From 32aa45e344abc3e9501b0fddbac099285869e224 Mon Sep 17 00:00:00 2001
From: Matthew Heon <mheon@redhat.com>
Date: Tue, 4 Dec 2018 14:57:06 -0500
Subject: Don't initialize CNI when running as rootless

We don't use CNI to configure networks for rootless containers,
so no need to set it up. It may also cause issues with inotify,
so disabling it resolves some potential problems.

Signed-off-by: Matthew Heon <mheon@redhat.com>
---
 libpod/runtime.go | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'libpod')

diff --git a/libpod/runtime.go b/libpod/runtime.go
index 9feae03fc..78092536d 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -523,11 +523,13 @@ func makeRuntime(runtime *Runtime) (err error) {
 	}
 
 	// Set up the CNI net plugin
-	netPlugin, err := ocicni.InitCNI(runtime.config.CNIDefaultNetwork, runtime.config.CNIConfigDir, runtime.config.CNIPluginDir...)
-	if err != nil {
-		return errors.Wrapf(err, "error configuring CNI network plugin")
+	if !rootless.IsRootless() {
+		netPlugin, err := ocicni.InitCNI(runtime.config.CNIDefaultNetwork, runtime.config.CNIConfigDir, runtime.config.CNIPluginDir...)
+		if err != nil {
+			return errors.Wrapf(err, "error configuring CNI network plugin")
+		}
+		runtime.netPlugin = netPlugin
 	}
-	runtime.netPlugin = netPlugin
 
 	// Set up a firewall backend
 	backendType := ""
-- 
cgit v1.2.3-54-g00ecf