From 95c45773d7dbca2880152de681c81f0a2afec99b Mon Sep 17 00:00:00 2001
From: Matthew Heon <mheon@redhat.com>
Date: Wed, 2 Dec 2020 15:01:46 -0500
Subject: Do not mount sysfs as rootless in more cases

We can't mount sysfs as rootless unless we manage the network
namespace. Problem: slirp4netns is now creating and managing a
network namespace separate from the OCI runtime, so we can't
mount sysfs in many circumstances. The `crun` OCI runtime will
automatically handle this by falling back to a bind mount, but
`runc` will not, so we didn't notice until RHEL gating tests ran
on the new branch.

Signed-off-by: Matthew Heon <mheon@redhat.com>
---
 pkg/specgen/generate/oci.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'pkg/specgen/generate')

diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go
index 8454458a8..9649873fd 100644
--- a/pkg/specgen/generate/oci.go
+++ b/pkg/specgen/generate/oci.go
@@ -165,7 +165,7 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
 			inUserNS = true
 		}
 	}
-	if inUserNS && s.NetNS.IsHost() {
+	if inUserNS && s.NetNS.NSMode != specgen.NoNetwork {
 		canMountSys = false
 	}
 
-- 
cgit v1.2.3-54-g00ecf