From c6852ee516abe3e1c4e5e31168d85d7cd446ce36 Mon Sep 17 00:00:00 2001
From: Brent Baude <bbaude@redhat.com>
Date: Tue, 14 Jul 2020 12:39:24 -0500
Subject: Error on rootless mac and ip addresses

When creating a pod or container where a static MAC or IP address is provided, we should return a proper error and exit as 125.

Fixes: #6972

Signed-off-by: Brent Baude <bbaude@redhat.com>

<MH: Fixed build after cherry-pick>

Signed-off-by: Matthew Heon <matthew.heon@pm.me>
---
 pkg/specgen/pod_validate.go | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'pkg/specgen/pod_validate.go')

diff --git a/pkg/specgen/pod_validate.go b/pkg/specgen/pod_validate.go
index 070bb1e41..69c3b58ed 100644
--- a/pkg/specgen/pod_validate.go
+++ b/pkg/specgen/pod_validate.go
@@ -1,6 +1,7 @@
 package specgen
 
 import (
+	"github.com/containers/libpod/v2/pkg/rootless"
 	"github.com/containers/libpod/v2/pkg/util"
 	"github.com/pkg/errors"
 )
@@ -18,6 +19,16 @@ func exclusivePodOptions(opt1, opt2 string) error {
 
 // Validate verifies the input is valid
 func (p *PodSpecGenerator) Validate() error {
+
+	if rootless.IsRootless() {
+		if p.StaticIP != nil {
+			return ErrNoStaticIPRootless
+		}
+		if p.StaticMAC != nil {
+			return ErrNoStaticMACRootless
+		}
+	}
+
 	// PodBasicConfig
 	if p.NoInfra {
 		if len(p.InfraCommand) > 0 {
-- 
cgit v1.2.3-54-g00ecf