pkg/ocicni: Use 'ifconfig -j' to access jail network state

The use of 'jexec' for this requires a compatible ifconfig binary inside the jail which owns the network state and using 'ifconfig -j' lets us merge the jail which owns the pod network with the infra container. This also fixes some parsing bugs in getContainerDetails which were not noticed before since most of the time we get the information from cni's CheckNetworkList. Signed-off-by: Doug Rabson <[email protected]>
cri-o · Dec 11, 2023 · 27b0f04 · 27b0f04
1 parent eb13a3b
commit 27b0f04
Showing 1 changed file with 11 additions and 11 deletions.
diff --git a/pkg/ocicni/util_freebsd.go b/pkg/ocicni/util_freebsd.go
@@ -10,23 +10,24 @@ import (
 	"strings"
 )
 
-var defaultJexecCommandName = "jexec"
-
 type nsManager struct {
-	jexecPath string
 }
 
 func (nsm *nsManager) init() error {
 	var err error
-	nsm.jexecPath, err = exec.LookPath(defaultJexecCommandName)
 	return err
 }
 
 func getContainerDetails(nsm *nsManager, netnsJailName, interfaceName, addrType string) (*net.IPNet, *net.HardwareAddr, error) {
 	// Try to retrieve ip inside container network namespace
+	if addrType == "-4" {
+		addrType = "inet"
+	} else {
+		addrType = "inet6"
+	}
 	output, err := exec.Command(
-		nsm.jexecPath, netnsJailName,
-		"ifconfig", "-f", "inet:cidr,inet6:cidr",
+		"ifconfig", "-j", netnsJailName,
+		"-f", "inet:cidr,inet6:cidr",
 		interfaceName,
 		addrType).CombinedOutput()
 	if err != nil {
@@ -38,7 +39,7 @@ func getContainerDetails(nsm *nsManager, netnsJailName, interfaceName, addrType
 		return nil, nil, fmt.Errorf("Unexpected command output %s", output)
 	}
 	fields := strings.Fields(strings.TrimSpace(lines[2]))
-	if len(fields) < 4 {
+	if len(fields) < 2 {
 		return nil, nil, fmt.Errorf("Unexpected address output %s ", lines[0])
 	}
 	ip, ipNet, err := net.ParseCIDR(fields[1])
@@ -53,8 +54,7 @@ func getContainerDetails(nsm *nsManager, netnsJailName, interfaceName, addrType
 
 	// Try to retrieve MAC inside container network namespace
 	output, err = exec.Command(
-		nsm.jexecPath, netnsJailName,
-		"ifconfig", "-f", "inet:cidr,inet6:cidr",
+		"ifconfig", "-j", netnsJailName, "-f", "inet:cidr,inet6:cidr",
 		interfaceName,
 		"ether").CombinedOutput()
 	if err != nil {
@@ -65,7 +65,7 @@ func getContainerDetails(nsm *nsManager, netnsJailName, interfaceName, addrType
 	if len(lines) < 3 {
 		return nil, nil, fmt.Errorf("unexpected ifconfig command output %s", output)
 	}
-	fields = strings.Fields(strings.TrimSpace(lines[1]))
+	fields = strings.Fields(strings.TrimSpace(lines[2]))
 	if len(fields) < 2 {
 		return nil, nil, fmt.Errorf("unexpected ether output %s ", lines[0])
 	}
@@ -78,7 +78,7 @@ func getContainerDetails(nsm *nsManager, netnsJailName, interfaceName, addrType
 }
 
 func bringUpLoopback(netns string) error {
-	if err := exec.Command("jexec", netns, "ifconfig", "lo0", "inet", "127.0.0.1").Run(); err != nil {
+	if err := exec.Command("ifconfig", "-j", netns, "lo0", "inet", "127.0.0.1").Run(); err != nil {
 		return fmt.Errorf("failed to initialize loopback: %w", err)
 	}
 	return nil