From 4ddc4e79d73eea56929ed522f7d7fce6285a41d4 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 31 Jan 2022 09:58:15 -0500 Subject: [PATCH 1/2] Only change network fields if they were actually changed by the user Fixes: https://github.com/containers/podman/issues/13065 Signed-off-by: Daniel J Walsh --- cmd/podman/common/netflags.go | 110 ++++++++++++++++++-------------- test/system/500-networking.bats | 21 ++++++ 2 files changed, 82 insertions(+), 49 deletions(-) diff --git a/cmd/podman/common/netflags.go b/cmd/podman/common/netflags.go index 255996ac3c..cfe4956b00 100644 --- a/cmd/podman/common/netflags.go +++ b/cmd/podman/common/netflags.go @@ -103,74 +103,86 @@ func NetFlagsToNetOptions(opts *entities.NetOptions, flags pflag.FlagSet) (*enti opts = &entities.NetOptions{} } - opts.AddHosts, err = flags.GetStringSlice("add-host") - if err != nil { - return nil, err - } - // Verify the additional hosts are in correct format - for _, host := range opts.AddHosts { - if _, err := parse.ValidateExtraHost(host); err != nil { + if flags.Changed("add-hosts") { + opts.AddHosts, err = flags.GetStringSlice("add-host") + if err != nil { return nil, err } + // Verify the additional hosts are in correct format + for _, host := range opts.AddHosts { + if _, err := parse.ValidateExtraHost(host); err != nil { + return nil, err + } + } } - servers, err := flags.GetStringSlice("dns") - if err != nil { - return nil, err - } - for _, d := range servers { - if d == "none" { - opts.UseImageResolvConf = true - if len(servers) > 1 { - return nil, errors.Errorf("%s is not allowed to be specified with other DNS ip addresses", d) - } - break + if flags.Changed("dns") { + servers, err := flags.GetStringSlice("dns") + if err != nil { + return nil, err } - dns := net.ParseIP(d) - if dns == nil { - return nil, errors.Errorf("%s is not an ip address", d) + for _, d := range servers { + if d == "none" { + opts.UseImageResolvConf = true + if len(servers) > 1 { + return nil, errors.Errorf("%s is not allowed to be specified with other DNS ip addresses", d) + } + break + } + dns := net.ParseIP(d) + if dns == nil { + return nil, errors.Errorf("%s is not an ip address", d) + } + opts.DNSServers = append(opts.DNSServers, dns) } - opts.DNSServers = append(opts.DNSServers, dns) } - options, err := flags.GetStringSlice("dns-opt") - if err != nil { - return nil, err + if flags.Changed("dns-opt") { + options, err := flags.GetStringSlice("dns-opt") + if err != nil { + return nil, err + } + opts.DNSOptions = options } - opts.DNSOptions = options - dnsSearches, err := flags.GetStringSlice("dns-search") - if err != nil { - return nil, err - } - // Validate domains are good - for _, dom := range dnsSearches { - if dom == "." { - if len(dnsSearches) > 1 { - return nil, errors.Errorf("cannot pass additional search domains when also specifying '.'") - } - continue - } - if _, err := parse.ValidateDomain(dom); err != nil { + if flags.Changed("dns-search") { + dnsSearches, err := flags.GetStringSlice("dns-search") + if err != nil { return nil, err } + // Validate domains are good + for _, dom := range dnsSearches { + if dom == "." { + if len(dnsSearches) > 1 { + return nil, errors.Errorf("cannot pass additional search domains when also specifying '.'") + } + continue + } + if _, err := parse.ValidateDomain(dom); err != nil { + return nil, err + } + } + opts.DNSSearch = dnsSearches } - opts.DNSSearch = dnsSearches - inputPorts, err := flags.GetStringSlice("publish") - if err != nil { - return nil, err - } - if len(inputPorts) > 0 { - opts.PublishPorts, err = specgenutil.CreatePortBindings(inputPorts) + if flags.Changed("publish") { + inputPorts, err := flags.GetStringSlice("publish") if err != nil { return nil, err } + if len(inputPorts) > 0 { + opts.PublishPorts, err = specgenutil.CreatePortBindings(inputPorts) + if err != nil { + return nil, err + } + } } - opts.NoHosts, err = flags.GetBool("no-hosts") - if err != nil { - return nil, err + if flags.Changed("no-host") { + opts.NoHosts, err = flags.GetBool("no-hosts") + if err != nil { + return nil, err + } } // parse the network only when network was changed diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats index 5a721c9651..9f70c1c6ca 100644 --- a/test/system/500-networking.bats +++ b/test/system/500-networking.bats @@ -589,4 +589,25 @@ load helpers run_podman network rm -t 0 -f $netname } +@test "podman run CONTAINERS_CONF dns options" { + skip_if_remote "CONTAINERS_CONF redirect does not work on remote" + # Test on the CLI and via containers.conf + containersconf=$PODMAN_TMPDIR/containers.conf + + searchIP="100.100.100.100" + cat >$containersconf < Date: Tue, 1 Feb 2022 15:58:27 -0500 Subject: [PATCH 2/2] Move each search dns to its own line Alpine does not seem to use search correctly when there are multiple search domains on the same line. It only uses the first with the advent. When podman runs within a separate network we are appending on dns.podman as a search, if you add a search domain, then this causes the local search on network to fail. Signed-off-by: Daniel J Walsh --- cmd/podman/common/netflags.go | 10 ++++------ pkg/resolvconf/resolvconf.go | 8 +++----- test/system/500-networking.bats | 7 ++++++- 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/cmd/podman/common/netflags.go b/cmd/podman/common/netflags.go index cfe4956b00..9dfe81d626 100644 --- a/cmd/podman/common/netflags.go +++ b/cmd/podman/common/netflags.go @@ -103,7 +103,7 @@ func NetFlagsToNetOptions(opts *entities.NetOptions, flags pflag.FlagSet) (*enti opts = &entities.NetOptions{} } - if flags.Changed("add-hosts") { + if flags.Changed("add-host") { opts.AddHosts, err = flags.GetStringSlice("add-host") if err != nil { return nil, err @@ -178,11 +178,9 @@ func NetFlagsToNetOptions(opts *entities.NetOptions, flags pflag.FlagSet) (*enti } } - if flags.Changed("no-host") { - opts.NoHosts, err = flags.GetBool("no-hosts") - if err != nil { - return nil, err - } + opts.NoHosts, err = flags.GetBool("no-hosts") + if err != nil { + return nil, err } // parse the network only when network was changed diff --git a/pkg/resolvconf/resolvconf.go b/pkg/resolvconf/resolvconf.go index f23cd61b07..d7505e049a 100644 --- a/pkg/resolvconf/resolvconf.go +++ b/pkg/resolvconf/resolvconf.go @@ -221,11 +221,9 @@ func GetOptions(resolvConf []byte) []string { // dnsSearch, and an "options" entry for every element in dnsOptions. func Build(path string, dns, dnsSearch, dnsOptions []string) (*File, error) { content := bytes.NewBuffer(nil) - if len(dnsSearch) > 0 { - if searchString := strings.Join(dnsSearch, " "); strings.Trim(searchString, " ") != "." { - if _, err := content.WriteString("search " + searchString + "\n"); err != nil { - return nil, err - } + for _, search := range dnsSearch { + if _, err := content.WriteString("search " + search + "\n"); err != nil { + return nil, err } } for _, dns := range dns { diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats index 9f70c1c6ca..e54b8d26a6 100644 --- a/test/system/500-networking.bats +++ b/test/system/500-networking.bats @@ -597,7 +597,7 @@ load helpers searchIP="100.100.100.100" cat >$containersconf <