Package: podman
Version: 4.2.1-0.1
Severity: minor
Tags: patch
X-Debbugs-Cc: nolang...@gmail.com
Hello,
I am aware of #1000521, I dont see it as resolved.
The problem is that you can run podman as service, and clients
can connect on for ex. an exposed unix socket.
Practical example is:
- run rootless podman providing an unix socker
- run an container jenkins/inbound-agent container
binding that socket
- provide a binary that takes the same arguments as docker
while using the socket
Now the issue is, that you have to install podman and its many
dependencies in the jenkins/inbound-agent container.
Way better would be to use one of the simple remote-only clients,
this is a single file without any dependencies
(run ldd on both).
docker provides the docker-ce-cli package, podman the podman-remote
binary.
Debian should offer the package as independent package,
so client/server can be updated together.
Then containers can get a bind-mount to the host's
/usr/bin/podman-remote binary.
-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.16.0-6-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages podman depends on:
ii conmon 2.1.3+ds1-1
ii crun 1.5+dfsg-1+b1
ii golang-github-containers-common 0.49.1+ds1-1
ii libc6 2.34-7
ii libdevmapper1.02.1 2:1.02.185-1
ii libgpgme11 1.17.1-4.1
ii libseccomp2 2.5.4-1+b1
Versions of packages podman recommends:
pn buildah <none>
pn catatonit | tini | dumb-init <none>
ii dbus-user-session 1.14.0-2
pn fuse-overlayfs <none>
ii slirp4netns 1.2.0-1
ii uidmap 1:4.11.1+dfsg1-2
Versions of packages podman suggests:
ii containers-storage 1.42.0+ds1-1
pn docker-compose <none>
ii iptables 1.8.8-1
-- no debconf information
diff -burN a/debian/control b/debian/control
--- a/debian/control 2022-08-19 09:43:54.000000000 +0200
+++ b/debian/control 2022-08-19 09:43:54.000000000 +0200
@@ -131,6 +131,32 @@
.
Podman is a daemon-less alternative to Docker.
+Package: podman-remote
+Architecture: any
+Built-Using: ${misc:Built-Using}
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Description: engine to run OCI-based containers in Pods
+ Podman is an engine for running OCI-based containers in Pods.
+ Podman provides a CLI interface for managing Pods, Containers, and
+ Container Images.
+ .
+ At a high level, the scope of libpod and podman is the following:
+ * Support multiple image formats including the OCI and Docker image
+ formats.
+ * Support for multiple means to download images including trust & image
+ verification.
+ * Container image management (managing image layers, overlay filesystems,
+ etc).
+ * Full management of container lifecycle.
+ * Support for pods to manage groups of containers together.
+ * Resource isolation of containers and pods.
+ * Support for a Docker-compatible CLI interface through Podman.
+ .
+ Podman is a daemon-less alternative to Docker.
+ .
+ This package installs a smaller executable being only a
+ frontend to control a remote podman instance.
+
Package: golang-github-containers-libpod-dev
Architecture: all
Depends: ${misc:Depends},
diff -burN a/debian/podman.install b/debian/podman.install
--- a/debian/podman.install 2022-08-19 09:43:54.000000000 +0200
+++ b/debian/podman.install 2022-08-19 09:43:54.000000000 +0200
@@ -1,5 +1,4 @@
completions/zsh/_podman /usr/share/zsh/vendor-completions
-completions/zsh/_podman-remote /usr/share/zsh/vendor-completions
cni/87-podman-bridge.conflist /etc/cni/net.d/
debian/etc/containers/libpod.conf /etc/containers/
diff -burN a/debian/podman-remote.install b/debian/podman-remote.install
--- a/debian/podman-remote.install 1970-01-01 01:00:00.000000000 +0100
+++ b/debian/podman-remote.install 2022-08-19 09:43:54.000000000 +0200
@@ -0,0 +1,3 @@
+completions/zsh/_podman-remote /usr/share/zsh/vendor-completions
+
+usr/bin/podman-remote
diff -burN a/debian/podman-remote.manpages b/debian/podman-remote.manpages
--- a/debian/podman-remote.manpages 1970-01-01 01:00:00.000000000 +0100
+++ b/debian/podman-remote.manpages 2022-08-19 09:43:54.000000000 +0200
@@ -0,0 +1 @@
+docs/build/man/podman-remote*.1
diff -burN a/debian/rules b/debian/rules
--- a/debian/rules 2022-08-19 09:43:54.000000000 +0200
+++ b/debian/rules 2022-09-23 00:38:15.821251178 +0200
@@ -36,6 +36,7 @@
## https://podman.io/getting-started/installation#build-tags
BUILDTAGS := apparmor,ostree,seccomp,selinux,systemd
+BUILDTAGS_REMOTE :=
remote,exclude_graphdriver_btrfs,btrfs_noversion,exclude_graphdriver_devicemapper,containers_image_openpgp
# containers_image_openpgp
%:
@@ -45,6 +46,11 @@
$(MAKE) docs docker-docs
# LDFLAGS_PODMAN="-X main.gitCommit=$(GIT_COMMIT)"
+# upstream Makefile calls `go build ... -o bin/podman-remote ./cmd/podman`
+# dont know how I get dh_auto_build to do that.
+ dh_auto_build -v --builddirectory=_output -- -tags
"$(BUILDTAGS_REMOTE)" \
+ -ldflags "-X main.buildInfo=$(DEB_VERSION)"
+ mv _output/bin/podman _output/bin/podman-remote
dh_auto_build -v --builddirectory=_output -- -tags "$(BUILDTAGS)" \
-ldflags "-X main.buildInfo=$(DEB_VERSION)"
@@ -77,8 +83,6 @@
# Disable dh_missing
override_dh_missing:
- # remove unwanted files, cf. #1000521
- find debian -name '*podman-remote*' -ls -delete
dh_missing --list-missing -X goecho -X testvol -X version
override_dh_installsystemd:
