Do not allow network modes to be used as network names

`podman network create` should not allow users to create networks with a
name which is already used for a network mode in `podman run --network`.

Fixes #11448

Signed-off-by: Paul Holzinger <pholzing@redhat.com>

3 files changed, 8 insertions, 5 deletions

diff --git a/pkg/domain/entities/engine_container.go b/pkg/domain/entities/engine_container.go
index b916d6fc6..383e42098 100644
--- a/pkg/domain/entities/engine_container.go
+++ b/pkg/domain/entities/engine_container.go
@@ -59,7 +59,7 @@ type ContainerEngine interface {
 	HealthCheckRun(ctx context.Context, nameOrID string, options HealthCheckOptions) (*define.HealthCheckResults, error)
 	Info(ctx context.Context) (*define.Info, error)
 	NetworkConnect(ctx context.Context, networkname string, options NetworkConnectOptions) error
-	NetworkCreate(ctx context.Context, network types.Network) (*NetworkCreateReport, error)
+	NetworkCreate(ctx context.Context, network types.Network) (*types.Network, error)
 	NetworkDisconnect(ctx context.Context, networkname string, options NetworkDisconnectOptions) error
 	NetworkExists(ctx context.Context, networkname string) (*BoolReport, error)
 	NetworkInspect(ctx context.Context, namesOrIds []string, options InspectOptions) ([]types.Network, []error, error)
diff --git a/pkg/domain/infra/abi/network.go b/pkg/domain/infra/abi/network.go
index 45d2c6925..d792226a8 100644
--- a/pkg/domain/infra/abi/network.go
+++ b/pkg/domain/infra/abi/network.go
@@ -107,12 +107,15 @@ func (ic *ContainerEngine) NetworkRm(ctx context.Context, namesOrIds []string, o
 	return reports, nil
 }
 
-func (ic *ContainerEngine) NetworkCreate(ctx context.Context, network types.Network) (*entities.NetworkCreateReport, error) {
+func (ic *ContainerEngine) NetworkCreate(ctx context.Context, network types.Network) (*types.Network, error) {
+	if util.StringInSlice(network.Name, []string{"none", "host", "bridge", "private", "slirp4netns", "container", "ns"}) {
+		return nil, errors.Errorf("cannot create network with name %q because it conflicts with a valid network mode", network.Name)
+	}
 	network, err := ic.Libpod.Network().NetworkCreate(network)
 	if err != nil {
 		return nil, err
 	}
-	return &entities.NetworkCreateReport{Name: network.Name}, nil
+	return &network, nil
 }
 
 // NetworkDisconnect removes a container from a given network
diff --git a/pkg/domain/infra/tunnel/network.go b/pkg/domain/infra/tunnel/network.go
index 711c2e00c..6f227f565 100644
--- a/pkg/domain/infra/tunnel/network.go
+++ b/pkg/domain/infra/tunnel/network.go
@@ -62,12 +62,12 @@ func (ic *ContainerEngine) NetworkRm(ctx context.Context, namesOrIds []string, o
 	return reports, nil
 }
 
-func (ic *ContainerEngine) NetworkCreate(ctx context.Context, net types.Network) (*entities.NetworkCreateReport, error) {
+func (ic *ContainerEngine) NetworkCreate(ctx context.Context, net types.Network) (*types.Network, error) {
 	net, err := network.Create(ic.ClientCtx, &net)
 	if err != nil {
 		return nil, err
 	}
-	return &entities.NetworkCreateReport{Name: net.Name}, nil
+	return &net, nil
 }
 
 // NetworkDisconnect removes a container from a given network