7 files changed, 48 insertions, 13 deletions
diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go
index d47f27134..51013acf1 100644
--- a/pkg/api/handlers/libpod/images.go
+++ b/pkg/api/handlers/libpod/images.go
@@ -636,6 +636,7 @@ func SearchImages(w http.ResponseWriter, r *http.Request) {
 	query := struct {
 		Term      string   `json:"term"`
 		Limit     int      `json:"limit"`
+		NoTrunc   bool     `json:"noTrunc"`
 		Filters   []string `json:"filters"`
 		TLSVerify bool     `json:"tlsVerify"`
 	}{
@@ -648,7 +649,8 @@ func SearchImages(w http.ResponseWriter, r *http.Request) {
 	}
 
 	options := image.SearchOptions{
-		Limit: query.Limit,
+		Limit:   query.Limit,
+		NoTrunc: query.NoTrunc,
 	}
 	if _, found := r.URL.Query()["tlsVerify"]; found {
 		options.InsecureSkipTLSVerify = types.NewOptionalBool(!query.TLSVerify)
@@ -675,7 +677,7 @@ func SearchImages(w http.ResponseWriter, r *http.Request) {
 	for i := range searchResults {
 		reports[i].Index = searchResults[i].Index
 		reports[i].Name = searchResults[i].Name
-		reports[i].Description = searchResults[i].Index
+		reports[i].Description = searchResults[i].Description
 		reports[i].Stars = searchResults[i].Stars
 		reports[i].Official = searchResults[i].Official
 		reports[i].Automated = searchResults[i].Automated
diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go
index 7f060d098..cb4ce4fe7 100644
--- a/pkg/api/server/register_images.go
+++ b/pkg/api/server/register_images.go
@@ -972,6 +972,10 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
 	//    type: integer
 	//    description: maximum number of results
 	//  - in: query
+	//    name: noTrunc
+	//    type: boolean
+	//    description: do not truncate any of the result strings
+	//  - in: query
 	//    name: filters
 	//    type: string
 	//    description: |
diff --git a/pkg/api/server/register_ping.go b/pkg/api/server/register_ping.go
index 4a8d2c768..4e299008c 100644
--- a/pkg/api/server/register_ping.go
+++ b/pkg/api/server/register_ping.go
@@ -9,9 +9,8 @@ import (
 
 func (s *APIServer) registerPingHandlers(r *mux.Router) error {
 
-	r.Handle("/_ping", s.APIHandler(compat.Ping)).Methods(http.MethodGet)
-	r.Handle("/_ping", s.APIHandler(compat.Ping)).Methods(http.MethodHead)
-
+	r.Handle("/_ping", s.APIHandler(compat.Ping)).Methods(http.MethodGet, http.MethodHead)
+	r.Handle(VersionedPath("/_ping"), s.APIHandler(compat.Ping)).Methods(http.MethodGet, http.MethodHead)
 	// swagger:operation GET /libpod/_ping libpod libpodPingGet
 	// ---
 	//   summary: Ping service
@@ -62,7 +61,7 @@ func (s *APIServer) registerPingHandlers(r *mux.Router) error {
 	//               determine if talking to Podman engine or another engine
 	//     500:
 	//       $ref: "#/responses/InternalError"
-	r.Handle("/libpod/_ping", s.APIHandler(compat.Ping)).Methods(http.MethodGet)
-	r.Handle("/libpod/_ping", s.APIHandler(compat.Ping)).Methods(http.MethodHead)
+	r.Handle("/libpod/_ping", s.APIHandler(compat.Ping)).Methods(http.MethodGet, http.MethodHead)
+	r.Handle(VersionedPath("/libpod/_ping"), s.APIHandler(compat.Ping)).Methods(http.MethodGet, http.MethodHead)
 	return nil
 }
diff --git a/pkg/bindings/images/images.go b/pkg/bindings/images/images.go
index fc8c9996e..12d1a9ce9 100644
--- a/pkg/bindings/images/images.go
+++ b/pkg/bindings/images/images.go
@@ -439,6 +439,7 @@ func Search(ctx context.Context, term string, opts entities.ImageSearchOptions)
 	params := url.Values{}
 	params.Set("term", term)
 	params.Set("limit", strconv.Itoa(opts.Limit))
+	params.Set("noTrunc", strconv.FormatBool(opts.NoTrunc))
 	for _, f := range opts.Filters {
 		params.Set("filters", f)
 	}
diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c
index d3e43e44d..eaf2d4551 100644
--- a/pkg/rootless/rootless_linux.c
+++ b/pkg/rootless/rootless_linux.c
@@ -860,7 +860,7 @@ reexec_in_user_namespace (int ready, char *pause_pid_file_path, char *file_to_re
       fprintf (stderr, "cannot read from sync pipe: %s\n", strerror (errno));
       _exit (EXIT_FAILURE);
     }
-  if (b != '0')
+  if (ret != 1 || b != '0')
     _exit (EXIT_FAILURE);
 
   if (syscall_setresgid (0, 0, 0) < 0)
diff --git a/pkg/rootless/rootless_linux.go b/pkg/rootless/rootless_linux.go
index b1f200cc2..ccc8a1d94 100644
--- a/pkg/rootless/rootless_linux.go
+++ b/pkg/rootless/rootless_linux.go
@@ -97,7 +97,11 @@ func GetRootlessGID() int {
 	return os.Getegid()
 }
 
-func tryMappingTool(tool string, pid int, hostID int, mappings []idtools.IDMap) error {
+func tryMappingTool(uid bool, pid int, hostID int, mappings []idtools.IDMap) error {
+	var tool = "newuidmap"
+	if !uid {
+		tool = "newgidmap"
+	}
 	path, err := exec.LookPath(tool)
 	if err != nil {
 		return errors.Wrapf(err, "cannot find %s", tool)
@@ -110,6 +114,15 @@ func tryMappingTool(tool string, pid int, hostID int, mappings []idtools.IDMap)
 	args := []string{path, fmt.Sprintf("%d", pid)}
 	args = appendTriplet(args, 0, hostID, 1)
 	for _, i := range mappings {
+		if hostID >= i.HostID && hostID < i.HostID+i.Size {
+			what := "UID"
+			where := "/etc/subuid"
+			if !uid {
+				what = "GID"
+				where = "/etc/subgid"
+			}
+			return errors.Errorf("invalid configuration: the specified mapping %d:%d in %q includes the user %s", i.HostID, i.Size, where, what)
+		}
 		args = appendTriplet(args, i.ContainerID+1, i.HostID, i.Size)
 	}
 	cmd := exec.Cmd{
@@ -175,7 +188,7 @@ func GetConfiguredMappings() ([]idtools.IDMap, []idtools.IDMap, error) {
 	return uids, gids, nil
 }
 
-func becomeRootInUserNS(pausePid, fileToRead string, fileOutput *os.File) (bool, int, error) {
+func becomeRootInUserNS(pausePid, fileToRead string, fileOutput *os.File) (_ bool, _ int, retErr error) {
 	if os.Geteuid() == 0 || os.Getenv("_CONTAINERS_USERNS_CONFIGURED") != "" {
 		if os.Getenv("_CONTAINERS_USERNS_CONFIGURED") == "init" {
 			return false, 0, runInUser()
@@ -205,7 +218,11 @@ func becomeRootInUserNS(pausePid, fileToRead string, fileOutput *os.File) (bool,
 	defer errorhandling.CloseQuiet(r)
 	defer errorhandling.CloseQuiet(w)
 	defer func() {
-		if _, err := w.Write([]byte("0")); err != nil {
+		toWrite := []byte("0")
+		if retErr != nil {
+			toWrite = []byte("1")
+		}
+		if _, err := w.Write(toWrite); err != nil {
 			logrus.Errorf("failed to write byte 0: %q", err)
 		}
 	}()
@@ -223,7 +240,11 @@ func becomeRootInUserNS(pausePid, fileToRead string, fileOutput *os.File) (bool,
 
 	uidsMapped := false
 	if uids != nil {
-		err := tryMappingTool("newuidmap", pid, os.Geteuid(), uids)
+		err := tryMappingTool(true, pid, os.Geteuid(), uids)
+		// If some mappings were specified, do not ignore the error
+		if err != nil && len(uids) > 0 {
+			return false, -1, err
+		}
 		uidsMapped = err == nil
 	}
 	if !uidsMapped {
@@ -245,7 +266,11 @@ func becomeRootInUserNS(pausePid, fileToRead string, fileOutput *os.File) (bool,
 
 	gidsMapped := false
 	if gids != nil {
-		err := tryMappingTool("newgidmap", pid, os.Getegid(), gids)
+		err := tryMappingTool(false, pid, os.Getegid(), gids)
+		// If some mappings were specified, do not ignore the error
+		if err != nil && len(gids) > 0 {
+			return false, -1, err
+		}
 		gidsMapped = err == nil
 	}
 	if !gidsMapped {
diff --git a/pkg/specgen/generate/namespaces.go b/pkg/specgen/generate/namespaces.go
index b8ab1399e..7adb8be6a 100644
--- a/pkg/specgen/generate/namespaces.go
+++ b/pkg/specgen/generate/namespaces.go
@@ -462,6 +462,10 @@ func specConfigureNamespaces(s *specgen.SpecGenerator, g *generate.Generator, rt
 func GetNamespaceOptions(ns []string) ([]libpod.PodCreateOption, error) {
 	var options []libpod.PodCreateOption
 	var erroredOptions []libpod.PodCreateOption
+	if ns == nil {
+		//set the default namespaces
+		ns = strings.Split(specgen.DefaultKernelNamespaces, ",")
+	}
 	for _, toShare := range ns {
 		switch toShare {
 		case "cgroup":