From 58f8c3d743cfe837c9228819436df294fddf408d Mon Sep 17 00:00:00 2001
From: Paul Holzinger <pholzing@redhat.com>
Date: Fri, 5 Nov 2021 14:52:08 +0100
Subject: mount full XDG_RUNTIME_DIR in rootless cni ns

We should mount the full runtime directory into the namespace instead of
just the netns dir. This allows more use cases.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
---
 libpod/networking_linux.go | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'libpod/networking_linux.go')

diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index bf527a81a..29d51f96c 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -161,7 +161,7 @@ func (r *RootlessCNI) Do(toRun func() error) error {
 		// Because the plugins also need access to XDG_RUNTIME_DIR/netns some special setup is needed.
 
 		// The following bind mounts are needed
-		// 1. XDG_RUNTIME_DIR/netns -> XDG_RUNTIME_DIR/rootless-cni/XDG_RUNTIME_DIR/netns
+		// 1. XDG_RUNTIME_DIR -> XDG_RUNTIME_DIR/rootless-cni/XDG_RUNTIME_DIR
 		// 2. /run/systemd -> XDG_RUNTIME_DIR/rootless-cni/run/systemd (only if it exists)
 		// 3. XDG_RUNTIME_DIR/rootless-cni/resolv.conf -> /etc/resolv.conf or XDG_RUNTIME_DIR/rootless-cni/run/symlink/target
 		// 4. XDG_RUNTIME_DIR/rootless-cni/var/lib/cni -> /var/lib/cni (if /var/lib/cni does not exists use the parent dir)
@@ -174,16 +174,16 @@ func (r *RootlessCNI) Do(toRun func() error) error {
 			return errors.Wrapf(err, "cannot create a new mount namespace")
 		}
 
-		netNsDir, err := netns.GetNSRunDir()
+		xdgRuntimeDir, err := util.GetRuntimeDir()
 		if err != nil {
-			return errors.Wrap(err, "could not get network namespace directory")
+			return errors.Wrap(err, "could not get runtime directory")
 		}
-		newNetNsDir := r.getPath(netNsDir)
+		newXDGRuntimeDir := r.getPath(xdgRuntimeDir)
 		// 1. Mount the netns into the new run to keep them accessible.
 		// Otherwise cni setup will fail because it cannot access the netns files.
-		err = unix.Mount(netNsDir, newNetNsDir, "none", unix.MS_BIND|unix.MS_SHARED|unix.MS_REC, "")
+		err = unix.Mount(xdgRuntimeDir, newXDGRuntimeDir, "none", unix.MS_BIND|unix.MS_SHARED|unix.MS_REC, "")
 		if err != nil {
-			return errors.Wrap(err, "failed to mount netns directory for rootless cni")
+			return errors.Wrap(err, "failed to mount runtime directory for rootless cni")
 		}
 
 		// 2. Also keep /run/systemd if it exists.
-- 
cgit v1.2.3-54-g00ecf