Merge pull request #11733 from Luap99/xdg

rootful: do not set XDG_RUNTIME_DIR for cni plugins

cmd/podman/registry/config.go

@@ -89,12 +89,7 @@ func newPodmanConfig() {
 // use for the containers.conf configuration file.
 func setXdgDirs() error {
 	if !rootless.IsRootless() {
-		// unset XDG_RUNTIME_DIR for root
-		// Sometimes XDG_RUNTIME_DIR is set to /run/user/0 sometimes it is unset,
-		// the inconsistency is causing issues for the dnsname plugin.
-		// It is already set to an empty string for conmon so lets do the same
-		// for podman. see #10806 and #10745
-		return os.Unsetenv("XDG_RUNTIME_DIR")
+		return nil
 	}
 
 	// Setup XDG_RUNTIME_DIR

libpod/network/cni/cni_exec.go

@@ -30,6 +30,7 @@ import (
 
 	"github.com/containernetworking/cni/pkg/invoke"
 	"github.com/containernetworking/cni/pkg/version"
+	"github.com/containers/podman/v3/pkg/rootless"
 )
 
 type cniExec struct {
@@ -67,6 +68,17 @@ func (e *cniExec) ExecPlugin(ctx context.Context, pluginPath string, stdinData [
 	c.Stdout = stdout
 	c.Stderr = stderr
 
+	// The dnsname plugin tries to use XDG_RUNTIME_DIR to store files.
+	// podman run will have XDG_RUNTIME_DIR set and thus the cni plugin can use
+	// it. The problem is that XDG_RUNTIME_DIR is unset for the conmon process
+	// for rootful users. This causes issues since the cleanup process is spawned
+	// by conmon and thus not have XDG_RUNTIME_DIR set to same value as podman run.
+	// Because of it dnsname will not find the config files and cannot correctly cleanup.
+	// To fix this we should also unset XDG_RUNTIME_DIR for the cni plugins as rootful.
+	if !rootless.IsRootless() {
+		c.Env = append(c.Env, "XDG_RUNTIME_DIR=")
+	}
+
 	err := c.Run()
 	if err != nil {
 		return nil, annotatePluginError(err, pluginPath, stdout.Bytes(), stderr.Bytes())