github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-07-02 02:02:24 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1139 from lifupan/skip_networkcheck

Browse Source 
rustjail: remove the network ns validation against container
This commit is contained in:
Bin Liu 2020-11-25 15:03:18 +08:00 committed by GitHub
commit 8d19b8e013
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/agent/rustjail/src/validator.rs
View File

@ -188,19 +188,6 @@ fn sysctl(oci: &Spec) -> Result<()> {
}
}
if key.starts_with("net.") {
if !contain_namespace(&linux.namespaces, "network") {
return Err(anyhow!(nix::Error::from_errno(Errno::EINVAL)));
}
let net = get_namespace_path(&linux.namespaces, "network")?;
if net.is_empty() || net == "" {
continue;
}
check_host_ns(net.as_str())?;
}
if contain_namespace(&linux.namespaces, "uts") {
if key == "kernel.domainname" {
continue;