diff options
author | Paul Holzinger <paul.holzinger@web.de> | 2021-02-23 22:30:04 +0100 |
---|---|---|
committer | Paul Holzinger <paul.holzinger@web.de> | 2021-02-23 22:30:04 +0100 |
commit | f152f9cf0940131cc74e99d42a498a2de4669ef5 (patch) | |
tree | 1c21ed0e38bed17a186e9e6a9e1fde0aebbb77c1 | |
parent | ca0af71befa7e8408d83c59511e289cb57cf3c6d (diff) | |
download | podman-f152f9cf0940131cc74e99d42a498a2de4669ef5.tar.gz podman-f152f9cf0940131cc74e99d42a498a2de4669ef5.tar.bz2 podman-f152f9cf0940131cc74e99d42a498a2de4669ef5.zip |
Network connect error if net mode is not bridge
Only the the network mode bridge supports cni networks.
Other network modes cannot use network connect/disconnect
so we should throw a error.
Fixes #9496
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
-rw-r--r-- | libpod/networking_linux.go | 10 | ||||
-rw-r--r-- | test/e2e/network_connect_disconnect_test.go | 38 |
2 files changed, 46 insertions, 2 deletions
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index c1b2c694d..0526e646e 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -1134,6 +1134,11 @@ func (w *logrusDebugWriter) Write(p []byte) (int, error) { // NetworkDisconnect removes a container from the network func (c *Container) NetworkDisconnect(nameOrID, netName string, force bool) error { + // only the bridge mode supports cni networks + if !c.config.NetMode.IsBridge() { + return errors.Errorf("network mode %q is not supported", c.config.NetMode) + } + networks, err := c.networksByNameIndex() if err != nil { return err @@ -1190,6 +1195,11 @@ func (c *Container) NetworkDisconnect(nameOrID, netName string, force bool) erro // ConnectNetwork connects a container to a given network func (c *Container) NetworkConnect(nameOrID, netName string, aliases []string) error { + // only the bridge mode supports cni networks + if !c.config.NetMode.IsBridge() { + return errors.Errorf("network mode %q is not supported", c.config.NetMode) + } + networks, err := c.networksByNameIndex() if err != nil { return err diff --git a/test/e2e/network_connect_disconnect_test.go b/test/e2e/network_connect_disconnect_test.go index 3be95e254..eb8ad7181 100644 --- a/test/e2e/network_connect_disconnect_test.go +++ b/test/e2e/network_connect_disconnect_test.go @@ -37,7 +37,6 @@ var _ = Describe("Podman network connect and disconnect", func() { dis := podmanTest.Podman([]string{"network", "disconnect", "foobar", "test"}) dis.WaitWithDefaultTimeout() Expect(dis.ExitCode()).ToNot(BeZero()) - }) It("bad container name in network disconnect should result in error", func() { @@ -51,7 +50,25 @@ var _ = Describe("Podman network connect and disconnect", func() { dis := podmanTest.Podman([]string{"network", "disconnect", netName, "foobar"}) dis.WaitWithDefaultTimeout() Expect(dis.ExitCode()).ToNot(BeZero()) + }) + + It("network disconnect with net mode slirp4netns should result in error", func() { + SkipIfRootless("network connect and disconnect are only rootful") + netName := "slirp" + stringid.GenerateNonCryptoID() + session := podmanTest.Podman([]string{"network", "create", netName}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + defer podmanTest.removeCNINetwork(netName) + session = podmanTest.Podman([]string{"create", "--name", "test", "--network", "slirp4netns", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + defer podmanTest.removeCNINetwork(netName) + + con := podmanTest.Podman([]string{"network", "disconnect", netName, "test"}) + con.WaitWithDefaultTimeout() + Expect(con.ExitCode()).ToNot(BeZero()) + Expect(con.ErrorToString()).To(ContainSubstring(`network mode "slirp4netns" is not supported`)) }) It("podman network disconnect", func() { @@ -89,7 +106,6 @@ var _ = Describe("Podman network connect and disconnect", func() { dis := podmanTest.Podman([]string{"network", "connect", "foobar", "test"}) dis.WaitWithDefaultTimeout() Expect(dis.ExitCode()).ToNot(BeZero()) - }) It("bad container name in network connect should result in error", func() { @@ -103,7 +119,25 @@ var _ = Describe("Podman network connect and disconnect", func() { dis := podmanTest.Podman([]string{"network", "connect", netName, "foobar"}) dis.WaitWithDefaultTimeout() Expect(dis.ExitCode()).ToNot(BeZero()) + }) + + It("network connect with net mode slirp4netns should result in error", func() { + SkipIfRootless("network connect and disconnect are only rootful") + netName := "slirp" + stringid.GenerateNonCryptoID() + session := podmanTest.Podman([]string{"network", "create", netName}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + defer podmanTest.removeCNINetwork(netName) + session = podmanTest.Podman([]string{"create", "--name", "test", "--network", "slirp4netns", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(BeZero()) + defer podmanTest.removeCNINetwork(netName) + + con := podmanTest.Podman([]string{"network", "connect", netName, "test"}) + con.WaitWithDefaultTimeout() + Expect(con.ExitCode()).ToNot(BeZero()) + Expect(con.ErrorToString()).To(ContainSubstring(`network mode "slirp4netns" is not supported`)) }) It("podman connect on a container that already is connected to the network should error", func() { |