4 files changed, 40 insertions, 3 deletions

diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index 94c6c3840..a136fb72d 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -607,10 +607,16 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
 
 	availableUIDs, availableGIDs, err := rootless.GetAvailableIDMaps()
 	if err != nil {
-		return nil, err
+		if os.IsNotExist(err) {
+			// The kernel-provided files only exist if user namespaces are supported
+			logrus.Debugf("user or group ID mappings not available: %s", err)
+		} else {
+			return nil, err
+		}
+	} else {
+		g.Config.Linux.UIDMappings = rootless.MaybeSplitMappings(g.Config.Linux.UIDMappings, availableUIDs)
+		g.Config.Linux.GIDMappings = rootless.MaybeSplitMappings(g.Config.Linux.GIDMappings, availableGIDs)
 	}
-	g.Config.Linux.UIDMappings = rootless.MaybeSplitMappings(g.Config.Linux.UIDMappings, availableUIDs)
-	g.Config.Linux.GIDMappings = rootless.MaybeSplitMappings(g.Config.Linux.GIDMappings, availableGIDs)
 
 	// Hostname handling:
 	// If we have a UTS namespace, set Hostname in the OCI spec.
diff --git a/libpod/image/docker_registry_options.go b/libpod/image/docker_registry_options.go
index 0a2a375ae..d95234e3d 100644
--- a/libpod/image/docker_registry_options.go
+++ b/libpod/image/docker_registry_options.go
@@ -69,6 +69,7 @@ func GetSystemContext(signaturePolicyPath, authFilePath string, forceCompress bo
 	sc.AuthFilePath = authFilePath
 	sc.DirForceCompress = forceCompress
 	sc.DockerRegistryUserAgent = fmt.Sprintf("libpod/%s", podmanVersion.Version)
+	sc.BigFilesTemporaryDir = parse.GetTempDir()
 
 	return sc
 }
diff --git a/libpod/image/image_test.go b/libpod/image/image_test.go
index d95a22f76..2b42d6394 100644
--- a/libpod/image/image_test.go
+++ b/libpod/image/image_test.go
@@ -9,6 +9,7 @@ import (
 
 	"github.com/containers/podman/v3/libpod/events"
 	"github.com/containers/podman/v3/pkg/util"
+	podmanVersion "github.com/containers/podman/v3/version"
 	"github.com/containers/storage"
 	"github.com/containers/storage/pkg/reexec"
 	"github.com/opencontainers/go-digest"
@@ -293,3 +294,25 @@ func TestNormalizedTag(t *testing.T) {
 		}
 	}
 }
+
+func TestGetSystemContext(t *testing.T) {
+	sc := GetSystemContext("", "", false)
+	assert.Equal(t, sc.SignaturePolicyPath, "")
+	assert.Equal(t, sc.AuthFilePath, "")
+	assert.Equal(t, sc.DirForceCompress, false)
+	assert.Equal(t, sc.DockerRegistryUserAgent, fmt.Sprintf("libpod/%s", podmanVersion.Version))
+	assert.Equal(t, sc.BigFilesTemporaryDir, "/var/tmp")
+
+	oldtmpdir := os.Getenv("TMPDIR")
+	os.Setenv("TMPDIR", "/mnt")
+	sc = GetSystemContext("/tmp/foo", "/tmp/bar", true)
+	assert.Equal(t, sc.SignaturePolicyPath, "/tmp/foo")
+	assert.Equal(t, sc.AuthFilePath, "/tmp/bar")
+	assert.Equal(t, sc.DirForceCompress, true)
+	assert.Equal(t, sc.BigFilesTemporaryDir, "/mnt")
+	if oldtmpdir != "" {
+		os.Setenv("TMPDIR", oldtmpdir)
+	} else {
+		os.Unsetenv("TMPDIR")
+	}
+}
diff --git a/libpod/image/prune.go b/libpod/image/prune.go
index 7ee3e077e..12727901a 100644
--- a/libpod/image/prune.go
+++ b/libpod/image/prune.go
@@ -2,6 +2,7 @@ package image
 
 import (
 	"context"
+	"strconv"
 	"strings"
 
 	"github.com/containers/podman/v3/libpod/events"
@@ -34,6 +35,12 @@ func generatePruneFilterFuncs(filter, filterValue string) (ImageFilter, error) {
 			}
 			return false
 		}, nil
+	case "dangling":
+		danglingImages, err := strconv.ParseBool(filterValue)
+		if err != nil {
+			return nil, errors.Wrapf(err, "invalid filter dangling=%s", filterValue)
+		}
+		return ImageFilter(DanglingFilter(danglingImages)), nil
 	}
 	return nil, nil
 }