diff options
author | Matthew Heon <matthew.heon@pm.me> | 2021-08-03 14:07:28 -0400 |
---|---|---|
committer | Matthew Heon <matthew.heon@pm.me> | 2021-08-10 20:42:50 -0400 |
commit | a1afb2300f1a65a4213753c587ba8a7d66755423 (patch) | |
tree | 48bef237dd8a95f8652b6b1241e210b86a29a708 | |
parent | a82006160e6abbddc62f28999bca8865e5ea4806 (diff) | |
download | podman-a1afb2300f1a65a4213753c587ba8a7d66755423.tar.gz podman-a1afb2300f1a65a4213753c587ba8a7d66755423.tar.bz2 podman-a1afb2300f1a65a4213753c587ba8a7d66755423.zip |
Do not add an entry to /etc/hosts with `--net=host`
To match Docker's behavior, in the `--net=host` case, we need to
use the host's `/etc/hosts` file, unmodified (without adding an
entry for the container). We will still respect hosts from
`--add-host` but will not make any automatic changes.
Fortuntely, this is strictly a matter of removal and refactoring
as we already base our `/etc/hosts` on the host's version - just
need to remove the code that added entries when net=host was set.
Fixes #10319
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
-rw-r--r-- | libpod/container_internal_linux.go | 38 | ||||
-rw-r--r-- | test/e2e/run_networking_test.go | 11 |
2 files changed, 18 insertions, 31 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index bff64aa95..f30f622ac 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -1912,6 +1912,7 @@ func (c *Container) appendHosts(path string, netCtr *Container) (string, error) // and returns a string in a format that can be written to the host file func (c *Container) getHosts() string { var hosts string + if len(c.config.HostAdd) > 0 { for _, host := range c.config.HostAdd { // the host format has already been verified at this point @@ -1922,36 +1923,33 @@ func (c *Container) getHosts() string { hosts += c.cniHosts() - // If not making a network namespace, add our own hostname. + // Add hostname for slirp4netns if c.Hostname() != "" { if c.config.NetMode.IsSlirp4netns() { // When using slirp4netns, the interface gets a static IP slirp4netnsIP, err := GetSlirp4netnsIP(c.slirp4netnsSubnet) if err != nil { - logrus.Warn("failed to determine slirp4netnsIP: ", err.Error()) + logrus.Warnf("failed to determine slirp4netnsIP: %v", err.Error()) } else { hosts += fmt.Sprintf("# used by slirp4netns\n%s\t%s %s\n", slirp4netnsIP.String(), c.Hostname(), c.config.Name) } - } else { - hasNetNS := false - netNone := false - for _, ns := range c.config.Spec.Linux.Namespaces { - if ns.Type == spec.NetworkNamespace { - hasNetNS = true - if ns.Path == "" && !c.config.CreateNetNS { - netNone = true - } - break + } + + // Do we have a network namespace? + netNone := false + for _, ns := range c.config.Spec.Linux.Namespaces { + if ns.Type == spec.NetworkNamespace { + if ns.Path == "" && !c.config.CreateNetNS { + netNone = true } + break } - if !hasNetNS { - // 127.0.1.1 and host's hostname to match Docker - osHostname, _ := os.Hostname() - hosts += fmt.Sprintf("127.0.1.1 %s %s %s\n", osHostname, c.Hostname(), c.config.Name) - } - if netNone { - hosts += fmt.Sprintf("127.0.1.1 %s %s\n", c.Hostname(), c.config.Name) - } + } + + // If we are net=none (have a network namespace, but not connected to + // anything) add the container's name and hostname to localhost. + if netNone { + hosts += fmt.Sprintf("127.0.0.1 %s %s\n", c.Hostname(), c.config.Name) } } diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index 80a82ea05..92388b099 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -685,13 +685,6 @@ var _ = Describe("Podman run networking", func() { Expect(podrm).Should(Exit(0)) }) - It("podman run net=host adds entry to /etc/hosts", func() { - run := podmanTest.Podman([]string{"run", "--net=host", ALPINE, "cat", "/etc/hosts"}) - run.WaitWithDefaultTimeout() - Expect(run).Should(Exit(0)) - Expect(strings.Contains(run.OutputToString(), "127.0.1.1")).To(BeTrue()) - }) - It("podman run with --net=host and --hostname sets correct hostname", func() { hostname := "testctr" run := podmanTest.Podman([]string{"run", "--net=host", "--hostname", hostname, ALPINE, "hostname"}) @@ -731,10 +724,6 @@ var _ = Describe("Podman run networking", func() { ping_test("--net=none") }) - It("podman attempt to ping container name and hostname --net=host", func() { - ping_test("--net=host") - }) - It("podman attempt to ping container name and hostname --net=private", func() { ping_test("--net=private") }) |