opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-10-16 18:53:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

specgen: check that networks are only set with bridge

Browse Source 
Because we cannot reqad the networking mode in the frontent because we
should always use the server default we have to parse the mac and ip
address to the server via a default network. Now when the server reads
the default nsmode it has to reject the provided networks when the mode
is not set to bridge.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This commit is contained in:
Paul Holzinger
2021-12-13 20:36:25 +01:00
parent 094e1d70de
commit ef325bc8c4
2 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/specgen/container_validate.go
View File

@ -189,5 +189,10 @@ func (s *SpecGenerator) Validate() error {
if err := validateNetNS(&s.NetNS); err != nil { if err := validateNetNS(&s.NetNS); err != nil {
return err return err
} }
if s.NetNS.NSMode != Bridge && len(s.Networks) > 0 {
// Note that we also get the ip and mac in the networks map
return errors.New("Networks and static ip/mac address can only be used with Bridge mode networking")
}
return nil return nil
} }

4
pkg/specgen/pod_validate.go
View File

@ -67,10 +67,8 @@ func (p *PodSpecGenerator) Validate() error {
if len(p.PortMappings) > 0 { if len(p.PortMappings) > 0 {
return errors.New("PortMappings can only be used with Bridge or slirp4netns networking") return errors.New("PortMappings can only be used with Bridge or slirp4netns networking")
} }
if len(p.Networks) > 0 {
return errors.New("Networks can only be used with Bridge mode networking")
}
} }
if p.NoManageResolvConf { if p.NoManageResolvConf {
if len(p.DNSServer) > 0 { if len(p.DNSServer) > 0 {
return exclusivePodOptions("NoManageResolvConf", "DNSServer") return exclusivePodOptions("NoManageResolvConf", "DNSServer")