From da3edce4e6bb2686d3ae3092104fe1091740c340 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Wed, 24 Jul 2024 14:44:11 +0200 Subject: [PATCH 1/2] test/system: fix bridge host.containers.internal test The test assumes that if more than 1 ip on the host we should be able to set host.containers.internal. This however is not how the logic works in the code. What it actually does is to check all ips in the rootless-netns and then it knows that it cannot use any of these ips. This includes any podman bridge ips. You can reproduce the error when you have only one ipv4 on the host then run a container as root in the background and run the test: hack/bats --rootless 505:host.containers.internal So the failure here was that there was already a podman container running as root on the default bridge thus the test saw 2 ips but then the rootless run also uses the same subnet for its bridge and the code knew that ip would not work either. I could have made another special condition in test but the better way to work around it is to create a new network. A new network will make sure there are no conflicting subnets assigned so the test will pass. Signed-off-by: Paul Holzinger --- test/system/505-networking-pasta.bats | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/test/system/505-networking-pasta.bats b/test/system/505-networking-pasta.bats index 0f5da11636..9401563a1a 100644 --- a/test/system/505-networking-pasta.bats +++ b/test/system/505-networking-pasta.bats @@ -802,7 +802,10 @@ EOF pasta_ip="$(default_addr 4)" host_ips=$(ip -4 -j addr | jq -r '.[] | select(.ifname != "lo") | .addr_info[].local') - for network in "pasta" "bridge"; do + netname=n_$(safename) + run_podman network create $netname + + for network in "pasta" "$netname"; do # special exit code logic needed here, it is possible that there is no host.containers.internal # when there is only one ip one the host and that one is used by pasta. # As such we have to deal with both cases. @@ -819,6 +822,8 @@ EOF fi done + run_podman network rm $netname + first_host_ip=$(head -n 1 <<<"$host_ips") run_podman run --rm --network=pasta:-a,169.254.0.2,-g,169.254.0.1,-n,24 $IMAGE grep host.containers.internal /etc/hosts assert "$output" =~ "^$first_host_ip" "uses host first ip" From 2e20681f05414e543a0bd7522f0f350ec76d0645 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Wed, 24 Jul 2024 14:56:30 +0200 Subject: [PATCH 2/2] test/system: fix borken pasta interface name checks The tests didn't check anything actually because default_ifname requires an ip version argument to work. Thus pasta_iface was empty, add new checks to prevent this kind of error again. Signed-off-by: Paul Holzinger --- test/system/250-systemd.bats | 3 ++- test/system/505-networking-pasta.bats | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/test/system/250-systemd.bats b/test/system/250-systemd.bats index 9521954f7d..677b07243a 100644 --- a/test/system/250-systemd.bats +++ b/test/system/250-systemd.bats @@ -319,7 +319,8 @@ LISTEN_FDNAMES=listen_fdnames" | sort) # stop systemd container service_cleanup - pasta_iface=$(default_ifname) + pasta_iface=$(default_ifname 4) + assert "$pasta_iface" != "" "pasta_iface is set" # now check that the rootless netns slirp4netns process is still alive and working run_podman unshare --rootless-netns ip addr diff --git a/test/system/505-networking-pasta.bats b/test/system/505-networking-pasta.bats index 9401563a1a..8aced2020d 100644 --- a/test/system/505-networking-pasta.bats +++ b/test/system/505-networking-pasta.bats @@ -784,7 +784,8 @@ EOF @test "Podman unshare --rootless-netns with Pasta" { skip_if_remote "unshare is local-only" - pasta_iface=$(default_ifname) + pasta_iface=$(default_ifname 4) + assert "$pasta_iface" != "" "pasta_iface is set" # First let's force a setup error by making pasta be "false". ln -s /usr/bin/false $PODMAN_TMPDIR/pasta