9 files changed, 74 insertions, 34 deletions

diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go
index b90030f7f..abec1213c 100644
--- a/cmd/podman/common/specgen.go
+++ b/cmd/podman/common/specgen.go
@@ -119,13 +119,13 @@ func getIOLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string) (
 func getPidsLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string) (*specs.LinuxPids, error) {
 	pids := &specs.LinuxPids{}
 	hasLimits := false
+	if c.CGroupsMode == "disabled" && c.PIDsLimit > 0 {
+		return nil, nil
+	}
 	if c.PIDsLimit > 0 {
 		pids.Limit = c.PIDsLimit
 		hasLimits = true
 	}
-	if c.CGroupsMode == "disabled" && c.PIDsLimit > 0 {
-		s.ResourceLimits.Pids.Limit = -1
-	}
 	if !hasLimits {
 		return nil, nil
 	}
@@ -288,7 +288,23 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
 
 	if c.EnvHost {
 		env = envLib.Join(env, osEnv)
+	} else if c.HTTPProxy {
+		for _, envSpec := range []string{
+			"http_proxy",
+			"HTTP_PROXY",
+			"https_proxy",
+			"HTTPS_PROXY",
+			"ftp_proxy",
+			"FTP_PROXY",
+			"no_proxy",
+			"NO_PROXY",
+		} {
+			if v, ok := osEnv[envSpec]; ok {
+				env[envSpec] = v
+			}
+		}
 	}
+
 	// env-file overrides any previous variables
 	for _, f := range c.EnvFile {
 		fileEnv, err := envLib.ParseFile(f)
@@ -449,6 +465,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
 	}
 	s.CgroupParent = c.CGroupParent
 	s.CgroupsMode = c.CGroupsMode
+	s.Groups = c.GroupAdd
 	// TODO WTF
 	//cgroup := &cc.CgroupConfig{
 	//	Cgroupns:     c.String("cgroupns"),
@@ -585,7 +602,14 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
 		if len(split) < 2 {
 			return errors.Errorf("invalid log option %q", o)
 		}
-		logOpts[split[0]] = split[1]
+		switch {
+		case split[0] == "driver":
+			s.LogConfiguration.Driver = split[1]
+		case split[0] == "path":
+			s.LogConfiguration.Path = split[1]
+		default:
+			logOpts[split[0]] = split[1]
+		}
 	}
 	s.LogConfiguration.Options = logOpts
 	s.Name = c.Name
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index 8f140e2b8..da550b606 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -75,8 +75,7 @@ func init() {
 
 func create(cmd *cobra.Command, args []string) error {
 	var (
-		err           error
-		rawImageInput string
+		err error
 	)
 	cliVals.Net, err = common.NetFlagsToNetOptions(cmd)
 	if err != nil {
@@ -92,20 +91,16 @@ func create(cmd *cobra.Command, args []string) error {
 		defer errorhandling.SyncQuiet(cidFile)
 	}
 
-	if rfs := cliVals.RootFS; !rfs {
-		rawImageInput = args[0]
-	}
-
 	if err := createInit(cmd); err != nil {
 		return err
 	}
 
-	if err := pullImage(args[0]); err != nil {
-		return err
+	if !cliVals.RootFS {
+		if err := pullImage(args[0]); err != nil {
+			return err
+		}
 	}
-
-	//TODO rootfs still
-	s := specgen.NewSpecGenerator(rawImageInput)
+	s := specgen.NewSpecGenerator(args[0], cliVals.RootFS)
 	if err := common.FillOutSpecGen(s, &cliVals, args); err != nil {
 		return err
 	}
diff --git a/cmd/podman/containers/run.go b/cmd/podman/containers/run.go
index 409b72198..e3fe4cd0b 100644
--- a/cmd/podman/containers/run.go
+++ b/cmd/podman/containers/run.go
@@ -104,8 +104,10 @@ func run(cmd *cobra.Command, args []string) error {
 		return err
 	}
 
-	if err := pullImage(args[0]); err != nil {
-		return err
+	if !cliVals.RootFS {
+		if err := pullImage(args[0]); err != nil {
+			return err
+		}
 	}
 
 	// If -i is not set, clear stdin
@@ -136,7 +138,7 @@ func run(cmd *cobra.Command, args []string) error {
 	}
 	runOpts.Detach = cliVals.Detach
 	runOpts.DetachKeys = cliVals.DetachKeys
-	s := specgen.NewSpecGenerator(args[0])
+	s := specgen.NewSpecGenerator(args[0], cliVals.RootFS)
 	if err := common.FillOutSpecGen(s, &cliVals, args); err != nil {
 		return err
 	}
diff --git a/pkg/specgen/container_validate.go b/pkg/specgen/container_validate.go
index 56c1a7ea9..87fc59dfe 100644
--- a/pkg/specgen/container_validate.go
+++ b/pkg/specgen/container_validate.go
@@ -34,7 +34,7 @@ func (s *SpecGenerator) Validate() error {
 	}
 	// Cannot set hostname and utsns
 	if len(s.ContainerBasicConfig.Hostname) > 0 && !s.ContainerBasicConfig.UtsNS.IsPrivate() {
-		return errors.Wrap(ErrInvalidSpecConfig, "cannot set hostname when creating an UTS namespace")
+		return errors.Wrap(ErrInvalidSpecConfig, "cannot set hostname when running in the host UTS namespace")
 	}
 	// systemd values must be true, false, or always
 	if len(s.ContainerBasicConfig.Systemd) > 0 && !util.StringInSlice(strings.ToLower(s.ContainerBasicConfig.Systemd), SystemDValues) {
diff --git a/pkg/specgen/generate/config_linux_cgo.go b/pkg/specgen/generate/config_linux_cgo.go
index b06ef5c9a..5d629a6e6 100644
--- a/pkg/specgen/generate/config_linux_cgo.go
+++ b/pkg/specgen/generate/config_linux_cgo.go
@@ -24,6 +24,9 @@ func getSeccompConfig(s *specgen.SpecGenerator, configSpec *spec.Spec, img *imag
 	}
 
 	if scp == seccomp.PolicyImage {
+		if img == nil {
+			return nil, errors.New("cannot read seccomp profile without a valid image")
+		}
 		labels, err := img.Labels(context.Background())
 		if err != nil {
 			return nil, err
diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go
index de3239fda..9797ad572 100644
--- a/pkg/specgen/generate/container.go
+++ b/pkg/specgen/generate/container.go
@@ -15,7 +15,11 @@ import (
 func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerator) error {
 	var appendEntryPoint bool
 
-	// TODO add support for raw rootfs
+	// If a rootfs is used, then there is no image data
+	if s.ContainerStorageConfig.Rootfs != "" {
+		return nil
+	}
+
 	newImage, err := r.ImageRuntime().NewFromLocal(s.Image)
 	if err != nil {
 		return err
diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
index 1be77d315..49a717c5d 100644
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@@ -7,6 +7,7 @@ import (
 	"github.com/containers/common/pkg/config"
 	"github.com/containers/libpod/libpod"
 	"github.com/containers/libpod/libpod/define"
+	"github.com/containers/libpod/libpod/image"
 	"github.com/containers/libpod/pkg/specgen"
 	"github.com/containers/storage"
 	"github.com/pkg/errors"
@@ -15,9 +16,6 @@ import (
 
 // MakeContainer creates a container based on the SpecGenerator
 func MakeContainer(rt *libpod.Runtime, s *specgen.SpecGenerator) (*libpod.Container, error) {
-	if err := s.Validate(); err != nil {
-		return nil, errors.Wrap(err, "invalid config provided")
-	}
 	rtc, err := rt.GetConfig()
 	if err != nil {
 		return nil, err
@@ -87,12 +85,19 @@ func MakeContainer(rt *libpod.Runtime, s *specgen.SpecGenerator) (*libpod.Contai
 		return nil, err
 	}
 	options = append(options, createExitCommandOption(s, rt.StorageConfig(), rtc, podmanPath))
-	newImage, err := rt.ImageRuntime().NewFromLocal(s.Image)
-	if err != nil {
-		return nil, err
+	var newImage *image.Image
+	if s.Rootfs != "" {
+		options = append(options, libpod.WithRootFS(s.Rootfs))
+	} else {
+		newImage, err = rt.ImageRuntime().NewFromLocal(s.Image)
+		if err != nil {
+			return nil, err
+		}
+		options = append(options, libpod.WithRootFSFromImage(newImage.ID(), s.Image, s.RawImageName))
+	}
+	if err := s.Validate(); err != nil {
+		return nil, errors.Wrap(err, "invalid config provided")
 	}
-
-	options = append(options, libpod.WithRootFSFromImage(newImage.ID(), s.Image, s.RawImageName))
 
 	runtimeSpec, err := SpecGenToOCI(s, rt, newImage)
 	if err != nil {
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index 37f2b3190..275af1f49 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -402,8 +402,13 @@ type NamedVolume struct {
 }
 
 // NewSpecGenerator returns a SpecGenerator struct given one of two mandatory inputs
-func NewSpecGenerator(image string) *SpecGenerator {
-	csc := ContainerStorageConfig{Image: image}
+func NewSpecGenerator(arg string, rootfs bool) *SpecGenerator {
+	csc := ContainerStorageConfig{}
+	if rootfs {
+		csc.Rootfs = arg
+	} else {
+		csc.Image = arg
+	}
 	return &SpecGenerator{
 		ContainerStorageConfig: csc,
 	}
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index c84bbe91f..7d4039819 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -29,7 +29,6 @@ var _ = Describe("Podman run", func() {
 	)
 
 	BeforeEach(func() {
-		Skip(v2fail)
 		tempdir, err = CreateTempDirInTempDir()
 		if err != nil {
 			os.Exit(1)
@@ -252,14 +251,15 @@ var _ = Describe("Podman run", func() {
 	})
 
 	It("podman run --host-env environment test", func() {
-		os.Setenv("FOO", "BAR")
-		session := podmanTest.Podman([]string{"run", "--rm", "--env-host", ALPINE, "printenv", "FOO"})
+		env := append(os.Environ(), "FOO=BAR")
+		session := podmanTest.PodmanAsUser([]string{"run", "--rm", "--env-host", ALPINE, "/bin/printenv", "FOO"}, 0, 0, "", env)
+
 		session.WaitWithDefaultTimeout()
 		Expect(session.ExitCode()).To(Equal(0))
 		match, _ := session.GrepString("BAR")
 		Expect(match).Should(BeTrue())
 
-		session = podmanTest.Podman([]string{"run", "--rm", "--env", "FOO=BAR1", "--env-host", ALPINE, "printenv", "FOO"})
+		session = podmanTest.PodmanAsUser([]string{"run", "--rm", "--env", "FOO=BAR1", "--env-host", ALPINE, "/bin/printenv", "FOO"}, 0, 0, "", env)
 		session.WaitWithDefaultTimeout()
 		Expect(session.ExitCode()).To(Equal(0))
 		match, _ = session.GrepString("BAR1")
@@ -708,6 +708,7 @@ USER mail`
 	})
 
 	It("podman run --volumes-from flag with built-in volumes", func() {
+		Skip(v2fail)
 		session := podmanTest.Podman([]string{"create", redis, "sh"})
 		session.WaitWithDefaultTimeout()
 		Expect(session.ExitCode()).To(Equal(0))
@@ -802,6 +803,7 @@ USER mail`
 	})
 
 	It("podman run --pod automatically", func() {
+		Skip(v2fail)
 		session := podmanTest.Podman([]string{"run", "--pod", "new:foobar", ALPINE, "ls"})
 		session.WaitWithDefaultTimeout()
 		Expect(session.ExitCode()).To(Equal(0))