containers
/
automation-tests
mirror of https://github.com/containers/automation-tests.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
automation-tests/libpod
History
Paul Holzinger 77081df8cd
libpod: bind ports before network setup 
We bind ports to ensure there are no conflicts and we leak them into
conmon to keep them open. However we bound the ports after the network
was set up so it was possible for a second network setup to overwrite
the firewall configs of a previous container as it failed only later
when binding the port. As such we must ensure we bind before the network
is set up.

This is not so simple because we still have to take care of
PostConfigureNetNS bool in which case the network set up happens after
we launch conmon. Thus we end up with two different conditions.

Also it is possible that we "leak" the ports that are set on the
container until the garbage collector will close them. This is not
perfect but the alternative is adding special error handling on each
function exit after prepare until we start conmon which is a lot of work
to do correctly.

Fixes https://issues.redhat.com/browse/RHEL-50746

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
 		2024-07-30 14:39:08 +02:00
..
define fix race conditions in start/attach logic 2024-07-12 15:11:34 +02:00
driver Bump Go module to v5 2024-02-08 09:35:39 -05:00
events Make `podman update` changes persistent 2024-04-17 08:23:50 -04:00
layers Initial checkin from CRI-O repo 2017-11-01 11:24:59 -04:00
linkmode chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
lock libpod: use fileutils.(Le|E)xists 2024-04-19 09:52:14 +02:00
logs Bump Go module to v5 2024-02-08 09:35:39 -05:00
plugin libpod: use fileutils.(Le|E)xists 2024-04-19 09:52:14 +02:00
shutdown libpod: shutdown Stop waits for handlers completion 2024-07-15 11:41:28 +02:00
boltdb_state.go libpod: use fileutils.(Le|E)xists 2024-04-19 09:52:14 +02:00
boltdb_state_internal.go Ignore result of EvalSymlinks on ENOENT 2024-07-11 09:39:56 -04:00
common_test.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container.go libpod: bind ports before network setup 2024-07-30 14:39:08 +02:00
container_api.go Run codespell on source 2024-07-23 07:28:23 -04:00
container_commit.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_config.go libpod: fix comment 2024-06-21 10:07:55 +02:00
container_copy_common.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_copy_freebsd.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
container_copy_linux.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_exec.go Use persist dir for oom file 2024-02-12 09:13:39 -05:00
container_freebsd.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
container_graph.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_graph_test.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_inspect.go Add support for updating restart policy 2024-04-17 08:23:51 -04:00
container_inspect_freebsd.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_inspect_linux.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_internal.go fix race conditions in start/attach logic 2024-07-12 15:11:34 +02:00
container_internal_common.go restore: fix missing network setup 2024-06-24 18:52:02 +02:00
container_internal_freebsd.go libpod: bind ports before network setup 2024-07-30 14:39:08 +02:00
container_internal_linux.go libpod: bind ports before network setup 2024-07-30 14:39:08 +02:00
container_internal_linux_test.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
container_internal_test.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
container_linux.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
container_log.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_log_linux.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_log_unsupported.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_path_resolution.go chore: fix function names in comment 2024-04-08 11:36:50 +08:00
container_path_resolution_test.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
container_stat_common.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_stat_freebsd.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
container_stat_linux.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_top_freebsd.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
container_top_linux.c libpod/container_top_linux.c: fix missing header 2024-06-27 10:50:17 +02:00
container_top_linux.go podman top: join the container userns 2024-06-26 11:10:56 +02:00
container_top_unsupported.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
container_validate.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
diff.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
doc.go document that using libpod package directly is not supported 2022-03-23 19:05:29 +01:00
events.go libpod: make healthcheck events more efficient 2024-04-19 17:24:44 +02:00
healthcheck.go libpod: correctly capture healthcheck output 2024-07-19 15:16:55 +02:00
healthcheck_linux.go libpod: do not leak systemd hc startup unit timer 2024-06-04 18:03:46 +02:00
healthcheck_nosystemd_linux.go libpod: do not leak systemd hc startup unit timer 2024-06-04 18:03:46 +02:00
healthcheck_unsupported.go libpod: do not leak systemd hc startup unit timer 2024-06-04 18:03:46 +02:00
info.go Add rootless network command to `podman info` 2024-03-26 09:56:48 -04:00
info_freebsd.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
info_linux.go rootless: drop function ReadMappingsProc 2024-04-10 11:55:35 +02:00
info_test.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
kube.go kube: record infra user namespace 2024-07-24 12:10:48 +02:00
mounts_linux.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
networking_common.go libpod: bind ports before network setup 2024-07-30 14:39:08 +02:00
networking_freebsd.go use new c/common pasta2 setup logic to fix dns 2024-03-19 12:09:31 +01:00
networking_linux.go use new c/common pasta2 setup logic to fix dns 2024-03-19 12:09:31 +01:00
networking_linux_test.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
networking_machine.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
networking_pasta_linux.go use new c/common pasta2 setup logic to fix dns 2024-03-19 12:09:31 +01:00
networking_slirp4netns.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
oci.go Use persist dir for oom file 2024-02-12 09:13:39 -05:00
oci_conmon.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
oci_conmon_attach_common.go fix race conditions in start/attach logic 2024-07-12 15:11:34 +02:00
oci_conmon_attach_freebsd.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
oci_conmon_attach_linux.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
oci_conmon_common.go libpod: bind ports before network setup 2024-07-30 14:39:08 +02:00
oci_conmon_exec_common.go Use persist dir for oom file 2024-02-12 09:13:39 -05:00
oci_conmon_exec_freebsd.go Cease using deprecated runc userlookup 2024-02-02 11:02:43 -05:00
oci_conmon_exec_linux.go Cease using deprecated runc userlookup 2024-02-02 11:02:43 -05:00
oci_conmon_freebsd.go libpod: intermediate mount if UID not mapped into the userns 2024-06-21 18:01:26 +02:00
oci_conmon_linux.go libpod: intermediate mount if UID not mapped into the userns 2024-06-21 18:01:26 +02:00
oci_missing.go Use persist dir for oom file 2024-02-12 09:13:39 -05:00
oci_util.go libpod: bind ports before network setup 2024-07-30 14:39:08 +02:00
options.go podman: add new hidden flag --pull-option 2024-06-12 15:48:36 +02:00
pod.go podman pod stats: fix race when ctr process exits 2024-07-22 10:30:42 +02:00
pod_api.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
pod_internal.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
pod_internal_freebsd.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
pod_internal_linux.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
pod_status.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
pod_top_freebsd.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
pod_top_linux.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
reset.go libpod: cleanup default cache on system reset 2024-05-29 11:10:55 +02:00
rlimit_int64.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
rlimit_uint64.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
runtime.go libpod: cleanup store at shutdown 2024-07-15 11:41:28 +02:00
runtime_cstorage.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
runtime_ctr.go libpod: first delete container then cidfile 2024-07-05 10:27:42 +02:00
runtime_ctr_freebsd.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
runtime_ctr_linux.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
runtime_freebsd.go Detect unhandled reboots and require user intervention 2024-04-05 10:07:42 -04:00
runtime_img.go chore: fix function names in comment 2024-04-24 12:07:38 +08:00
runtime_linux.go Detect unhandled reboots and require user intervention 2024-04-05 10:07:42 -04:00
runtime_migrate_linux.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
runtime_migrate_unsupported.go Remove Libpod special-init conditions 2024-01-12 09:19:34 -05:00
runtime_pod.go Replace golang.org/x/exp/slices with slices from std 2024-04-23 11:16:40 +02:00
runtime_pod_common.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
runtime_pod_freebsd.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
runtime_pod_linux.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
runtime_pre_go1.20.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
runtime_renumber.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
runtime_test.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
runtime_volume.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
runtime_volume_common.go libpod: use fileutils.(Le|E)xists 2024-04-19 09:52:14 +02:00
runtime_worker.go create runtime's worker queue before queuing any job 2024-07-09 11:15:29 +02:00
service.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
sqlite_state.go libpod: add hidden env to set sqlite timeout 2024-07-22 12:59:00 +02:00
sqlite_state_internal.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
state.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
state_test.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
stats_common.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
stats_freebsd.go Fix some comments 2024-04-13 15:20:19 +08:00
stats_linux.go Fix some comments 2024-04-13 15:20:19 +08:00
storage.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
util.go Ignore result of EvalSymlinks on ENOENT 2024-07-11 09:39:56 -04:00
util_freebsd.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
util_linux.go libpod: use fileutils.(Le|E)xists 2024-04-19 09:52:14 +02:00
util_linux_test.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
volume.go Only stop chowning volumes once they're not empty 2024-05-22 17:47:01 -04:00
volume_inspect.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
volume_internal.go Only stop chowning volumes once they're not empty 2024-05-22 17:47:01 -04:00
volume_internal_common.go Bump Go module to v5 2024-02-08 09:35:39 -05:00
volume_internal_freebsd.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00
volume_internal_linux.go chore: delete obsolete // +build lines 2024-01-04 11:53:38 +02:00