9 files changed, 337 insertions, 7 deletions

diff --git a/test/apiv2/25-containersMore.at b/test/apiv2/25-containersMore.at
new file mode 100644
index 000000000..e0e6f7222
--- /dev/null
+++ b/test/apiv2/25-containersMore.at
@@ -0,0 +1,55 @@
+# -*- sh -*-
+#
+# test more container-related endpoints
+#
+
+podman pull $IMAGE &>/dev/null
+
+# Ensure clean slate
+podman rm -a -f &>/dev/null
+
+podman run -d --name foo $IMAGE top
+
+# Check exists for none such
+t GET libpod/containers/nonesuch/exists 404
+
+# Check container foo exists
+t GET libpod/containers/foo/exists 204
+
+# Pause the container
+t POST libpod/containers/foo/pause '' 204
+
+t GET libpod/containers/foo/json 200 \
+  .Id~[0-9a-f]\\{64\\} \
+  .State.Status=paused \
+  .ImageName=$IMAGE \
+  .Config.Cmd[0]=top \
+  .Name=foo
+
+# Unpause the container
+t POST libpod/containers/foo/unpause '' 204
+
+t GET libpod/containers/foo/json 200 \
+  .Id~[0-9a-f]\\{64\\} \
+  .State.Status=running \
+  .ImageName=$IMAGE \
+  .Config.Cmd[0]=top \
+  .Name=foo
+
+# List processes of the container
+t GET libpod/containers/foo/top 200 \
+  length=2
+
+# List processes of none such
+t GET libpod/containers/nonesuch/top 404
+
+# Mount the container to host filesystem
+t POST libpod/containers/foo/mount '' 200
+like "$output" ".*merged" "Check container mount"
+
+# Unmount the container
+t POST libpod/containers/foo/unmount '' 204
+
+t DELETE libpod/containers/foo?force=true 204
+
+# vim: filetype=sh
diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go
index 1ec8d51c1..3c3fb5a4d 100644
--- a/test/e2e/generate_kube_test.go
+++ b/test/e2e/generate_kube_test.go
@@ -151,6 +151,38 @@ var _ = Describe("Podman generate kube", func() {
 		Expect(numContainers).To(Equal(1))
 	})
 
+	It("podman generate kube on pod with hostAliases", func() {
+		podName := "testHost"
+		testIP := "127.0.0.1"
+		podSession := podmanTest.Podman([]string{"pod", "create", "--name", podName,
+			"--add-host", "test1.podman.io" + ":" + testIP,
+			"--add-host", "test2.podman.io" + ":" + testIP,
+		})
+		podSession.WaitWithDefaultTimeout()
+		Expect(podSession.ExitCode()).To(Equal(0))
+
+		ctr1Name := "ctr1"
+		ctr1Session := podmanTest.Podman([]string{"create", "--name", ctr1Name, "--pod", podName, ALPINE, "top"})
+		ctr1Session.WaitWithDefaultTimeout()
+		Expect(ctr1Session.ExitCode()).To(Equal(0))
+
+		ctr2Name := "ctr2"
+		ctr2Session := podmanTest.Podman([]string{"create", "--name", ctr2Name, "--pod", podName, ALPINE, "top"})
+		ctr2Session.WaitWithDefaultTimeout()
+		Expect(ctr2Session.ExitCode()).To(Equal(0))
+
+		kube := podmanTest.Podman([]string{"generate", "kube", podName})
+		kube.WaitWithDefaultTimeout()
+		Expect(kube.ExitCode()).To(Equal(0))
+
+		pod := new(v1.Pod)
+		err := yaml.Unmarshal(kube.Out.Contents(), pod)
+		Expect(err).To(BeNil())
+		Expect(len(pod.Spec.HostAliases)).To(Equal(2))
+		Expect(pod.Spec.HostAliases[0].IP).To(Equal(testIP))
+		Expect(pod.Spec.HostAliases[1].IP).To(Equal(testIP))
+	})
+
 	It("podman generate service kube on pod", func() {
 		_, rc, _ := podmanTest.CreatePod("toppod")
 		Expect(rc).To(Equal(0))
diff --git a/test/e2e/generate_systemd_test.go b/test/e2e/generate_systemd_test.go
index 60d9162d1..cd3ee6e0a 100644
--- a/test/e2e/generate_systemd_test.go
+++ b/test/e2e/generate_systemd_test.go
@@ -1,5 +1,3 @@
-// +build !remote
-
 package integration
 
 import (
@@ -61,7 +59,7 @@ var _ = Describe("Podman generate systemd", func() {
 		session = podmanTest.Podman([]string{"generate", "systemd", "--restart-policy", "bogus", "foobar"})
 		session.WaitWithDefaultTimeout()
 		Expect(session).To(ExitWithError())
-		found, _ := session.ErrorGrepString("Error: bogus is not a valid restart policy")
+		found, _ := session.ErrorGrepString("bogus is not a valid restart policy")
 		Expect(found).Should(BeTrue())
 	})
 
@@ -383,4 +381,15 @@ var _ = Describe("Podman generate systemd", func() {
 		found, _ = session.GrepString("pod rm --ignore -f --pod-id-file %t/pod-foo.pod-id")
 		Expect(found).To(BeTrue())
 	})
+
+	It("podman generate systemd --format json", func() {
+		n := podmanTest.Podman([]string{"create", "--name", "foo", ALPINE})
+		n.WaitWithDefaultTimeout()
+		Expect(n.ExitCode()).To(Equal(0))
+
+		session := podmanTest.Podman([]string{"generate", "systemd", "--format", "json", "foo"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		Expect(session.IsJSONOutputValid()).To(BeTrue())
+	})
 })
diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go
index 053e27126..121cea017 100644
--- a/test/e2e/play_kube_test.go
+++ b/test/e2e/play_kube_test.go
@@ -42,6 +42,14 @@ metadata:
 
 spec:
   hostname: {{ .Hostname }}
+  hostAliases:
+{{ range .HostAliases }}
+  - hostnames:
+  {{ range .HostName }}
+    - {{ . }}
+  {{ end }}
+    ip: {{ .IP }}
+{{ end }}
   containers:
 {{ with .Ctrs }}
   {{ range . }}
@@ -94,6 +102,15 @@ spec:
     {{ end }}
   {{ end }}
 {{ end }}
+{{ with .Volumes }}
+  volumes:
+  {{ range . }}
+  - name: {{ .Name }}
+    hostPath:
+      path: {{ .Path }}
+      type: {{ .Type }}
+  {{ end }}
+{{ end }}
 status: {}
 `
 
@@ -186,6 +203,7 @@ var (
 	defaultCtrArg         = []string{"-d", "1.5"}
 	defaultCtrImage       = ALPINE
 	defaultPodName        = "testPod"
+	defaultVolName        = "testVol"
 	defaultDeploymentName = "testDeployment"
 	seccompPwdEPERM       = []byte(`{"defaultAction":"SCMP_ACT_ALLOW","syscalls":[{"name":"getcwd","action":"SCMP_ACT_ERRNO"}]}`)
 )
@@ -239,15 +257,22 @@ func generateDeploymentKubeYaml(deployment *Deployment, fileName string) error {
 type Pod struct {
 	Name        string
 	Hostname    string
+	HostAliases []HostAlias
 	Ctrs        []*Ctr
+	Volumes     []*Volume
 	Annotations map[string]string
 }
 
+type HostAlias struct {
+	IP       string
+	HostName []string
+}
+
 // getPod takes a list of podOptions and returns a pod with sane defaults
 // and the configured options
 // if no containers are added, it will add the default container
 func getPod(options ...podOption) *Pod {
-	p := Pod{defaultPodName, "", make([]*Ctr, 0), make(map[string]string)}
+	p := Pod{defaultPodName, "", nil, make([]*Ctr, 0), make([]*Volume, 0), make(map[string]string)}
 	for _, option := range options {
 		option(&p)
 	}
@@ -265,6 +290,15 @@ func withHostname(h string) podOption {
 	}
 }
 
+func withHostAliases(ip string, host []string) podOption {
+	return func(pod *Pod) {
+		pod.HostAliases = append(pod.HostAliases, HostAlias{
+			IP:       ip,
+			HostName: host,
+		})
+	}
+}
+
 func withCtr(c *Ctr) podOption {
 	return func(pod *Pod) {
 		pod.Ctrs = append(pod.Ctrs, c)
@@ -277,6 +311,12 @@ func withAnnotation(k, v string) podOption {
 	}
 }
 
+func withVolume(v *Volume) podOption {
+	return func(pod *Pod) {
+		pod.Volumes = append(pod.Volumes, v)
+	}
+}
+
 // Deployment describes the options a kube yaml can be configured at deployment level
 type Deployment struct {
 	Name        string
@@ -412,6 +452,22 @@ func getCtrNameInPod(pod *Pod) string {
 	return fmt.Sprintf("%s-%s", pod.Name, defaultCtrName)
 }
 
+type Volume struct {
+	Name string
+	Path string
+	Type string
+}
+
+// getVolume takes a type and a location for a volume
+// giving it a default name of volName
+func getVolume(vType, vPath string) *Volume {
+	return &Volume{
+		Name: defaultVolName,
+		Path: vPath,
+		Type: vType,
+	}
+}
+
 var _ = Describe("Podman generate kube", func() {
 	var (
 		tempdir    string
@@ -564,6 +620,30 @@ var _ = Describe("Podman generate kube", func() {
 		Expect(inspect.OutputToString()).To(Equal(hostname))
 	})
 
+	It("podman play kube test HostAliases", func() {
+		pod := getPod(withHostAliases("192.168.1.2", []string{
+			"test1.podman.io",
+			"test2.podman.io",
+		}),
+			withHostAliases("192.168.1.3", []string{
+				"test3.podman.io",
+				"test4.podman.io",
+			}),
+		)
+		err := generatePodKubeYaml(pod, kubeYaml)
+		Expect(err).To(BeNil())
+
+		kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+		kube.WaitWithDefaultTimeout()
+		Expect(kube.ExitCode()).To(Equal(0))
+
+		inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod), "--format", "{{ .HostConfig.ExtraHosts }}"})
+		inspect.WaitWithDefaultTimeout()
+		Expect(inspect.ExitCode()).To(Equal(0))
+		Expect(inspect.OutputToString()).
+			To(Equal("[test1.podman.io:192.168.1.2 test2.podman.io:192.168.1.2 test3.podman.io:192.168.1.3 test4.podman.io:192.168.1.3]"))
+	})
+
 	It("podman play kube cap add", func() {
 		capAdd := "CAP_SYS_ADMIN"
 		ctr := getCtr(withCapAdd([]string{capAdd}), withCmd([]string{"cat", "/proc/self/status"}), withArg(nil))
@@ -853,4 +933,106 @@ spec:
 		Expect(inspect.ExitCode()).To(Equal(0))
 		Expect(inspect.OutputToString()).To(Equal("5000/tcp -> 127.0.0.100:5000"))
 	})
+
+	It("podman play kube test with non-existent empty HostPath type volume", func() {
+		hostPathLocation := filepath.Join(tempdir, "file")
+
+		pod := getPod(withVolume(getVolume(`""`, hostPathLocation)))
+		err := generatePodKubeYaml(pod, kubeYaml)
+		Expect(err).To(BeNil())
+
+		kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+		kube.WaitWithDefaultTimeout()
+		Expect(kube.ExitCode()).NotTo(Equal(0))
+	})
+
+	It("podman play kube test with empty HostPath type volume", func() {
+		hostPathLocation := filepath.Join(tempdir, "file")
+		f, err := os.Create(hostPathLocation)
+		Expect(err).To(BeNil())
+		f.Close()
+
+		pod := getPod(withVolume(getVolume(`""`, hostPathLocation)))
+		err = generatePodKubeYaml(pod, kubeYaml)
+		Expect(err).To(BeNil())
+
+		kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+		kube.WaitWithDefaultTimeout()
+		Expect(kube.ExitCode()).To(Equal(0))
+	})
+
+	It("podman play kube test with non-existent File HostPath type volume", func() {
+		hostPathLocation := filepath.Join(tempdir, "file")
+
+		pod := getPod(withVolume(getVolume("File", hostPathLocation)))
+		err := generatePodKubeYaml(pod, kubeYaml)
+		Expect(err).To(BeNil())
+
+		kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+		kube.WaitWithDefaultTimeout()
+		Expect(kube.ExitCode()).NotTo(Equal(0))
+	})
+
+	It("podman play kube test with File HostPath type volume", func() {
+		hostPathLocation := filepath.Join(tempdir, "file")
+		f, err := os.Create(hostPathLocation)
+		Expect(err).To(BeNil())
+		f.Close()
+
+		pod := getPod(withVolume(getVolume("File", hostPathLocation)))
+		err = generatePodKubeYaml(pod, kubeYaml)
+		Expect(err).To(BeNil())
+
+		kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+		kube.WaitWithDefaultTimeout()
+		Expect(kube.ExitCode()).To(Equal(0))
+	})
+
+	It("podman play kube test with FileOrCreate HostPath type volume", func() {
+		hostPathLocation := filepath.Join(tempdir, "file")
+
+		pod := getPod(withVolume(getVolume("FileOrCreate", hostPathLocation)))
+		err := generatePodKubeYaml(pod, kubeYaml)
+		Expect(err).To(BeNil())
+
+		kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+		kube.WaitWithDefaultTimeout()
+		Expect(kube.ExitCode()).To(Equal(0))
+
+		// the file should have been created
+		_, err = os.Stat(hostPathLocation)
+		Expect(err).To(BeNil())
+	})
+
+	It("podman play kube test with DirectoryOrCreate HostPath type volume", func() {
+		hostPathLocation := filepath.Join(tempdir, "file")
+
+		pod := getPod(withVolume(getVolume("DirectoryOrCreate", hostPathLocation)))
+		err := generatePodKubeYaml(pod, kubeYaml)
+		Expect(err).To(BeNil())
+
+		kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+		kube.WaitWithDefaultTimeout()
+		Expect(kube.ExitCode()).To(Equal(0))
+
+		// the file should have been created
+		st, err := os.Stat(hostPathLocation)
+		Expect(err).To(BeNil())
+		Expect(st.Mode().IsDir()).To(Equal(true))
+	})
+
+	It("podman play kube test with Socket HostPath type volume should fail if not socket", func() {
+		hostPathLocation := filepath.Join(tempdir, "file")
+		f, err := os.Create(hostPathLocation)
+		Expect(err).To(BeNil())
+		f.Close()
+
+		pod := getPod(withVolume(getVolume("Socket", hostPathLocation)))
+		err = generatePodKubeYaml(pod, kubeYaml)
+		Expect(err).To(BeNil())
+
+		kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+		kube.WaitWithDefaultTimeout()
+		Expect(kube.ExitCode()).NotTo(Equal(0))
+	})
 })
diff --git a/test/e2e/run_passwd_test.go b/test/e2e/run_passwd_test.go
index 8dea7d39b..c48876dee 100644
--- a/test/e2e/run_passwd_test.go
+++ b/test/e2e/run_passwd_test.go
@@ -58,4 +58,17 @@ var _ = Describe("Podman run passwd", func() {
 		Expect(session.ExitCode()).To(Equal(0))
 		Expect(session.LineInOutputContains("passwd")).To(BeTrue())
 	})
+
+	It("podman can run container without /etc/passwd", func() {
+		SkipIfRemote()
+		dockerfile := `FROM alpine
+RUN rm -f /etc/passwd /etc/shadow /etc/group
+USER 1000`
+		imgName := "testimg"
+		podmanTest.BuildImage(dockerfile, imgName, "false")
+		session := podmanTest.Podman([]string{"run", "--rm", imgName, "ls", "/etc/"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+		Expect(session.OutputToString()).To(Not(ContainSubstring("passwd")))
+	})
 })
diff --git a/test/e2e/run_test.go b/test/e2e/run_test.go
index 157b7d3d7..1ac753201 100644
--- a/test/e2e/run_test.go
+++ b/test/e2e/run_test.go
@@ -919,6 +919,14 @@ USER mail`
 		Expect(session.OutputToString()).To(Not(ContainSubstring("/dev/shm type tmpfs (ro,")))
 	})
 
+	It("podman run readonly container should NOT mount /run noexec", func() {
+		session := podmanTest.Podman([]string{"run", "--read-only", ALPINE, "sh", "-c", "mount  | grep \"/run \""})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+
+		Expect(session.OutputToString()).To(Not(ContainSubstring("noexec")))
+	})
+
 	It("podman run with bad healthcheck retries", func() {
 		session := podmanTest.Podman([]string{"run", "-dt", "--health-cmd", "[\"foo\"]", "--health-retries", "0", ALPINE, "top"})
 		session.Wait()
@@ -1204,4 +1212,16 @@ WORKDIR /madethis`
 		// nonprintables seem to work their way in.
 		Expect(session.OutputToString()).To(Not(ContainSubstring("/bin/sh")))
 	})
+
+	It("podman run a container with log-level (lower case)", func() {
+		session := podmanTest.Podman([]string{"--log-level=info", "run", ALPINE, "ls"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+	})
+
+	It("podman run a container with log-level (upper case)", func() {
+		session := podmanTest.Podman([]string{"--log-level=INFO", "run", ALPINE, "ls"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+	})
 })
diff --git a/test/e2e/systemd_test.go b/test/e2e/systemd_test.go
index b5114e429..9a3247b77 100644
--- a/test/e2e/systemd_test.go
+++ b/test/e2e/systemd_test.go
@@ -146,4 +146,12 @@ WantedBy=multi-user.target
 		Expect(len(conData)).To(Equal(1))
 		Expect(conData[0].Config.SystemdMode).To(BeTrue())
 	})
+
+	It("podman run --systemd container should NOT mount /run noexec", func() {
+		session := podmanTest.Podman([]string{"run", "--systemd", "always", ALPINE, "sh", "-c", "mount  | grep \"/run \""})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+
+		Expect(session.OutputToString()).To(Not(ContainSubstring("noexec")))
+	})
 })
diff --git a/test/system/030-run.bats b/test/system/030-run.bats
index 34afd5bae..198c8881d 100644
--- a/test/system/030-run.bats
+++ b/test/system/030-run.bats
@@ -294,11 +294,22 @@ echo $rand        |   0 | $rand
     run_podman run -d --userns=keep-id $IMAGE sh -c 'while ! test -e /stop; do sleep 0.1; done'
     cid="$output"
 
+    # Assign a UID that is (a) not in our image /etc/passwd and (b) not
+    # the same as that of the user running the test script; this guarantees
+    # that the added passwd entry will be what we expect.
+    #
+    # For GID, we have to use one that already exists in the container. And
+    # unfortunately, 'adduser' requires a string name. We use 999:ping
+    local uid=4242
+    if [[ $uid == $(id -u) ]]; then
+        uid=4343
+    fi
+
     gecos="$(random_string 6) $(random_string 8)"
-    run_podman exec --user root $cid adduser -D -g "$gecos" -s /bin/sh newuser3
+    run_podman exec --user root $cid adduser -u $uid -G ping -D -g "$gecos" -s /bin/sh newuser3
     is "$output" "" "output from adduser"
     run_podman exec $cid tail -1 /etc/passwd
-    is "$output" "newuser3:x:1000:1000:$gecos:/home/newuser3:/bin/sh" \
+    is "$output" "newuser3:x:$uid:999:$gecos:/home/newuser3:/bin/sh" \
        "newuser3 added to /etc/passwd in container"
 
     run_podman exec $cid touch /stop
diff --git a/test/system/070-build.bats b/test/system/070-build.bats
index 0e6e97d40..997699ecb 100644
--- a/test/system/070-build.bats
+++ b/test/system/070-build.bats
@@ -12,7 +12,7 @@ load helpers
     rand_content=$(random_string 50)
 
     tmpdir=$PODMAN_TMPDIR/build-test
-    run mkdir -p $tmpdir || die "Could not mkdir $tmpdir"
+    mkdir -p $tmpdir
     dockerfile=$tmpdir/Dockerfile
     cat >$dockerfile <<EOF
 FROM $IMAGE