Package: podman Version: 4.2.1-0.1 Severity: minor Tags: patch X-Debbugs-Cc: nolang...@gmail.com
Hello, I am aware of #1000521, I dont see it as resolved. The problem is that you can run podman as service, and clients can connect on for ex. an exposed unix socket. Practical example is: - run rootless podman providing an unix socker - run an container jenkins/inbound-agent container binding that socket - provide a binary that takes the same arguments as docker while using the socket Now the issue is, that you have to install podman and its many dependencies in the jenkins/inbound-agent container. Way better would be to use one of the simple remote-only clients, this is a single file without any dependencies (run ldd on both). docker provides the docker-ce-cli package, podman the podman-remote binary. Debian should offer the package as independent package, so client/server can be updated together. Then containers can get a bind-mount to the host's /usr/bin/podman-remote binary. -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.16.0-6-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages podman depends on: ii conmon 2.1.3+ds1-1 ii crun 1.5+dfsg-1+b1 ii golang-github-containers-common 0.49.1+ds1-1 ii libc6 2.34-7 ii libdevmapper1.02.1 2:1.02.185-1 ii libgpgme11 1.17.1-4.1 ii libseccomp2 2.5.4-1+b1 Versions of packages podman recommends: pn buildah <none> pn catatonit | tini | dumb-init <none> ii dbus-user-session 1.14.0-2 pn fuse-overlayfs <none> ii slirp4netns 1.2.0-1 ii uidmap 1:4.11.1+dfsg1-2 Versions of packages podman suggests: ii containers-storage 1.42.0+ds1-1 pn docker-compose <none> ii iptables 1.8.8-1 -- no debconf information
diff -burN a/debian/control b/debian/control --- a/debian/control 2022-08-19 09:43:54.000000000 +0200 +++ b/debian/control 2022-08-19 09:43:54.000000000 +0200 @@ -131,6 +131,32 @@ . Podman is a daemon-less alternative to Docker. +Package: podman-remote +Architecture: any +Built-Using: ${misc:Built-Using} +Depends: ${misc:Depends}, ${shlibs:Depends} +Description: engine to run OCI-based containers in Pods + Podman is an engine for running OCI-based containers in Pods. + Podman provides a CLI interface for managing Pods, Containers, and + Container Images. + . + At a high level, the scope of libpod and podman is the following: + * Support multiple image formats including the OCI and Docker image + formats. + * Support for multiple means to download images including trust & image + verification. + * Container image management (managing image layers, overlay filesystems, + etc). + * Full management of container lifecycle. + * Support for pods to manage groups of containers together. + * Resource isolation of containers and pods. + * Support for a Docker-compatible CLI interface through Podman. + . + Podman is a daemon-less alternative to Docker. + . + This package installs a smaller executable being only a + frontend to control a remote podman instance. + Package: golang-github-containers-libpod-dev Architecture: all Depends: ${misc:Depends}, diff -burN a/debian/podman.install b/debian/podman.install --- a/debian/podman.install 2022-08-19 09:43:54.000000000 +0200 +++ b/debian/podman.install 2022-08-19 09:43:54.000000000 +0200 @@ -1,5 +1,4 @@ completions/zsh/_podman /usr/share/zsh/vendor-completions -completions/zsh/_podman-remote /usr/share/zsh/vendor-completions cni/87-podman-bridge.conflist /etc/cni/net.d/ debian/etc/containers/libpod.conf /etc/containers/ diff -burN a/debian/podman-remote.install b/debian/podman-remote.install --- a/debian/podman-remote.install 1970-01-01 01:00:00.000000000 +0100 +++ b/debian/podman-remote.install 2022-08-19 09:43:54.000000000 +0200 @@ -0,0 +1,3 @@ +completions/zsh/_podman-remote /usr/share/zsh/vendor-completions + +usr/bin/podman-remote diff -burN a/debian/podman-remote.manpages b/debian/podman-remote.manpages --- a/debian/podman-remote.manpages 1970-01-01 01:00:00.000000000 +0100 +++ b/debian/podman-remote.manpages 2022-08-19 09:43:54.000000000 +0200 @@ -0,0 +1 @@ +docs/build/man/podman-remote*.1 diff -burN a/debian/rules b/debian/rules --- a/debian/rules 2022-08-19 09:43:54.000000000 +0200 +++ b/debian/rules 2022-09-23 00:38:15.821251178 +0200 @@ -36,6 +36,7 @@ ## https://podman.io/getting-started/installation#build-tags BUILDTAGS := apparmor,ostree,seccomp,selinux,systemd +BUILDTAGS_REMOTE := remote,exclude_graphdriver_btrfs,btrfs_noversion,exclude_graphdriver_devicemapper,containers_image_openpgp # containers_image_openpgp %: @@ -45,6 +46,11 @@ $(MAKE) docs docker-docs # LDFLAGS_PODMAN="-X main.gitCommit=$(GIT_COMMIT)" +# upstream Makefile calls `go build ... -o bin/podman-remote ./cmd/podman` +# dont know how I get dh_auto_build to do that. + dh_auto_build -v --builddirectory=_output -- -tags "$(BUILDTAGS_REMOTE)" \ + -ldflags "-X main.buildInfo=$(DEB_VERSION)" + mv _output/bin/podman _output/bin/podman-remote dh_auto_build -v --builddirectory=_output -- -tags "$(BUILDTAGS)" \ -ldflags "-X main.buildInfo=$(DEB_VERSION)" @@ -77,8 +83,6 @@ # Disable dh_missing override_dh_missing: - # remove unwanted files, cf. #1000521 - find debian -name '*podman-remote*' -ls -delete dh_missing --list-missing -X goecho -X testvol -X version override_dh_installsystemd: