diff options
author | Qi Wang <qiwan@redhat.com> | 2019-07-15 13:54:12 -0400 |
---|---|---|
committer | Qi Wang <qiwan@redhat.com> | 2019-07-18 09:39:31 -0400 |
commit | 3f721f8b17780931a75f9e072e4d32bf9a49e976 (patch) | |
tree | de237c123cdeb0ceaae1d494443d1dc9b8a6f97f | |
parent | adcde2383f1da517c5788516d639745f5f01d300 (diff) | |
download | podman-3f721f8b17780931a75f9e072e4d32bf9a49e976.tar.gz podman-3f721f8b17780931a75f9e072e4d32bf9a49e976.tar.bz2 podman-3f721f8b17780931a75f9e072e4d32bf9a49e976.zip |
fix --dns* and --network not set to host conflict
Close #3553
This PR makes --dns, --dns-option, --dns-search, and --network not set to host flag mutually exclusive for podman build and create. Returns conflict error if both flags are set.
Signed-off-by: Qi Wang <qiwan@redhat.com>
-rw-r--r-- | cmd/podman/create.go | 11 | ||||
-rw-r--r-- | docs/podman-create.1.md | 8 | ||||
-rw-r--r-- | docs/podman-run.1.md | 10 | ||||
-rw-r--r-- | test/e2e/run_dns_test.go | 18 |
4 files changed, 38 insertions, 9 deletions
diff --git a/cmd/podman/create.go b/cmd/podman/create.go index 262cdffe4..3c24729c5 100644 --- a/cmd/podman/create.go +++ b/cmd/podman/create.go @@ -2,6 +2,7 @@ package main import ( "fmt" + "strings" "github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/pkg/adapter" @@ -77,6 +78,16 @@ func createInit(c *cliconfig.PodmanCommand) error { logrus.Warn("setting security options with --privileged has no effect") } + var setNet string + if c.IsSet("network") { + setNet = c.String("network") + } else if c.IsSet("net") { + setNet = c.String("net") + } + if (c.IsSet("dns") || c.IsSet("dns-opt") || c.IsSet("dns-search")) && (setNet == "none" || strings.HasPrefix(setNet, "container:")) { + return errors.Errorf("conflicting options: dns and the network mode.") + } + // Docker-compatibility: the "-h" flag for run/create is reserved for // the hostname (see https://github.com/containers/libpod/issues/1367). diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md index 89f146670..b9380f434 100644 --- a/docs/podman-create.1.md +++ b/docs/podman-create.1.md @@ -206,7 +206,7 @@ Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda: **--dns**=*dns* -Set custom DNS servers +Set custom DNS servers. Invalid if using **--dns** and **--network** that is set to 'none' or 'container:<name|id>'. This option can be used to override the DNS configuration passed to the container. Typically this is necessary when the @@ -218,11 +218,11 @@ The **/etc/resolv.conf** file in the image will be used without changes. **--dns-option**=*option* -Set custom DNS options +Set custom DNS options. Invalid if using **--dns-option** and **--network** that is set to 'none' or 'container:<name|id>'. **--dns-search**=*domain* -Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain) +Set custom DNS search domains. Invalid if using **--dns-search** and **--network** that is set to 'none' or 'container:<name|id>'. (Use --dns-search=. if you don't wish to set the search domain) **--entrypoint**=*"command"* | *'["command", "arg1", ...]'* @@ -491,7 +491,7 @@ This works for both background and foreground containers. **--network**, **--net**="*bridge*" -Set the Network mode for the container +Set the Network mode for the container. Invalid if using **--dns**, **--dns-option**, or **--dns-search** with **--network** that is set to 'none' or 'container:<name|id>'. 'bridge': create a network stack on the default bridge 'none': no networking 'container:<name|id>': reuse another container's network stack diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md index ebf774b24..035820b3f 100644 --- a/docs/podman-run.1.md +++ b/docs/podman-run.1.md @@ -212,7 +212,7 @@ Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda: **--dns**=*dns* -Set custom DNS servers +Set custom DNS servers. Invalid if using **--dns** with **--network** that is set to 'none' or 'container:<name|id>'. This option can be used to override the DNS configuration passed to the container. Typically this is necessary when the @@ -224,11 +224,11 @@ The **/etc/resolv.conf** file in the image will be used without changes. **--dns-option**=*option* -Set custom DNS options +Set custom DNS options. Invalid if using **--dns-option** with **--network** that is set to 'none' or 'container:<name|id>'. **--dns-search**=*domain* -Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain) +Set custom DNS search domains. Invalid if using **--dns-search** and **--network** that is set to 'none' or 'container:<name|id>'. (Use --dns-search=. if you don't wish to set the search domain) **--entrypoint**=*"command"* | *'["command", "arg1", ...]'* @@ -502,9 +502,9 @@ to the container with **--name** then it will generate a random string name. The name is useful any place you need to identify a container. This works for both background and foreground containers. -**--network**, **--net**=*mode* +**--network**, **--net**=*node* -Set the Network mode for the container: +Set the Network mode for the container. Invalid if using **--dns**, **--dns-option**, or **--dns-search** with **--network** that is set to 'none' or 'container:<name|id>'. - `bridge`: create a network stack on the default bridge - `none`: no networking - `container:<name|id>`: reuse another container's network stack diff --git a/test/e2e/run_dns_test.go b/test/e2e/run_dns_test.go index f1196ff38..081fab3fd 100644 --- a/test/e2e/run_dns_test.go +++ b/test/e2e/run_dns_test.go @@ -94,4 +94,22 @@ var _ = Describe("Podman run dns", func() { Expect(session.ExitCode()).To(Equal(0)) Expect(session.LineInOutputContains("foobar")).To(BeTrue()) }) + + It("podman run mutually excludes --dns* and --network", func() { + session := podmanTest.Podman([]string{"run", "--dns=1.2.3.4", "--network", "container:ALPINE", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Not(Equal(0))) + + session = podmanTest.Podman([]string{"run", "--dns-opt=1.2.3.4", "--network", "container:ALPINE", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Not(Equal(0))) + + session = podmanTest.Podman([]string{"run", "--dns-search=foobar.com", "--network", "none", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Not(Equal(0))) + + session = podmanTest.Podman([]string{"run", "--dns=1.2.3.4", "--network", "host", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To((Equal(0))) + }) }) |