Merge pull request #17969 from TomSweeneyRedHat/dev/tsweeney/keepid

openshift-merge-robot · web-flow · commit 67f7e1e94162 · 2023-03-29T17:58:49.000+02:00
[v4.4.1-rhel] fix slirp4netns resolv.conf ip with a userns
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
@@ -1005,6 +1005,8 @@ func (c *Container) completeNetworkSetup() error {
 			nameservers = append(nameservers, server.String())
 		}
 	}
+	nameservers = c.addSlirp4netnsDNS(nameservers)
+
 	// check if we have a bindmount for /etc/hosts
 	if hostsBindMount, ok := state.BindMounts[config.DefaultHostsFile]; ok {
 		entries, err := c.getHostsEntries()
diff --git a/libpod/container_internal_common.go b/libpod/container_internal_common.go
@@ -2015,8 +2015,13 @@ func (c *Container) generateResolvConf() error {
 		keepHostServers = true
 		// first add the nameservers from the networks status
 		nameservers = networkNameServers
+
 		// slirp4netns has a built in DNS forwarder.
-		nameservers = c.addSlirp4netnsDNS(nameservers)
+		// If in userns the network is not setup here, instead we need to do that in
+		// c.completeNetworkSetup() which knows the actual slirp dns ip only at that point
+		if !c.config.PostConfigureNetNS {
+			nameservers = c.addSlirp4netnsDNS(nameservers)
+		}
 	}
 
 	// Set DNS search domains
diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats
@@ -196,8 +196,18 @@ load helpers.network
 @test "podman run with slirp4ns adds correct dns address to resolv.conf" {
     CIDR="$(random_rfc1918_subnet)"
     run_podman run --rm --network slirp4netns:cidr="${CIDR}.0/24" \
-                $IMAGE grep "${CIDR}" /etc/resolv.conf
-    is "$output"   "nameserver ${CIDR}.3"   "resolv.conf should have slirp4netns cidr+3 as a nameserver"
+                $IMAGE cat /etc/resolv.conf
+    assert "$output" =~ "nameserver ${CIDR}.3" "resolv.conf should have slirp4netns cidr+3 as first nameserver"
+    no_userns_out="$output"
+
+    if is_rootless; then
+    # check the slirp ip also works correct with userns
+        run_podman run --rm --userns keep-id --network slirp4netns:cidr="${CIDR}.0/24" \
+                $IMAGE cat /etc/resolv.conf
+        assert "$output" =~ "nameserver ${CIDR}.3" "resolv.conf should have slirp4netns cidr+3 as first nameserver with userns"
+        assert "$output" == "$no_userns_out" "resolv.conf should look the same for userns"
+    fi
+
 }
 
 @test "podman run with slirp4ns assigns correct ip address container" {

Original file line number	Diff line number	Diff line change
`@@ -1005,6 +1005,8 @@ func (c *Container) completeNetworkSetup() error {`
`1005`	`1005`	`nameservers = append(nameservers, server.String())`
`1006`	`1006`	`}`
`1007`	`1007`	`}`
	`1008`	`+ nameservers = c.addSlirp4netnsDNS(nameservers)`
	`1009`	`+`
`1008`	`1010`	`// check if we have a bindmount for /etc/hosts`
`1009`	`1011`	`if hostsBindMount, ok := state.BindMounts[config.DefaultHostsFile]; ok {`
`1010`	`1012`	`entries, err := c.getHostsEntries()`