diff --git a/go.mod b/go.mod index 80639a7fec..462ccd228e 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/containernetworking/cni v1.1.2 github.com/containernetworking/plugins v1.1.1 github.com/containers/buildah v1.28.1-0.20221221082547-8403b6ebc13d - github.com/containers/common v0.50.2-0.20230105152832-f9a666692763 + github.com/containers/common v0.50.2-0.20230105184634-df156f4ee73f github.com/containers/conmon v2.0.20+incompatible github.com/containers/image/v5 v5.23.1-0.20230104183125-aaf0985b36f9 github.com/containers/ocicrypt v1.1.6 diff --git a/go.sum b/go.sum index bf0e95bd07..4675d1a5e2 100644 --- a/go.sum +++ b/go.sum @@ -264,8 +264,8 @@ github.com/containernetworking/plugins v1.1.1 h1:+AGfFigZ5TiQH00vhR8qPeSatj53eNG github.com/containernetworking/plugins v1.1.1/go.mod h1:Sr5TH/eBsGLXK/h71HeLfX19sZPp3ry5uHSkI4LPxV8= github.com/containers/buildah v1.28.1-0.20221221082547-8403b6ebc13d h1:OyqOrN7QTtA7g5ZgQkV5lChAn5cVQB0dnVqjNd93DuQ= github.com/containers/buildah v1.28.1-0.20221221082547-8403b6ebc13d/go.mod h1:PAftqTiRApPwzIaY42fDm/FRqOuLgd+ZZtVzIu3/eco= -github.com/containers/common v0.50.2-0.20230105152832-f9a666692763 h1:RUnkEbi8hJhXbwcVf0K9yig7EOj2A3nquqttG5u/z2U= -github.com/containers/common v0.50.2-0.20230105152832-f9a666692763/go.mod h1:4SjEcf0XvGNoVtwx2KxTXgatrN6l7O72dO1q09r0ekw= +github.com/containers/common v0.50.2-0.20230105184634-df156f4ee73f h1:/HyPALd1B+sORjKAupvBdTqxzzksCvc/DDX3XII2KbU= +github.com/containers/common v0.50.2-0.20230105184634-df156f4ee73f/go.mod h1:4SjEcf0XvGNoVtwx2KxTXgatrN6l7O72dO1q09r0ekw= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/image/v5 v5.23.1-0.20230104183125-aaf0985b36f9 h1:iLiH5/Tt8uFf+pmbxAc5WtLnjfUeLDlWWDy8VN5Fjm4= diff --git a/test/e2e/network_test.go b/test/e2e/network_test.go index a8b3e37026..643ec835f8 100644 --- a/test/e2e/network_test.go +++ b/test/e2e/network_test.go @@ -48,14 +48,6 @@ var _ = Describe("Podman network", func() { Expect(session).Should(Exit(0)) // default network always exists Expect(session.OutputToStringArray()).To(HaveLen(1)) - - // check that the only file in the directory is the network lockfile - dir, err := os.Open(netDir) - Expect(err).ToNot(HaveOccurred()) - names, err := dir.Readdirnames(5) - Expect(err).ToNot(HaveOccurred()) - Expect(names).To(HaveLen(1)) - Expect(names[0]).To(Or(Equal("netavark.lock"), Equal("cni.lock"))) }) It("podman network list", func() { diff --git a/vendor/github.com/containers/common/libnetwork/cni/network.go b/vendor/github.com/containers/common/libnetwork/cni/network.go index 38ead2ddf8..ad0f10166a 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/network.go +++ b/vendor/github.com/containers/common/libnetwork/cni/network.go @@ -18,10 +18,12 @@ import ( "github.com/containers/common/libnetwork/types" "github.com/containers/common/pkg/config" "github.com/containers/storage/pkg/lockfile" + "github.com/containers/storage/pkg/unshare" "github.com/sirupsen/logrus" - "golang.org/x/sys/unix" ) +const defaultRootLockPath = "/run/lock/podman-cni.lock" + type cniNetwork struct { // cniConfigDir is directory where the cni config files are stored. cniConfigDir string @@ -81,19 +83,15 @@ type InitConfig struct { // NewCNINetworkInterface creates the ContainerNetwork interface for the CNI backend. // Note: The networks are not loaded from disk until a method is called. func NewCNINetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) { - // TODO: consider using a shared memory lock - lock, err := lockfile.GetLockFile(filepath.Join(conf.CNIConfigDir, "cni.lock")) + // root needs to use a globally unique lock because there is only one host netns + lockPath := defaultRootLockPath + if unshare.IsRootless() { + lockPath = filepath.Join(conf.CNIConfigDir, "cni.lock") + } + + lock, err := lockfile.GetLockFile(lockPath) if err != nil { - // If we're on a read-only filesystem, there is no risk of - // contention. Fall back to a local lockfile. - if errors.Is(err, unix.EROFS) { - lock, err = lockfile.GetLockFile(filepath.Join(conf.RunDir, "cni.lock")) - if err != nil { - return nil, err - } - } else { - return nil, err - } + return nil, err } defaultNetworkName := conf.DefaultNetwork diff --git a/vendor/github.com/containers/common/libnetwork/netavark/const.go b/vendor/github.com/containers/common/libnetwork/netavark/const.go index b375acd1be..70c50b1a80 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/const.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/const.go @@ -4,3 +4,5 @@ package netavark const defaultBridgeName = "podman" + +const defaultRootLockPath = "/run/lock/netavark.lock" diff --git a/vendor/github.com/containers/common/libnetwork/netavark/network.go b/vendor/github.com/containers/common/libnetwork/netavark/network.go index b14f4d0fd6..ca57df3000 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/network.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/network.go @@ -94,8 +94,13 @@ type InitConfig struct { // NewNetworkInterface creates the ContainerNetwork interface for the netavark backend. // Note: The networks are not loaded from disk until a method is called. func NewNetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) { - // TODO: consider using a shared memory lock - lock, err := lockfile.GetLockFile(filepath.Join(conf.NetworkConfigDir, "netavark.lock")) + // root needs to use a globally unique lock because there is only one host netns + lockPath := defaultRootLockPath + if unshare.IsRootless() { + lockPath = filepath.Join(conf.NetworkConfigDir, "netavark.lock") + } + + lock, err := lockfile.GetLockFile(lockPath) if err != nil { return nil, err } diff --git a/vendor/modules.txt b/vendor/modules.txt index 82be242f12..2f9550fb90 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -118,7 +118,7 @@ github.com/containers/buildah/pkg/rusage github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/util -# github.com/containers/common v0.50.2-0.20230105152832-f9a666692763 +# github.com/containers/common v0.50.2-0.20230105184634-df156f4ee73f ## explicit; go 1.17 github.com/containers/common/libimage github.com/containers/common/libimage/define