9 files changed, 30 insertions, 31 deletions
diff --git a/cmd/podman/common.go b/cmd/podman/common.go
index 69365201e..dc7590590 100644
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@@ -308,7 +308,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
 	)
 	createFlags.String(
 		"image-volume", cliconfig.DefaultImageVolume,
-		"Tells podman how to handle the builtin image volumes. The options are: 'bind', 'tmpfs', or 'ignore'",
+		`Tells podman how to handle the builtin image volumes ("bind"|"tmpfs"|"ignore")`,
 	)
 	createFlags.Bool(
 		"init", false,
@@ -431,7 +431,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
 	)
 	createFlags.String(
 		"pull", "missing",
-		`Pull image before creating ("always"|"missing"|"never") (default "missing")`,
+		`Pull image before creating ("always"|"missing"|"never")`,
 	)
 	createFlags.BoolP(
 		"quiet", "q", false,
@@ -447,7 +447,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
 	)
 	createFlags.String(
 		"restart", "",
-		"Restart policy to apply when a container exits",
+		`Restart policy to apply when a container exits ("always"|"no"|"on-failure")`,
 	)
 	createFlags.Bool(
 		"rm", false,
@@ -492,7 +492,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
 	)
 	createFlags.String(
 		"systemd", "true",
-		`Run container in systemd mode ("true"|"false"|"always" (default "true")`,
+		`Run container in systemd mode ("true"|"false"|"always")`,
 	)
 	createFlags.StringArray(
 		"tmpfs", []string{},
diff --git a/cmd/podman/main_local.go b/cmd/podman/main_local.go
index bc46e4652..e5b87754b 100644
--- a/cmd/podman/main_local.go
+++ b/cmd/podman/main_local.go
@@ -33,7 +33,7 @@ const remote = false
 
 func init() {
 	cgroupManager := define.SystemdCgroupsManager
-	cgroupHelp := "Cgroup manager to use (cgroupfs or systemd)"
+	cgroupHelp := `Cgroup manager to use ("cgroupfs"|"systemd")`
 	cgroupv2, _ := cgroups.IsCgroup2UnifiedMode()
 	if rootless.IsRootless() && !cgroupv2 {
 		cgroupManager = ""
@@ -50,12 +50,12 @@ func init() {
 	if err := rootCmd.PersistentFlags().MarkHidden("default-mounts-file"); err != nil {
 		logrus.Error("unable to mark default-mounts-file flag as hidden")
 	}
-	rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.EventsBackend, "events-backend", "", "Events backend to use")
+	rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.EventsBackend, "events-backend", "", `Events backend to use ("file"|"journald"|"none")`)
 	// Override default --help information of `--help` global flag
 	var dummyHelp bool
 	rootCmd.PersistentFlags().BoolVar(&dummyHelp, "help", false, "Help for podman")
 	rootCmd.PersistentFlags().StringSliceVar(&MainGlobalOpts.HooksDir, "hooks-dir", []string{}, "Set the OCI hooks directory path (may be set multiple times)")
-	rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.LogLevel, "log-level", "error", "Log messages above specified level: debug, info, warn, error, fatal or panic")
+	rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.LogLevel, "log-level", "error", `Log messages above specified level ("debug"|"info"|"warn"|"error"|"fatal"|"panic")`)
 	rootCmd.PersistentFlags().IntVar(&MainGlobalOpts.MaxWorks, "max-workers", 0, "The maximum number of workers for parallel operations")
 	if err := rootCmd.PersistentFlags().MarkHidden("max-workers"); err != nil {
 		logrus.Error("unable to mark max-workers flag as hidden")
diff --git a/completions/zsh/_podman b/completions/zsh/_podman
index 06aa92748..067eebbbb 100644
--- a/completions/zsh/_podman
+++ b/completions/zsh/_podman
@@ -111,20 +111,13 @@ _podman_find_helper() {
     elif expr "$desc" : ".*[Pp]ath" >/dev/null; then
         optval="path"
         helper=_files
-    elif [ "$flags" = "--cgroup-manager" ]; then
-        optval="cgroup manager"
-        helper="(cgroupfs systemd)"
-    elif [ "$flags" = "--log-level" ]; then
-        optval="log level"
-        # 'Log messages above specified level: debug, ... (default "...")'
-        # Strip off the description and all 'default' strings
-        desc=${desc/Log*:/}           # debug, info, ... (default "...")
-        desc=${(S)desc//\(*\)/}       # debug, info, ... or panic
-        desc=${desc//,/}              # debug info ... or panic
-        desc=${desc// or / }          # debug info ... panic
-        desc=${desc//  / }            # collapse multiple spaces
+    # For messages like 'restart policy ("always"|"no"|"on-failure")
+    elif optlist=$(expr "$desc" : '.*(\(\"[^\\)]\+|[^\\)]\+\"\))' 2>/dev/null); then
+        optval=${${flags##--}//-/ }       # "--log-level" => "log level"
+        optlist=${optlist//\"/}           # "a"|"b"|"c"   => a|b|c
+        optlist=${optlist//\|/ }          # a|b|c         => a b c
         # FIXME: how to present values _in order_, not sorted alphabetically?
-        helper="($desc)"
+        helper="($optlist)"
     fi
     echo "$optval:$helper"
 }
diff --git a/contrib/podmanimage/stable/Dockerfile b/contrib/podmanimage/stable/Dockerfile
index 6b4eb2220..c0c07d9d2 100644
--- a/contrib/podmanimage/stable/Dockerfile
+++ b/contrib/podmanimage/stable/Dockerfile
@@ -9,9 +9,9 @@
 FROM fedora:latest
 
 # Don't include container-selinux and remove
-# directories used by dnf that are just taking
+# directories used by yum that are just taking
 # up space.
-RUN yum -y install podman fuse-overlayfs --exclude container-selinux; rm -rf /var/cache /var/log/dnf* /var/log/yum.*
+RUN useradd build; yum -y update; yum -y reinstall shadow-utils; yum -y install podman fuse-overlayfs --exclude container-selinux; rm -rf /var/cache /var/log/dnf* /var/log/yum.*
 
 # Adjust storage.conf to enable Fuse storage.
 RUN sed -i -e 's|^#mount_program|mount_program|g' -e '/additionalimage.*/a "/var/lib/shared",' /etc/containers/storage.conf
diff --git a/contrib/podmanimage/testing/Dockerfile b/contrib/podmanimage/testing/Dockerfile
index 4dffc8911..a8e7653f6 100644
--- a/contrib/podmanimage/testing/Dockerfile
+++ b/contrib/podmanimage/testing/Dockerfile
@@ -11,9 +11,9 @@
 FROM fedora:latest
 
 # Don't include container-selinux and remove
-# directories used by dnf that are just taking
+# directories used by yum that are just taking
 # up space.
-RUN yum -y install podman fuse-overlayfs --exclude container-selinux --enablerepo updates-testing; rm -rf /var/cache /var/log/dnf* /var/log/yum.*
+RUN useradd build; yum -y update; yum -y reinstall shadow-utils; yum -y install podman fuse-overlayfs --exclude container-selinux --enablerepo updates-testing; rm -rf /var/cache /var/log/dnf* /var/log/yum.*
 
 # Adjust storage.conf to enable Fuse storage.
 RUN sed -i -e 's|^#mount_program|mount_program|g' -e '/additionalimage.*/a "/var/lib/shared",' /etc/containers/storage.conf
diff --git a/contrib/podmanimage/upstream/Dockerfile b/contrib/podmanimage/upstream/Dockerfile
index 58e54b5b5..7c9434fa6 100644
--- a/contrib/podmanimage/upstream/Dockerfile
+++ b/contrib/podmanimage/upstream/Dockerfile
@@ -17,7 +17,7 @@ ENV GOPATH=/root/podman
 # to the container.
 # Finally remove the podman directory and a few other packages
 # that are needed for building but not running Podman
-RUN dnf -y install --exclude container-selinux \
+RUN useradd build; yum -y update; yum -y reinstall shadow-utils; yum -y install --exclude container-selinux \
      --enablerepo=updates-testing \
      atomic-registries \
      btrfs-progs-devel \
@@ -63,8 +63,8 @@ RUN dnf -y install --exclude container-selinux \
      # Adjust libpod.conf to write logging to a file
      sed -i 's/# events_logger = "journald"/events_logger = "file"/g' /usr/share/containers/libpod.conf; \
      rm -rf /root/podman/*; \
-     dnf -y remove git golang go-md2man make; \
-     dnf clean all;
+     yum -y remove git golang go-md2man make; \
+     yum clean all;
 
 # Adjust storage.conf to enable Fuse storage.
 RUN sed -i -e 's|^#mount_program|mount_program|g' -e '/additionalimage.*/a "/var/lib/shared",' /etc/containers/storage.conf
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index 06b3fe957..89dac2b5d 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -344,6 +344,7 @@ func (r *Runtime) setupRootlessPortMapping(ctr *Container, netnsPath string) (er
 		NetNSPath: netnsPath,
 		ExitFD:    3,
 		ReadyFD:   4,
+		TmpDir:    ctr.runtime.config.TmpDir,
 	}
 	cfgJSON, err := json.Marshal(cfg)
 	if err != nil {
diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go
index 0312f0ba2..b09dc3a4f 100644
--- a/libpod/oci_conmon_linux.go
+++ b/libpod/oci_conmon_linux.go
@@ -546,6 +546,10 @@ func (r *ConmonOCIRuntime) ExecContainer(c *Container, sessionID string, options
 		args = append(args, "-t")
 	}
 
+	if options.Streams.AttachInput {
+		args = append(args, "-i")
+	}
+
 	// Append container ID and command
 	args = append(args, "-e")
 	// TODO make this optional when we can detach
@@ -558,9 +562,8 @@ func (r *ConmonOCIRuntime) ExecContainer(c *Container, sessionID string, options
 	execCmd := exec.Command(r.conmonPath, args...)
 
 	if options.Streams != nil {
-		if options.Streams.AttachInput {
-			execCmd.Stdin = options.Streams.InputStream
-		}
+		// Don't add the InputStream to the execCmd. Instead, the data should be passed
+		// through CopyDetachable
 		if options.Streams.AttachOutput {
 			execCmd.Stdout = options.Streams.OutputStream
 		}
diff --git a/pkg/rootlessport/rootlessport_linux.go b/pkg/rootlessport/rootlessport_linux.go
index 655d1a448..3e678d33a 100644
--- a/pkg/rootlessport/rootlessport_linux.go
+++ b/pkg/rootlessport/rootlessport_linux.go
@@ -46,6 +46,7 @@ type Config struct {
 	NetNSPath string
 	ExitFD    int
 	ReadyFD   int
+	TmpDir    string
 }
 
 func init() {
@@ -101,10 +102,11 @@ func parent() error {
 	}
 
 	// create the parent driver
-	stateDir, err := ioutil.TempDir("", "rootlessport")
+	stateDir, err := ioutil.TempDir(cfg.TmpDir, "rootlessport")
 	if err != nil {
 		return err
 	}
+	defer os.RemoveAll(stateDir)
 	driver, err := rkbuiltin.NewParentDriver(&logrusWriter{prefix: "parent: "}, stateDir)
 	if err != nil {
 		return err