11 files changed, 105 insertions, 34 deletions

diff --git a/libpod/container.go b/libpod/container.go
index c57250d72..0986a0d80 100644
--- a/libpod/container.go
+++ b/libpod/container.go
@@ -159,6 +159,9 @@ type ContainerState struct {
 	// OOMKilled indicates that the container was killed as it ran out of
 	// memory
 	OOMKilled bool `json:"oomKilled,omitempty"`
+	// Checkpointed indicates that the container was stopped by a checkpoint
+	// operation.
+	Checkpointed bool `json:"checkpointed,omitempty"`
 	// PID is the PID of a running container
 	PID int `json:"pid,omitempty"`
 	// ConmonPID is the PID of the container's conmon
diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go
index 97318a2e8..2ef4532cd 100644
--- a/libpod/container_inspect.go
+++ b/libpod/container_inspect.go
@@ -103,18 +103,19 @@ func (c *Container) getContainerInspectData(size bool, driverData *define.Driver
 		Path:    path,
 		Args:    args,
 		State: &define.InspectContainerState{
-			OciVersion: ctrSpec.Version,
-			Status:     runtimeInfo.State.String(),
-			Running:    runtimeInfo.State == define.ContainerStateRunning,
-			Paused:     runtimeInfo.State == define.ContainerStatePaused,
-			OOMKilled:  runtimeInfo.OOMKilled,
-			Dead:       runtimeInfo.State.String() == "bad state",
-			Pid:        runtimeInfo.PID,
-			ConmonPid:  runtimeInfo.ConmonPID,
-			ExitCode:   runtimeInfo.ExitCode,
-			Error:      "", // can't get yet
-			StartedAt:  runtimeInfo.StartedTime,
-			FinishedAt: runtimeInfo.FinishedTime,
+			OciVersion:   ctrSpec.Version,
+			Status:       runtimeInfo.State.String(),
+			Running:      runtimeInfo.State == define.ContainerStateRunning,
+			Paused:       runtimeInfo.State == define.ContainerStatePaused,
+			OOMKilled:    runtimeInfo.OOMKilled,
+			Dead:         runtimeInfo.State.String() == "bad state",
+			Pid:          runtimeInfo.PID,
+			ConmonPid:    runtimeInfo.ConmonPID,
+			ExitCode:     runtimeInfo.ExitCode,
+			Error:        "", // can't get yet
+			StartedAt:    runtimeInfo.StartedTime,
+			FinishedAt:   runtimeInfo.FinishedTime,
+			Checkpointed: runtimeInfo.Checkpointed,
 		},
 		Image:           config.RootfsImageID,
 		ImageName:       config.RootfsImageName,
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 9082b136a..4d1a25541 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -584,6 +584,7 @@ func resetState(state *ContainerState) {
 	state.StoppedByUser = false
 	state.RestartPolicyMatch = false
 	state.RestartCount = 0
+	state.Checkpointed = false
 }
 
 // Refresh refreshes the container's state after a restart.
@@ -1110,6 +1111,7 @@ func (c *Container) init(ctx context.Context, retainRetries bool) error {
 		c.state.ExecSessions = make(map[string]*ExecSession)
 	}
 
+	c.state.Checkpointed = false
 	c.state.ExitCode = 0
 	c.state.Exited = false
 	c.state.State = define.ContainerStateCreated
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 847122929..eabe8efd2 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -1,3 +1,4 @@
+//go:build linux
 // +build linux
 
 package libpod
@@ -1145,6 +1146,7 @@ func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointO
 
 	if !options.KeepRunning && !options.PreCheckPoint {
 		c.state.State = define.ContainerStateStopped
+		c.state.Checkpointed = true
 
 		// Cleanup Storage and Network
 		if err := c.cleanup(ctx); err != nil {
@@ -1942,9 +1944,24 @@ func (c *Container) generateHosts(path string) (string, error) {
 	}
 	hosts := string(orig)
 	hosts += c.getHosts()
+
+	hosts = c.appendLocalhost(hosts)
+
 	return c.writeStringToRundir("hosts", hosts)
 }
 
+// based on networking mode we may want to append the localhost
+// if there isn't any record for it and also this shoud happen
+// in slirp4netns and similar network modes.
+func (c *Container) appendLocalhost(hosts string) string {
+	if !strings.Contains(hosts, "localhost") &&
+		!c.config.NetMode.IsHost() {
+		hosts += "127.0.0.1\tlocalhost\n::1\tlocalhost\n"
+	}
+
+	return hosts
+}
+
 // appendHosts appends a container's config and state pertaining to hosts to a container's
 // local hosts file. netCtr is the container from which the netNS information is
 // taken.
diff --git a/libpod/container_internal_linux_test.go b/libpod/container_internal_linux_test.go
index 1465ffbea..899f9bffd 100644
--- a/libpod/container_internal_linux_test.go
+++ b/libpod/container_internal_linux_test.go
@@ -1,3 +1,4 @@
+//go:build linux
 // +build linux
 
 package libpod
@@ -7,6 +8,7 @@ import (
 	"os"
 	"testing"
 
+	"github.com/containers/podman/v3/pkg/namespaces"
 	spec "github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/stretchr/testify/assert"
 )
@@ -68,3 +70,30 @@ func TestGenerateUserGroupEntry(t *testing.T) {
 	}
 	assert.Equal(t, group, "567:x:567:567\n")
 }
+
+func TestAppendLocalhost(t *testing.T) {
+	{
+		c := Container{
+			config: &ContainerConfig{
+				ContainerNetworkConfig: ContainerNetworkConfig{
+					NetMode: namespaces.NetworkMode("slirp4netns"),
+				},
+			},
+		}
+
+		assert.Equal(t, "127.0.0.1\tlocalhost\n::1\tlocalhost\n", c.appendLocalhost(""))
+		assert.Equal(t, "127.0.0.1\tlocalhost", c.appendLocalhost("127.0.0.1\tlocalhost"))
+	}
+	{
+		c := Container{
+			config: &ContainerConfig{
+				ContainerNetworkConfig: ContainerNetworkConfig{
+					NetMode: namespaces.NetworkMode("host"),
+				},
+			},
+		}
+
+		assert.Equal(t, "", c.appendLocalhost(""))
+		assert.Equal(t, "127.0.0.1\tlocalhost", c.appendLocalhost("127.0.0.1\tlocalhost"))
+	}
+}
diff --git a/libpod/container_log.go b/libpod/container_log.go
index 3988bb654..89dd5e8b0 100644
--- a/libpod/container_log.go
+++ b/libpod/container_log.go
@@ -107,16 +107,18 @@ func (c *Container) readFromLogFile(ctx context.Context, options *logs.LogOption
 		// until EOF.
 		state, err := c.State()
 		if err != nil || state != define.ContainerStateRunning {
-			// Make sure to wait at least for the poll duration
-			// before stopping the file logger (see #10675).
-			time.Sleep(watch.POLL_DURATION)
-			tailError := t.StopAtEOF()
-			if tailError != nil && fmt.Sprintf("%v", tailError) != "tail: stop at eof" {
-				logrus.Errorf("Error stopping logger: %v", tailError)
-			}
 			if err != nil && errors.Cause(err) != define.ErrNoSuchCtr {
 				logrus.Errorf("Error getting container state: %v", err)
 			}
+			go func() {
+				// Make sure to wait at least for the poll duration
+				// before stopping the file logger (see #10675).
+				time.Sleep(watch.POLL_DURATION)
+				tailError := t.StopAtEOF()
+				if tailError != nil && tailError.Error() != "tail: stop at eof" {
+					logrus.Errorf("Error stopping logger: %v", tailError)
+				}
+			}()
 			return nil
 		}
 
diff --git a/libpod/define/container_inspect.go b/libpod/define/container_inspect.go
index af8ba6ecf..90703a807 100644
--- a/libpod/define/container_inspect.go
+++ b/libpod/define/container_inspect.go
@@ -189,20 +189,21 @@ type InspectMount struct {
 // Docker, but here we see more fields that are unused (nonsensical in the
 // context of Libpod).
 type InspectContainerState struct {
-	OciVersion  string             `json:"OciVersion"`
-	Status      string             `json:"Status"`
-	Running     bool               `json:"Running"`
-	Paused      bool               `json:"Paused"`
-	Restarting  bool               `json:"Restarting"` // TODO
-	OOMKilled   bool               `json:"OOMKilled"`
-	Dead        bool               `json:"Dead"`
-	Pid         int                `json:"Pid"`
-	ConmonPid   int                `json:"ConmonPid,omitempty"`
-	ExitCode    int32              `json:"ExitCode"`
-	Error       string             `json:"Error"` // TODO
-	StartedAt   time.Time          `json:"StartedAt"`
-	FinishedAt  time.Time          `json:"FinishedAt"`
-	Healthcheck HealthCheckResults `json:"Healthcheck,omitempty"`
+	OciVersion   string             `json:"OciVersion"`
+	Status       string             `json:"Status"`
+	Running      bool               `json:"Running"`
+	Paused       bool               `json:"Paused"`
+	Restarting   bool               `json:"Restarting"` // TODO
+	OOMKilled    bool               `json:"OOMKilled"`
+	Dead         bool               `json:"Dead"`
+	Pid          int                `json:"Pid"`
+	ConmonPid    int                `json:"ConmonPid,omitempty"`
+	ExitCode     int32              `json:"ExitCode"`
+	Error        string             `json:"Error"` // TODO
+	StartedAt    time.Time          `json:"StartedAt"`
+	FinishedAt   time.Time          `json:"FinishedAt"`
+	Healthcheck  HealthCheckResults `json:"Healthcheck,omitempty"`
+	Checkpointed bool               `json:"Checkpointed,omitempty"`
 }
 
 // HealthCheckResults describes the results/logs from a healthcheck
diff --git a/libpod/define/info.go b/libpod/define/info.go
index 95c1196dd..73df80087 100644
--- a/libpod/define/info.go
+++ b/libpod/define/info.go
@@ -36,6 +36,7 @@ type HostInfo struct {
 	Hostname          string           `json:"hostname"`
 	IDMappings        IDMappings       `json:"idMappings,omitempty"`
 	Kernel            string           `json:"kernel"`
+	LogDriver         string           `json:"logDriver"`
 	MemFree           int64            `json:"memFree"`
 	MemTotal          int64            `json:"memTotal"`
 	OCIRuntime        *OCIRuntimeInfo  `json:"ociRuntime"`
diff --git a/libpod/info.go b/libpod/info.go
index 8f4c7f015..31ec9cdc1 100644
--- a/libpod/info.go
+++ b/libpod/info.go
@@ -126,6 +126,7 @@ func (r *Runtime) hostInfo() (*define.HostInfo, error) {
 		Linkmode:          linkmode.Linkmode(),
 		CPUs:              runtime.NumCPU(),
 		Distribution:      hostDistributionInfo,
+		LogDriver:         r.config.Containers.LogDriver,
 		EventLogger:       r.eventer.String(),
 		Hostname:          host,
 		IDMappings:        define.IDMappings{},
diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go
index 353e6af71..c00d83f95 100644
--- a/libpod/oci_conmon_linux.go
+++ b/libpod/oci_conmon_linux.go
@@ -46,7 +46,9 @@ import (
 const (
 	// This is Conmon's STDIO_BUF_SIZE. I don't believe we have access to it
 	// directly from the Go code, so const it here
-	bufferSize = conmonConfig.BufSize
+	// Important: The conmon attach socket uses an extra byte at the beginning of each
+	// message to specify the STREAM so we have to increase the buffer size by one
+	bufferSize = conmonConfig.BufSize + 1
 )
 
 // ConmonOCIRuntime is an OCI runtime managed by Conmon.
diff --git a/libpod/runtime.go b/libpod/runtime.go
index c5f5db531..1c9c56d16 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -15,6 +15,8 @@ import (
 	"syscall"
 	"time"
 
+	"golang.org/x/sys/unix"
+
 	"github.com/containers/buildah/pkg/parse"
 	"github.com/containers/common/libimage"
 	"github.com/containers/common/pkg/config"
@@ -328,6 +330,16 @@ func makeRuntime(ctx context.Context, runtime *Runtime) (retErr error) {
 
 	runtime.mergeDBConfig(dbConfig)
 
+	unified, _ := cgroups.IsCgroup2UnifiedMode()
+	if unified && rootless.IsRootless() && !systemd.IsSystemdSessionValid(rootless.GetRootlessUID()) {
+		// If user is rootless and XDG_RUNTIME_DIR is found, podman will not proceed with /tmp directory
+		// it will try to use existing XDG_RUNTIME_DIR
+		// if current user has no write access to XDG_RUNTIME_DIR we will fail later
+		if unix.Access(runtime.storageConfig.RunRoot, unix.W_OK) != nil {
+			logrus.Warnf("XDG_RUNTIME_DIR is pointing to a path which is not writable. Most likely podman will fail.")
+		}
+	}
+
 	logrus.Debugf("Using graph driver %s", runtime.storageConfig.GraphDriverName)
 	logrus.Debugf("Using graph root %s", runtime.storageConfig.GraphRoot)
 	logrus.Debugf("Using run root %s", runtime.storageConfig.RunRoot)