 systems did not properly determine if the container could be paused while copying ([#4813](https://github.com/containers/libpod/iss\
  ues/4813))
• Fixed a bug where the podman container prune --force command could possible remove running containers if they were started while the command was running ([#4844](https://github.com/containers/libpod/issues/\
  4844))
• Fixed a bug where Podman, when run as root, would not properly configure slirp4netns networking when requested (#4853)
• Fixed a bug where podman run --userns=keep-id did not work when the user had a UID over 65535 (#4838)
• Fixed a bug where rootless podman run and podman create with the --userns=keep-id option could change permissions on /run/user/$UID and break KDE ([#4846](https://github.com/containers/libpod/issues/4\
  846))
• Fixed a bug where rootless Podman could not be run in a systemd service on systems using CGroups v2 (#4833)
• Fixed a bug where podman inspect would show CPUShares as 0, instead of the default (1024), when it was not explicitly set (#4822)
• Fixed a bug where podman-remote push would segfault (#4706)
• Fixed a bug where image healthchecks were not shown in the output of podman inspect (#4799)
• Fixed a bug where named volumes created with containers from pre-1.6.3 releases of Podman would be autoremoved with their containers if the --rm flag was given, even if they were given names ([#5009](https:
  //github.com/containers/libpod/issues/5009))
• Fixed a bug where podman history was not computing image sizes correctly (#4916)
• Fixed a bug where Podman would not error on invalid values to the --sort flag to podman images
• Fixed a bug where providing a name for the image made by podman commit was mandatory, not optional as it should be (#5027)
• Fixed a bug where the remote Podman client would append an extra " to %PATH (#4335)
• Fixed a bug where the podman build command would sometimes ignore the -f option and build the wrong Containerfile
• Fixed a bug where the podman ps --filter command would only filter running containers, instead of all containers, if --all was not passed (#5050)
• Fixed a bug where the podman load command on compressed images would leave an extra copy on disk
• Fixed a bug where the podman restart command would not properly clean up the network, causing it to function differently from podman stop; podman start ([#5051](https://github.com/containers/libpod/issues\
  /5051))
• Fixed a bug where setting the --memory-swap flag to podman create and podman run to -1 (to indicate unlimited) was not supported (#5091)

Misc

• Initial work on version 2 of the Podman remote API has been merged, but is still in an alpha state and not ready for use. Read more here
• Many formatting corrections have been made to the manpages
• The changes to address (#5009) may cause anonymous volumes created by Podman versions 1.6.3 to 1.7.0 to not be removed when their container is removed
• Updated vendored Buildah to v1.13.1
• Updated vendored containers/storage to v1.15.8
• Updated vendored containers/image to v5.2.0