From 021b0f8cdc97d2625f7b8b35249e4db745dd998f Mon Sep 17 00:00:00 2001 From: Exil Date: Fri, 5 Jul 2024 19:43:45 +0200 Subject: [PATCH 1/3] Resolves #225 --- exegol/model/ContainerConfig.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exegol/model/ContainerConfig.py b/exegol/model/ContainerConfig.py index 58d9c494..baafdae8 100644 --- a/exegol/model/ContainerConfig.py +++ b/exegol/model/ContainerConfig.py @@ -1265,7 +1265,7 @@ def addRawVolume(self, volume_string): def addUserDevice(self, user_device_config: str): """Add a device from a user parameters""" - if EnvInfo.isDockerDesktop(): + if EnvInfo.isDockerDesktop() and user_device_config != "/dev/net/tun": logger.warning("Docker desktop (Windows & macOS) does not support USB device passthrough.") logger.verbose("Official doc: https://docs.docker.com/desktop/faqs/#can-i-pass-through-a-usb-device-to-a-container") logger.critical("Device configuration cannot be applied, aborting operation.") From 9f6e10f04e585060240108a340b03ea91492521e Mon Sep 17 00:00:00 2001 From: Dramelac Date: Mon, 8 Jul 2024 21:09:11 +0200 Subject: [PATCH 2/3] Adding device whitelist --- exegol/model/ContainerConfig.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exegol/model/ContainerConfig.py b/exegol/model/ContainerConfig.py index baafdae8..3eb07a95 100644 --- a/exegol/model/ContainerConfig.py +++ b/exegol/model/ContainerConfig.py @@ -38,6 +38,9 @@ class ContainerConfig: __static_gui_envs = {"_JAVA_AWT_WM_NONREPARENTING": "1", "QT_X11_NO_MITSHM": "1"} __default_desktop_port = {"http": 6080, "vnc": 5900} + # Whitelist device for Docker Desktop + __whitelist_dd_devices = ["/dev/net/tun"] + class ExegolFeatures(Enum): shell_logging = "org.exegol.feature.shell_logging" desktop = "org.exegol.feature.desktop" @@ -642,7 +645,7 @@ def __disableVPN(self) -> bool: self.__vpn_parameters = None self.__removeCapability("NET_ADMIN") self.__removeSysctl("net.ipv6.conf.all.disable_ipv6") - self.removeDevice("/dev/net/tun") + self.removeDevice("") # Try to remove each possible volume self.removeVolume(container_path="/.exegol/vpn/auth/creds.txt") self.removeVolume(container_path="/.exegol/vpn/config/client.ovpn") @@ -1265,7 +1268,7 @@ def addRawVolume(self, volume_string): def addUserDevice(self, user_device_config: str): """Add a device from a user parameters""" - if EnvInfo.isDockerDesktop() and user_device_config != "/dev/net/tun": + if EnvInfo.isDockerDesktop() and user_device_config not in self.__whitelist_dd_devices: logger.warning("Docker desktop (Windows & macOS) does not support USB device passthrough.") logger.verbose("Official doc: https://docs.docker.com/desktop/faqs/#can-i-pass-through-a-usb-device-to-a-container") logger.critical("Device configuration cannot be applied, aborting operation.") From 7d39d91d8eba4130d281ffdcb58da764f1dbc354 Mon Sep 17 00:00:00 2001 From: Dramelac Date: Mon, 8 Jul 2024 21:10:02 +0200 Subject: [PATCH 3/3] Rollback remove device --- exegol/model/ContainerConfig.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exegol/model/ContainerConfig.py b/exegol/model/ContainerConfig.py index 3eb07a95..9a2c672e 100644 --- a/exegol/model/ContainerConfig.py +++ b/exegol/model/ContainerConfig.py @@ -645,7 +645,7 @@ def __disableVPN(self) -> bool: self.__vpn_parameters = None self.__removeCapability("NET_ADMIN") self.__removeSysctl("net.ipv6.conf.all.disable_ipv6") - self.removeDevice("") + self.removeDevice("/dev/net/tun") # Try to remove each possible volume self.removeVolume(container_path="/.exegol/vpn/auth/creds.txt") self.removeVolume(container_path="/.exegol/vpn/config/client.ovpn")