start: unify and simplify network creation

Make sure that network creation happens at the same time for containers started by privileged and unprivileged users. The only reason we didn't do this so far was to avoid sending network device ifindices around in the privileged case. Link: #3066 Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
lxc · Jul 2, 2019 · e389f2a · e389f2a
1 parent c121b30
commit e389f2a
Show file tree

Hide file tree

Showing 4 changed files with 141 additions and 126 deletions.
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
@@ -3563,16 +3563,19 @@ int lxc_setup(struct lxc_handler *handler)
 	if (ret < 0)
 		return -1;
 
-	ret = lxc_setup_network_in_child_namespaces(lxc_conf, &lxc_conf->network);
-	if (ret < 0) {
-		ERROR("Failed to setup network");
-		return -1;
-	}
+	if (handler->ns_clone_flags & CLONE_NEWNET) {
+		ret = lxc_setup_network_in_child_namespaces(lxc_conf,
+							    &lxc_conf->network);
+		if (ret < 0) {
+			ERROR("Failed to setup network");
+			return -1;
+		}
 
-	ret = lxc_network_send_name_and_ifindex_to_parent(handler);
-	if (ret < 0) {
-		ERROR("Failed to send network device names and ifindices to parent");
-		return -1;
+		ret = lxc_network_send_name_and_ifindex_to_parent(handler);
+		if (ret < 0) {
+			ERROR("Failed to send network device names and ifindices to parent");
+			return -1;
+		}
 	}
 
 	if (lxc_conf->autodev > 0) {