From 32350c758ddfef52a53e7d74d4a68785bc54aaef Mon Sep 17 00:00:00 2001
From: Valentin Rothberg <rothberg@redhat.com>
Date: Tue, 16 Feb 2021 14:15:21 +0100
Subject: do not set empty $HOME

Make sure to not set an empty $HOME for containers and let it default to
"/".

https://github.com/containers/crun/pull/599 is required to fully
address #9378.

Partially-Fixes: #9378
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>

<MH: Fixed cherry-pick conflicts>

Signed-off-by: Matthew Heon <mheon@redhat.com>
---
 test/system/030-run.bats | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'test/system')

diff --git a/test/system/030-run.bats b/test/system/030-run.bats
index 98e34238e..49fa92f57 100644
--- a/test/system/030-run.bats
+++ b/test/system/030-run.bats
@@ -623,4 +623,10 @@ json-file | f
     fi
 }
 
+@test "podman run - do not set empty HOME" {
+    # Regression test for #9378.
+    run_podman run --rm --user 100 $IMAGE printenv
+    is "$output" ".*HOME=/.*"
+}
+
 # vim: filetype=sh
-- 
cgit v1.2.3-54-g00ecf


From 2f3ae7ce5bbe03db13acfa529b5a396e65de1655 Mon Sep 17 00:00:00 2001
From: Valentin Rothberg <rothberg@redhat.com>
Date: Mon, 15 Feb 2021 11:35:34 +0100
Subject: podman build: pass runtime to buildah

Make sure that Podman's default OCI runtime is passed to Buildah in
`podman build`.  In theory, Podman and Buildah should use the same
defaults but the projects move at different speeds and it turns out
we caused a regression in v3.0.

Fixes: #9365
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
---
 libpod/runtime_img.go      |  5 +++++
 test/system/070-build.bats | 25 +++++++++++++++++++++++++
 2 files changed, 30 insertions(+)

(limited to 'test/system')

diff --git a/libpod/runtime_img.go b/libpod/runtime_img.go
index 2c5442bd2..e6caf2626 100644
--- a/libpod/runtime_img.go
+++ b/libpod/runtime_img.go
@@ -166,6 +166,11 @@ func (r *Runtime) newImageBuildCompleteEvent(idOrName string) {
 
 // Build adds the runtime to the imagebuildah call
 func (r *Runtime) Build(ctx context.Context, options imagebuildah.BuildOptions, dockerfiles ...string) (string, reference.Canonical, error) {
+	if options.Runtime == "" {
+		// Make sure that build containers use the same runtime as Podman (see #9365).
+		conf := util.DefaultContainerConfig()
+		options.Runtime = conf.Engine.OCIRuntime
+	}
 	id, ref, err := imagebuildah.BuildDockerfiles(ctx, r.store, options, dockerfiles...)
 	// Write event for build completion
 	r.newImageBuildCompleteEvent(id)
diff --git a/test/system/070-build.bats b/test/system/070-build.bats
index bf9fa789c..000998f3a 100644
--- a/test/system/070-build.bats
+++ b/test/system/070-build.bats
@@ -46,6 +46,31 @@ EOF
     is "$output" ".*invalidflag" "failed when passing undefined flags to the runtime"
 }
 
+@test "podman build - set runtime" {
+    skip_if_remote "--runtime flag not supported for remote"
+    # Test on the CLI and via containers.conf
+
+    tmpdir=$PODMAN_TMPDIR/build-test
+    run mkdir -p $tmpdir
+    containerfile=$tmpdir/Containerfile
+    cat >$containerfile <<EOF
+FROM $IMAGE
+RUN echo $rand_content
+EOF
+
+    run_podman 125 --runtime=idonotexist build -t build_test $tmpdir
+    is "$output" ".*\"idonotexist\" not found.*" "failed when passing invalid OCI runtime via CLI"
+
+    containersconf=$tmpdir/containers.conf
+    cat >$containersconf <<EOF
+[engine]
+runtime="idonotexist"
+EOF
+
+    CONTAINERS_CONF="$containersconf" run_podman 125 build -t build_test $tmpdir
+    is "$output" ".*\"idonotexist\" not found.*" "failed when passing invalid OCI runtime via containers.conf"
+}
+
 # Regression from v1.5.0. This test passes fine in v1.5.0, fails in 1.6
 @test "podman build - cache (#3920)" {
     # Make an empty test directory, with a subdirectory used for tar
-- 
cgit v1.2.3-54-g00ecf