diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2019-10-01 08:42:10 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-10-01 08:42:10 -0700 |
| commit | abb152321012f56964e01e0ff3ca223fda44cb99 (patch) | |
| tree | 85c94735f74ad6506fb020b2794aca941f6683b2 | |
| parent | 7e47abe1f71c90d602fdd153e84e119743763f45 (diff) | |
| parent | dc71a9ebd03805dec993aa86eaa4ec3e95722c60 (diff) | |
| download | podman-abb152321012f56964e01e0ff3ca223fda44cb99.tar.gz podman-abb152321012f56964e01e0ff3ca223fda44cb99.tar.bz2 podman-abb152321012f56964e01e0ff3ca223fda44cb99.zip | |
Merge pull request #4157 from giuseppe/slirp4netns-workaround
network: add workaround for slirp4netns --enable-sandbox issue
| -rw-r--r-- | libpod/networking_linux.go | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index d854a2de6..61ab57d65 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -201,6 +201,12 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) (err error) { Setpgid: true, } + // workaround for https://github.com/rootless-containers/slirp4netns/pull/153 + if sandbox { + cmd.SysProcAttr.Cloneflags = syscall.CLONE_NEWNS + cmd.SysProcAttr.Unshareflags = syscall.CLONE_NEWNS + } + // Leak one end of the pipe in slirp4netns, the other will be sent to conmon cmd.ExtraFiles = append(cmd.ExtraFiles, ctr.rootlessSlirpSyncR, syncW) |