libpod: configureNetNS() tear down on errors

Make sure to tear down the netns again on errors. This is needed when a later call fails and we do not have already stored the netns in the container state. [NO NEW TESTS NEEDED] My ginkgo-v2 PR will catch problem like this once merged. Fixes #18205 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2025-05-17 23:26:08 +08:00 · 2023-04-17 11:28:16 +02:00
parent 4f93a6eee4
commit 7e4cd22acb
1 changed files with 8 additions and 0 deletions
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@ -592,6 +592,14 @@ func (r *Runtime) configureNetNS(ctr *Container, ctrNS string) (status map[strin
 	if err != nil {
 		return nil, err
 	}
+	defer func() {
+		// do not forget to tear down the netns when a later error happened.
+		if rerr != nil {
+			if err := r.teardownNetworkBackend(ctrNS, netOpts); err != nil {
+				logrus.Warnf("failed to teardown network after failed setup: %v", err)
+			}
+		}
+	}()

 	// set up rootless port forwarder when rootless with ports and the network status is empty,
 	// if this is called from network reload the network status will not be empty and we should