From c6852ee516abe3e1c4e5e31168d85d7cd446ce36 Mon Sep 17 00:00:00 2001
From: Brent Baude <bbaude@redhat.com>
Date: Tue, 14 Jul 2020 12:39:24 -0500
Subject: Error on rootless mac and ip addresses

When creating a pod or container where a static MAC or IP address is provided, we should return a proper error and exit as 125.

Fixes: #6972

Signed-off-by: Brent Baude <bbaude@redhat.com>

<MH: Fixed build after cherry-pick>

Signed-off-by: Matthew Heon <matthew.heon@pm.me>
---
 pkg/specgen/specgen.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'pkg/specgen/specgen.go')

diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index 327c15c5a..91bc36709 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -1,6 +1,7 @@
 package specgen
 
 import (
+	"errors"
 	"net"
 	"syscall"
 
@@ -449,6 +450,15 @@ type PortMapping struct {
 	Protocol string `json:"protocol,omitempty"`
 }
 
+var (
+	// ErrNoStaticIPRootless is used when a rootless user requests to assign a static IP address
+	// to a pod or container
+	ErrNoStaticIPRootless error = errors.New("rootless containers and pods cannot be assigned static IP addresses")
+	// ErrNoStaticMACRootless is used when a rootless user requests to assign a static MAC address
+	// to a pod or container
+	ErrNoStaticMACRootless error = errors.New("rootless containers and pods cannot be assigned static MAC addresses")
+)
+
 // NewSpecGenerator returns a SpecGenerator struct given one of two mandatory inputs
 func NewSpecGenerator(arg string, rootfs bool) *SpecGenerator {
 	csc := ContainerStorageConfig{}
-- 
cgit v1.2.3-54-g00ecf