10 files changed, 108 insertions, 68 deletions

diff --git a/go.mod b/go.mod
index df0783c74..b69ba2917 100644
--- a/go.mod
+++ b/go.mod
@@ -53,7 +53,7 @@ require (
 	github.com/opencontainers/selinux v1.8.3
 	github.com/pkg/errors v0.9.1
 	github.com/pmezard/go-difflib v1.0.0
-	github.com/rootless-containers/rootlesskit v0.14.3
+	github.com/rootless-containers/rootlesskit v0.14.4
 	github.com/sirupsen/logrus v1.8.1
 	github.com/spf13/cobra v1.2.1
 	github.com/spf13/pflag v1.0.5
diff --git a/go.sum b/go.sum
index d2564404b..2ef22bdbc 100644
--- a/go.sum
+++ b/go.sum
@@ -812,8 +812,8 @@ github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJ
 github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
 github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
-github.com/rootless-containers/rootlesskit v0.14.3 h1:mS6lkZgT1McqUoZ9wjUIbYq7bWfd9aZGUgZgg8B55Sk=
-github.com/rootless-containers/rootlesskit v0.14.3/go.mod h1:Ai3detLzryb/4EkzXmNfh8aByUcBXp/qqkQusJs1SO8=
+github.com/rootless-containers/rootlesskit v0.14.4 h1:pqx9a+OC/6jjV7sIUKy3D1p6NLEC6WIMiJWAGsGMCUM=
+github.com/rootless-containers/rootlesskit v0.14.4/go.mod h1:Ai3detLzryb/4EkzXmNfh8aByUcBXp/qqkQusJs1SO8=
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
diff --git a/libpod/util.go b/libpod/util.go
index 7f4a01f28..3b32fb264 100644
--- a/libpod/util.go
+++ b/libpod/util.go
@@ -153,33 +153,22 @@ func queryPackageVersion(cmdArg ...string) string {
 	return strings.Trim(output, "\n")
 }
 
-func equeryVersion(path string) string {
-	return queryPackageVersion("/usr/bin/equery", "b", path)
-}
-
-func pacmanVersion(path string) string {
-	return queryPackageVersion("/usr/bin/pacman", "-Qo", path)
-}
-
-func dpkgVersion(path string) string {
-	return queryPackageVersion("/usr/bin/dpkg", "-S", path)
-}
-
-func rpmVersion(path string) string {
-	return queryPackageVersion("/usr/bin/rpm", "-q", "-f", path)
-}
-
-func packageVersion(program string) string {
-	if out := rpmVersion(program); out != unknownPackage {
-		return out
-	}
-	if out := dpkgVersion(program); out != unknownPackage {
-		return out
+func packageVersion(program string) string { // program is full path
+	packagers := [][]string{
+		{"/usr/bin/rpm", "-q", "-f"},
+		{"/usr/bin/dpkg", "-S"},    // Debian, Ubuntu
+		{"/usr/bin/pacman", "-Qo"}, // Arch
+		{"/usr/bin/qfile", "-qv"},  // Gentoo (quick)
+		{"/usr/bin/equery", "b"},   // Gentoo (slow)
 	}
-	if out := pacmanVersion(program); out != unknownPackage {
-		return out
+
+	for _, cmd := range packagers {
+		cmd = append(cmd, program)
+		if out := queryPackageVersion(cmd...); out != unknownPackage {
+			return out
+		}
 	}
-	return equeryVersion(program)
+	return unknownPackage
 }
 
 func programVersion(mountProgram string) (string, error) {
diff --git a/pkg/api/handlers/compat/containers.go b/pkg/api/handlers/compat/containers.go
index 2a0a0b725..95c09ff0e 100644
--- a/pkg/api/handlers/compat/containers.go
+++ b/pkg/api/handlers/compat/containers.go
@@ -403,22 +403,24 @@ func LibpodToContainerJSON(l *libpod.Container, sz bool) (*types.ContainerJSON,
 		state.Status = define.ContainerStateCreated.String()
 	}
 
-	state.Health = &types.Health{
-		Status:        inspect.State.Healthcheck.Status,
-		FailingStreak: inspect.State.Healthcheck.FailingStreak,
-	}
-
-	log := inspect.State.Healthcheck.Log
+	if l.HasHealthCheck() && state.Status != "created" {
+		state.Health = &types.Health{
+			Status:        inspect.State.Healthcheck.Status,
+			FailingStreak: inspect.State.Healthcheck.FailingStreak,
+		}
 
-	for _, item := range log {
-		res := &types.HealthcheckResult{}
-		s, _ := time.Parse(time.RFC3339Nano, item.Start)
-		e, _ := time.Parse(time.RFC3339Nano, item.End)
-		res.Start = s
-		res.End = e
-		res.ExitCode = item.ExitCode
-		res.Output = item.Output
-		state.Health.Log = append(state.Health.Log, res)
+		log := inspect.State.Healthcheck.Log
+
+		for _, item := range log {
+			res := &types.HealthcheckResult{}
+			s, _ := time.Parse(time.RFC3339Nano, item.Start)
+			e, _ := time.Parse(time.RFC3339Nano, item.End)
+			res.Start = s
+			res.End = e
+			res.ExitCode = item.ExitCode
+			res.Output = item.Output
+			state.Health.Log = append(state.Health.Log, res)
+		}
 	}
 
 	formatCapabilities(inspect.HostConfig.CapDrop)
@@ -495,6 +497,17 @@ func LibpodToContainerJSON(l *libpod.Container, sz bool) (*types.ContainerJSON,
 		exposedPorts[exposedPort] = struct{}{}
 	}
 
+	var healthcheck *container.HealthConfig
+	if inspect.Config.Healthcheck != nil {
+		healthcheck = &container.HealthConfig{
+			Test:        inspect.Config.Healthcheck.Test,
+			Interval:    inspect.Config.Healthcheck.Interval,
+			Timeout:     inspect.Config.Healthcheck.Timeout,
+			StartPeriod: inspect.Config.Healthcheck.StartPeriod,
+			Retries:     inspect.Config.Healthcheck.Retries,
+		}
+	}
+
 	config := container.Config{
 		Hostname:        l.Hostname(),
 		Domainname:      inspect.Config.DomainName,
@@ -508,7 +521,7 @@ func LibpodToContainerJSON(l *libpod.Container, sz bool) (*types.ContainerJSON,
 		StdinOnce:       inspect.Config.StdinOnce,
 		Env:             inspect.Config.Env,
 		Cmd:             l.Command(),
-		Healthcheck:     nil,
+		Healthcheck:     healthcheck,
 		ArgsEscaped:     false,
 		Image:           imageName,
 		Volumes:         nil,
diff --git a/test/apiv2/python/rest_api/test_v2_0_0_container.py b/test/apiv2/python/rest_api/test_v2_0_0_container.py
index 30d902d8c..dbad6824f 100644
--- a/test/apiv2/python/rest_api/test_v2_0_0_container.py
+++ b/test/apiv2/python/rest_api/test_v2_0_0_container.py
@@ -36,26 +36,48 @@ class ContainerTestCase(APITestCase):
 
         r = requests.post(
             self.podman_url + "/v1.40/containers/create?name=topcontainer",
-            json={"Healthcheck": {"Test": ["CMD-SHELL", "exit 0"], "Interval":1000, "Timeout":1000, "Retries": 5}, "Cmd": ["top"], "Image": "alpine:latest"},
+            json={"Cmd": ["top"],
+                  "Image": "alpine:latest",
+                  "Healthcheck": {
+                      "Test": ["CMD", "pidof", "top"],
+                      "Interval": 5000000000,
+                      "Timeout": 2000000000,
+                      "Retries": 3,
+                      "StartPeriod": 5000000000
+                  }
+            },
         )
         self.assertEqual(r.status_code, 201, r.text)
         payload = r.json()
         container_id = payload["Id"]
         self.assertIsNotNone(container_id)
 
-        r = requests.get(self.podman_url + f"/v1.40/containers/{payload['Id']}/json")
+        r = requests.get(self.podman_url + f"/v1.40/containers/{container_id}/json")
         self.assertEqual(r.status_code, 200, r.text)
         self.assertId(r.content)
         out = r.json()
-        state = out["State"]["Health"]
-        self.assertIsInstance(state, dict)
-
-        r = requests.get(self.uri(f"/containers/{payload['Id']}/json"))
+        self.assertIsNone(out["State"].get("Health"))
+        self.assertListEqual(["CMD", "pidof", "top"], out["Config"]["Healthcheck"]["Test"])
+        self.assertEqual(5000000000, out["Config"]["Healthcheck"]["Interval"])
+        self.assertEqual(2000000000, out["Config"]["Healthcheck"]["Timeout"])
+        self.assertEqual(3, out["Config"]["Healthcheck"]["Retries"])
+        self.assertEqual(5000000000, out["Config"]["Healthcheck"]["StartPeriod"])
+
+        r = requests.get(self.uri(f"/containers/{container_id}/json"))
         self.assertEqual(r.status_code, 200, r.text)
         self.assertId(r.content)
         out = r.json()
         hc  = out["Config"]["Healthcheck"]["Test"]
-        self.assertListEqual(["CMD-SHELL", "exit 0"], hc)
+        self.assertListEqual(["CMD", "pidof", "top"], hc)
+
+        r = requests.post(self.podman_url + f"/v1.40/containers/{container_id}/start")
+        self.assertEqual(r.status_code, 204, r.text)
+
+        r = requests.get(self.podman_url + f"/v1.40/containers/{container_id}/json")
+        self.assertEqual(r.status_code, 200, r.text)
+        out = r.json()
+        state = out["State"]["Health"]
+        self.assertIsInstance(state, dict)
 
     def test_stats(self):
         r = requests.get(self.uri(self.resolve_container("/containers/{}/stats?stream=false")))
diff --git a/test/system/005-info.bats b/test/system/005-info.bats
index 4b419841e..50c3ceb30 100644
--- a/test/system/005-info.bats
+++ b/test/system/005-info.bats
@@ -33,12 +33,16 @@ cgroupVersion: v[12]
     expr_nvr="[a-z0-9-]\\\+-[a-z0-9.]\\\+-[a-z0-9]\\\+\."
     expr_path="/[a-z0-9\\\/.-]\\\+\\\$"
 
+    # FIXME: if we're ever able to get package versions on Debian,
+    #        add '-[0-9]' to all '*.package' queries below.
     tests="
 host.buildahVersion       | [0-9.]
 host.conmon.path          | $expr_path
+host.conmon.package       | .*conmon.*
 host.cgroupManager        | \\\(systemd\\\|cgroupfs\\\)
 host.cgroupVersion        | v[12]
 host.ociRuntime.path      | $expr_path
+host.ociRuntime.package   | .*\\\(crun\\\|runc\\\).*
 store.configFile          | $expr_path
 store.graphDriverName     | [a-z0-9]\\\+\\\$
 store.graphRoot           | $expr_path
diff --git a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/parent.go b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/parent.go
index abd2c5e2c..c6eecc826 100644
--- a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/parent.go
+++ b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/parent.go
@@ -42,7 +42,7 @@ func NewDriver(logWriter io.Writer, stateDir string) (port.ParentDriver, error)
 		socketPath:         socketPath,
 		childReadyPipePath: childReadyPipePath,
 		ports:              make(map[int]*port.Status, 0),
-		stoppers:           make(map[int]func() error, 0),
+		stoppers:           make(map[int]func(context.Context) error, 0),
 		nextID:             1,
 	}
 	return &d, nil
@@ -54,7 +54,7 @@ type driver struct {
 	childReadyPipePath string
 	mu                 sync.Mutex
 	ports              map[int]*port.Status
-	stoppers           map[int]func() error
+	stoppers           map[int]func(context.Context) error
 	nextID             int
 }
 
@@ -139,21 +139,27 @@ func (d *driver) AddPort(ctx context.Context, spec port.Spec) (*port.Status, err
 	if err != nil {
 		return nil, err
 	}
+	// NOTE: routineStopCh is close-only channel. Do not send any data.
+	// See commit 4803f18fae1e39d200d98f09e445a97ccd6f5526 `Revert "port/builtin: RemovePort() block until conn is closed"`
 	routineStopCh := make(chan struct{})
-	routineStop := func() error {
-		routineStopCh <- struct{}{}
+	routineStoppedCh := make(chan error)
+	routineStop := func(ctx context.Context) error {
+		close(routineStopCh)
 		select {
-		case <-routineStopCh:
-		case <-time.After(5 * time.Second):
-			return errors.New("stop timeout after 5 seconds")
+		case stoppedResult, stoppedResultOk := <-routineStoppedCh:
+			if stoppedResultOk {
+				return stoppedResult
+			}
+			return errors.New("routineStoppedCh was closed without sending data?")
+		case <-ctx.Done():
+			return errors.Wrap(err, "timed out while waiting for routineStoppedCh after closing routineStopCh")
 		}
-		return nil
 	}
 	switch spec.Proto {
 	case "tcp", "tcp4", "tcp6":
-		err = tcp.Run(d.socketPath, spec, routineStopCh, d.logWriter)
+		err = tcp.Run(d.socketPath, spec, routineStopCh, routineStoppedCh, d.logWriter)
 	case "udp", "udp4", "udp6":
-		err = udp.Run(d.socketPath, spec, routineStopCh, d.logWriter)
+		err = udp.Run(d.socketPath, spec, routineStopCh, routineStoppedCh, d.logWriter)
 	default:
 		// NOTREACHED
 		return nil, errors.New("spec was not validated?")
@@ -194,7 +200,12 @@ func (d *driver) RemovePort(ctx context.Context, id int) error {
 	if !ok {
 		return errors.Errorf("unknown id: %d", id)
 	}
-	err := stop()
+	if _, ok := ctx.Deadline(); !ok {
+		var cancel context.CancelFunc
+		ctx, cancel = context.WithTimeout(ctx, 5*time.Second)
+		defer cancel()
+	}
+	err := stop(ctx)
 	delete(d.stoppers, id)
 	delete(d.ports, id)
 	return err
diff --git a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/tcp/tcp.go b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/tcp/tcp.go
index dcc1068f0..32c714468 100644
--- a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/tcp/tcp.go
+++ b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/tcp/tcp.go
@@ -12,7 +12,7 @@ import (
 	"github.com/rootless-containers/rootlesskit/pkg/port/builtin/msg"
 )
 
-func Run(socketPath string, spec port.Spec, stopCh chan struct{}, logWriter io.Writer) error {
+func Run(socketPath string, spec port.Spec, stopCh <-chan struct{}, stoppedCh chan error, logWriter io.Writer) error {
 	ln, err := net.Listen(spec.Proto, net.JoinHostPort(spec.ParentIP, strconv.Itoa(spec.ParentPort)))
 	if err != nil {
 		fmt.Fprintf(logWriter, "listen: %v\n", err)
@@ -32,8 +32,8 @@ func Run(socketPath string, spec port.Spec, stopCh chan struct{}, logWriter io.W
 	}()
 	go func() {
 		defer func() {
-			ln.Close()
-			close(stopCh)
+			stoppedCh <- ln.Close()
+			close(stoppedCh)
 		}()
 		for {
 			select {
diff --git a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/udp/udp.go b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/udp/udp.go
index f20721bcc..67062117a 100644
--- a/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/udp/udp.go
+++ b/vendor/github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/udp/udp.go
@@ -13,7 +13,7 @@ import (
 	"github.com/rootless-containers/rootlesskit/pkg/port/builtin/parent/udp/udpproxy"
 )
 
-func Run(socketPath string, spec port.Spec, stopCh chan struct{}, logWriter io.Writer) error {
+func Run(socketPath string, spec port.Spec, stopCh <-chan struct{}, stoppedCh chan error, logWriter io.Writer) error {
 	addr, err := net.ResolveUDPAddr(spec.Proto, net.JoinHostPort(spec.ParentIP, strconv.Itoa(spec.ParentPort)))
 	if err != nil {
 		return err
@@ -51,7 +51,8 @@ func Run(socketPath string, spec port.Spec, stopCh chan struct{}, logWriter io.W
 			case <-stopCh:
 				// udpp.Close closes ln as well
 				udpp.Close()
-				close(stopCh)
+				stoppedCh <- nil
+				close(stoppedCh)
 				return
 			}
 		}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 0626f45c9..c26f302fc 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -558,7 +558,7 @@ github.com/prometheus/procfs/internal/fs
 github.com/prometheus/procfs/internal/util
 # github.com/rivo/uniseg v0.2.0
 github.com/rivo/uniseg
-# github.com/rootless-containers/rootlesskit v0.14.3
+# github.com/rootless-containers/rootlesskit v0.14.4
 github.com/rootless-containers/rootlesskit/pkg/api
 github.com/rootless-containers/rootlesskit/pkg/msgutil
 github.com/rootless-containers/rootlesskit/pkg/port