3 files changed, 16 insertions, 2 deletions

diff --git a/pkg/api/server/server.go b/pkg/api/server/server.go
index bd6a99b96..5b2f8bea2 100644
--- a/pkg/api/server/server.go
+++ b/pkg/api/server/server.go
@@ -173,6 +173,10 @@ func (s *APIServer) Serve() error {
 		}()
 	}
 
+	// Before we start serving, ensure umask is properly set for container
+	// creation.
+	_ = syscall.Umask(0022)
+
 	go func() {
 		err := s.Server.Serve(s.Listener)
 		if err != nil && err != http.ErrServerClosed {
diff --git a/pkg/systemd/generate/common.go b/pkg/systemd/generate/common.go
index fe56dc874..d6d18a810 100644
--- a/pkg/systemd/generate/common.go
+++ b/pkg/systemd/generate/common.go
@@ -1,6 +1,8 @@
 package generate
 
 import (
+	"strings"
+
 	"github.com/pkg/errors"
 )
 
@@ -44,6 +46,9 @@ func filterPodFlags(command []string) []string {
 			i++
 			continue
 		}
+		if strings.HasPrefix(s, "--pod=") || strings.HasPrefix(s, "--pod-id-file=") {
+			continue
+		}
 		processed = append(processed, s)
 	}
 	return processed
diff --git a/pkg/systemd/generate/common_test.go b/pkg/systemd/generate/common_test.go
index f53bb7828..389c30f59 100644
--- a/pkg/systemd/generate/common_test.go
+++ b/pkg/systemd/generate/common_test.go
@@ -1,6 +1,7 @@
 package generate
 
 import (
+	"strings"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -14,12 +15,16 @@ func TestFilterPodFlags(t *testing.T) {
 		{[]string{"podman", "pod", "create"}},
 		{[]string{"podman", "pod", "create", "--name", "foo"}},
 		{[]string{"podman", "pod", "create", "--pod-id-file", "foo"}},
+		{[]string{"podman", "pod", "create", "--pod-id-file=foo"}},
 		{[]string{"podman", "run", "--pod", "foo"}},
+		{[]string{"podman", "run", "--pod=foo"}},
 	}
 
 	for _, test := range tests {
 		processed := filterPodFlags(test.input)
-		assert.NotContains(t, processed, "--pod-id-file")
-		assert.NotContains(t, processed, "--pod")
+		for _, s := range processed {
+			assert.False(t, strings.HasPrefix(s, "--pod-id-file"))
+			assert.False(t, strings.HasPrefix(s, "--pod"))
+		}
 	}
 }