From a04ce6893ba00dd184f7b223c74d1901c898880d Mon Sep 17 00:00:00 2001
From: Giuseppe Scrivano <gscrivan@redhat.com>
Date: Tue, 14 Aug 2018 10:58:32 +0200
Subject: rootless: not require userns for help/version

these commands do not require to be root in an userns

Closes: https://github.com/containers/libpod/issues/1263

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

Closes: #1268
Approved by: vrothberg
---
 cmd/podman/main.go        | 24 +++++++++++++++---------
 test/e2e/rootless_test.go | 10 ++++++++++
 2 files changed, 25 insertions(+), 9 deletions(-)

diff --git a/cmd/podman/main.go b/cmd/podman/main.go
index dbd7c1155..7a669b3fe 100644
--- a/cmd/podman/main.go
+++ b/cmd/podman/main.go
@@ -25,19 +25,12 @@ var (
 	exitCode = 125
 )
 
+var cmdsNotRequiringRootless = map[string]bool{"help": true, "version": true}
+
 func main() {
 	debug := false
 	cpuProfile := false
 
-	became, ret, err := rootless.BecomeRootInUserNS()
-	if err != nil {
-		logrus.Errorf(err.Error())
-		os.Exit(1)
-	}
-	if became {
-		os.Exit(ret)
-	}
-
 	if reexec.Init() {
 		return
 	}
@@ -97,6 +90,19 @@ func main() {
 	}
 
 	app.Before = func(c *cli.Context) error {
+		args := c.Args()
+		if args.Present() {
+			if _, notRequireRootless := cmdsNotRequiringRootless[args.First()]; !notRequireRootless {
+				became, ret, err := rootless.BecomeRootInUserNS()
+				if err != nil {
+					logrus.Errorf(err.Error())
+					os.Exit(1)
+				}
+				if became {
+					os.Exit(ret)
+				}
+			}
+		}
 		if c.GlobalBool("syslog") {
 			hook, err := lsyslog.NewSyslogHook("", "", syslog.LOG_INFO, "")
 			if err == nil {
diff --git a/test/e2e/rootless_test.go b/test/e2e/rootless_test.go
index 11da9ac9f..9737b9a09 100644
--- a/test/e2e/rootless_test.go
+++ b/test/e2e/rootless_test.go
@@ -34,6 +34,16 @@ var _ = Describe("Podman rootless", func() {
 		GinkgoWriter.Write([]byte(timedResult))
 	})
 
+	It("podman rootless help|version", func() {
+		commands := []string{"help", "version"}
+		for _, v := range commands {
+			env := os.Environ()
+			cmd := podmanTest.PodmanAsUser([]string{v}, 1000, 1000, env)
+			cmd.WaitWithDefaultTimeout()
+			Expect(cmd.ExitCode()).To(Equal(0))
+		}
+	})
+
 	It("podman rootless rootfs", func() {
 		// Check if we can create an user namespace
 		err := exec.Command("unshare", "-r", "echo", "hello").Run()
-- 
cgit v1.2.3-54-g00ecf