aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorQi Wang <qiwan@redhat.com>2019-07-15 13:54:12 -0400
committerQi Wang <qiwan@redhat.com>2019-07-18 09:39:31 -0400
commit3f721f8b17780931a75f9e072e4d32bf9a49e976 (patch)
treede237c123cdeb0ceaae1d494443d1dc9b8a6f97f
parentadcde2383f1da517c5788516d639745f5f01d300 (diff)
downloadpodman-3f721f8b17780931a75f9e072e4d32bf9a49e976.tar.gz
podman-3f721f8b17780931a75f9e072e4d32bf9a49e976.tar.bz2
podman-3f721f8b17780931a75f9e072e4d32bf9a49e976.zip
fix --dns* and --network not set to host conflict
Close #3553 This PR makes --dns, --dns-option, --dns-search, and --network not set to host flag mutually exclusive for podman build and create. Returns conflict error if both flags are set. Signed-off-by: Qi Wang <qiwan@redhat.com>
-rw-r--r--cmd/podman/create.go11
-rw-r--r--docs/podman-create.1.md8
-rw-r--r--docs/podman-run.1.md10
-rw-r--r--test/e2e/run_dns_test.go18
4 files changed, 38 insertions, 9 deletions
diff --git a/cmd/podman/create.go b/cmd/podman/create.go
index 262cdffe4..3c24729c5 100644
--- a/cmd/podman/create.go
+++ b/cmd/podman/create.go
@@ -2,6 +2,7 @@ package main
import (
"fmt"
+ "strings"
"github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/pkg/adapter"
@@ -77,6 +78,16 @@ func createInit(c *cliconfig.PodmanCommand) error {
logrus.Warn("setting security options with --privileged has no effect")
}
+ var setNet string
+ if c.IsSet("network") {
+ setNet = c.String("network")
+ } else if c.IsSet("net") {
+ setNet = c.String("net")
+ }
+ if (c.IsSet("dns") || c.IsSet("dns-opt") || c.IsSet("dns-search")) && (setNet == "none" || strings.HasPrefix(setNet, "container:")) {
+ return errors.Errorf("conflicting options: dns and the network mode.")
+ }
+
// Docker-compatibility: the "-h" flag for run/create is reserved for
// the hostname (see https://github.com/containers/libpod/issues/1367).
diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md
index 89f146670..b9380f434 100644
--- a/docs/podman-create.1.md
+++ b/docs/podman-create.1.md
@@ -206,7 +206,7 @@ Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:
**--dns**=*dns*
-Set custom DNS servers
+Set custom DNS servers. Invalid if using **--dns** and **--network** that is set to 'none' or 'container:<name|id>'.
This option can be used to override the DNS
configuration passed to the container. Typically this is necessary when the
@@ -218,11 +218,11 @@ The **/etc/resolv.conf** file in the image will be used without changes.
**--dns-option**=*option*
-Set custom DNS options
+Set custom DNS options. Invalid if using **--dns-option** and **--network** that is set to 'none' or 'container:<name|id>'.
**--dns-search**=*domain*
-Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain)
+Set custom DNS search domains. Invalid if using **--dns-search** and **--network** that is set to 'none' or 'container:<name|id>'. (Use --dns-search=. if you don't wish to set the search domain)
**--entrypoint**=*"command"* | *'["command", "arg1", ...]'*
@@ -491,7 +491,7 @@ This works for both background and foreground containers.
**--network**, **--net**="*bridge*"
-Set the Network mode for the container
+Set the Network mode for the container. Invalid if using **--dns**, **--dns-option**, or **--dns-search** with **--network** that is set to 'none' or 'container:<name|id>'.
'bridge': create a network stack on the default bridge
'none': no networking
'container:<name|id>': reuse another container's network stack
diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md
index ebf774b24..035820b3f 100644
--- a/docs/podman-run.1.md
+++ b/docs/podman-run.1.md
@@ -212,7 +212,7 @@ Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:
**--dns**=*dns*
-Set custom DNS servers
+Set custom DNS servers. Invalid if using **--dns** with **--network** that is set to 'none' or 'container:<name|id>'.
This option can be used to override the DNS
configuration passed to the container. Typically this is necessary when the
@@ -224,11 +224,11 @@ The **/etc/resolv.conf** file in the image will be used without changes.
**--dns-option**=*option*
-Set custom DNS options
+Set custom DNS options. Invalid if using **--dns-option** with **--network** that is set to 'none' or 'container:<name|id>'.
**--dns-search**=*domain*
-Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain)
+Set custom DNS search domains. Invalid if using **--dns-search** and **--network** that is set to 'none' or 'container:<name|id>'. (Use --dns-search=. if you don't wish to set the search domain)
**--entrypoint**=*"command"* | *'["command", "arg1", ...]'*
@@ -502,9 +502,9 @@ to the container with **--name** then it will generate a random
string name. The name is useful any place you need to identify a container.
This works for both background and foreground containers.
-**--network**, **--net**=*mode*
+**--network**, **--net**=*node*
-Set the Network mode for the container:
+Set the Network mode for the container. Invalid if using **--dns**, **--dns-option**, or **--dns-search** with **--network** that is set to 'none' or 'container:<name|id>'.
- `bridge`: create a network stack on the default bridge
- `none`: no networking
- `container:<name|id>`: reuse another container's network stack
diff --git a/test/e2e/run_dns_test.go b/test/e2e/run_dns_test.go
index f1196ff38..081fab3fd 100644
--- a/test/e2e/run_dns_test.go
+++ b/test/e2e/run_dns_test.go
@@ -94,4 +94,22 @@ var _ = Describe("Podman run dns", func() {
Expect(session.ExitCode()).To(Equal(0))
Expect(session.LineInOutputContains("foobar")).To(BeTrue())
})
+
+ It("podman run mutually excludes --dns* and --network", func() {
+ session := podmanTest.Podman([]string{"run", "--dns=1.2.3.4", "--network", "container:ALPINE", ALPINE})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Not(Equal(0)))
+
+ session = podmanTest.Podman([]string{"run", "--dns-opt=1.2.3.4", "--network", "container:ALPINE", ALPINE})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Not(Equal(0)))
+
+ session = podmanTest.Podman([]string{"run", "--dns-search=foobar.com", "--network", "none", ALPINE})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Not(Equal(0)))
+
+ session = podmanTest.Podman([]string{"run", "--dns=1.2.3.4", "--network", "host", ALPINE})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To((Equal(0)))
+ })
})