containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #18024 from Luap99/netns-recover 

rootless netns: recover from invalid netns
This commit is contained in:
OpenShift Merge Robot 2023-04-04 15:02:30 -04:00 committed by GitHub
parent 0b80b0cdd6 2051e54e01
commit ac1d297fc7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
libpod/networking_linux.go
View File

@ -365,15 +365,26 @@ func (r *Runtime) GetRootlessNetNs(new bool) (*RootlessNetNS, error) {
netnsName := fmt.Sprintf("%s-%x", rootlessNetNsName, hash[:10])
path := filepath.Join(nsDir, netnsName)
ns, err := ns.GetNS(path)
nsReference, err := ns.GetNS(path)
if err != nil {
if !new {
// return an error if we could not get the namespace and should no create one
return nil, fmt.Errorf("getting rootless network namespace: %w", err)
}
// When the netns is not valid but the file exists we have to remove it first,
// https://github.com/containers/common/pull/1381 changed the behavior from
// NewNSWithName()so it will now error whe the file already exists.
// https://github.com/containers/podman/issues/17903#issuecomment-1494329622
if errors.As(err, &ns.NSPathNotNSErr{}) {
logrus.Infof("rootless netns is no longer valid: %v", err)
// ignore errors, if something is wrong NewNSWithName() will fail below anyway
_ = os.Remove(path)
}
// create a new namespace
logrus.Debugf("creating rootless network namespace with name %q", netnsName)
ns, err = netns.NewNSWithName(netnsName)
nsReference, err = netns.NewNSWithName(netnsName)
if err != nil {
return nil, fmt.Errorf("creating rootless network namespace: %w", err)
}
@ -408,7 +419,7 @@ func (r *Runtime) GetRootlessNetNs(new bool) (*RootlessNetNS, error) {
}
// Note we do not use --exit-fd, we kill this process by pid
cmdArgs = append(cmdArgs, "-c", "-r", "3")
cmdArgs = append(cmdArgs, "--netns-type=path", ns.Path(), "tap0")
cmdArgs = append(cmdArgs, "--netns-type=path", nsReference.Path(), "tap0")
cmd := exec.Command(path, cmdArgs...)
logrus.Debugf("slirp4netns command: %s", strings.Join(cmd.Args, " "))
@ -540,7 +551,7 @@ func (r *Runtime) GetRootlessNetNs(new bool) (*RootlessNetNS, error) {
// Important set rootlessNetNS as last step.
// Do not return any errors after this.
rootlessNetNS = &RootlessNetNS{
ns: ns,
ns: nsReference,
dir: rootlessNetNsDir,
Lock: lock,
}