Vendor c/common

Vendor c/common@main

Signed-off-by: Ashley Cui <acui@redhat.com>

vendor/github.com/containers/common/pkg/config/config.go

@@ -567,6 +567,9 @@ type NetworkConfig struct {
 	// NetavarkPluginDirs is a list of directories which contain netavark plugins.
 	NetavarkPluginDirs attributedstring.Slice `toml:"netavark_plugin_dirs,omitempty"`
 
+	// FirewallDriver is the firewall driver to be used
+	FirewallDriver string `toml:"firewall_driver,omitempty"`
+
 	// DefaultNetwork is the network name of the default network
 	// to attach pods to.
 	DefaultNetwork string `toml:"default_network,omitempty"`

vendor/github.com/containers/common/pkg/config/config_darwin.go

@@ -32,6 +32,8 @@ func ifRootlessConfigPath() (string, error) {
 }
 
 var defaultHelperBinariesDir = []string{
+	// Relative to the binary directory
+	"$BINDIR/../libexec/podman",
 	// Homebrew install paths
 	"/usr/local/opt/podman/libexec/podman",
 	"/opt/homebrew/opt/podman/libexec/podman",
@@ -42,6 +44,4 @@ var defaultHelperBinariesDir = []string{
 	"/usr/local/lib/podman",
 	"/usr/libexec/podman",
 	"/usr/lib/podman",
-	// Relative to the binary directory
-	"$BINDIR/../libexec/podman",
 }

vendor/github.com/containers/common/pkg/config/containers.conf

@@ -340,6 +340,14 @@ default_sysctls = [
 #  "/usr/lib/netavark",
 #]
 
+# The firewall driver to be used by netavark.
+# The default is empty which means netavark will pick one accordingly. Current supported 
+# drivers are "iptables", "none" (no firewall rules will be created) and "firewalld" (firewalld is
+# experimental at the moment and not recommend outside of testing). In the future we are
+# planning to add support for a "nftables" driver.
+#firewall_driver = ""
+
+
 # The network name of the default network to attach pods to.
 #
 #default_network = "podman"

vendor/github.com/containers/common/pkg/config/default.go

@@ -253,6 +253,7 @@ func defaultConfig() (*Config, error) {
 			Volumes:             attributedstring.Slice{},
 		},
 		Network: NetworkConfig{
+			FirewallDriver:            "",
 			DefaultNetwork:            "podman",
 			DefaultSubnet:             DefaultSubnet,
 			DefaultSubnetPools:        DefaultSubnetPools,
@@ -339,7 +340,8 @@ func defaultEngineConfig() (*EngineConfig, error) {
 
 	c.HelperBinariesDir.Set(defaultHelperBinariesDir)
 	if additionalHelperBinariesDir != "" {
-		c.HelperBinariesDir.Set(append(c.HelperBinariesDir.Get(), additionalHelperBinariesDir))
+		// Prioritize addtionalHelperBinariesDir over defaults.
+		c.HelperBinariesDir.Set(append([]string{additionalHelperBinariesDir}, c.HelperBinariesDir.Get()...))
 	}
 	c.HooksDir.Set(DefaultHooksDirs)
 	c.ImageDefaultTransport = _defaultTransport