rootless: add new netmode "slirp4netns"

so that inspect reports the correct network configuration. Closes: https://github.com/containers/libpod/issues/1453 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2025-05-17 15:18:43 +08:00 · 2018-11-21 17:38:28 +01:00
parent 266c4952a8
commit 4203df69ac
5 changed files with 32 additions and 3 deletions
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@ -11,6 +11,7 @@ import (

 	"github.com/containers/buildah"
 	"github.com/containers/libpod/libpod"
+	"github.com/containers/libpod/pkg/rootless"
 	"github.com/containers/storage"
 	"github.com/fatih/camelcase"
 	"github.com/pkg/errors"
@ -161,6 +162,13 @@ func getContext() context.Context {
 	return context.TODO()
 }

+func getDefaultNetwork() string {
+	if rootless.IsRootless() {
+		return "slirp4netns"
+	}
+	return "bridge"
+}
+
 // Common flags shared between commands
 var createFlags = []cli.Flag{
 	cli.StringSliceFlag{
@ -372,7 +380,7 @@ var createFlags = []cli.Flag{
 	cli.StringFlag{
 		Name:  "net, network",
 		Usage: "Connect a container to a network",
-		Value: "bridge",
+		Value: getDefaultNetwork(),
 	},
 	cli.BoolFlag{
 		Name:  "oom-kill-disable",
--- a/pkg/namespaces/namespaces.go
+++ b/pkg/namespaces/namespaces.go
@ -223,7 +223,12 @@ func (n NetworkMode) IsBridge() bool {
 	return n == "bridge"
 }

+// IsSlirp4netns indicates if we are running a rootless network stack
+func (n NetworkMode) IsSlirp4netns() bool {
+	return n == "slirp4netns"
+}
+
 // IsUserDefined indicates user-created network
 func (n NetworkMode) IsUserDefined() bool {
-	return !n.IsDefault() && !n.IsBridge() && !n.IsHost() && !n.IsNone() && !n.IsContainer()
+	return !n.IsDefault() && !n.IsBridge() && !n.IsHost() && !n.IsNone() && !n.IsContainer() && !n.IsSlirp4netns()
 }
--- a/pkg/spec/spec.go
+++ b/pkg/spec/spec.go
@ -453,6 +453,9 @@ func addNetNS(config *CreateConfig, g *generate.Generator) error {
 	} else if IsPod(string(netMode)) {
 		logrus.Debug("Using pod netmode, unless pod is not sharing")
 		return nil
+	} else if netMode.IsSlirp4netns() {
+		logrus.Debug("Using slirp4netns netmode")
+		return nil
 	} else if netMode.IsUserDefined() {
 		logrus.Debug("Using user defined netmode")
 		return nil
--- a/pkg/varlinkapi/containers_create.go
+++ b/pkg/varlinkapi/containers_create.go
@ -13,6 +13,7 @@ import (
 	"github.com/containers/libpod/libpod/image"
 	"github.com/containers/libpod/pkg/inspect"
 	"github.com/containers/libpod/pkg/namespaces"
+	"github.com/containers/libpod/pkg/rootless"
 	cc "github.com/containers/libpod/pkg/spec"
 	"github.com/containers/libpod/pkg/util"
 	"github.com/docker/docker/pkg/signal"
@ -126,7 +127,11 @@ func varlinkCreateToCreateConfig(ctx context.Context, create iopodman.Create, ru
 	// NETWORK MODE
 	networkMode := create.Net_mode
 	if networkMode == "" {
-		networkMode = "bridge"
+		if rootless.IsRootless() {
+			networkMode = "slirp4netns"
+		} else {
+			networkMode = "bridge"
+		}
 	}

 	// WORKING DIR
--- a/test/e2e/rootless_test.go
+++ b/test/e2e/rootless_test.go
@ -217,6 +217,14 @@ var _ = Describe("Podman rootless", func() {
 			cmd.WaitWithDefaultTimeout()
 			Expect(cmd.ExitCode()).To(Equal(0))

+			if len(args) == 0 {
+				cmd = rootlessTest.PodmanAsUser([]string{"inspect", "-l"}, 1000, 1000, env)
+				cmd.WaitWithDefaultTimeout()
+				Expect(cmd.ExitCode()).To(Equal(0))
+				data := cmd.InspectContainerToJSON()
+				Expect(data[0].HostConfig.NetworkMode).To(ContainSubstring("slirp4netns"))
+			}
+
 			if !canUseExec {
 				Skip("ioctl(NS_GET_PARENT) not supported.")
 			}