Add ability to set system wide options for slirp4netns

Wire in containers.conf options for slirp Signed-off-by: Ashley Cui <acui@redhat.com>
2024-10-19 08:44:11 +00:00 · 2020-12-04 13:37:22 -05:00 · 2020-12-04 13:37:22 -05:00 · d6d3af9e8e
parent 90d41104d9
commit d6d3af9e8e
3 changed files with 72 additions and 60 deletions
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@ -245,7 +245,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error {
 // setupSlirp4netns can be called in rootful as well as in rootless
 func (r *Runtime) setupSlirp4netns(ctr *Container) error {
 	path := r.config.Engine.NetworkCmdPath
-
+	slirpOptions := r.config.Engine.NetworkCmdOptions
 	if path == "" {
 		var err error
 		path, err = exec.LookPath("slirp4netns")
@ -273,68 +273,69 @@ func (r *Runtime) setupSlirp4netns(ctr *Container) error {
 	outboundAddr6 := ""

 	if ctr.config.NetworkOptions != nil {
-		slirpOptions := ctr.config.NetworkOptions["slirp4netns"]
-		for _, o := range slirpOptions {
-			parts := strings.SplitN(o, "=", 2)
-			if len(parts) < 2 {
-				return errors.Errorf("unknown option for slirp4netns: %q", o)
+		slirpOptions = append(slirpOptions, ctr.config.NetworkOptions["slirp4netns"]...)
+	}
+
+	for _, o := range slirpOptions {
+		parts := strings.SplitN(o, "=", 2)
+		if len(parts) < 2 {
+			return errors.Errorf("unknown option for slirp4netns: %q", o)
+		}
+		option, value := parts[0], parts[1]
+		switch option {
+		case "cidr":
+			ipv4, _, err := net.ParseCIDR(value)
+			if err != nil || ipv4.To4() == nil {
+				return errors.Errorf("invalid cidr %q", value)
 			}
-			option, value := parts[0], parts[1]
-			switch option {
-			case "cidr":
-				ipv4, _, err := net.ParseCIDR(value)
-				if err != nil || ipv4.To4() == nil {
-					return errors.Errorf("invalid cidr %q", value)
-				}
-				cidr = value
-			case "port_handler":
-				switch value {
-				case "slirp4netns":
-					isSlirpHostForward = true
-				case "rootlesskit":
-					isSlirpHostForward = false
-				default:
-					return errors.Errorf("unknown port_handler for slirp4netns: %q", value)
-				}
-			case "allow_host_loopback":
-				switch value {
-				case "true":
-					disableHostLoopback = false
-				case "false":
-					disableHostLoopback = true
-				default:
-					return errors.Errorf("invalid value of allow_host_loopback for slirp4netns: %q", value)
-				}
-			case "enable_ipv6":
-				switch value {
-				case "true":
-					enableIPv6 = true
-				case "false":
-					enableIPv6 = false
-				default:
-					return errors.Errorf("invalid value of enable_ipv6 for slirp4netns: %q", value)
-				}
-			case "outbound_addr":
-				ipv4 := net.ParseIP(value)
-				if ipv4 == nil || ipv4.To4() == nil {
-					_, err := net.InterfaceByName(value)
-					if err != nil {
-						return errors.Errorf("invalid outbound_addr %q", value)
-					}
-				}
-				outboundAddr = value
-			case "outbound_addr6":
-				ipv6 := net.ParseIP(value)
-				if ipv6 == nil || ipv6.To4() != nil {
-					_, err := net.InterfaceByName(value)
-					if err != nil {
-						return errors.Errorf("invalid outbound_addr6: %q", value)
-					}
-				}
-				outboundAddr6 = value
+			cidr = value
+		case "port_handler":
+			switch value {
+			case "slirp4netns":
+				isSlirpHostForward = true
+			case "rootlesskit":
+				isSlirpHostForward = false
 			default:
-				return errors.Errorf("unknown option for slirp4netns: %q", o)
+				return errors.Errorf("unknown port_handler for slirp4netns: %q", value)
 			}
+		case "allow_host_loopback":
+			switch value {
+			case "true":
+				disableHostLoopback = false
+			case "false":
+				disableHostLoopback = true
+			default:
+				return errors.Errorf("invalid value of allow_host_loopback for slirp4netns: %q", value)
+			}
+		case "enable_ipv6":
+			switch value {
+			case "true":
+				enableIPv6 = true
+			case "false":
+				enableIPv6 = false
+			default:
+				return errors.Errorf("invalid value of enable_ipv6 for slirp4netns: %q", value)
+			}
+		case "outbound_addr":
+			ipv4 := net.ParseIP(value)
+			if ipv4 == nil || ipv4.To4() == nil {
+				_, err := net.InterfaceByName(value)
+				if err != nil {
+					return errors.Errorf("invalid outbound_addr %q", value)
+				}
+			}
+			outboundAddr = value
+		case "outbound_addr6":
+			ipv6 := net.ParseIP(value)
+			if ipv6 == nil || ipv6.To4() != nil {
+				_, err := net.InterfaceByName(value)
+				if err != nil {
+					return errors.Errorf("invalid outbound_addr6: %q", value)
+				}
+			}
+			outboundAddr6 = value
+		default:
+			return errors.Errorf("unknown option for slirp4netns: %q", o)
 		}
 	}

--- a/test/e2e/config/containers.conf
+++ b/test/e2e/config/containers.conf
@ -52,3 +52,7 @@ dns_options=[ "debug", ]
 tz = "Pacific/Honolulu"

 umask = "0002"
+
+[engine]
+
+network_cmd_options=["allow_host_loopback=true"]
--- a/test/e2e/containers_conf_test.go
+++ b/test/e2e/containers_conf_test.go
@ -258,6 +258,12 @@ var _ = Describe("Podman run", func() {
 		Expect(session.OutputToString()).To(Equal("0002"))
 	})

+	It("podman set network cmd options slirp options to allow host loopback", func() {
+		session := podmanTest.Podman([]string{"run", "--network", "slirp4netns", ALPINE, "ping", "-c1", "10.0.2.2"})
+		session.Wait(30)
+		Expect(session.ExitCode()).To(Equal(0))
+	})
+
 	It("podman-remote test localcontainers.conf versus remote containers.conf", func() {
 		if !IsRemote() {
 			Skip("this test is only for remote")
@ -311,4 +317,5 @@ var _ = Describe("Podman run", func() {
 		Expect(session.ExitCode()).To(Equal(0))
 		Expect(session.OutputToString()).To(Equal("0022"))
 	})
+
 })