From 97b84dedf3806a9e87c04ccfb51212992785d2c8 Mon Sep 17 00:00:00 2001 From: baude Date: Tue, 6 Aug 2019 09:49:03 -0500 Subject: Revert "rootless: Rearrange setup of rootless containers" This reverts commit 80dcd4bebcdc8e280f6b43228561d09c194c328b. Signed-off-by: baude --- pkg/netns/netns_linux.go | 30 +++--------------------------- pkg/spec/createconfig.go | 2 +- 2 files changed, 4 insertions(+), 28 deletions(-) (limited to 'pkg') diff --git a/pkg/netns/netns_linux.go b/pkg/netns/netns_linux.go index e8388055a..1d6fb873c 100644 --- a/pkg/netns/netns_linux.go +++ b/pkg/netns/netns_linux.go @@ -23,42 +23,23 @@ import ( "fmt" "os" "path" - "path/filepath" "runtime" "strings" "sync" "github.com/containernetworking/plugins/pkg/ns" - "github.com/containers/libpod/pkg/rootless" - "github.com/containers/libpod/pkg/util" "github.com/sirupsen/logrus" "golang.org/x/sys/unix" ) -// get NSRunDir returns the dir of where to create the netNS. When running -// rootless, it needs to be at a location writable by user. -func getNSRunDir() (string, error) { - if rootless.IsRootless() { - rootlessDir, err := util.GetRootlessRuntimeDir() - if err != nil { - return "", err - } - return filepath.Join(rootlessDir, "netns"), nil - } - return "/var/run/netns", nil -} +const nsRunDir = "/var/run/netns" // NewNS creates a new persistent (bind-mounted) network namespace and returns // an object representing that namespace, without switching to it. func NewNS() (ns.NetNS, error) { - nsRunDir, err := getNSRunDir() - if err != nil { - return nil, err - } - b := make([]byte, 16) - _, err = rand.Reader.Read(b) + _, err := rand.Reader.Read(b) if err != nil { return nil, fmt.Errorf("failed to generate random netns name: %v", err) } @@ -146,7 +127,7 @@ func NewNS() (ns.NetNS, error) { // Put this thread back to the orig ns, since it might get reused (pre go1.10) defer func() { if err := origNS.Set(); err != nil { - logrus.Warnf("unable to set namespace: %q", err) + logrus.Errorf("unable to set namespace: %q", err) } }() @@ -169,11 +150,6 @@ func NewNS() (ns.NetNS, error) { // UnmountNS unmounts the NS held by the netns object func UnmountNS(ns ns.NetNS) error { - nsRunDir, err := getNSRunDir() - if err != nil { - return err - } - nsPath := ns.Path() // Only unmount if it's been bind-mounted (don't touch namespaces in /proc...) if strings.HasPrefix(nsPath, nsRunDir) { diff --git a/pkg/spec/createconfig.go b/pkg/spec/createconfig.go index 289634a0d..f21ae2831 100644 --- a/pkg/spec/createconfig.go +++ b/pkg/spec/createconfig.go @@ -270,7 +270,7 @@ func (c *CreateConfig) getContainerCreateOptions(runtime *libpod.Runtime, pod *l options = append(options, libpod.WithNetNSFrom(connectedCtr)) } else if !c.NetMode.IsHost() && !c.NetMode.IsNone() { hasUserns := c.UsernsMode.IsContainer() || c.UsernsMode.IsNS() || len(c.IDMappings.UIDMap) > 0 || len(c.IDMappings.GIDMap) > 0 - postConfigureNetNS := hasUserns && !c.UsernsMode.IsHost() + postConfigureNetNS := c.NetMode.IsSlirp4netns() || (hasUserns && !c.UsernsMode.IsHost()) options = append(options, libpod.WithNetNS(portBindings, postConfigureNetNS, string(c.NetMode), networks)) } -- cgit v1.2.3-54-g00ecf