From d8a902a167b91ca4fde4ffeef55e9aa4907ae258 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Wed, 6 Apr 2022 11:55:40 +0200 Subject: API: use no_hosts from containers.conf The API endpoints should properly honour the `no_hosts=true` setting in containers.conf. Fixes #13719 Signed-off-by: Paul Holzinger --- cmd/podman/common/create_opts.go | 1 + pkg/api/handlers/libpod/containers_create.go | 13 ++++++++- pkg/specgen/specgen.go | 8 +++++- test/apiv2/20-containers.at | 43 ++++++++++++++++++++++++++++ test/apiv2/containers.no_hosts.conf | 2 ++ 5 files changed, 65 insertions(+), 2 deletions(-) create mode 100644 test/apiv2/containers.no_hosts.conf diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go index ad6b3870a..39146f918 100644 --- a/cmd/podman/common/create_opts.go +++ b/cmd/podman/common/create_opts.go @@ -181,6 +181,7 @@ func ContainerCreateToContainerCLIOpts(cc handlers.CreateContainerConfig, rtc *c Network: nsmode, PublishPorts: specPorts, NetworkOptions: netOpts, + NoHosts: rtc.Containers.NoHosts, } // network names diff --git a/pkg/api/handlers/libpod/containers_create.go b/pkg/api/handlers/libpod/containers_create.go index 61f437faf..4f9dc008d 100644 --- a/pkg/api/handlers/libpod/containers_create.go +++ b/pkg/api/handlers/libpod/containers_create.go @@ -18,7 +18,18 @@ import ( // the new container ID on success along with any warnings. func CreateContainer(w http.ResponseWriter, r *http.Request) { runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) - var sg specgen.SpecGenerator + conf, err := runtime.GetConfigNoCopy() + if err != nil { + utils.InternalServerError(w, err) + return + } + + // we have to set the default before we decode to make sure the correct default is set when the field is unset + sg := specgen.SpecGenerator{ + ContainerNetworkConfig: specgen.ContainerNetworkConfig{ + UseImageHosts: conf.Containers.NoHosts, + }, + } if err := json.NewDecoder(r.Body).Decode(&sg); err != nil { utils.Error(w, http.StatusInternalServerError, errors.Wrap(err, "Decode()")) diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index 27d77af9f..dfac1d457 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -467,7 +467,13 @@ type ContainerNetworkConfig struct { // UseImageHosts indicates that /etc/hosts should not be managed by // Podman, and instead sourced from the image. // Conflicts with HostAdd. - UseImageHosts bool `json:"use_image_hosts,omitempty"` + // Do not set omitempty here, if this is false it should be set to not get + // the server default. + // Ideally this would be a pointer so we could differentiate between an + // explicitly false/true and unset (containers.conf default). However + // specgen is stable so we can not change this right now. + // TODO (5.0): change to pointer + UseImageHosts bool `json:"use_image_hosts"` // HostAdd is a set of hosts which will be added to the container's // /etc/hosts file. // Conflicts with UseImageHosts. diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at index 94de2cf24..a3675d40a 100644 --- a/test/apiv2/20-containers.at +++ b/test/apiv2/20-containers.at @@ -447,3 +447,46 @@ t GET images/$iid/json 200 \ t DELETE containers/$cid 204 t DELETE images/docker.io/library/newrepo:v3?force=false 200 + +# test create without default no_hosts +t POST containers/create \ + Image=$IMAGE \ + 201 \ + .Id~[0-9a-f]\\{64\\} +cid=$(jq -r '.Id' <<<"$output") + +t POST libpod/containers/$cid/init 204 + +t GET libpod/containers/$cid/json 200 + +cpid_file=$(jq -r '.ConmonPidFile' <<<"$output") +userdata_path=$(dirname $cpid_file) + +t GET libpod/containers/$cid/json 200 \ + .HostsPath=$userdata_path/hosts + +t DELETE containers/$cid 204 + +# test create with default no_hosts=true +stop_service + +CONTAINERS_CONF=$TESTS_DIR/containers.no_hosts.conf start_service + +# check docker and libpod endpoint +for endpoint in containers/create libpod/containers/create; do + t POST $endpoint \ + Image=$IMAGE \ + 201 \ + .Id~[0-9a-f]\\{64\\} + cid=$(jq -r '.Id' <<<"$output") + + t POST libpod/containers/$cid/init 204 + + t GET libpod/containers/$cid/json 200 \ + .HostsPath="" + + t DELETE containers/$cid 204 +done + +stop_service +start_service diff --git a/test/apiv2/containers.no_hosts.conf b/test/apiv2/containers.no_hosts.conf new file mode 100644 index 000000000..b4c78bedb --- /dev/null +++ b/test/apiv2/containers.no_hosts.conf @@ -0,0 +1,2 @@ +[containers] +no_hosts=true -- cgit v1.2.3-54-g00ecf