17 files changed, 89 insertions, 53 deletions

diff --git a/cmd/podman/commit.go b/cmd/podman/commit.go
index b09c6b0d9..02ede4f73 100644
--- a/cmd/podman/commit.go
+++ b/cmd/podman/commit.go
@@ -95,7 +95,7 @@ func commitCmd(c *cli.Context) error {
 		for _, change := range c.StringSlice("change") {
 			splitChange := strings.Split(strings.ToUpper(change), "=")
 			if !util.StringInSlice(splitChange[0], libpod.ChangeCmds) {
-				return errors.Errorf("invalid syntax for --change ", change)
+				return errors.Errorf("invalid syntax for --change: %s", change)
 			}
 		}
 	}
diff --git a/cmd/podman/images.go b/cmd/podman/images.go
index c52b26260..3351123ed 100644
--- a/cmd/podman/images.go
+++ b/cmd/podman/images.go
@@ -376,13 +376,13 @@ func CreateFilterFuncs(ctx context.Context, r *libpod.Runtime, c *cli.Context, i
 		case "before":
 			before, err := r.ImageRuntime().NewFromLocal(splitFilter[1])
 			if err != nil {
-				return nil, errors.Wrapf(err, "unable to find image % in local stores", splitFilter[1])
+				return nil, errors.Wrapf(err, "unable to find image %s in local stores", splitFilter[1])
 			}
 			filterFuncs = append(filterFuncs, image.CreatedBeforeFilter(before.Created()))
 		case "after":
 			after, err := r.ImageRuntime().NewFromLocal(splitFilter[1])
 			if err != nil {
-				return nil, errors.Wrapf(err, "unable to find image % in local stores", splitFilter[1])
+				return nil, errors.Wrapf(err, "unable to find image %s in local stores", splitFilter[1])
 			}
 			filterFuncs = append(filterFuncs, image.CreatedAfterFilter(after.Created()))
 		case "dangling":
diff --git a/cmd/podman/import.go b/cmd/podman/import.go
index be516e4fa..144354fa6 100644
--- a/cmd/podman/import.go
+++ b/cmd/podman/import.go
@@ -139,7 +139,7 @@ func downloadFromURL(source string) (string, error) {
 
 	_, err = io.Copy(outFile, response.Body)
 	if err != nil {
-		return "", errors.Wrapf(err, "error saving %q to %q", source, outFile)
+		return "", errors.Wrapf(err, "error saving %s to %s", source, outFile.Name())
 	}
 
 	return outFile.Name(), nil
diff --git a/cmd/podman/inspect.go b/cmd/podman/inspect.go
index bd9e8c13c..6ffcde55f 100644
--- a/cmd/podman/inspect.go
+++ b/cmd/podman/inspect.go
@@ -119,7 +119,7 @@ func iterateInput(ctx context.Context, c *cli.Context, args []string, runtime *l
 			}
 			libpodInspectData, err := ctr.Inspect(c.Bool("size"))
 			if err != nil {
-				inspectError = errors.Wrapf(err, "error getting libpod container inspect data %q", ctr.ID)
+				inspectError = errors.Wrapf(err, "error getting libpod container inspect data %s", ctr.ID())
 				break
 			}
 			data, err = shared.GetCtrInspectInfo(ctr, libpodInspectData)
@@ -154,12 +154,12 @@ func iterateInput(ctx context.Context, c *cli.Context, args []string, runtime *l
 			} else {
 				libpodInspectData, err := ctr.Inspect(c.Bool("size"))
 				if err != nil {
-					inspectError = errors.Wrapf(err, "error getting libpod container inspect data %q", ctr.ID)
+					inspectError = errors.Wrapf(err, "error getting libpod container inspect data %s", ctr.ID())
 					break
 				}
 				data, err = shared.GetCtrInspectInfo(ctr, libpodInspectData)
 				if err != nil {
-					inspectError = errors.Wrapf(err, "error parsing container data %q", ctr.ID)
+					inspectError = errors.Wrapf(err, "error parsing container data %s", ctr.ID())
 					break
 				}
 			}
diff --git a/contrib/python/podman/podman/libs/containers.py b/contrib/python/podman/podman/libs/containers.py
index 21a94557a..7adecea8f 100644
--- a/contrib/python/podman/podman/libs/containers.py
+++ b/contrib/python/podman/podman/libs/containers.py
@@ -108,19 +108,16 @@ class Container(AttachMixin, StartMixin, collections.UserDict):
             results = podman.ExportContainer(self._id, target)
         return results['tarfile']
 
-    def commit(self,
-               image_name,
-               *args,
-               changes=[],
-               message='',
-               pause=True,
-               **kwargs):  # pylint: disable=unused-argument
+    def commit(self, image_name, **kwargs):
         """Create image from container.
 
-        All changes overwrite existing values.
-          See inspect() to obtain current settings.
+        Keyword arguments:
+            author -- change image's author
+            message -- change image's message, docker format only.
+            pause -- pause container during commit
+            change -- Additional properties to change
 
-        Changes:
+        Change examples:
             CMD=/usr/bin/zsh
             ENTRYPOINT=/bin/sh date
             ENV=TEST=test_containers.TestContainers.test_commit
@@ -129,21 +126,23 @@ class Container(AttachMixin, StartMixin, collections.UserDict):
             USER=bozo:circus
             VOLUME=/data
             WORKDIR=/data/application
+
+        All changes overwrite existing values.
+          See inspect() to obtain current settings.
         """
-        # TODO: Clean up *args, **kwargs after Commit() is complete
-        try:
-            author = kwargs.get('author', getpass.getuser())
-        except Exception:  # pylint: disable=broad-except
-            author = ''
+        author = kwargs.get('author', None) or getpass.getuser()
+        change = kwargs.get('change', None) or []
+        message = kwargs.get('message', None) or ''
+        pause = kwargs.get('pause', None) or True
 
-        for c in changes:
+        for c in change:
             if c.startswith('LABEL=') and c.count('=') < 2:
                 raise ValueError(
                     'LABEL should have the format: LABEL=label=value, not {}'.
                     format(c))
 
         with self._client() as podman:
-            results = podman.Commit(self._id, image_name, changes, author,
+            results = podman.Commit(self._id, image_name, change, author,
                                     message, pause)
         return results['image']
 
@@ -194,7 +193,7 @@ class Container(AttachMixin, StartMixin, collections.UserDict):
             podman.UnpauseContainer(self._id)
             return self._refresh(podman)
 
-    def update_container(self, *args, **kwargs):          \
+    def update_container(self, *args, **kwargs):  \
             # pylint: disable=unused-argument
         """TODO: Update container..., return id on success."""
         with self._client() as podman:
diff --git a/contrib/python/podman/podman/libs/images.py b/contrib/python/podman/podman/libs/images.py
index 9453fb416..6dfc4a656 100644
--- a/contrib/python/podman/podman/libs/images.py
+++ b/contrib/python/podman/podman/libs/images.py
@@ -27,9 +27,10 @@ class Image(collections.UserDict):
 
     @staticmethod
     def _split_token(values=None, sep='='):
+        if not values:
+            return {}
         return {
-            k: v1
-            for k, v1 in (v0.split(sep, 1) for v0 in values if values)
+            k: v1 for k, v1 in (v0.split(sep, 1) for v0 in values)
         }
 
     def create(self, *args, **kwargs):
diff --git a/contrib/python/podman/test/test_containers.py b/contrib/python/podman/test/test_containers.py
index 3de1e54bc..a7a6ac304 100644
--- a/contrib/python/podman/test/test_containers.py
+++ b/contrib/python/podman/test/test_containers.py
@@ -152,7 +152,7 @@ class TestContainers(PodmanTestCase):
         changes.append('WORKDIR=/data/application')
 
         id = self.alpine_ctnr.commit(
-            'alpine3', author='Bozo the clown', changes=changes, pause=True)
+            'alpine3', author='Bozo the clown', change=changes, pause=True)
         img = self.pclient.images.get(id)
         self.assertIsNotNone(img)
 
diff --git a/contrib/python/pypodman/pypodman/lib/actions/commit_action.py b/contrib/python/pypodman/pypodman/lib/actions/commit_action.py
index 21665ad0b..21924e938 100644
--- a/contrib/python/pypodman/pypodman/lib/actions/commit_action.py
+++ b/contrib/python/pypodman/pypodman/lib/actions/commit_action.py
@@ -30,7 +30,8 @@ class Commit(AbstractActionBase):
             choices=('oci', 'docker'),
             default='oci',
             type=str.lower,
-            help='Set the format of the image manifest and metadata',
+            help='Set the format of the image manifest and metadata.'
+            ' (Ignored.)',
         )
         parser.add_argument(
             '--iidfile',
@@ -40,7 +41,8 @@ class Commit(AbstractActionBase):
         parser.add_argument(
             '--message',
             '-m',
-            help='Set commit message for committed image',
+            help='Set commit message for committed image'
+            ' (Only on docker images.)',
         )
         parser.add_argument(
             '--pause',
@@ -80,8 +82,16 @@ class Commit(AbstractActionBase):
                     flush=True)
                 return 1
             else:
-                ident = ctnr.commit(self.opts['image'][0], **self.opts)
-                print(ident)
+                ident = ctnr.commit(
+                    self.opts['image'][0],
+                    change=self.opts.get('change', None),
+                    message=self.opts.get('message', None),
+                    pause=self.opts['pause'],
+                    author=self.opts.get('author', None),
+                )
+
+                if not self.opts['quiet']:
+                    print(ident)
         except podman.ErrorOccurred as e:
             sys.stdout.flush()
             print(
diff --git a/libpod/container.go b/libpod/container.go
index a8a58f4d8..b6155a809 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -829,7 +829,7 @@ func (c *Container) IPs() ([]net.IPNet, error) {
 	}
 
 	if !c.config.CreateNetNS {
-		return nil, errors.Wrapf(ErrInvalidArg, "container %s network namespace is not managed by libpod")
+		return nil, errors.Wrapf(ErrInvalidArg, "container %s network namespace is not managed by libpod", c.ID())
 	}
 
 	ips := make([]net.IPNet, 0)
@@ -857,7 +857,7 @@ func (c *Container) Routes() ([]types.Route, error) {
 	}
 
 	if !c.config.CreateNetNS {
-		return nil, errors.Wrapf(ErrInvalidArg, "container %s network namespace is not managed by libpod")
+		return nil, errors.Wrapf(ErrInvalidArg, "container %s network namespace is not managed by libpod", c.ID())
 	}
 
 	routes := make([]types.Route, 0)
diff --git a/libpod/container_api.go b/libpod/container_api.go
index 4789c0cd2..bc92cae69 100644
--- a/libpod/container_api.go
+++ b/libpod/container_api.go
@@ -39,7 +39,7 @@ func (c *Container) Init(ctx context.Context) (err error) {
 
 	notRunning, err := c.checkDependenciesRunning()
 	if err != nil {
-		return errors.Wrapf(err, "error checking dependencies for container %s")
+		return errors.Wrapf(err, "error checking dependencies for container %s", c.ID())
 	}
 	if len(notRunning) > 0 {
 		depString := strings.Join(notRunning, ",")
@@ -93,7 +93,7 @@ func (c *Container) Start(ctx context.Context) (err error) {
 
 	notRunning, err := c.checkDependenciesRunning()
 	if err != nil {
-		return errors.Wrapf(err, "error checking dependencies for container %s")
+		return errors.Wrapf(err, "error checking dependencies for container %s", c.ID())
 	}
 	if len(notRunning) > 0 {
 		depString := strings.Join(notRunning, ",")
@@ -159,7 +159,7 @@ func (c *Container) StartAndAttach(ctx context.Context, streams *AttachStreams,
 
 	notRunning, err := c.checkDependenciesRunning()
 	if err != nil {
-		return nil, errors.Wrapf(err, "error checking dependencies for container %s")
+		return nil, errors.Wrapf(err, "error checking dependencies for container %s", c.ID())
 	}
 	if len(notRunning) > 0 {
 		depString := strings.Join(notRunning, ",")
@@ -718,7 +718,7 @@ func (c *Container) RestartWithTimeout(ctx context.Context, timeout uint) (err e
 
 	notRunning, err := c.checkDependenciesRunning()
 	if err != nil {
-		return errors.Wrapf(err, "error checking dependencies for container %s")
+		return errors.Wrapf(err, "error checking dependencies for container %s", c.ID())
 	}
 	if len(notRunning) > 0 {
 		depString := strings.Join(notRunning, ",")
@@ -803,7 +803,7 @@ func (c *Container) Refresh(ctx context.Context) error {
 		return err
 	}
 
-	logrus.Debugf("Successfully refresh container %s state")
+	logrus.Debugf("Successfully refresh container %s state", c.ID())
 
 	// Initialize the container if it was created in runc
 	if wasCreated || wasRunning || wasPaused {
@@ -847,7 +847,7 @@ type ContainerCheckpointOptions struct {
 
 // Checkpoint checkpoints a container
 func (c *Container) Checkpoint(ctx context.Context, options ContainerCheckpointOptions) error {
-	logrus.Debugf("Trying to checkpoint container %s", c)
+	logrus.Debugf("Trying to checkpoint container %s", c.ID())
 	if !c.batched {
 		c.lock.Lock()
 		defer c.lock.Unlock()
@@ -862,7 +862,7 @@ func (c *Container) Checkpoint(ctx context.Context, options ContainerCheckpointO
 
 // Restore restores a container
 func (c *Container) Restore(ctx context.Context, options ContainerCheckpointOptions) (err error) {
-	logrus.Debugf("Trying to restore container %s", c)
+	logrus.Debugf("Trying to restore container %s", c.ID())
 	if !c.batched {
 		c.lock.Lock()
 		defer c.lock.Unlock()
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 700773e7f..b616e0a07 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -1191,7 +1191,7 @@ func (c *Container) setupOCIHooks(ctx context.Context, config *spec.Spec) (exten
 			if c.runtime.config.HooksDirNotExistFatal || !os.IsNotExist(err) {
 				return nil, err
 			}
-			logrus.Warnf("failed to load hooks: {}", err)
+			logrus.Warnf("failed to load hooks: %q", err)
 			return nil, nil
 		}
 		hooks, err := manager.Hooks(config, c.Spec().Annotations, len(c.config.UserVolumes) > 0)
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 99f8652df..8861d7728 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -729,9 +729,10 @@ func (c *Container) generateResolvConf() (string, error) {
 		return "", errors.Wrapf(err, "unable to read %s", resolvPath)
 	}
 
-	// Process the file to remove localhost nameservers
+	// Ensure that the container's /etc/resolv.conf is compatible with its
+	// network configuration.
 	// TODO: set ipv6 enable bool more sanely
-	resolv, err := resolvconf.FilterResolvDNS(contents, true)
+	resolv, err := resolvconf.FilterResolvDNS(contents, true, c.config.CreateNetNS)
 	if err != nil {
 		return "", errors.Wrapf(err, "error parsing host resolv.conf")
 	}
@@ -764,7 +765,7 @@ func (c *Container) generateResolvConf() (string, error) {
 
 	// Build resolv.conf
 	if _, err = resolvconf.Build(destPath, nameservers, search, options); err != nil {
-		return "", errors.Wrapf(err, "error building resolv.conf for container %s")
+		return "", errors.Wrapf(err, "error building resolv.conf for container %s", c.ID())
 	}
 
 	// Relabel resolv.conf for the container
diff --git a/libpod/kube.go b/libpod/kube.go
index 00db0033b..1a5f80878 100644
--- a/libpod/kube.go
+++ b/libpod/kube.go
@@ -240,7 +240,7 @@ func generateKubeSecurityContext(c *Container) (*v1.SecurityContext, error) {
 
 	if c.User() != "" {
 		// It is *possible* that
-		logrus.Debug("Looking in container for user: %s", c.User())
+		logrus.Debugf("Looking in container for user: %s", c.User())
 		u, err := lookup.GetUser(c.state.Mountpoint, c.User())
 		if err != nil {
 			return nil, err
diff --git a/libpod/oci.go b/libpod/oci.go
index a8013aa47..6ca3ef2e6 100644
--- a/libpod/oci.go
+++ b/libpod/oci.go
@@ -591,6 +591,9 @@ func (r *OCIRuntime) startContainer(ctr *Container) error {
 		return err
 	}
 	env := []string{fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir)}
+	if notify, ok := os.LookupEnv("NOTIFY_SOCKET"); ok {
+		env = append(env, fmt.Sprintf("NOTIFY_SOCKET=%s", notify))
+	}
 	if err := utils.ExecCmdWithStdStreams(os.Stdin, os.Stdout, os.Stderr, env, r.path, "start", ctr.ID()); err != nil {
 		return err
 	}
diff --git a/libpod/pod_internal.go b/libpod/pod_internal.go
index 46162c7ef..39a25c004 100644
--- a/libpod/pod_internal.go
+++ b/libpod/pod_internal.go
@@ -48,7 +48,7 @@ func (p *Pod) updatePod() error {
 // Save pod state to database
 func (p *Pod) save() error {
 	if err := p.runtime.state.SavePod(p); err != nil {
-		return errors.Wrapf(err, "error saving pod %s state")
+		return errors.Wrapf(err, "error saving pod %s state", p.ID())
 	}
 
 	return nil
diff --git a/pkg/resolvconf/resolvconf.go b/pkg/resolvconf/resolvconf.go
index fccd60093..e85bcb377 100644
--- a/pkg/resolvconf/resolvconf.go
+++ b/pkg/resolvconf/resolvconf.go
@@ -103,13 +103,21 @@ func GetLastModified() *File {
 }
 
 // FilterResolvDNS cleans up the config in resolvConf.  It has two main jobs:
-// 1. It looks for localhost (127.*|::1) entries in the provided
+// 1. If a netns is enabled, it looks for localhost (127.*|::1) entries in the provided
 //    resolv.conf, removing local nameserver entries, and, if the resulting
 //    cleaned config has no defined nameservers left, adds default DNS entries
 // 2. Given the caller provides the enable/disable state of IPv6, the filter
 //    code will remove all IPv6 nameservers if it is not enabled for containers
 //
-func FilterResolvDNS(resolvConf []byte, ipv6Enabled bool) (*File, error) {
+func FilterResolvDNS(resolvConf []byte, ipv6Enabled bool, netnsEnabled bool) (*File, error) {
+	// If we're using the host netns, we have nothing to do besides hash the file.
+	if !netnsEnabled {
+		hash, err := ioutils.HashData(bytes.NewReader(resolvConf))
+		if err != nil {
+			return nil, err
+		}
+		return &File{Content: resolvConf, Hash: hash}, nil
+	}
 	cleanedResolvConf := localhostNSRegexp.ReplaceAll(resolvConf, []byte{})
 	// if IPv6 is not enabled, also clean out any IPv6 address nameserver
 	if !ipv6Enabled {
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index 4ed1fbed7..38504828b 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -3,6 +3,7 @@ package integration
 import (
 	"fmt"
 	"io/ioutil"
+	"net"
 	"os"
 	"path/filepath"
 	"strings"
@@ -287,14 +288,27 @@ var _ = Describe("Podman run", func() {
 	})
 
 	It("podman run notify_socket", func() {
-		sock := "/run/notify"
+		host := GetHostDistributionInfo()
+		if host.Distribution != "rhel" && host.Distribution != "centos" && host.Distribution != "fedora" {
+			Skip("this test requires a working runc")
+		}
+		sock := filepath.Join(podmanTest.TempDir, "notify")
+		addr := net.UnixAddr{
+			Name: sock,
+			Net:  "unixgram",
+		}
+		socket, err := net.ListenUnixgram("unixgram", &addr)
+		Expect(err).To(BeNil())
+		defer os.Remove(sock)
+		defer socket.Close()
+
 		os.Setenv("NOTIFY_SOCKET", sock)
+		defer os.Unsetenv("NOTIFY_SOCKET")
+
 		session := podmanTest.Podman([]string{"run", "--rm", ALPINE, "printenv", "NOTIFY_SOCKET"})
 		session.WaitWithDefaultTimeout()
 		Expect(session.ExitCode()).To(Equal(0))
-		match, _ := session.GrepString(sock)
-		Expect(match).Should(BeTrue())
-		os.Unsetenv("NOTIFY_SOCKET")
+		Expect(len(session.OutputToStringArray())).To(BeNumerically(">", 0))
 	})
 
 	It("podman run log-opt", func() {