From def182d3966ba08e143a19c9909aaae24aaf1e37 Mon Sep 17 00:00:00 2001
From: Paul Holzinger <pholzing@redhat.com>
Date: Mon, 24 Jun 2024 18:43:32 +0200
Subject: [PATCH] restore: fix missing network setup

The restore code path never called completeNetworkSetup() and this means
that hosts/resolv.conf files were not populated. This fix is simply to
call this function. There is a big catch here. Technically this is
suposed to be called after the container is created but before it is
started. There is no such thing for restore, the container runs right
away. This means that if we do the call afterwards there is a short
interval where the file is still empty. Thus I decided to call it
before which makes it not working with PostConfigureNetNS (userns) but
as this does not work anyway today so  I don't see it as problem.

Fixes #22901

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
---
 libpod/container_internal_common.go | 9 +++++++++
 test/system/520-checkpoint.bats     | 7 +++++++
 2 files changed, 16 insertions(+)

diff --git a/libpod/container_internal_common.go b/libpod/container_internal_common.go
index d055de536d..47f2401c4c 100644
--- a/libpod/container_internal_common.go
+++ b/libpod/container_internal_common.go
@@ -1725,6 +1725,15 @@ func (c *Container) restore(ctx context.Context, options ContainerCheckpointOpti
 		}
 	}
 
+	// setup hosts/resolv.conf files
+	// Note this should normally be called after the container is created in the runtime but before it is started.
+	// However restore starts the container right away. This means that if we do the call afterwards there is a
+	// short interval where the file is still empty. Thus I decided to call it before which makes it not working
+	// with PostConfigureNetNS (userns) but as this does not work anyway today so I don't see it as problem.
+	if err := c.completeNetworkSetup(); err != nil {
+		return nil, 0, fmt.Errorf("complete network setup: %w", err)
+	}
+
 	runtimeRestoreDuration, err = c.ociRuntime.CreateContainer(c, &options)
 	if err != nil {
 		return nil, 0, err
diff --git a/test/system/520-checkpoint.bats b/test/system/520-checkpoint.bats
index 4a6689634d..5a8493c62e 100644
--- a/test/system/520-checkpoint.bats
+++ b/test/system/520-checkpoint.bats
@@ -247,6 +247,9 @@ function teardown() {
     run_podman inspect $cid --format "{{(index .NetworkSettings.Networks \"$netname\").MacAddress}}"
     mac1="$output"
 
+    run_podman exec $cid cat /etc/hosts /etc/resolv.conf
+    pre_hosts_resolv_conf_output="$output"
+
     run_podman container checkpoint $cid
     is "$output" "$cid"
     run_podman container restore $cid
@@ -258,6 +261,10 @@ function teardown() {
     run_podman inspect $cid --format "{{(index .NetworkSettings.Networks \"$netname\").MacAddress}}"
     mac2="$output"
 
+    # Make sure hosts and resolv.conf are the same after restore (#22901)
+    run_podman exec $cid cat /etc/hosts /etc/resolv.conf
+    assert "$output" == "$pre_hosts_resolv_conf_output" "hosts/resolv.conf must be the same after checkpoint"
+
     assert "$ip2" == "$ip1" "ip after restore should match"
     assert "$mac2" == "$mac1" "mac after restore should match"