Eval symlinks on XDG_RUNTIME_DIR

Partial Fix for #14606 [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <[email protected]>
containers · Oct 28, 2022 · 71f0c9f · 71f0c9f
1 parent f218479
commit 71f0c9f
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 2 deletions.
diff --git a/cmd/podman/registry/config.go b/cmd/podman/registry/config.go
@@ -105,6 +105,10 @@ func setXdgDirs() error {
 	if _, found := os.LookupEnv("DBUS_SESSION_BUS_ADDRESS"); !found {
 		sessionAddr := filepath.Join(os.Getenv("XDG_RUNTIME_DIR"), "bus")
 		if _, err := os.Stat(sessionAddr); err == nil {
+			sessionAddr, err = filepath.EvalSymlinks(sessionAddr)
+			if err != nil {
+				return err
+			}
 			os.Setenv("DBUS_SESSION_BUS_ADDRESS", "unix:path="+sessionAddr)
 		}
 	}

diff --git a/libpod/reset.go b/libpod/reset.go
@@ -157,7 +157,13 @@ func (r *Runtime) reset(ctx context.Context) error {
 		}
 	}
 
-	xdgRuntimeDir := filepath.Clean(os.Getenv("XDG_RUNTIME_DIR"))
+	xdgRuntimeDir := os.Getenv("XDG_RUNTIME_DIR")
+	if xdgRuntimeDir != "" {
+		xdgRuntimeDir, err = filepath.EvalSymlinks(xdgRuntimeDir)
+		if err != nil {
+			return err
+		}
+	}
 	_, prevError := r.store.Shutdown(true)
 	graphRoot := filepath.Clean(r.store.GraphRoot())
 	if graphRoot == xdgRuntimeDir {

diff --git a/pkg/systemd/dbus.go b/pkg/systemd/dbus.go
@@ -129,7 +129,11 @@ func dbusAuthRootlessConnection(createBus func(opts ...godbus.ConnOption) (*godb
 func newRootlessConnection() (*dbus.Conn, error) {
 	return dbus.NewConnection(func() (*godbus.Conn, error) {
 		return dbusAuthRootlessConnection(func(opts ...godbus.ConnOption) (*godbus.Conn, error) {
-			path := filepath.Join(os.Getenv("XDG_RUNTIME_DIR"), "systemd/private")
+			path := filepath.Join(os.Getenv("XDG_RUNTIME_DIR"), "systemd", "private")
+			path, err := filepath.EvalSymlinks(path)
+			if err != nil {
+				return nil, err
+			}
 			return godbus.Dial(fmt.Sprintf("unix:path=%s", path))
 		})
 	})

diff --git a/pkg/util/utils_supported.go b/pkg/util/utils_supported.go
@@ -27,6 +27,12 @@ func GetRuntimeDir() (string, error) {
 
 	rootlessRuntimeDirOnce.Do(func() {
 		runtimeDir := os.Getenv("XDG_RUNTIME_DIR")
+
+		if runtimeDir != "" {
+			rootlessRuntimeDir, rootlessRuntimeDirError = filepath.EvalSymlinks(runtimeDir)
+			return
+		}
+
 		uid := fmt.Sprintf("%d", rootless.GetRootlessUID())
 		if runtimeDir == "" {
 			tmpDir := filepath.Join("/run", "user", uid)

diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats
@@ -776,4 +776,19 @@ EOF
     is "$output" ".*options ${dns_opt}" "--dns-option was added"
 }
 
+@test "podman rootless netns works when XDG_RUNTIME_DIR includes symlinks" {
+    # regression test for https://github.com/containers/podman/issues/14606
+    is_rootless || skip "only meaningful for rootless"
+
+    # Create a tmpdir symlink pointing to /run, and use it briefly
+    ln -s /run $PODMAN_TMPDIR/run
+    local tmp_run=$PODMAN_TMPDIR/run/user/$(id -u)
+    test -d $tmp_run || skip "/run/user/MYUID unavailable"
+
+    # This 'run' would previously fail with:
+    #    IPAM error: failed to open database ....
+    XDG_RUNTIME_DIR=$tmp_run run_podman run --network bridge --rm $IMAGE ip a
+    assert "$output" =~ "eth0"
+}
+
 # vim: filetype=sh