rootless: add new netmode "rootless"

so that inspect reports the correct network configuration. Closes: containers#1453 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
giuseppe · Nov 22, 2018 · 76c246f · 76c246f
1 parent 1fdfeb8
commit 76c246f
Show file tree

Hide file tree

Showing 5 changed files with 30 additions and 3 deletions.
diff --git a/cmd/podman/common.go b/cmd/podman/common.go
@@ -11,6 +11,7 @@ import (
 
 	"github.com/containers/buildah"
 	"github.com/containers/libpod/libpod"
+	"github.com/containers/libpod/pkg/rootless"
 	"github.com/containers/storage"
 	"github.com/fatih/camelcase"
 	"github.com/pkg/errors"
@@ -161,6 +162,13 @@ func getContext() context.Context {
 	return context.TODO()
 }
 
+func getDefaultNetwork() string {
+	if rootless.IsRootless() {
+		return "rootless"
+	}
+	return "bridge"
+}
+
 // Common flags shared between commands
 var createFlags = []cli.Flag{
 	cli.StringSliceFlag{
@@ -372,7 +380,7 @@ var createFlags = []cli.Flag{
 	cli.StringFlag{
 		Name:  "net, network",
 		Usage: "Connect a container to a network",
-		Value: "bridge",
+		Value: getDefaultNetwork(),
 	},
 	cli.BoolFlag{
 		Name:  "oom-kill-disable",

diff --git a/pkg/namespaces/namespaces.go b/pkg/namespaces/namespaces.go
@@ -223,7 +223,12 @@ func (n NetworkMode) IsBridge() bool {
 	return n == "bridge"
 }
 
+// IsRootless indicates if we are running a rootless network stack
+func (n NetworkMode) IsRootless() bool {
+	return n == "rootless"
+}
+
 // IsUserDefined indicates user-created network
 func (n NetworkMode) IsUserDefined() bool {
-	return !n.IsDefault() && !n.IsBridge() && !n.IsHost() && !n.IsNone() && !n.IsContainer()
+	return !n.IsDefault() && !n.IsBridge() && !n.IsHost() && !n.IsNone() && !n.IsContainer() && !n.IsRootless()
 }
diff --git a/pkg/spec/spec.go b/pkg/spec/spec.go
@@ -453,6 +453,9 @@ func addNetNS(config *CreateConfig, g *generate.Generator) error {
 	} else if IsPod(string(netMode)) {
 		logrus.Debug("Using pod netmode, unless pod is not sharing")
 		return nil
+	} else if netMode.IsRootless() {
+		logrus.Debug("Using rootless netmode")
+		return nil
 	} else if netMode.IsUserDefined() {
 		logrus.Debug("Using user defined netmode")
 		return nil

diff --git a/pkg/varlinkapi/containers_create.go b/pkg/varlinkapi/containers_create.go
@@ -13,6 +13,7 @@ import (
 	"github.com/containers/libpod/libpod/image"
 	"github.com/containers/libpod/pkg/inspect"
 	"github.com/containers/libpod/pkg/namespaces"
+	"github.com/containers/libpod/pkg/rootless"
 	cc "github.com/containers/libpod/pkg/spec"
 	"github.com/containers/libpod/pkg/util"
 	"github.com/docker/docker/pkg/signal"
@@ -126,7 +127,11 @@ func varlinkCreateToCreateConfig(ctx context.Context, create iopodman.Create, ru
 	// NETWORK MODE
 	networkMode := create.Net_mode
 	if networkMode == "" {
-		networkMode = "bridge"
+		if rootless.IsRootless() {
+			networkMode = "rootless"
+		} else {
+			networkMode = "bridge"
+		}
 	}
 
 	// WORKING DIR

diff --git a/test/e2e/rootless_test.go b/test/e2e/rootless_test.go
@@ -217,6 +217,12 @@ var _ = Describe("Podman rootless", func() {
 			cmd.WaitWithDefaultTimeout()
 			Expect(cmd.ExitCode()).To(Equal(0))
 
+			cmd = rootlessTest.PodmanAsUser([]string{"inspect", "-l"}, 1000, 1000, env)
+			cmd.WaitWithDefaultTimeout()
+			Expect(cmd.ExitCode()).To(Equal(0))
+			data := check.InspectContainerToJSON()
+			Expect(data[0].HostConfig.NetworkMode).To(ContainSubstring("rootless"))
+
 			if !canUseExec {
 				Skip("ioctl(NS_GET_PARENT) not supported.")
 			}