9 files changed, 87 insertions, 27 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 0553cc59c..b41a3fa38 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -1700,7 +1700,7 @@ func (c *Container) generateResolvConf() (string, error) {
 		nameservers = resolvconf.GetNameservers(resolv.Content)
 		// slirp4netns has a built in DNS server.
 		if c.config.NetMode.IsSlirp4netns() {
-			nameservers = append([]string{"10.0.2.3"}, nameservers...)
+			nameservers = append([]string{slirp4netnsDNS}, nameservers...)
 		}
 	}
 
@@ -1780,7 +1780,7 @@ func (c *Container) getHosts() string {
 	if c.Hostname() != "" {
 		if c.config.NetMode.IsSlirp4netns() {
 			// When using slirp4netns, the interface gets a static IP
-			hosts += fmt.Sprintf("# used by slirp4netns\n%s\t%s %s\n", "10.0.2.100", c.Hostname(), c.config.Name)
+			hosts += fmt.Sprintf("# used by slirp4netns\n%s\t%s %s\n", slirp4netnsIP, c.Hostname(), c.config.Name)
 		} else {
 			hasNetNS := false
 			netNone := false
diff --git a/libpod/image/manifests.go b/libpod/image/manifests.go
index 14f7c2f83..1ae3693c9 100644
--- a/libpod/image/manifests.go
+++ b/libpod/image/manifests.go
@@ -46,6 +46,15 @@ func (i *Image) InspectManifest() (*manifest.Schema2List, error) {
 	return list.Docker(), nil
 }
 
+// ExistsManifest checks if a manifest list exists
+func (i *Image) ExistsManifest() (bool, error) {
+	_, err := i.getManifestList()
+	if err != nil {
+		return false, err
+	}
+	return true, nil
+}
+
 // RemoveManifest removes the given digest from the manifest list.
 func (i *Image) RemoveManifest(d digest.Digest) (string, error) {
 	list, err := i.getManifestList()
diff --git a/libpod/image/search.go b/libpod/image/search.go
index 6020fbca9..c5799219a 100644
--- a/libpod/image/search.go
+++ b/libpod/image/search.go
@@ -102,8 +102,8 @@ func SearchImages(term string, options SearchOptions) ([]SearchResult, error) {
 	searchImageInRegistryHelper := func(index int, registry string) {
 		defer sem.Release(1)
 		defer wg.Done()
-		searchOutput := searchImageInRegistry(term, registry, options)
-		data[index] = searchOutputData{data: searchOutput}
+		searchOutput, err := searchImageInRegistry(term, registry, options)
+		data[index] = searchOutputData{data: searchOutput, err: err}
 	}
 
 	ctx := context.Background()
@@ -116,13 +116,21 @@ func SearchImages(term string, options SearchOptions) ([]SearchResult, error) {
 
 	wg.Wait()
 	results := []SearchResult{}
+	var lastError error
 	for _, d := range data {
 		if d.err != nil {
-			return nil, d.err
+			if lastError != nil {
+				logrus.Errorf("%v", lastError)
+			}
+			lastError = d.err
+			continue
 		}
 		results = append(results, d.data...)
 	}
-	return results, nil
+	if len(results) > 0 {
+		return results, nil
+	}
+	return results, lastError
 }
 
 // getRegistries returns the list of registries to search, depending on an optional registry specification
@@ -140,7 +148,7 @@ func getRegistries(registry string) ([]string, error) {
 	return registries, nil
 }
 
-func searchImageInRegistry(term string, registry string, options SearchOptions) []SearchResult {
+func searchImageInRegistry(term string, registry string, options SearchOptions) ([]SearchResult, error) {
 	// Max number of queries by default is 25
 	limit := maxQueries
 	if options.Limit > 0 {
@@ -156,16 +164,14 @@ func searchImageInRegistry(term string, registry string, options SearchOptions)
 	if options.ListTags {
 		results, err := searchRepositoryTags(registry, term, sc, options)
 		if err != nil {
-			logrus.Errorf("error listing registry tags %q: %v", registry, err)
-			return []SearchResult{}
+			return []SearchResult{}, err
 		}
-		return results
+		return results, nil
 	}
 
 	results, err := docker.SearchRegistry(context.TODO(), sc, registry, term, limit)
 	if err != nil {
-		logrus.Errorf("error searching registry %q: %v", registry, err)
-		return []SearchResult{}
+		return []SearchResult{}, err
 	}
 	index := registry
 	arr := strings.Split(registry, ".")
@@ -219,7 +225,7 @@ func searchImageInRegistry(term string, registry string, options SearchOptions)
 		}
 		paramsArr = append(paramsArr, params)
 	}
-	return paramsArr
+	return paramsArr, nil
 }
 
 func searchRepositoryTags(registry, term string, sc *types.SystemContext, options SearchOptions) ([]SearchResult, error) {
diff --git a/libpod/network/create.go b/libpod/network/create.go
index 094fbe349..a8f985af9 100644
--- a/libpod/network/create.go
+++ b/libpod/network/create.go
@@ -14,6 +14,7 @@ import (
 	"github.com/containers/podman/v2/pkg/rootless"
 	"github.com/containers/podman/v2/pkg/util"
 	"github.com/pkg/errors"
+	"github.com/sirupsen/logrus"
 )
 
 // Create the CNI network
@@ -23,7 +24,7 @@ func Create(name string, options entities.NetworkCreateOptions, runtimeConfig *c
 		return nil, err
 	}
 	// Acquire a lock for CNI
-	l, err := acquireCNILock(filepath.Join(runtimeConfig.Engine.TmpDir, LockFileName))
+	l, err := acquireCNILock(runtimeConfig)
 	if err != nil {
 		return nil, err
 	}
@@ -226,8 +227,12 @@ func createBridge(name string, options entities.NetworkCreateOptions, runtimeCon
 	// if we find the dnsname plugin or are rootless, we add configuration for it
 	// the rootless-cni-infra container has the dnsname plugin always installed
 	if (HasDNSNamePlugin(runtimeConfig.Network.CNIPluginDirs) || rootless.IsRootless()) && !options.DisableDNS {
-		// Note: in the future we might like to allow for dynamic domain names
-		plugins = append(plugins, NewDNSNamePlugin(DefaultPodmanDomainName))
+		if options.Internal {
+			logrus.Warnf("dnsname and --internal networks are incompatible.  dnsname plugin not configured for network %s", name)
+		} else {
+			// Note: in the future we might like to allow for dynamic domain names
+			plugins = append(plugins, NewDNSNamePlugin(DefaultPodmanDomainName))
+		}
 	}
 	ncList["plugins"] = plugins
 	b, err := json.MarshalIndent(ncList, "", "   ")
diff --git a/libpod/network/lock.go b/libpod/network/lock.go
index 0395359eb..037f41efa 100644
--- a/libpod/network/lock.go
+++ b/libpod/network/lock.go
@@ -1,6 +1,10 @@
 package network
 
 import (
+	"os"
+	"path/filepath"
+
+	"github.com/containers/common/pkg/config"
 	"github.com/containers/storage"
 )
 
@@ -8,8 +12,13 @@ import (
 // delete cases to avoid unwanted collisions in network names.
 // TODO this uses a file lock and should be converted to shared memory
 // when we have a more general shared memory lock in libpod
-func acquireCNILock(lockPath string) (*CNILock, error) {
-	l, err := storage.GetLockfile(lockPath)
+func acquireCNILock(config *config.Config) (*CNILock, error) {
+	cniDir := GetCNIConfDir(config)
+	err := os.MkdirAll(cniDir, 0755)
+	if err != nil {
+		return nil, err
+	}
+	l, err := storage.GetLockfile(filepath.Join(cniDir, LockFileName))
 	if err != nil {
 		return nil, err
 	}
diff --git a/libpod/network/network.go b/libpod/network/network.go
index 89f0b67ac..0fb878b18 100644
--- a/libpod/network/network.go
+++ b/libpod/network/network.go
@@ -6,7 +6,6 @@ import (
 	"encoding/json"
 	"net"
 	"os"
-	"path/filepath"
 
 	"github.com/containernetworking/cni/pkg/types"
 	"github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator"
@@ -172,7 +171,7 @@ func ValidateUserNetworkIsAvailable(config *config.Config, userNet *net.IPNet) e
 // RemoveNetwork removes a given network by name.  If the network has container associated with it, that
 // must be handled outside the context of this.
 func RemoveNetwork(config *config.Config, name string) error {
-	l, err := acquireCNILock(filepath.Join(config.Engine.TmpDir, LockFileName))
+	l, err := acquireCNILock(config)
 	if err != nil {
 		return err
 	}
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index addf1814c..ef2f034ab 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -35,6 +35,15 @@ import (
 	"golang.org/x/sys/unix"
 )
 
+const (
+	// slirp4netnsIP is the IP used by slirp4netns to configure the tap device
+	// inside the network namespace.
+	slirp4netnsIP = "10.0.2.100"
+
+	// slirp4netnsDNS is the IP for the built-in DNS server in the slirp network
+	slirp4netnsDNS = "10.0.2.3"
+)
+
 // Get an OCICNI network config
 func (r *Runtime) getPodNetwork(id, name, nsPath string, networks []string, ports []ocicni.PortMapping, staticIP net.IP, staticMAC net.HardwareAddr, netDescriptions ContainerNetworkDescriptions) ocicni.PodNetwork {
 	var networkKey string
@@ -541,12 +550,25 @@ func (r *Runtime) setupRootlessPortMappingViaRLK(ctr *Container, netnsPath strin
 		}
 	}
 
+	childIP := slirp4netnsIP
+outer:
+	for _, r := range ctr.state.NetworkStatus {
+		for _, i := range r.IPs {
+			ipv4 := i.Address.IP.To4()
+			if ipv4 != nil {
+				childIP = ipv4.String()
+				break outer
+			}
+		}
+	}
+
 	cfg := rootlessport.Config{
 		Mappings:  ctr.config.PortMappings,
 		NetNSPath: netnsPath,
 		ExitFD:    3,
 		ReadyFD:   4,
 		TmpDir:    ctr.runtime.config.Engine.TmpDir,
+		ChildIP:   childIP,
 	}
 	cfgJSON, err := json.Marshal(cfg)
 	if err != nil {
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 34c737a67..0dc220b52 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -180,6 +180,13 @@ func newRuntimeFromConfig(ctx context.Context, conf *config.Config, options ...R
 		}
 	}
 
+	if err := shutdown.Register("libpod", func(sig os.Signal) error {
+		os.Exit(1)
+		return nil
+	}); err != nil && errors.Cause(err) != shutdown.ErrHandlerExists {
+		logrus.Errorf("Error registering shutdown handler for libpod: %v", err)
+	}
+
 	if err := shutdown.Start(); err != nil {
 		return nil, errors.Wrapf(err, "error starting shutdown signal handler")
 	}
@@ -188,13 +195,6 @@ func newRuntimeFromConfig(ctx context.Context, conf *config.Config, options ...R
 		return nil, err
 	}
 
-	if err := shutdown.Register("libpod", func(sig os.Signal) error {
-		os.Exit(1)
-		return nil
-	}); err != nil && errors.Cause(err) != shutdown.ErrHandlerExists {
-		logrus.Errorf("Error registering shutdown handler for libpod: %v", err)
-	}
-
 	return runtime, nil
 }
 
diff --git a/libpod/shutdown/handler.go b/libpod/shutdown/handler.go
index f0f228b19..ac1d33910 100644
--- a/libpod/shutdown/handler.go
+++ b/libpod/shutdown/handler.go
@@ -18,6 +18,8 @@ var (
 	stopped    bool
 	sigChan    chan os.Signal
 	cancelChan chan bool
+	// Syncronize accesses to the map
+	handlerLock sync.Mutex
 	// Definitions of all on-shutdown handlers
 	handlers map[string]func(os.Signal) error
 	// Ordering that on-shutdown handlers will be invoked.
@@ -50,6 +52,7 @@ func Start() error {
 		case sig := <-sigChan:
 			logrus.Infof("Received shutdown signal %v, terminating!", sig)
 			shutdownInhibit.Lock()
+			handlerLock.Lock()
 			for _, name := range handlerOrder {
 				handler, ok := handlers[name]
 				if !ok {
@@ -61,6 +64,7 @@ func Start() error {
 					logrus.Errorf("Error running shutdown handler %s: %v", name, err)
 				}
 			}
+			handlerLock.Unlock()
 			shutdownInhibit.Unlock()
 			return
 		}
@@ -97,6 +101,9 @@ func Uninhibit() {
 // by a signal. Handlers are invoked LIFO - the last handler registered is the
 // first run.
 func Register(name string, handler func(os.Signal) error) error {
+	handlerLock.Lock()
+	defer handlerLock.Unlock()
+
 	if handlers == nil {
 		handlers = make(map[string]func(os.Signal) error)
 	}
@@ -113,6 +120,9 @@ func Register(name string, handler func(os.Signal) error) error {
 
 // Unregister un-registers a given shutdown handler.
 func Unregister(name string) error {
+	handlerLock.Lock()
+	defer handlerLock.Unlock()
+
 	if handlers == nil {
 		return nil
 	}