v1.6.1

Bugfixes

• Fixed a bug where rootless Podman on systems using CGroups V2 would not function with the cgroupfs CGroups manager
• Fixed a bug where rootless Podman could not correctly identify the DBus session address, causing containers to fail to start (#4162)
• Fixed a bug where rootless Podman with slirp4netns networking would fail to start containers due to mount leaks

v1.6.1-RC1

This is the first release candidate for the v1.6.1 release.

Preliminary changelog:

Bugfixes

• Fixed a bug where rootless Podman on systems using CGroups V2 would not function with the cgroupfs CGroups manager
• Fixed a bug where rootless Podman could not correctly identify the DBus session address, causing containers to fail to start (#4162)
• Fixed a bug where rootless Podman with slirp4netns networking would fail to start containers due to mount leaks

v1.6.0

Features

• The podman network create, podman network rm, podman network inspect, and podman network ls commands have been added to manage CNI networks used by Podman
• The podman volume create command can now create and mount volumes with options, allowing volumes backed by NFS, tmpfs, and many other filesystems
• Podman can now run containers without CGroups for better integration with systemd by using the --cgroups=disabled flag with podman create and podman run. This is presently only supported with the crun OCI runtime
• The podman volume rm and podman volume inspect commands can now refer to volumes by an unambiguous partial name, in addition to full name (e.g. podman volume rm myvol to remove a volume named myvolume) (#3891)
• The podman run and podman create commands now support the --pull flag to allow forced re-pulling of images (#3734)
• Mounting volumes into a container using --volume, --mount, and --tmpfs now allows the suid, dev, and exec mount options (the inverse of nosuid, nodev, noexec) (#3819)
• Mounting volumes into a container using --mount now allows the relabel=Z and relabel=z options to relabel mounts.
• The podman push command now supports the --digestfile option to save a file containing the pushed digest
• Pods can now have their hostname set via podman pod create --hostname or providing Pod YAML with a hostname set to podman play kube (#3732)
• The podman image sign command now supports the --cert-dir flag
• The podman run and podman create commands now support the --security-opt label=filetype:$LABEL flag to set the SELinux label for container files
• The remote Podman client now supports healthchecks

Bugfixes

• Fixed a bug where remote podman pull would panic if a Varlink connection was not available (#4013)
• Fixed a bug where podman exec would not properly set terminal size when creating a new exec session (#3903)
• Fixed a bug where podman exec would not clean up socket symlinks on the host (#3962)
• Fixed a bug where Podman could not run systemd in containers that created a CGroup namespace
• Fixed a bug where podman prune -a would attempt to prune images used by Buildah and CRI-O, causing errors (#3983)
• Fixed a bug where improper permissions on the ~/.config directory could cause rootless Podman to use an incorrect directory for storing some files
• Fixed a bug where the bash completions for podman import threw errors
• Fixed a bug where Podman volumes created with podman volume create would not copy the contents of their mountpoint the first time they were mounted into a container (#3945)
• Fixed a bug where rootless Podman could not run podman exec when the container was not run inside a CGroup owned by the user (#3937)
• Fixed a bug where podman play kube would panic when given Pod YAML without a securityContext (#3956)
• Fixed a bug where Podman would place files incorrectly when storage.conf configuration items were set to the empty string (#3952)
• Fixed a bug where podman build did not correctly inherit Podman's CGroup configuration, causing crashed on CGroups V2 systems (#3938)
• Fixed a bug where podman cp would improperly copy files on the host when copying a symlink in the container that included a glob operator (#3829)
• Fixed a bug where remote podman run --rm would exit before the container was completely removed, allowing race conditions when removing container resources (#3870)
• Fixed a bug where rootless Podman would not properly handle changes to /etc/subuid and /etc/subgid after a container was launched
• Fixed a bug where rootless Podman could not include some devices in a container using the --device flag (#3905)
• Fixed a bug where the commit Varlink API would segfault if provided incorrect arguments (#3897)
• Fixed a bug where temporary files were not properly cleaned up after a build using remote Podman (#3869)
• Fixed a bug where podman remote cp crashed instead of reporting it was not yet supported (#3861)
• Fixed a bug where podman exec would run as the wrong user when execing into a container was started from an image with Dockerfile USER (or a user specified via podman run --user) (#3838)
• Fixed a bug where images pulled using the oci: transport would be improperly named
• Fixed a bug where podman varlink would hang when managed by systemd due to SD_NOTIFY support conflicting with Varlink (#3572)
• Fixed a bug where mounts to the same destination would sometimes not trigger a conflict, causing a race as to which was actually mounted
• Fixed a bug where podman exec --preserve-fds caused Podman to hang (#4020)
• Fixed a bug where removing an unmounted container that was unmounted might sometimes not properly clean up the container (#4033)
• Fixed a bug where the Varlink server would freeze when run in a systemd unit file (#4005)
• Fixed a bug where Podman would not properly set the $HOME environment variable when the OCI runtime did not set it
• Fixed a bug where rootless Podman would incorrectly print warning messages when an OCI runtime was not found (#4012)
• Fixed a bug where named volumes would conflict with, instead of overriding, tmpfs filesystems added by the --read-only-tmpfs flag to podman create and podman run
• Fixed a bug where podman cp would incorrectly make the target directory when copying to a symlink which pointed to a nonexistent directory (#3894)
• Fixed a bug where remote Podman would incorrectly read STDIN when the -i flag was not set (#4095)
• Fixed a bug where podman play kube would create an empty pod when given an unsupported YAML type (#4093)
• Fixed a bug where podman import --change improperly parsed CMD (#4000)

Misc

• Significant changes were made to Podman volumes in this release. If you have pre-existing volumes, it is strongly recommended to run podman system renumber after upgrading.
• Version 0.8.1 or greater of the CNI Plugins is now required for Podman
• Version 2.0.1 or greater of Conmon is strongly recommended
• Updated vendored Buildah to v1.11.2
• Updated vendored containers/storage library to v1.13.4
• Improved error messages when trying to create a pod with no name via podman play kube
• Improved error messages when trying to run podman pause or podman stats on a rootless container on a system without CGroups V2 enabled
• TMPDIR has been set to /var/tmp by default to better handle large temporary files
• podman wait has been optimized to detect stopped containers more rapidly
• Podman containers now include a ContainerManager annotation indicating they were created by libpod
• The podman info command now includes information about slirp4netns and fuse-overlayfs if they are available
• Podman no longer sets a default size of 65kb for tmpfs filesystems
• The default Podman CNI network has been renamed in an attempt to prevent conflicts with CRI-O when both are run on the same system. This should only take effect on system restart
• The output of podman volume inspect has been more closely matched to docker volume inspect

v1.6.0-RC2

This is the second release candidate for the final Podman 1.6.0 release

v1.6.0-rc1

This is the first release candidate for v1.6.0. Preliminary release notes follow:

Features

• The podman network create, podman network rm, podman network inspect, and podman network ls commands have been added to manage CNI networks used by Podman
• The podman volume create command can now create and mount volumes with options, allowing volumes backed by NFS, tmpfs, and many other filesystems
• Podman can now run containers without CGroups for better integration with systemd by using the --cgroups=disabled flag with podman create and podman run. This is presently only supported with the crun OCI runtime
• The podman volume rm and podman volume inspect commands can now refer to volumes by an unambiguous partial name, in addition to full name (e.g. podman volume rm myvol to remove a volume named myvolume) (#3891)
• The podman run and podman create commands now support the --pull flag to allow forced re-pulling of images (#3734)
• Mounting volumes into a container using --volume, --mount, and --tmpfs now allows the suid, dev, and exec mount options (the inverse of nosuid, nodev, noexec) (#3819)
• The podman push command now supports the --digestfile option to save a file containing the pushed digest
• Pods can now have their hostname set via podman pod create --hostname or providing Pod YAML with a hostname set to podman play kube (#3732)
• The podman image sign command now supports the --cert-dir flag
• The podman run and podman create commands now support the --security-opt label=filetype:$LABEL flag to set the SELinux label for container files
• The remote Podman client now supports healthchecks

Bugfixes

• Fixed a bug where remote podman pull would panic if a Varlink connection was not available (#4013)
• Fixed a bug where podman exec would not properly set terminal size when creating a new exec session (#3903)
• Fixed a bug where podman exec would not clean up socket symlinks on the host (#3962)
• Fixed a bug where Podman could not run systemd in containers that created a CGroup namespace
• Fixed a bug where podman prune -a would attempt to prune images used by Buildah and CRI-O, causing errors (#3983)
• Fixed a bug where improper permissions on the ~/.config directory could cause rootless Podman to use an incorrect directory for storing some files
• Fixed a bug where the bash completions for podman import threw errors
• Fixed a bug where Podman volumes created with podman volume create would not copy the contents of their mountpoint the first time they were mounted into a container (#3945)
• Fixed a bug where rootless Podman could not run podman exec when the container was not run inside a CGroup owned by the user (#3937)
• Fixed a bug where podman play kube would panic when given Pod YAML without a securityContext (#3956)
• Fixed a bug where Podman would place files incorrectly when storage.conf configuration items were set to the empty string (#3952)
• Fixed a bug where podman build did not correctly inherit Podman's CGroup configuration, causing crashed on CGroups V2 systems (#3938)
• Fixed a bug where podman cp would improperly copy files on the host when copying a symlink in the container that included a glob operator (#3829)
• Fixed a bug where remote podman run --rm would exit before the container was completely removed, allowing race conditions when removing container resources (#3870)
• Fixed a bug where rootless Podman would not properly handle changes to /etc/subuid and /etc/subgid after a container was launched
• Fixed a bug where rootless Podman could not include some devices in a container using the --device flag (#3905)
• Fixed a bug where the commit Varlink API would segfault if provided incorrect arguments (#3897)
• Fixed a bug where temporary files were not properly cleaned up after a build using remote Podman (#3869)
• Fixed a bug where podman remote cp crashed instead of reporting it was not yet supported (#3861)
• Fixed a bug where podman exec would run as the wrong user when execing into a container was started from an image with Dockerfile USER (or a user specified via podman run --user) (#3838)
• Fixed a bug where images pulled using the oci: transport would be improperly named
• Fixed a bug where podman varlink would hang when managed by systemd due to SD_NOTIFY support conflicting with Varlink (#3572)

Misc

• Significant changes were made to Podman volumes in this release. If you have pre-existing volumes, it is strongly recommended to run podman system renumber after upgrading.
• Version 0.8.1 or greater of the CNI Plugins is now required for Podman
• Version 2.0.1 or greater of Conmon is strongly recommended
• Updated vendored Buildah to v1.11.2
• Improved error messages when trying to run podman pause or podman stats on a rootless container on a system without CGroups V2 enabled
• TMPDIR has been set to /var/tmp by default to better handle large temporary files
• podman wait has been optimized to detect stopped containers more rapidly
• Podman containers now include a ContainerManager annotation indicating they were created by libpod
• The podman info command now includes information about slirp4netns and fuse-overlayfs if they are available
• Podman no longer sets a default size of 65kb for tmpfs filesystems
• The default Podman CNI network has been renamed in an attempt to prevent conflicts with CRI-O when both are run on the same system. This should only take effect on system restart
• The output of podman volume inspect has been more closely matched to docker volume inspect

v1.5.1

Features

• The hostname of pods is now set to the pod's name

Bugfixes

• Fixed a bug where podman run and podman create did not honor the --authfile option (#3730)
• Fixed a bug where containers restored with podman container restore --import would incorrectly duplicate the Conmon PID file of the original container
• Fixed a bug where podman build ignored the default OCI runtime configured in libpod.conf
• Fixed a bug where podman run --rm (or force-removing any running container with podman rm --force) were not retrieving the correct exit code (#3795)
• Fixed a bug where Podman would exit with an error if any configured hooks directory was not present
• Fixed a bug where podman inspect and podman commit would not use the correct CMD for containers run with podman play kube
• Fixed a bug created pods when using rootless Podman and CGroups V2 (#3801)
• Fixed a bug where the podman events command with the --since or --until options could take a very long time to complete

Misc

• Rootless Podman will now inherit OCI runtime configuration from the root configuration (#3781)
• Podman now properly sets a user agent while contacting registries (#3788)
• The podman-v1.5.1.tar.gz file attached is podman packaged for MacOS. It can be installed using Homebrew.

v1.5.0

Features

• Podman containers can now join the user namespaces of other containers with --userns=container:$ID, or a user namespace at an arbitary path with --userns=ns:$PATH
• Rootless Podman can experimentally squash all UIDs and GIDs in an image to a single UID and GID (which does not require use of the newuidmap and newgidmap executables) by passing --storage-opt ignore_chown_errors
• The podman generate kube command now produces YAML for any bind mounts the container has created (#2303)
• The podman container restore command now features a new flag, --ignore-static-ip, that can be used with --import to import a single container with a static IP multiple times on the same host
• Added the ability for podman events to output JSON by specifying --format=json
• If the OCI runtime or conmon binary cannot be found at the paths specified in libpod.conf, Podman will now also search for them in the calling user's path
• Added the ability to use podman import with URLs (#3609)
• The podman ps command now supports filtering names using regular expressions (#3394)
• Rootless Podman containers with --privileged set will now mount in all host devices that the user can access
• The podman create and podman run commands now support the --env-host flag to forward all environment variables from the host into the container
• Rootless Podman now supports healthchecks (#3523)
• The format of the HostConfig portion of the output of podman inspect on containers has been improved and synced with Docker
• Podman containers now support CGroup namespaces, and can create them by passing --cgroupns=private to podman run or podman create
• The podman create and podman run commands now support the --ulimit=host flag, which uses any ulimits currently set on the host for the container
• The podman rm and podman rmi commands now use different exit codes to indicate 'no such container' and 'container is running' errors
• Support for CGroups V2 through the crun OCI runtime has been greatly improved, allowing resource limits to be set for rootless containers when the CGroups V2 hierarchy is in use

Bugfixes

• Fixed a bug where a race condition could cause podman restart to fail to start containers with ports
• Fixed a bug where containers restored from a checkpoint would not properly report the time they were started at
• Fixed a bug where podman search would return at most 25 results, even when the maximum number of results was set higher
• Fixed a bug where podman play kube would not honor capabilities set in imported YAML (#3689)
• Fixed a bug where podman run --env, when passed a single key (to use the value from the host), would set the environment variable in the container even if it was not set on the host (#3648)
• Fixed a bug where podman commit --changes would not properly set environment variables
• Fixed a bug where Podman could segfault while working with images with no history
• Fixed a bug where podman volume rm could remove arbitrary volumes if given an ambiguous name (#3635)
• Fixed a bug where podman exec invocations leaked memory by not cleaning up files in tmpfs
• Fixed a bug where the --dns and --net=container flags to podman run and podman create were not mutually exclusive (#3553)
• Fixed a bug where rootless Podman would be unable to run containers when less than 5 UIDs were available
• Fixed a bug where containers in pods could not be removed without removing the entire pod (#3556)
• Fixed a bug where Podman would not properly clean up all CGroup controllers for created cgroups when using the cgroupfs CGroup driver
• Fixed a bug where Podman containers did not properly clean up files in tmpfs, resulting in a memory leak as containers stopped
• Fixed a bug where healthchecks from images would not use default settings for interval, retries, timeout, and start period when they were not provided by the image (#3525)
• Fixed a bug where healthchecks using the HEALTHCHECK CMD format where not properly supported (#3507)
• Fixed a bug where volume mounts using relative source paths would not be properly resolved (#3504)
• Fixed a bug where podman run did not use authorization credentials when a custom path was specified (#3524)
• Fixed a bug where containers checkpointed with podman container checkpoint did not properly set their finished time
• Fixed a bug where running podman inspect on any container not created with podman run or podman create (for example, pod infra containers) would result in a segfault (#3500)
• Fixed a bug where healthcheck flags for podman create and podman run were incorrectly named (#3455)
• Fixed a bug where Podman commands would fail to find targets if a partial ID was specified that was ambiguous between a container and pod (#3487)
• Fixed a bug where restored containers would not have the correct SELinux label
• Fixed a bug where Varlink endpoints were not working properly if more was not correctly specified
• Fixed a bug where the Varlink PullImage endpoint would crash if an error occurred (#3715)
• Fixed a bug where the --mount flag to podman create and podman run did not allow boolean arguments for its ro and rw options (#2980)
• Fixed a bug where pods did not properly share the UTS namespace, resulting in incorrect behavior from some utilities which rely on hostname (#3547)
• Fixed a bug where Podman would unconditionally append ENTRYPOINT to CMD during podman commit (and when reporting CMD in podman inspect) (#3708)
• Fixed a bug where podman events with the journald events backend would incorrectly print 6 previous events when only new events were requested (#3616)
• Fixed a bug where podman port would exit prematurely when a port number was specified (#3747)
• Fixed a bug where passing . as an argument to the --dns-search flag to podman create and podman run was not properly clearing DNS search domains in the container

Misc

• Updated vendored Buildah to v1.10.1
• Updated vendored containers/image to v3.0.2
• Updated vendored containers/storage to v1.13.1
• Podman now requires conmon v2.0.0 or higher
• The podman info command now displays the events logger being in use
• The podman inspect command on containers now includes the ID of the pod a container has joined and the PID of the container's conmon process
• The -v short flag for podman --version has been re-added
• Error messages from podman pull should be significantly clearer
• The podman exec command is now available in the remote client
• The podman-v1.5.0.tar.gz file attached is podman packaged for MacOS. It can be installed using Homebrew.

v1.4.4

Bugfixes

• Fixed a bug where rootless Podman would attempt to use the entire root configuration if no rootless configuration was present for the user, breaking rootless Podman for new installations
• Fixed a bug where rootless Podman's pause process would block SIGTERM, preventing graceful system shutdown and hanging until the system's init send SIGKILL
• Fixed a bug where running Podman as root with sudo -E would not work after running rootless Podman at least once
• Fixed a bug where options for tmpfs volumes added with the --tmpfs flag were being ignored
• Fixed a bug where images with no layers could not properly be displayed and removed by Podman
• Fixed a bug where locks were not properly freed on failure to create a container or pod

Misc

• Updated containers/storage to v1.12.13

v1.4.3

Features

• Podman now has greatly improved support for containers using multiple OCI runtimes. Containers now remember if they were created with a different runtime using --runtime and will always use that runtime
• The cached and delegated options for volume mounts are now allowed for Docker compatability (#3340)
• The podman diff command now supports the --latest flag

Bugfixes

• Fixed a bug where podman cp on a single file would create a directory at the target and place the file in it (#3384)
• Fixed a bug where podman inspect --format '{{.Mounts}}' would print a hexadecimal address instead of a container's mounts
• Fixed a bug where rootless Podman would not add an entry to container's /etc/hosts files for their own hostname (#3405)
• Fixed a bug where podman ps --sync would segfault (#3411)
• Fixed a bug where podman generate kube would produce an invalid ports configuration (#3408)

Misc

• Podman now performs much better on systems with heavy I/O load
• The --cgroup-manager flag to podman now shows the correct default setting in help if the default was overridden by libpod.conf
• For backwards compatability, setting --log-driver=json-file in podman run is now supported as an alias for --log-driver=k8s-file. This is considered deprecated, and json-file will be moved to a new implementation in the future ([#3363](https://github.com/containers/libpo\
  d/issues/3363))
• Podman's default libpod.conf file now allows the crun OCI runtime to be used if it is installed

v1.4.2

Bugfixes

• Fixed a bug where Podman could not run containers using an older version of Systemd as init (#3295)

Misc

• Updated vendored Buildah to v1.9.0 to resolve a critical bug with Dockerfile RUN instructions
• The error message for running podman kill on containers that are not running has been improved
• The Podman remote client can now log to a file if syslog is not available
• The MacOS dmg file is experimental, use at your own risk.