4 files changed, 76 insertions, 176 deletions
diff --git a/cmd/podman/common/inspect.go b/cmd/podman/common/inspect.go
deleted file mode 100644
index dfc6fe679..000000000
--- a/cmd/podman/common/inspect.go
+++ /dev/null
@@ -1,18 +0,0 @@
-package common
-
-import (
-	"github.com/containers/libpod/pkg/domain/entities"
-	"github.com/spf13/cobra"
-)
-
-// AddInspectFlagSet takes a command and adds the inspect flags and returns an InspectOptions object
-// Since this cannot live in `package main` it lives here until a better home is found
-func AddInspectFlagSet(cmd *cobra.Command) *entities.InspectOptions {
-	opts := entities.InspectOptions{}
-
-	flags := cmd.Flags()
-	flags.BoolVarP(&opts.Size, "size", "s", false, "Display total file size")
-	flags.StringVarP(&opts.Format, "format", "f", "", "Change the output format to a Go template")
-
-	return &opts
-}
diff --git a/cmd/podman/common/ports.go b/cmd/podman/common/ports.go
index 7e2b1e79d..a96bafabd 100644
--- a/cmd/podman/common/ports.go
+++ b/cmd/podman/common/ports.go
@@ -1,28 +1,11 @@
 package common
 
 import (
-	"fmt"
-	"net"
-	"strconv"
-
-	"github.com/cri-o/ocicni/pkg/ocicni"
 	"github.com/docker/go-connections/nat"
 	"github.com/pkg/errors"
-	"github.com/sirupsen/logrus"
 )
 
-// ExposedPorts parses user and image ports and returns binding information
-func ExposedPorts(expose []string, publish []ocicni.PortMapping, publishAll bool, imageExposedPorts map[string]struct{}) ([]ocicni.PortMapping, error) {
-	containerPorts := make(map[string]string)
-
-	// TODO this needs to be added into a something that
-	// has access to an imageengine
-	// add expose ports from the image itself
-	//for expose := range imageExposedPorts {
-	//	_, port := nat.SplitProtoPort(expose)
-	//	containerPorts[port] = ""
-	//}
-
+func verifyExpose(expose []string) error {
 	// add the expose ports from the user (--expose)
 	// can be single or a range
 	for _, expose := range expose {
@@ -30,97 +13,10 @@ func ExposedPorts(expose []string, publish []ocicni.PortMapping, publishAll bool
 		_, port := nat.SplitProtoPort(expose)
 		//parse the start and end port and create a sequence of ports to expose
 		//if expose a port, the start and end port are the same
-		start, end, err := nat.ParsePortRange(port)
+		_, _, err := nat.ParsePortRange(port)
 		if err != nil {
-			return nil, fmt.Errorf("invalid range format for --expose: %s, error: %s", expose, err)
-		}
-		for i := start; i <= end; i++ {
-			containerPorts[strconv.Itoa(int(i))] = ""
-		}
-	}
-
-	// TODO/FIXME this is hell reencarnated
-	// parse user inputted port bindings
-	pbPorts, portBindings, err := nat.ParsePortSpecs([]string{})
-	if err != nil {
-		return nil, err
-	}
-
-	// delete exposed container ports if being used by -p
-	for i := range pbPorts {
-		delete(containerPorts, i.Port())
-	}
-
-	// iterate container ports and make port bindings from them
-	if publishAll {
-		for e := range containerPorts {
-			//support two formats for expose, original format <portnum>/[<proto>] or <startport-endport>/[<proto>]
-			//proto, port := nat.SplitProtoPort(e)
-			p, err := nat.NewPort("tcp", e)
-			if err != nil {
-				return nil, err
-			}
-			rp, err := getRandomPort()
-			if err != nil {
-				return nil, err
-			}
-			logrus.Debug(fmt.Sprintf("Using random host port %d with container port %d", rp, p.Int()))
-			portBindings[p] = CreatePortBinding(rp, "")
-		}
-	}
-
-	// We need to see if any host ports are not populated and if so, we need to assign a
-	// random port to them.
-	for k, pb := range portBindings {
-		if pb[0].HostPort == "" {
-			hostPort, err := getRandomPort()
-			if err != nil {
-				return nil, err
-			}
-			logrus.Debug(fmt.Sprintf("Using random host port %d with container port %s", hostPort, k.Port()))
-			pb[0].HostPort = strconv.Itoa(hostPort)
-		}
-	}
-	var pms []ocicni.PortMapping
-	for k, v := range portBindings {
-		for _, pb := range v {
-			hp, err := strconv.Atoi(pb.HostPort)
-			if err != nil {
-				return nil, err
-			}
-			pms = append(pms, ocicni.PortMapping{
-				HostPort:      int32(hp),
-				ContainerPort: int32(k.Int()),
-				//Protocol:      "",
-				HostIP: pb.HostIP,
-			})
+			return errors.Wrapf(err, "invalid range format for --expose: %s", expose)
 		}
 	}
-	return pms, nil
-}
-
-func getRandomPort() (int, error) {
-	l, err := net.Listen("tcp", ":0")
-	if err != nil {
-		return 0, errors.Wrapf(err, "unable to get free port")
-	}
-	defer l.Close()
-	_, randomPort, err := net.SplitHostPort(l.Addr().String())
-	if err != nil {
-		return 0, errors.Wrapf(err, "unable to determine free port")
-	}
-	rp, err := strconv.Atoi(randomPort)
-	if err != nil {
-		return 0, errors.Wrapf(err, "unable to convert random port to int")
-	}
-	return rp, nil
-}
-
-//CreatePortBinding takes port (int) and IP (string) and creates an array of portbinding structs
-func CreatePortBinding(hostPort int, hostIP string) []nat.PortBinding {
-	pb := nat.PortBinding{
-		HostPort: strconv.Itoa(hostPort),
-	}
-	pb.HostIP = hostIP
-	return []nat.PortBinding{pb}
+	return nil
 }
diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go
index b90030f7f..f8c58f1a4 100644
--- a/cmd/podman/common/specgen.go
+++ b/cmd/podman/common/specgen.go
@@ -119,13 +119,13 @@ func getIOLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string) (
 func getPidsLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string) (*specs.LinuxPids, error) {
 	pids := &specs.LinuxPids{}
 	hasLimits := false
+	if c.CGroupsMode == "disabled" && c.PIDsLimit > 0 {
+		return nil, nil
+	}
 	if c.PIDsLimit > 0 {
 		pids.Limit = c.PIDsLimit
 		hasLimits = true
 	}
-	if c.CGroupsMode == "disabled" && c.PIDsLimit > 0 {
-		s.ResourceLimits.Pids.Limit = -1
-	}
 	if !hasLimits {
 		return nil, nil
 	}
@@ -203,23 +203,38 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
 	s.User = c.User
 	inputCommand := args[1:]
 	if len(c.HealthCmd) > 0 {
+		if c.NoHealthCheck {
+			return errors.New("Cannot specify both --no-healthcheck and --health-cmd")
+		}
 		s.HealthConfig, err = makeHealthCheckFromCli(c.HealthCmd, c.HealthInterval, c.HealthRetries, c.HealthTimeout, c.HealthStartPeriod)
 		if err != nil {
 			return err
 		}
+	} else if c.NoHealthCheck {
+		s.HealthConfig = &manifest.Schema2HealthConfig{
+			Test: []string{"NONE"},
+		}
 	}
 
-	s.IDMappings, err = util.ParseIDMapping(ns.UsernsMode(c.UserNS), c.UIDMap, c.GIDMap, c.SubUIDName, c.SubGIDName)
+	userNS := ns.UsernsMode(c.UserNS)
+	s.IDMappings, err = util.ParseIDMapping(userNS, c.UIDMap, c.GIDMap, c.SubUIDName, c.SubGIDName)
 	if err != nil {
 		return err
 	}
+	// If some mappings are specified, assume a private user namespace
+	if userNS.IsDefaultValue() && (!s.IDMappings.HostUIDMapping || !s.IDMappings.HostGIDMapping) {
+		s.UserNS.NSMode = specgen.Private
+	}
 
 	s.Terminal = c.TTY
-	ep, err := ExposedPorts(c.Expose, c.Net.PublishPorts, c.PublishAll, nil)
-	if err != nil {
+
+	if err := verifyExpose(c.Expose); err != nil {
 		return err
 	}
-	s.PortMappings = ep
+	// We are not handling the Expose flag yet.
+	// s.PortsExpose = c.Expose
+	s.PortMappings = c.Net.PublishPorts
+	s.PublishImagePorts = c.PublishAll
 	s.Pod = c.Pod
 
 	for k, v := range map[string]*specgen.Namespace{
@@ -246,20 +261,6 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
 		s.NetNS = c.Net.Network
 	}
 
-	// TODO this is going to have to be done the libpod/server end of things
-	// USER
-	//user := c.String("user")
-	//if user == "" {
-	//	switch {
-	//	case usernsMode.IsKeepID():
-	//		user = fmt.Sprintf("%d:%d", rootless.GetRootlessUID(), rootless.GetRootlessGID())
-	//	case data == nil:
-	//		user = "0"
-	//	default:
-	//		user = data.Config.User
-	//	}
-	//}
-
 	// STOP SIGNAL
 	signalString := "TERM"
 	if sig := c.StopSignal; len(sig) > 0 {
@@ -288,7 +289,23 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
 
 	if c.EnvHost {
 		env = envLib.Join(env, osEnv)
+	} else if c.HTTPProxy {
+		for _, envSpec := range []string{
+			"http_proxy",
+			"HTTP_PROXY",
+			"https_proxy",
+			"HTTPS_PROXY",
+			"ftp_proxy",
+			"FTP_PROXY",
+			"no_proxy",
+			"NO_PROXY",
+		} {
+			if v, ok := osEnv[envSpec]; ok {
+				env[envSpec] = v
+			}
+		}
 	}
+
 	// env-file overrides any previous variables
 	for _, f := range c.EnvFile {
 		fileEnv, err := envLib.ParseFile(f)
@@ -390,14 +407,13 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
 	s.DNSOptions = c.Net.DNSOptions
 	s.StaticIP = c.Net.StaticIP
 	s.StaticMAC = c.Net.StaticMAC
-
-	// deferred, must be added on libpod side
-	//var ImageVolumes map[string]struct{}
-	//if data != nil && c.String("image-volume") != "ignore" {
-	//	ImageVolumes = data.Config.Volumes
-	//}
+	s.UseImageHosts = c.Net.NoHosts
 
 	s.ImageVolumeMode = c.ImageVolume
+	if s.ImageVolumeMode == "bind" {
+		s.ImageVolumeMode = "anonymous"
+	}
+
 	systemd := c.SystemdD == "always"
 	if !systemd && command != nil {
 		x, err := strconv.ParseBool(c.SystemdD)
@@ -449,24 +465,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
 	}
 	s.CgroupParent = c.CGroupParent
 	s.CgroupsMode = c.CGroupsMode
-	// TODO WTF
-	//cgroup := &cc.CgroupConfig{
-	//	Cgroupns:     c.String("cgroupns"),
-	//}
-	//
-	//userns := &cc.UserConfig{
-	//	GroupAdd:   c.StringSlice("group-add"),
-	//	IDMappings: idmappings,
-	//	UsernsMode: usernsMode,
-	//	User:       user,
-	//}
-	//
-	//uts := &cc.UtsConfig{
-	//	UtsMode:  utsMode,
-	//	NoHosts:  c.Bool("no-hosts"),
-	//	HostAdd:  c.StringSlice("add-host"),
-	//	Hostname: c.String("hostname"),
-	//}
+	s.Groups = c.GroupAdd
 
 	s.Hostname = c.Hostname
 	sysctl := map[string]string{}
@@ -585,7 +584,14 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
 		if len(split) < 2 {
 			return errors.Errorf("invalid log option %q", o)
 		}
-		logOpts[split[0]] = split[1]
+		switch {
+		case split[0] == "driver":
+			s.LogConfiguration.Driver = split[1]
+		case split[0] == "path":
+			s.LogConfiguration.Path = split[1]
+		default:
+			logOpts[split[0]] = split[1]
+		}
 	}
 	s.LogConfiguration.Options = logOpts
 	s.Name = c.Name
@@ -608,10 +614,15 @@ func makeHealthCheckFromCli(inCmd, interval string, retries uint, timeout, start
 
 	// first try to parse option value as JSON array of strings...
 	cmd := []string{}
-	err := json.Unmarshal([]byte(inCmd), &cmd)
-	if err != nil {
-		// ...otherwise pass it to "/bin/sh -c" inside the container
-		cmd = []string{"CMD-SHELL", inCmd}
+
+	if inCmd == "none" {
+		cmd = []string{"NONE"}
+	} else {
+		err := json.Unmarshal([]byte(inCmd), &cmd)
+		if err != nil {
+			// ...otherwise pass it to "/bin/sh -c" inside the container
+			cmd = []string{"CMD-SHELL", inCmd}
+		}
 	}
 	hc := manifest.Schema2HealthConfig{
 		Test: cmd,
diff --git a/cmd/podman/common/util.go b/cmd/podman/common/util.go
index 47bbe12fa..5b99b8398 100644
--- a/cmd/podman/common/util.go
+++ b/cmd/podman/common/util.go
@@ -1,8 +1,11 @@
 package common
 
 import (
+	"fmt"
 	"strconv"
 
+	"github.com/spf13/cobra"
+
 	"github.com/cri-o/ocicni/pkg/ocicni"
 	"github.com/docker/go-connections/nat"
 	"github.com/pkg/errors"
@@ -41,3 +44,11 @@ func createPortBindings(ports []string) ([]ocicni.PortMapping, error) {
 	}
 	return portBindings, nil
 }
+
+// NoArgs returns an error if any args are included.
+func NoArgs(cmd *cobra.Command, args []string) error {
+	if len(args) > 0 {
+		return fmt.Errorf("`%s` takes no arguments", cmd.CommandPath())
+	}
+	return nil
+}