6 files changed, 58 insertions, 13 deletions
diff --git a/cmd/podman/generate_kube.go b/cmd/podman/generate_kube.go
index de9f701b0..6483ffd72 100644
--- a/cmd/podman/generate_kube.go
+++ b/cmd/podman/generate_kube.go
@@ -88,7 +88,7 @@ func generateKubeYAMLCmd(c *cli.Context) error {
 		return err
 	}
 
-	header := `# Generation of Kubenetes YAML is still under development!
+	header := `# Generation of Kubernetes YAML is still under development!
 #
 # Save the output of this file and use kubectl create -f to import
 # it into Kubernetes.
diff --git a/cmd/podman/main.go b/cmd/podman/main.go
index 796b0b03a..2db6c5dec 100644
--- a/cmd/podman/main.go
+++ b/cmd/podman/main.go
@@ -34,6 +34,7 @@ var cmdsNotRequiringRootless = map[string]bool{
 	// If this change, please also update libpod.refreshRootless()
 	"login":   true,
 	"logout":  true,
+	"mount":   true,
 	"kill":    true,
 	"pause":   true,
 	"restart": true,
diff --git a/cmd/podman/mount.go b/cmd/podman/mount.go
index 585f506cd..c91115597 100644
--- a/cmd/podman/mount.go
+++ b/cmd/podman/mount.go
@@ -3,9 +3,11 @@ package main
 import (
 	js "encoding/json"
 	"fmt"
+	"os"
 
 	of "github.com/containers/libpod/cmd/podman/formats"
 	"github.com/containers/libpod/cmd/podman/libpodruntime"
+	"github.com/containers/libpod/pkg/rootless"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
@@ -52,6 +54,9 @@ func mountCmd(c *cli.Context) error {
 	if err := validateFlags(c, mountFlags); err != nil {
 		return err
 	}
+	if os.Geteuid() != 0 {
+		rootless.SetSkipStorageSetup(true)
+	}
 
 	runtime, err := libpodruntime.GetRuntime(c)
 	if err != nil {
@@ -59,6 +64,22 @@ func mountCmd(c *cli.Context) error {
 	}
 	defer runtime.Shutdown(false)
 
+	if os.Geteuid() != 0 {
+		if driver := runtime.GetConfig().StorageConfig.GraphDriverName; driver != "vfs" {
+			// Do not allow to mount a graphdriver that is not vfs if we are creating the userns as part
+			// of the mount command.
+			return fmt.Errorf("cannot mount using driver %s in rootless mode", driver)
+		}
+
+		became, ret, err := rootless.BecomeRootInUserNS()
+		if err != nil {
+			return err
+		}
+		if became {
+			os.Exit(ret)
+		}
+	}
+
 	formats := map[string]bool{
 		"":            true,
 		of.JSONString: true,
diff --git a/cmd/podman/run.go b/cmd/podman/run.go
index a4b5c918e..20cb85347 100644
--- a/cmd/podman/run.go
+++ b/cmd/podman/run.go
@@ -116,6 +116,11 @@ func runCmd(c *cli.Context) error {
 		if strings.Index(err.Error(), "permission denied") > -1 {
 			exitCode = 126
 		}
+		if c.IsSet("rm") {
+			if deleteError := runtime.RemoveContainer(ctx, ctr, true); deleteError != nil {
+				logrus.Errorf("unable to remove container %s after failing to start and attach to it", ctr.ID())
+			}
+		}
 		return err
 	}
 
diff --git a/cmd/podman/shared/funcs.go b/cmd/podman/shared/funcs.go
index 8520c0616..8770b8ec0 100644
--- a/cmd/podman/shared/funcs.go
+++ b/cmd/podman/shared/funcs.go
@@ -10,10 +10,23 @@ import (
 )
 
 func substituteCommand(cmd string) (string, error) {
+	var (
+		newCommand string
+	)
+
+	// Replace cmd with "/proc/self/exe" if "podman" or "docker" is being
+	// used. If "/usr/bin/docker" is provided, we also sub in podman.
+	// Otherwise, leave the command unchanged.
+	if cmd == "podman" || filepath.Base(cmd) == "docker" {
+		newCommand = "/proc/self/exe"
+	} else {
+		newCommand = cmd
+	}
+
 	// If cmd is an absolute or relative path, check if the file exists.
 	// Throw an error if it doesn't exist.
-	if strings.Contains(cmd, "/") || strings.HasPrefix(cmd, ".") {
-		res, err := filepath.Abs(cmd)
+	if strings.Contains(newCommand, "/") || strings.HasPrefix(newCommand, ".") {
+		res, err := filepath.Abs(newCommand)
 		if err != nil {
 			return "", err
 		}
@@ -24,16 +37,7 @@ func substituteCommand(cmd string) (string, error) {
 		}
 	}
 
-	// Replace cmd with "/proc/self/exe" if "podman" or "docker" is being
-	// used.  Otherwise, leave the command unchanged.
-	switch cmd {
-	case "podman":
-		fallthrough
-	case "docker":
-		return "/proc/self/exe", nil
-	default:
-		return cmd, nil
-	}
+	return newCommand, nil
 }
 
 // GenerateCommand takes a label (string) and converts it to an executable command
diff --git a/cmd/podman/start.go b/cmd/podman/start.go
index 8cf85405e..8bb386c68 100644
--- a/cmd/podman/start.go
+++ b/cmd/podman/start.go
@@ -1,11 +1,13 @@
 package main
 
 import (
+	"encoding/json"
 	"fmt"
 	"os"
 
 	"github.com/containers/libpod/cmd/podman/libpodruntime"
 	"github.com/containers/libpod/libpod"
+	cc "github.com/containers/libpod/pkg/spec"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
@@ -132,6 +134,18 @@ func startCmd(c *cli.Context) error {
 		}
 		// Handle non-attach start
 		if err := ctr.Start(ctx); err != nil {
+			var createArtifact cc.CreateConfig
+			artifact, artifactErr := ctr.GetArtifact("create-config")
+			if artifactErr == nil {
+				if jsonErr := json.Unmarshal(artifact, &createArtifact); jsonErr != nil {
+					logrus.Errorf("unable to detect if container %s should be deleted", ctr.ID())
+				}
+				if createArtifact.Rm {
+					if rmErr := runtime.RemoveContainer(ctx, ctr, true); rmErr != nil {
+						logrus.Errorf("unable to remove container %s after it failed to start", ctr.ID())
+					}
+				}
+			}
 			if lastError != nil {
 				fmt.Fprintln(os.Stderr, lastError)
 			}