4 files changed, 65 insertions, 2 deletions
diff --git a/pkg/rootless/rootless.go b/pkg/rootless/rootless.go
index 0b9d719a9..93b4e2e9f 100644
--- a/pkg/rootless/rootless.go
+++ b/pkg/rootless/rootless.go
@@ -137,7 +137,7 @@ func GetAvailableGids() (int64, error) {
 // It assumes availableMappings is sorted by ID.
 func findIDInMappings(id int64, availableMappings []user.IDMap) *user.IDMap {
 	i := sort.Search(len(availableMappings), func(i int) bool {
-		return availableMappings[i].ID >= id
+		return availableMappings[i].ID <= id
 	})
 	if i < 0 || i >= len(availableMappings) {
 		return nil
@@ -157,7 +157,7 @@ func MaybeSplitMappings(mappings []spec.LinuxIDMapping, availableMappings []user
 	overflow.Size = 0
 	consumed := 0
 	sort.Slice(availableMappings, func(i, j int) bool {
-		return availableMappings[i].ID < availableMappings[j].ID
+		return availableMappings[i].ID > availableMappings[j].ID
 	})
 	for {
 		cur := overflow
diff --git a/pkg/rootless/rootless_test.go b/pkg/rootless/rootless_test.go
index ef574099c..fe9b23cdf 100644
--- a/pkg/rootless/rootless_test.go
+++ b/pkg/rootless/rootless_test.go
@@ -98,4 +98,61 @@ func TestMaybeSplitMappings(t *testing.T) {
 	if !reflect.DeepEqual(newMappings, desiredMappings) {
 		t.Fatal("wrong mappings generated")
 	}
+
+	mappings = []spec.LinuxIDMapping{
+		{
+			ContainerID: 0,
+			HostID:      0,
+			Size:        4,
+		},
+	}
+	desiredMappings = []spec.LinuxIDMapping{
+		{
+			ContainerID: 0,
+			HostID:      0,
+			Size:        1,
+		},
+		{
+			ContainerID: 1,
+			HostID:      1,
+			Size:        1,
+		},
+		{
+			ContainerID: 2,
+			HostID:      2,
+			Size:        1,
+		},
+		{
+			ContainerID: 3,
+			HostID:      3,
+			Size:        1,
+		},
+	}
+	availableMappings = []user.IDMap{
+		{
+			ID:       0,
+			ParentID: 0,
+			Count:    1,
+		},
+		{
+			ID:       1,
+			ParentID: 1,
+			Count:    1,
+		},
+		{
+			ID:       2,
+			ParentID: 2,
+			Count:    1,
+		},
+		{
+			ID:       3,
+			ParentID: 3,
+			Count:    1,
+		},
+	}
+
+	newMappings = MaybeSplitMappings(mappings, availableMappings)
+	if !reflect.DeepEqual(newMappings, desiredMappings) {
+		t.Fatal("wrong mappings generated")
+	}
 }
diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
index 01f939022..0090156c9 100644
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@@ -200,6 +200,9 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.
 	if s.Umask != "" {
 		options = append(options, libpod.WithUmask(s.Umask))
 	}
+	if s.Volatile {
+		options = append(options, libpod.WithVolatile())
+	}
 
 	useSystemd := false
 	switch s.Systemd {
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index fdcb7a0e0..5ef2b0653 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -256,6 +256,9 @@ type ContainerStorageConfig struct {
 	// Secrets are the secrets that will be added to the container
 	// Optional.
 	Secrets []string `json:"secrets,omitempty"`
+	// Volatile specifies whether the container storage can be optimized
+	// at the cost of not syncing all the dirty files in memory.
+	Volatile bool `json:"volatile,omitempty"`
 }
 
 // ContainerSecurityConfig is a container's security features, including