diff --git a/cmd/podman/registry/config.go b/cmd/podman/registry/config.go index f81454ee03..b9d7b54ca1 100644 --- a/cmd/podman/registry/config.go +++ b/cmd/podman/registry/config.go @@ -105,6 +105,10 @@ func setXdgDirs() error { if _, found := os.LookupEnv("DBUS_SESSION_BUS_ADDRESS"); !found { sessionAddr := filepath.Join(os.Getenv("XDG_RUNTIME_DIR"), "bus") if _, err := os.Stat(sessionAddr); err == nil { + sessionAddr, err = filepath.EvalSymlinks(sessionAddr) + if err != nil { + return err + } os.Setenv("DBUS_SESSION_BUS_ADDRESS", "unix:path="+sessionAddr) } } diff --git a/libpod/reset.go b/libpod/reset.go index b3ece03bf1..5515e589d2 100644 --- a/libpod/reset.go +++ b/libpod/reset.go @@ -157,7 +157,13 @@ func (r *Runtime) reset(ctx context.Context) error { } } - xdgRuntimeDir := filepath.Clean(os.Getenv("XDG_RUNTIME_DIR")) + xdgRuntimeDir := os.Getenv("XDG_RUNTIME_DIR") + if xdgRuntimeDir != "" { + xdgRuntimeDir, err = filepath.EvalSymlinks(xdgRuntimeDir) + if err != nil { + return err + } + } _, prevError := r.store.Shutdown(true) graphRoot := filepath.Clean(r.store.GraphRoot()) if graphRoot == xdgRuntimeDir { diff --git a/pkg/systemd/dbus.go b/pkg/systemd/dbus.go index 6887a466ec..059d39958a 100644 --- a/pkg/systemd/dbus.go +++ b/pkg/systemd/dbus.go @@ -129,7 +129,11 @@ func dbusAuthRootlessConnection(createBus func(opts ...godbus.ConnOption) (*godb func newRootlessConnection() (*dbus.Conn, error) { return dbus.NewConnection(func() (*godbus.Conn, error) { return dbusAuthRootlessConnection(func(opts ...godbus.ConnOption) (*godbus.Conn, error) { - path := filepath.Join(os.Getenv("XDG_RUNTIME_DIR"), "systemd/private") + path := filepath.Join(os.Getenv("XDG_RUNTIME_DIR"), "systemd", "private") + path, err := filepath.EvalSymlinks(path) + if err != nil { + return nil, err + } return godbus.Dial(fmt.Sprintf("unix:path=%s", path)) }) }) diff --git a/pkg/util/utils_supported.go b/pkg/util/utils_supported.go index b3d690158b..90a2ecf862 100644 --- a/pkg/util/utils_supported.go +++ b/pkg/util/utils_supported.go @@ -27,6 +27,12 @@ func GetRuntimeDir() (string, error) { rootlessRuntimeDirOnce.Do(func() { runtimeDir := os.Getenv("XDG_RUNTIME_DIR") + + if runtimeDir != "" { + rootlessRuntimeDir, rootlessRuntimeDirError = filepath.EvalSymlinks(runtimeDir) + return + } + uid := fmt.Sprintf("%d", rootless.GetRootlessUID()) if runtimeDir == "" { tmpDir := filepath.Join("/run", "user", uid) diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats index 5ddc89b0dc..f12636eb51 100644 --- a/test/system/500-networking.bats +++ b/test/system/500-networking.bats @@ -776,4 +776,19 @@ EOF is "$output" ".*options ${dns_opt}" "--dns-option was added" } +@test "podman rootless netns works when XDG_RUNTIME_DIR includes symlinks" { + # regression test for https://github.com/containers/podman/issues/14606 + is_rootless || skip "only meaningful for rootless" + + # Create a tmpdir symlink pointing to /run, and use it briefly + ln -s /run $PODMAN_TMPDIR/run + local tmp_run=$PODMAN_TMPDIR/run/user/$(id -u) + test -d $tmp_run || skip "/run/user/MYUID unavailable" + + # This 'run' would previously fail with: + # IPAM error: failed to open database .... + XDG_RUNTIME_DIR=$tmp_run run_podman run --network bridge --rm $IMAGE ip a + assert "$output" =~ "eth0" +} + # vim: filetype=sh