From 336055fe3b99c28acb3e229cc96125067443aa3f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anders=20F=20Bj=C3=B6rklund?= <anders.f.bjorklund@gmail.com>
Date: Mon, 11 Sep 2023 07:54:13 +0200
Subject: [PATCH 1/2] Use url with scheme and path for the unix address
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Shortcuts like unix:path and unix:/path do not work everywhere,
so make sure to use unix://path when quoting the url (or address)

Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
---
 Makefile                            | 2 +-
 cmd/podman/registry/registry.go     | 6 +++---
 cmd/podman/system/service.go        | 2 +-
 cmd/podman/system/service_abi.go    | 2 +-
 hack/podman-socat                   | 6 +++---
 test/e2e/common_test.go             | 2 +-
 test/system/251-system-service.bats | 4 ++--
 7 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/Makefile b/Makefile
index 7b28767f3f5b..5854aeb253eb 100644
--- a/Makefile
+++ b/Makefile
@@ -637,7 +637,7 @@ remotesystem:
 	rc=0;\
 	if timeout -v 1 true; then \
 		SOCK_FILE=$(shell mktemp --dry-run --tmpdir podman_tmp_XXXX);\
-		export PODMAN_SOCKET=unix:$$SOCK_FILE; \
+		export PODMAN_SOCKET=unix://$$SOCK_FILE; \
 		./bin/podman system service --timeout=0 $$PODMAN_SOCKET > $(if $(PODMAN_SERVER_LOG),$(PODMAN_SERVER_LOG),/dev/null) 2>&1 & \
 		retry=5;\
 		while [ $$retry -ge 0 ]; do\
diff --git a/cmd/podman/registry/registry.go b/cmd/podman/registry/registry.go
index c643a320f541..b45a34ff1740 100644
--- a/cmd/podman/registry/registry.go
+++ b/cmd/podman/registry/registry.go
@@ -12,8 +12,8 @@ import (
 	"github.com/spf13/cobra"
 )
 
-// DefaultRootAPIAddress is the default address of the REST socket with unix: prefix
-const DefaultRootAPIAddress = "unix:" + DefaultRootAPIPath
+// DefaultRootAPIAddress is the default path of the REST socket with unix:// prefix
+const DefaultRootAPIAddress = "unix://" + DefaultRootAPIPath
 
 type CliCommand struct {
 	Command *cobra.Command
@@ -104,7 +104,7 @@ func DefaultAPIAddress() string {
 			logrus.Warnf("Failed to get rootless runtime dir for DefaultAPIAddress: %s", err)
 			return DefaultRootAPIAddress
 		}
-		return "unix:" + filepath.Join(xdg, "podman", "podman.sock")
+		return "unix://" + filepath.Join(xdg, "podman", "podman.sock")
 	}
 	return DefaultRootAPIAddress
 }
diff --git a/cmd/podman/system/service.go b/cmd/podman/system/service.go
index 53572234a87a..c2b017e8b3d0 100644
--- a/cmd/podman/system/service.go
+++ b/cmd/podman/system/service.go
@@ -140,7 +140,7 @@ func resolveAPIURI(uri []string) (string, error) {
 		if err := os.MkdirAll(filepath.Dir(socketPath), 0700); err != nil {
 			return "", err
 		}
-		return "unix:" + socketPath, nil
+		return "unix://" + socketPath, nil
 	default:
 		if err := os.MkdirAll(filepath.Dir(registry.DefaultRootAPIPath), 0700); err != nil {
 			return "", err
diff --git a/cmd/podman/system/service_abi.go b/cmd/podman/system/service_abi.go
index 6c2d9bf44b44..50bf809c3d40 100644
--- a/cmd/podman/system/service_abi.go
+++ b/cmd/podman/system/service_abi.go
@@ -97,7 +97,7 @@ func restService(flags *pflag.FlagSet, cfg *entities.PodmanConfig, opts entities
 				return fmt.Errorf("unable to create socket %v: %w", host, err)
 			}
 		default:
-			return fmt.Errorf("API Service endpoint scheme %q is not supported. Try tcp://%s or unix:/%s", uri.Scheme, opts.URI, opts.URI)
+			return fmt.Errorf("API Service endpoint scheme %q is not supported. Try tcp://%s or unix://%s", uri.Scheme, opts.URI, opts.URI)
 		}
 		libpodRuntime.SetRemoteURI(uri.String())
 	}
diff --git a/hack/podman-socat b/hack/podman-socat
index 28fbb6864c2e..ec5a57bc2229 100755
--- a/hack/podman-socat
+++ b/hack/podman-socat
@@ -107,16 +107,16 @@ PODMAN_HOST="${TMPDIR}/podman/podman-socat.sock"
 SOCAT_HOST="${TMPDIR}/podman/podman.sock"
 
 cat <<-EOT
-Podman service running at unix:$SOCAT_HOST
+Podman service running at unix://$SOCAT_HOST
 See /tmp/podman-socat.log for API stream capture
 See /tmp/podman-service.log for service logging
 
-usage: sudo bin/podman-remote --url unix:$SOCAT_HOST images
+usage: sudo bin/podman-remote --url unix://$SOCAT_HOST images
 
 ^C to exit
 EOT
 
-$PODMAN system service --timeout=0 "unix:$PODMAN_HOST" >/tmp/podman-service.log 2>&1 &
+$PODMAN system service --timeout=0 "unix://$PODMAN_HOST" >/tmp/podman-service.log 2>&1 &
 REAP_PIDS=$!
 
 socat -v "UNIX-LISTEN:$SOCAT_HOST",fork,reuseaddr,unlink-early "UNIX-CONNECT:$PODMAN_HOST" >/tmp/podman-socat.log 2>&1
diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go
index b19d5bb06d43..4c13a45407e5 100644
--- a/test/e2e/common_test.go
+++ b/test/e2e/common_test.go
@@ -366,7 +366,7 @@ func PodmanTestCreateUtil(tempDir string, remote bool) *PodmanTestIntegration {
 			if err == nil {
 				lockFile.Close()
 				p.RemoteSocketLock = lockPath
-				p.RemoteSocket = fmt.Sprintf("unix:%s-%s.sock", pathPrefix, uuid)
+				p.RemoteSocket = fmt.Sprintf("unix://%s-%s.sock", pathPrefix, uuid)
 				break
 			}
 			tries++
diff --git a/test/system/251-system-service.bats b/test/system/251-system-service.bats
index 4ad2cd031127..07fd79e24bfa 100644
--- a/test/system/251-system-service.bats
+++ b/test/system/251-system-service.bats
@@ -18,10 +18,10 @@ function teardown() {
 @test "podman system service <bad_scheme_uri> returns error" {
     skip_if_remote "podman system service unavailable over remote"
     run_podman 125 system service localhost:9292
-    is "$output" "Error: API Service endpoint scheme \"localhost\" is not supported. Try tcp://localhost:9292 or unix:/localhost:9292"
+    is "$output" "Error: API Service endpoint scheme \"localhost\" is not supported. Try tcp://localhost:9292 or unix://localhost:9292"
 
     run_podman 125 system service myunix.sock
-    is "$output" "Error: API Service endpoint scheme \"\" is not supported. Try tcp://myunix.sock or unix:/myunix.sock"
+    is "$output" "Error: API Service endpoint scheme \"\" is not supported. Try tcp://myunix.sock or unix://myunix.sock"
 }
 
 @test "podman-system-service containers survive service stop" {

From 6f4f941373e0291f61deccb06ce6165011c5cfe0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Anders=20F=20Bj=C3=B6rklund?= <anders.f.bjorklund@gmail.com>
Date: Mon, 11 Sep 2023 11:46:58 +0200
Subject: [PATCH 2/2] Add test for legacy address without two slashes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

It is perfectly valid to have only scheme and path (no "authority"),
but unfortunately it doesn't work with external clients like Docker.

Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
---
 test/system/251-system-service.bats | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/test/system/251-system-service.bats b/test/system/251-system-service.bats
index 07fd79e24bfa..6048ed5353d0 100644
--- a/test/system/251-system-service.bats
+++ b/test/system/251-system-service.bats
@@ -24,6 +24,20 @@ function teardown() {
     is "$output" "Error: API Service endpoint scheme \"\" is not supported. Try tcp://myunix.sock or unix://myunix.sock"
 }
 
+@test "podman system service unix: without two slashes still works" {
+    skip_if_remote "podman system service unavailable over remote"
+    URL=unix:$PODMAN_TMPDIR/myunix.sock
+
+    systemd-run --unit=$SERVICE_NAME $PODMAN system service $URL --time=0
+    wait_for_file $PODMAN_TMPDIR/myunix.sock
+
+    run_podman --host $URL info --format '{{.Host.RemoteSocket.Path}}'
+    is "$output" "$URL" "RemoteSocket.Path using unix:"
+
+    systemctl stop $SERVICE_NAME
+    rm -f $PODMAN_TMPDIR/myunix.sock
+}
+
 @test "podman-system-service containers survive service stop" {
     skip_if_remote "podman system service unavailable over remote"
     local runtime=$(podman_runtime)