From 97ec57da5b8f9b08755afdca46be268c3c2eb2bf Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Mon, 17 Apr 2023 11:28:16 +0200 Subject: [PATCH] libpod: configureNetNS() tear down on errors Make sure to tear down the netns again on errors. This is needed when a later call fails and we do not have already stored the netns in the container state. [NO NEW TESTS NEEDED] My ginkgo-v2 PR will catch problem like this once merged. Fixes #18205 Signed-off-by: Paul Holzinger --- libpod/networking_linux.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go index 89eb6bbb08..13befa0b37 100644 --- a/libpod/networking_linux.go +++ b/libpod/networking_linux.go @@ -592,6 +592,14 @@ func (r *Runtime) configureNetNS(ctr *Container, ctrNS string) (status map[strin if err != nil { return nil, err } + defer func() { + // do not forget to tear down the netns when a later error happened. + if rerr != nil { + if err := r.teardownNetworkBackend(ctrNS, netOpts); err != nil { + logrus.Warnf("failed to teardown network after failed setup: %v", err) + } + } + }() // set up rootless port forwarder when rootless with ports and the network status is empty, // if this is called from network reload the network status will not be empty and we should