opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-29 06:57:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

Only change network fields if they were actually changed by the user

Browse Source 
Fixes: https://github.com/containers/podman/issues/13065

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
Daniel J Walsh
2022-01-31 09:58:15 -05:00
parent dc0dc6a557
commit 4ddc4e79d7
2 changed files with 96 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

138
cmd/podman/common/netflags.go
View File

@ -103,74 +103,86 @@ func NetFlagsToNetOptions(opts *entities.NetOptions, flags pflag.FlagSet) (*enti
opts = &entities.NetOptions{} opts = &entities.NetOptions{}
} }
opts.AddHosts, err = flags.GetStringSlice("add-host") if flags.Changed("add-hosts") {
if err != nil { opts.AddHosts, err = flags.GetStringSlice("add-host")
return nil, err
}
// Verify the additional hosts are in correct format
for _, host := range opts.AddHosts {
if _, err := parse.ValidateExtraHost(host); err != nil {
return nil, err
}
}
servers, err := flags.GetStringSlice("dns")
if err != nil {
return nil, err
}
for _, d := range servers {
if d == "none" {
opts.UseImageResolvConf = true
if len(servers) > 1 {
return nil, errors.Errorf("%s is not allowed to be specified with other DNS ip addresses", d)
}
break
}
dns := net.ParseIP(d)
if dns == nil {
return nil, errors.Errorf("%s is not an ip address", d)
}
opts.DNSServers = append(opts.DNSServers, dns)
}
options, err := flags.GetStringSlice("dns-opt")
if err != nil {
return nil, err
}
opts.DNSOptions = options
dnsSearches, err := flags.GetStringSlice("dns-search")
if err != nil {
return nil, err
}
// Validate domains are good
for _, dom := range dnsSearches {
if dom == "." {
if len(dnsSearches) > 1 {
return nil, errors.Errorf("cannot pass additional search domains when also specifying '.'")
}
continue
}
if _, err := parse.ValidateDomain(dom); err != nil {
return nil, err
}
}
opts.DNSSearch = dnsSearches
inputPorts, err := flags.GetStringSlice("publish")
if err != nil {
return nil, err
}
if len(inputPorts) > 0 {
opts.PublishPorts, err = specgenutil.CreatePortBindings(inputPorts)
if err != nil { if err != nil {
return nil, err return nil, err
} }
// Verify the additional hosts are in correct format
for _, host := range opts.AddHosts {
if _, err := parse.ValidateExtraHost(host); err != nil {
return nil, err
}
}
} }
opts.NoHosts, err = flags.GetBool("no-hosts") if flags.Changed("dns") {
if err != nil { servers, err := flags.GetStringSlice("dns")
return nil, err if err != nil {
return nil, err
}
for _, d := range servers {
if d == "none" {
opts.UseImageResolvConf = true
if len(servers) > 1 {
return nil, errors.Errorf("%s is not allowed to be specified with other DNS ip addresses", d)
}
break
}
dns := net.ParseIP(d)
if dns == nil {
return nil, errors.Errorf("%s is not an ip address", d)
}
opts.DNSServers = append(opts.DNSServers, dns)
}
}
if flags.Changed("dns-opt") {
options, err := flags.GetStringSlice("dns-opt")
if err != nil {
return nil, err
}
opts.DNSOptions = options
}
if flags.Changed("dns-search") {
dnsSearches, err := flags.GetStringSlice("dns-search")
if err != nil {
return nil, err
}
// Validate domains are good
for _, dom := range dnsSearches {
if dom == "." {
if len(dnsSearches) > 1 {
return nil, errors.Errorf("cannot pass additional search domains when also specifying '.'")
}
continue
}
if _, err := parse.ValidateDomain(dom); err != nil {
return nil, err
}
}
opts.DNSSearch = dnsSearches
}
if flags.Changed("publish") {
inputPorts, err := flags.GetStringSlice("publish")
if err != nil {
return nil, err
}
if len(inputPorts) > 0 {
opts.PublishPorts, err = specgenutil.CreatePortBindings(inputPorts)
if err != nil {
return nil, err
}
}
}
if flags.Changed("no-host") {
opts.NoHosts, err = flags.GetBool("no-hosts")
if err != nil {
return nil, err
}
} }
// parse the network only when network was changed // parse the network only when network was changed

21
test/system/500-networking.bats
View File

@ -589,4 +589,25 @@ load helpers
run_podman network rm -t 0 -f $netname run_podman network rm -t 0 -f $netname
} }
@test "podman run CONTAINERS_CONF dns options" {
skip_if_remote "CONTAINERS_CONF redirect does not work on remote"
# Test on the CLI and via containers.conf
containersconf=$PODMAN_TMPDIR/containers.conf
searchIP="100.100.100.100"
cat >$containersconf <<EOF
[containers]
dns_searches = [ "example.com"]
dns_servers = [
"1.1.1.1",
"$searchIP",
"1.0.0.1",
"8.8.8.8",
]
EOF
CONTAINERS_CONF=$containersconf run_podman run --rm $IMAGE grep "example.com" /etc/resolv.conf
CONTAINERS_CONF=$containersconf run_podman run --rm $IMAGE grep $searchIP /etc/resolv.conf
is "$output" "nameserver $searchIP" "Should only be one $searchIP not multiple"
}
# vim: filetype=sh # vim: filetype=sh