Merge pull request #24082 from Luap99/netns-leak

Fix netns leak on container creation and exit code 1 on SIGTERM.
2024-10-01 21:02:05 +00:00 · 2024-10-01 21:02:05 +00:00 · 857a47de9b
parent 13b78c9da9 5de7b7c3f3
commit 857a47de9b
4 changed files with 21 additions and 33 deletions
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@ -19,6 +19,7 @@ import (
 	"github.com/containers/common/pkg/cgroups"
 	"github.com/containers/common/pkg/config"
 	"github.com/containers/podman/v5/libpod/define"
 	"github.com/containers/podman/v5/libpod/shutdown"
 	"github.com/containers/podman/v5/pkg/rootless"
 	spec "github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/opencontainers/runtime-tools/generate"
@ -67,6 +68,9 @@ func (c *Container) prepare() error {
 		tmpStateLock                    sync.Mutex
 	)
 	shutdown.Inhibit()
 	defer shutdown.Uninhibit()
 	wg.Add(2)
 	go func() {
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@ -218,11 +218,6 @@ func newRuntimeFromConfig(ctx context.Context, conf *config.Config, options ...R
 		if runtime.store != nil {
 			_, _ = runtime.store.Shutdown(false)
 		}
 		// For `systemctl stop podman.service` support, exit code should be 0
 		if sig == syscall.SIGTERM {
 			os.Exit(0)
 		}
 		os.Exit(1)
 		return nil
 	}); err != nil && !errors.Is(err, shutdown.ErrHandlerExists) {
 		logrus.Errorf("Registering shutdown handler for libpod: %v", err)
--- a/libpod/shutdown/handler.go
+++ b/libpod/shutdown/handler.go
@ -28,10 +28,18 @@ var (
 	shutdownInhibit sync.RWMutex
 	logrus          = logrusImport.WithField("PID", os.Getpid())
 	ErrNotStarted   = errors.New("shutdown signal handler has not yet been started")
 	// exitCode used to exit once we are done with all signal handlers, by default 1
 	exitCode = 1
 )
 // SetExitCode when we exit after we ran all shutdown handlers, it should be positive.
 func SetExitCode(i int) {
 	exitCode = i
 }
 // Start begins handling SIGTERM and SIGINT and will run the given on-signal
-// handlers when one is called. This can be cancelled by calling Stop().
+// handlers when one is called and then exit with the exit code of 1 if not
 // overwritten with SetExitCode(). This can be cancelled by calling Stop().
 func Start() error {
 	if sigChan != nil {
 		// Already running, do nothing.
@ -75,6 +83,7 @@ func Start() error {
 			}
 			handlerLock.Unlock()
 			shutdownInhibit.Unlock()
 			os.Exit(exitCode)
 			return
 		}
 	}()
@ -131,29 +140,3 @@ func Register(name string, handler func(os.Signal) error) error {
 	return nil
 }
 // Unregister un-registers a given shutdown handler.
 func Unregister(name string) error {
 	handlerLock.Lock()
 	defer handlerLock.Unlock()
 	if handlers == nil {
 		return nil
 	}
 	if _, ok := handlers[name]; !ok {
 		return nil
 	}
 	delete(handlers, name)
 	newOrder := []string{}
 	for _, checkName := range handlerOrder {
 		if checkName != name {
 			newOrder = append(newOrder, checkName)
 		}
 	}
 	handlerOrder = newOrder
 	return nil
 }
--- a/pkg/api/server/server.go
+++ b/pkg/api/server/server.go
@ -197,7 +197,13 @@ func (s *APIServer) Serve() error {
 	s.setupPprof()
 	if err := shutdown.Register("service", func(sig os.Signal) error {
-		return s.Shutdown(true)
+		err := s.Shutdown(true)
 		if err == nil {
 			// For `systemctl stop podman.service` support, exit code should be 0
 			// but only if we did indeed gracefully shutdown
 			shutdown.SetExitCode(0)
 		}
 		return err
 	}); err != nil {
 		return err
 	}