🎉 欢迎访问本站,如有问题欢迎 留言
Docs
Cncf
Project
Podman
Podman V5.6.0 Rc1 Release Note

来源: https://github.com/containers/podman/releases/tag/v5.6.0-rc1

containers/podman v5.6.0-rc1 Release Notes

Published at: 2025-07-25T19:01:03Z

Features

  • A new set of commands for managing Quadlets has been added as podman quadlet install (install a new Quadlet for the current user), podman quadlet list (list installed Quadlets), podman quadlet print (print the contents of a Quadlet file), and podman quadlet rm (remove a Quadlet). These commands are presently not available with the remote Podman client - we expect support for this to arrive in a future release.
  • Quadlet .container units can now specify environment variables without values in the Environment= key, retrieving the value from the host when the container is started (#26247).
  • Quadlet .pod units now support two new keys, Label= (to set labels on the created pod) and ExitPolicy= (to set exit policy for the created pod) (#25961 and #25596).
  • Quadlet .image units now support a new key, Policy=, to set pull policy for the image (e.g. pull always, pull only if newer version available) (#26446).
  • Quadlet .network units now support a new key, InterfaceName=, to specify the name of the network interface created.
  • The podman machine init command now supports a new option, --swap, enabling swap in the created virtual machine and setting it to a given size (in megabytes) (#15980).
  • The --mount option to podman create and podman run now supports dest= as a valid alias for destination=.
  • The podman kube play command can now restrict container execution to specific CPU cores and specific memory nodes using the io.podman.annotations.cpuset/$ctrname and io.podman.annotations.memory-nodes/$ctrname annotations (#26172).
  • The podman kube play command now supports the lifecycle.stopSignal field in Pod YAML, allowing the signal used to stop containers to be specified (#25389).
  • The podman volume import and podman volume export commands are now available in the remote Podman client (#26049).
  • The --build-context option to podman build is now supported by the remote Podman client (#23433).
  • The podman volume create command now accepts two new options, --uid and --gid, to set the UID and GID the volume will be created with.
  • The podman secret create command now has a new option, --ignore, causing the command to succeed even if a secret with the given name already exists.
  • The podman pull command now has a new option, --policy, to configure pull policy.
  • The --mount type=artifact option to podman create, podman run, and podman pod create now allows the filename of the artifact in the container to be set using the name= option (e.g. podman run --mount type=artifact,name=$NAME,...).
  • The --tmpfs option to podman create and podman run now allows a new option, noatime, to be passed (e.g. podman run --tmpfs /run:noatime ...) (#26102).
  • The podman update command now has a new option, --latest, to update the latest container instead of specifying a specific container (#26380).
  • A new command, podman buildx inspect, has been added to improve Docker compatibility (#13014).

Changes

  • For users running podman machine VMs using the libkrun provider on an M3 or newer host running macOS 15+, nested virtualization is enabled by default.
  • When creating podman machine VMs on Windows using the WSL v2 provider, images are now pulled as artifacts from quay.io/podman/machine-os, matching the behavior of other VM providers.
  • Signal forwarding done by the --sig-proxy option to podman run and podman attach is now more robust to races and no longer forwards the SIGSTOP signal.
  • The podman system check --quick command now skips checking layer digests.
  • Podman on Windows using the WSLv2 provider now prefers the WSL executable in C:\Program Files\Windows Subsystem for Linux\wsl.exe over the one in WindowsApps, avoiding common “access denied” issues (#25787).
  • The --mount type=artifact option to podman create, podman run, and podman pod create now mounts artifacts containing a only a single blob as a file at the given destination path if the path does not exist in the image.
  • The podman volume export command now refuses to export to STDOUT if it is a TTY (#26506).
  • When generating Quadlet units with options known to be problematic when used with Podman, such as User=, Group=, and DynamicUser= in the [Service] section of a unit, Quadlet will now warn the user of the potential incompatibility (#26543).

Bugfixes

  • Fixed a bug where the --security-opt unmask= option to podman create and podman run did not allow comma-separated lists of paths to be passed, instead only allowing a single path.
  • Fixed a bug where stopping a Podman container could unintentionally kill non-Podman processes if the PID of an exec session started inside the container was reused for a new process while the container was running (#25104).
  • Fixed a bug where podman machine init could fail if run in a Podman container (#25950).
  • Fixed a bug where podman machine VMs would sometimes receive incorrect timezone information.
  • Fixed a bug where podman machine VMs created with a custom username would not have lingering enabled.
  • Fixed a bug where the podman machine init command on Windows when using the WSL 2 provider did not reliably determine if WSL was installed (#25523).
  • Fixed a bug where the name of Quadlet .pod units that did not specify the PodName= key was set incorrectly (#26062).
  • Fixed a bug where Quadlet .container units joining a pod specified in a .pod unit would fail as the pod name was set incorrectly when creating the container (#26105).
  • Fixed a bug where Quadlet would not generate RequiresMountsFor when mounting a .volume unit with Type=bind set into a container (#26125).
  • Fixed a bug where Quadlet dropin files were not correctly overwritten by new dropin files with the same name further along the hierarchy if the two dropin files did not share a parent directory (#26555).
  • Fixed a bug where Quadlet would sometimes not print warnings when failing to parse units (#26542).
  • Fixed a bug where Quadlet .pod files did not include the last Environment= key in the [Service] section in the generated systemd service (#26521).
  • Fixed a bug where starting a container with already-running dependencies would fail.
  • Fixed a bug where OCI hooks in a directory specified with --hooks-dir would fail to run when containers were restarted (#17935).
  • Fixed a bug where the --mount option to podman create and podman run required the type= option to be specified, instead of defaulting to volume when it was not present (#26101).
  • Fixed a bug where the podman kube play command would fail on Windows when specifying an absolute path to YAML files (#26350).
  • Fixed a bug where the --security-opt seccomp= option to podman create, podman run, and podman pod create could error on Windows when given a path to a Seccomp profile (#26558).
  • Fixed a bug where the --blkio-weight-device, --device-read-bps, --device-write-bps, --device-read-iops, and --device-write-iops options to podman create and podman run incorrectly accepted non-block devices.
  • Fixed a bug where the podman build command handled the --ignorefile option differently from the buildah bud command (#25746).
  • Fixed a bug where the podman rm -f command could return an error when trying to remove a running container whose conmon process had been killed (#26640).
  • Fixed a bug where the podman inspect command did not correctly display log size for containers when log_size_max was set in containers.conf.

API

  • A full set of API endpoints for interacting with artifacts has been added, including inspecting artifacts (GET /libpod/artifacts/{name}/json), listing all artifacts (GET /libpod/artifacts/json), pulling an artifact (POST /libpod/artifacts/pull), removing an artifact (DELETE /libpod/artifacts/{name}), adding an artifact (or appending to an existing artifact) from a tar file in the request body (POST /libpod/artifacts/add), pushing an artifact to a registry (/libpod/artifacts/{name}/push), and retrieving the contents of an artifact (GET /libpod/artifacts/{name}/extract).
  • The Compat Create endpoint for Containers now accepts a new parameter, HostConfig.CgroupnsMode, to specify the cgroup namespace mode of the created container.
  • The Compat Create endpoint for Containers now respects the base_hosts_file option in containers.conf.
  • The Compat Info endpoint now returns a new field, DefaultAddressPools.
  • Fixed a bug where the Compat Delete API for Containers would remove running containers when the FORCE parameter was set to true; Docker only removes stopped containers (#25871).
  • Fixed a bug where the Compat List and Compat Inspect endpoints for Containers returned container status using Podman statuses instead of converting to Docker-compatible statuses (#17728).
  • Fixed a bug where healthchecks that exceeded their timeout were not properly terminated; they now receive SIGTERM, then SIGKILL after a delay, if their timeout is exceeded (#26086).
  • Fixed a bug where application/json responses would be HTML escaped, mutating some responses (e.g. <missing> becoming \u003cmissing\u003e in image history responses) (#17769).

Misc

  • Quadlet now no longer uses container/pod ID files when stopping containers, but instead passes the name of the container/pod directly to podman stop/podman pod stop.
  • When building Podman via Makefile, it will now attempt to dynamically link sqlite3 if the library and header are installed locally. This and other optimizations should result in a significant reduction in binary size relative to Podman 5.5.x. Packagers can use the libsqlite3 build tag to force this behavior when not using the Makefile to build.
  • Updated Buildah to v1.41.0
  • Updated the containers/common library to v0.64.0
  • Updated the containers/storage library to v1.59.0
  • Updated the containers/image library to v5.36.0
Podman V5.5.2 Release NotePodman V5.6.0 Rc2 Release Note