7 files changed, 21 insertions, 59 deletions

diff --git a/pkg/domain/entities/play.go b/pkg/domain/entities/play.go
index 39234caf8..43fa3a712 100644
--- a/pkg/domain/entities/play.go
+++ b/pkg/domain/entities/play.go
@@ -11,7 +11,7 @@ type PlayKubeOptions struct {
 	// Authfile - path to an authentication file.
 	Authfile string
 	// Indicator to build all images with Containerfile or Dockerfile
-	Build bool
+	Build types.OptionalBool
 	// CertDir - to a directory containing TLS certifications and keys.
 	CertDir string
 	// Down indicates whether to bring contents of a yaml file "down"
diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go
index 25e8f8556..1cd80a6d2 100644
--- a/pkg/domain/infra/abi/play.go
+++ b/pkg/domain/infra/abi/play.go
@@ -486,7 +486,7 @@ func (ic *ContainerEngine) getImageAndLabelInfo(ctx context.Context, cwd string,
 	if err != nil {
 		return nil, nil, err
 	}
-	if (len(buildFile) > 0 && !existsLocally) || (len(buildFile) > 0 && options.Build) {
+	if (len(buildFile) > 0) && ((!existsLocally && options.Build != types.OptionalBoolFalse) || (options.Build == types.OptionalBoolTrue)) {
 		buildOpts := new(buildahDefine.BuildOptions)
 		commonOpts := new(buildahDefine.CommonBuildOptions)
 		buildOpts.ConfigureNetwork = buildahDefine.NetworkDefault
diff --git a/pkg/specgenutil/volumes.go b/pkg/specgenutil/volumes.go
index 6b9624ebb..2bd79b186 100644
--- a/pkg/specgenutil/volumes.go
+++ b/pkg/specgenutil/volumes.go
@@ -356,7 +356,11 @@ func getBindMount(args []string) (spec.Mount, error) {
 			}
 			setOwnership = true
 		case "idmap":
-			newMount.Options = append(newMount.Options, "idmap")
+			if len(kv) > 1 {
+				newMount.Options = append(newMount.Options, fmt.Sprintf("idmap=%s", kv[1]))
+			} else {
+				newMount.Options = append(newMount.Options, "idmap")
+			}
 		case "consistency":
 			// Often used on MACs and mistakenly on Linux platforms.
 			// Since Docker ignores this option so shall we.
diff --git a/pkg/util/mountOpts.go b/pkg/util/mountOpts.go
index d8b14c0df..2a0101791 100644
--- a/pkg/util/mountOpts.go
+++ b/pkg/util/mountOpts.go
@@ -45,14 +45,18 @@ func ProcessOptions(options []string, isTmpfs bool, sourcePath string) ([]string
 			}
 		}
 
-		switch splitOpt[0] {
-		case "O":
-			foundOverlay = true
-		case "idmap":
+		if strings.HasPrefix(splitOpt[0], "idmap") {
 			if foundIdmap {
 				return nil, errors.Wrapf(ErrDupeMntOption, "the 'idmap' option can only be set once")
 			}
 			foundIdmap = true
+			newOptions = append(newOptions, opt)
+			continue
+		}
+
+		switch splitOpt[0] {
+		case "O":
+			foundOverlay = true
 		case "exec", "noexec":
 			if foundExec {
 				return nil, errors.Wrapf(ErrDupeMntOption, "only one of 'noexec' and 'exec' can be used")
diff --git a/pkg/util/utils.go b/pkg/util/utils.go
index 925ff9830..bdd1e1383 100644
--- a/pkg/util/utils.go
+++ b/pkg/util/utils.go
@@ -463,8 +463,6 @@ func ParseIDMapping(mode namespaces.UsernsMode, uidMapSlice, gidMapSlice []strin
 var (
 	rootlessConfigHomeDirOnce sync.Once
 	rootlessConfigHomeDir     string
-	rootlessRuntimeDirOnce    sync.Once
-	rootlessRuntimeDir        string
 )
 
 type tomlOptionsConfig struct {
diff --git a/pkg/util/utils_linux.go b/pkg/util/utils_linux.go
index 288137ca5..1cffab19d 100644
--- a/pkg/util/utils_linux.go
+++ b/pkg/util/utils_linux.go
@@ -39,8 +39,10 @@ func FindDeviceNodes() (map[string]string, error) {
 		if !ok {
 			return errors.Errorf("Could not convert stat output for use")
 		}
-		major := sysstat.Rdev / 256
-		minor := sysstat.Rdev % 256
+		// We must typeconvert sysstat.Rdev from uint64->int to avoid constant overflow
+		rdev := int(sysstat.Rdev)
+		major := ((rdev >> 8) & 0xfff) | ((rdev >> 32) & ^0xfff)
+		minor := (rdev & 0xff) | ((rdev >> 12) & ^0xff)
 
 		nodes[fmt.Sprintf("%d:%d", major, minor)] = path
 
diff --git a/pkg/util/utils_supported.go b/pkg/util/utils_supported.go
index 848b35a45..e9d6bfa31 100644
--- a/pkg/util/utils_supported.go
+++ b/pkg/util/utils_supported.go
@@ -6,67 +6,21 @@ package util
 //  should work to take darwin from this
 
 import (
-	"fmt"
 	"os"
 	"path/filepath"
 	"syscall"
 
+	cutil "github.com/containers/common/pkg/util"
 	"github.com/containers/podman/v4/pkg/rootless"
 	"github.com/pkg/errors"
-	"github.com/sirupsen/logrus"
 )
 
 // GetRuntimeDir returns the runtime directory
 func GetRuntimeDir() (string, error) {
-	var rootlessRuntimeDirError error
-
 	if !rootless.IsRootless() {
 		return "", nil
 	}
-
-	rootlessRuntimeDirOnce.Do(func() {
-		runtimeDir := os.Getenv("XDG_RUNTIME_DIR")
-		uid := fmt.Sprintf("%d", rootless.GetRootlessUID())
-		if runtimeDir == "" {
-			tmpDir := filepath.Join("/run", "user", uid)
-			if err := os.MkdirAll(tmpDir, 0700); err != nil {
-				logrus.Debug(err)
-			}
-			st, err := os.Stat(tmpDir)
-			if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && (st.Mode().Perm()&0700 == 0700) {
-				runtimeDir = tmpDir
-			}
-		}
-		if runtimeDir == "" {
-			tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("podman-run-%s", uid))
-			if err := os.MkdirAll(tmpDir, 0700); err != nil {
-				logrus.Debug(err)
-			}
-			st, err := os.Stat(tmpDir)
-			if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && (st.Mode().Perm()&0700 == 0700) {
-				runtimeDir = tmpDir
-			}
-		}
-		if runtimeDir == "" {
-			home := os.Getenv("HOME")
-			if home == "" {
-				rootlessRuntimeDirError = fmt.Errorf("neither XDG_RUNTIME_DIR nor HOME was set non-empty")
-				return
-			}
-			resolvedHome, err := filepath.EvalSymlinks(home)
-			if err != nil {
-				rootlessRuntimeDirError = errors.Wrapf(err, "cannot resolve %s", home)
-				return
-			}
-			runtimeDir = filepath.Join(resolvedHome, "rundir")
-		}
-		rootlessRuntimeDir = runtimeDir
-	})
-
-	if rootlessRuntimeDirError != nil {
-		return "", rootlessRuntimeDirError
-	}
-	return rootlessRuntimeDir, nil
+	return cutil.GetRuntimeDir()
 }
 
 // GetRootlessConfigHomeDir returns the config home directory when running as non root