6 files changed, 152 insertions, 1 deletions
diff --git a/test/system/011-image.bats b/test/system/011-image.bats
new file mode 100644
index 000000000..5150e875e
--- /dev/null
+++ b/test/system/011-image.bats
@@ -0,0 +1,54 @@
+#!/usr/bin/env bats
+
+load helpers
+
+function setup() {
+    skip_if_remote "--sign-by does not work with podman-remote"
+
+    basic_setup
+
+    export _GNUPGHOME_TMP=$PODMAN_TMPDIR/.gnupg
+    mkdir --mode=0700 $_GNUPGHOME_TMP $PODMAN_TMPDIR/signatures
+
+    cat >$PODMAN_TMPDIR/keydetails <<EOF
+    %echo Generating a basic OpenPGP key
+    Key-Type: RSA
+    Key-Length: 2048
+    Subkey-Type: RSA
+    Subkey-Length: 2048
+    Name-Real: Foo
+    Name-Comment: Foo
+    Name-Email: foo@bar.com
+    Expire-Date: 0
+    %no-ask-passphrase
+    %no-protection
+    # Do a commit here, so that we can later print "done" :-)
+    %commit
+    %echo done
+EOF
+    GNUPGHOME=$_GNUPGHOME_TMP gpg --verbose --batch --gen-key $PODMAN_TMPDIR/keydetails
+}
+
+function check_signature() {
+    local sigfile=$1
+    ls -laR $PODMAN_TMPDIR/signatures
+    run_podman inspect --format '{{.Digest}}' $PODMAN_TEST_IMAGE_FQN
+    local repodigest=${output/:/=}
+
+    local dir="$PODMAN_TMPDIR/signatures/libpod/${PODMAN_TEST_IMAGE_NAME}@${repodigest}"
+    test -d $dir || die "Missing signature directory $dir"
+    test -e "$dir/$sigfile" || die "Missing signature file '$sigfile'"
+
+    # Confirm good signature
+    run env GNUPGHOME=$_GNUPGHOME_TMP gpg --verify "$dir/$sigfile"
+    is "$output" ".*Good signature from .Foo.*<foo@bar.com>" \
+       "gpg --verify $sigfile"
+}
+
+
+@test "podman image - sign with no sigfile" {
+    GNUPGHOME=$_GNUPGHOME_TMP run_podman image sign --sign-by foo@bar.com --directory $PODMAN_TMPDIR/signatures  "docker://$PODMAN_TEST_IMAGE_FQN"
+    check_signature "signature-1"
+}
+
+# vim: filetype=sh
diff --git a/test/system/035-logs.bats b/test/system/035-logs.bats
index 7fb3e62e4..44984eaad 100644
--- a/test/system/035-logs.bats
+++ b/test/system/035-logs.bats
@@ -89,6 +89,27 @@ ${cid[0]} d"   "Sequential output from logs"
     _log_test_multi journald
 }
 
+function _log_test_restarted() {
+    run_podman run --log-driver=$1 --name logtest $IMAGE sh -c 'start=0; if test -s log; then start=`tail -n 1 log`; fi; seq `expr $start + 1` `expr $start + 10` | tee -a log'
+    run_podman start -a logtest
+    logfile=$(mktemp -p ${PODMAN_TMPDIR} logfileXXXXXXXX)
+    $PODMAN $_PODMAN_TEST_OPTS logs -f logtest > $logfile
+    expected=$(mktemp -p ${PODMAN_TMPDIR} expectedXXXXXXXX)
+    seq 1 20  > $expected
+    diff -u ${expected} ${logfile}
+}
+
+@test "podman logs restarted - k8s-file" {
+    _log_test_restarted k8s-file
+}
+
+@test "podman logs restarted journald" {
+    # We can't use journald on RHEL as rootless: rhbz#1895105
+    skip_if_journald_unavailable
+
+    _log_test_restarted journald
+}
+
 @test "podman logs - journald log driver requires journald events backend" {
     skip_if_remote "remote does not support --events-backend"
     # We can't use journald on RHEL as rootless: rhbz#1895105
diff --git a/test/system/090-events.bats b/test/system/090-events.bats
index 1fb542ccd..5af6a3793 100644
--- a/test/system/090-events.bats
+++ b/test/system/090-events.bats
@@ -102,6 +102,17 @@ function _events_disjunctive_filters() {
     _events_disjunctive_filters --events-backend=journald
 }
 
+@test "events with file backend and journald logdriver with --follow failure" {
+    skip_if_remote "remote does not support --events-backend"
+    skip_if_journald_unavailable "system does not support journald events"
+    run_podman --events-backend=file run --log-driver=journald --name=test $IMAGE echo hi
+    is "$output" "hi" "Should support events-backend=file"
+
+    run_podman 125 --events-backend=file logs --follow test
+    is "$output" "Error: using --follow with the journald --log-driver but without the journald --events-backend (file) is not supported" "Should fail with reasonable error message when events-backend and events-logger do not match"
+
+}
+
 @test "events with disjunctive filters - default" {
     _events_disjunctive_filters ""
 }
diff --git a/test/system/250-systemd.bats b/test/system/250-systemd.bats
index 98241c309..1c778a5e3 100644
--- a/test/system/250-systemd.bats
+++ b/test/system/250-systemd.bats
@@ -9,6 +9,7 @@ load helpers.systemd
 SERVICE_NAME="podman_test_$(random_string)"
 
 UNIT_FILE="$UNIT_DIR/$SERVICE_NAME.service"
+TEMPLATE_FILE_PREFIX="$UNIT_DIR/$SERVICE_NAME"
 
 function setup() {
     skip_if_remote "systemd tests are meaningless over remote"
@@ -201,4 +202,62 @@ LISTEN_FDNAMES=listen_fdnames" "LISTEN Environment passed: $context"
     check_listen_env "$stdenv" "podman start"
 }
 
+@test "podman generate - systemd template" {
+    cname=$(random_string)
+    run_podman create --name $cname $IMAGE top
+
+    run_podman generate systemd --template -n $cname
+    echo "$output" > "$TEMPLATE_FILE_PREFIX@.service"
+    run_podman rm -f $cname
+
+    systemctl daemon-reload
+
+    INSTANCE="$SERVICE_NAME@1.service"
+    run systemctl start "$INSTANCE"
+    if [ $status -ne 0 ]; then
+        die "Error starting systemd unit $INSTANCE, output: $output"
+    fi
+
+    run systemctl status "$INSTANCE"
+    if [ $status -ne 0 ]; then
+        die "Non-zero status of systemd unit $INSTANCE, output: $output"
+    fi
+
+    run systemctl stop "$INSTANCE"
+    if [ $status -ne 0 ]; then
+        die "Error stopping systemd unit $INSTANCE, output: $output"
+    fi
+
+    if [[ -z "$status" ]]; then
+        run systemctl is-active "$INSTANCE"
+        if [ $status -ne 0 ]; then
+            die "Error checking stauts of systemd unit $INSTANCE, output: $output"
+        fi
+        is "$output" "$status" "$INSTANCE not in expected state"
+    fi
+
+    rm -f "$TEMPLATE_FILE_PREFIX@.service"
+    systemctl daemon-reload
+}
+
+@test "podman generate - systemd template no support for pod" {
+    cname=$(random_string)
+    podname=$(random_string)
+    run_podman pod create --name $podname
+    run_podman run --pod $podname -dt --name $cname $IMAGE top
+
+    run_podman 125 generate systemd --new --template -n $podname
+    is "$output" ".*--template is not supported for pods.*" "Error message contains 'not supported'"
+
+    run_podman rm -f $cname
+    run_podman pod rm -f $podname
+}
+
+@test "podman generate - systemd template only used on --new" {
+    cname=$(random_string)
+    run_podman create --name $cname $IMAGE top
+    run_podman 125 generate systemd --new=false --template -n $cname
+    is "$output" ".*--template cannot be set" "Error message should be '--template requires --new'"
+}
+
 # vim: filetype=sh
diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats
index 21350ed36..deadfa90a 100644
--- a/test/system/500-networking.bats
+++ b/test/system/500-networking.bats
@@ -172,7 +172,7 @@ load helpers
 
     # FIXME: debugging for #11871
     run_podman exec $cid cat /etc/resolv.conf
-    if is_rootless; then
+    if is_rootless && ! is_remote; then
         run_podman unshare --rootless-cni cat /etc/resolv.conf
     fi
     ps uxww
diff --git a/test/system/700-play.bats b/test/system/700-play.bats
index 8cf279ada..c3e5e9354 100644
--- a/test/system/700-play.bats
+++ b/test/system/700-play.bats
@@ -76,6 +76,12 @@ RELABEL="system_u:object_r:container_file_t:s0"
        is "$output" "${RELABEL} $TESTDIR" "selinux relabel should have happened"
     fi
 
+    # Make sure that the K8s pause image isn't pulled but the local podman-pause is built.
+    run_podman images
+    run_podman 1 image exists k8s.gcr.io/pause
+    run_podman version --format "{{.Server.Version}}-{{.Server.Built}}"
+    run_podman image exists localhost/podman-pause:$output
+
     run_podman stop -a -t 0
     run_podman pod rm -t 0 -f test_pod
 }