Features
- Rootless Podman will now add an entry to
/etc/passwd
for the user who ran Podman if run with--userns=keep-id
. - The
podman system connection
command has been reworked to support multiple connections, and reenabled for use! - Podman now has a new global flag,
--connection
, to specify a connection to a remote Podman API instance.
Changes
- Podman's automatic systemd integration (activated by the
--systemd=true
flag, set by default) will now activate for containers using/usr/local/sbin/init
as their command, instead of just/usr/sbin/init
and/sbin/init
(and any path ending insystemd
). - Seccomp profiles specified by the
--security-opt seccomp=...
flag topodman create
andpodman run
will now be honored even if the container was created using--privileged
.
Bugfixes
- Fixed a bug where the
podman play kube
would not honor thehostIP
field for port forwarding (#5964). - Fixed a bug where the
podman generate systemd
command would panic on an invalid restart policy being specified (#7271). - Fixed a bug where the
podman images
command could take a very long time (several minutes) to complete when a large number of images were present. - Fixed a bug where the
podman logs
command with the--tail
flag would not work properly when a large amount of output would be printed ((#7230)[https://github.com//issues/7230]). - Fixed a bug where the
podman exec
command with remote Podman would not return a non-zero exit code when the exec session failed to start (e.g. invoking a non-existent command) (#6893). - Fixed a bug where the
podman load
command with remote Podman would did not honor user-specified tags (#7124). - Fixed a bug where the
podman system service
command, when run as a non-root user by Systemd, did not properly handle the Podman pause process and would not restart properly as a result (#7180). - Fixed a bug where the
--publish
flag topodman create
,podman run
, andpodman pod create
did not properly handle a host IP of 0.0.0.0 (attempting to bind to literal 0.0.0.0, instead of all IPs on the system) (#7104). - Fixed a bug where the
podman start --attach
command would not print the container's exit code when the command exited due to the container exiting. - Fixed a bug where the
podman rm
command with remote Podman would not remove volumes, even if the--volumes
flag was specified (#7128). - Fixed a bug where the
podman run
command with remote Podman and the--rm
flag could exit before the container was fully removed. - Fixed a bug where the
--pod new:...
flag topodman run
andpodman create
would create a pod that did not share any namespaces. - Fixed a bug where the
--preserve-fds
flag topodman run
andpodman exec
could close the wrong file descriptors while trying to close user-provided descriptors after passing them into the container. - Fixed a bug where default environment variables (
$PATH
and$TERM
) were not set in containers when not provided by the image. - Fixed a bug where pod infra containers were not properly unmounted after exiting.
- Fixed a bug where networks created with
podman network create
with an IPv6 subnet did not properly set an IPv6 default route. - Fixed a bug where the
podman save
command would not work properly when its output was piped to another command (#7017). - Fixed a bug where containers using a systemd init on a cgroups v1 system could leak mounts under
/sys/fs/cgroup/systemd
to the host. - Fixed a bug where
podman build
would not generate an event on completion (#7022). - Fixed a bug where the
podman history
command with remote Podman printed incorrect creation times for layers (#7122). - Fixed a bug where Podman would not create working directories specified by the container image if they did not exist.
- Fixed a bug where Podman did not clear
CMD
from the container image if the user overrodeENTRYPOINT
(#7115). - Fixed a bug where error parsing image names were not fully reported (part of the error message containing the exact issue was dropped).
- Fixed a bug where the
podman images
command with remote Podman did not support printing image tags in Go templates supplied to the--format
flag (#7123). - Fixed a bug where the
podman rmi --force
command would not attempt to unmount containers it was removing, which could cause a failure to remove the image. - Fixed a bug where the
podman generate systemd --new
command could incorrectly quote arguments to Podman that contained whitespace, leading to nonfunctional unit files (#7285). - Fixed a bug where the
podman version
command did not properly include build time and Git commit. - Fixed a bug where running systemd in a Podman container on a system that did not use the
systemd
cgroup manager would fail (#6734). - Fixed a bug where capabilities from
--cap-add
were not properly added when a container was started as a non-root user via--user
. - Fixed a bug where Pod infra containers were not properly cleaned up when they stopped, causing networking issues (#7103).
API
- Fixed a bug where the libpod and compat Build endpoints did not accept the
application/tar
content type (instead only acceptingapplication/x-tar
) (#7185). - Fixed a bug where the libpod Exists endpoint would attempt to write a second header in some error conditions (#7197).
- Fixed a bug where compat and libpod Network Inspect and Network Remove endpoints would return a 500 instead of 404 when the requested network was not found.
- Added a versioned
_ping
endpoint (e.g.http://localhost/v1.40/_ping
). - Fixed a bug where containers started through a systemd-managed instance of the REST API would be shut down when
podman system service
shut down due to its idle timeout (#7294). - Added stronger parameter verification for the libpod Network Create endpoint to ensure subnet mask is a valid value.
- The
Pod
URL parameter to the Libpod Container List endpoint has been deprecated; the information previously gated by thePod
boolean will now be included in the response unconditionally.
Misc
- Updated Buildah to v1.15.1
- Updated containers/image library to v5.5.2