mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
bcd996f4c3
Make sure to always explicitly set namespace for all kernel bound network operations irrespective of whether the operation is performed in init namespace or a user defined namespace. This already happens for user defined netns. But doesn't happen for initial netns that libnetwork runs in. Signed-off-by: Jana Radhakrishnan <mrjana@docker.com>
37 lines
792 B
Go
37 lines
792 B
Go
package osl
|
|
|
|
import (
|
|
"runtime"
|
|
"syscall"
|
|
"testing"
|
|
)
|
|
|
|
// SetupTestOSContext joins a new network namespace, and returns its associated
|
|
// teardown function.
|
|
//
|
|
// Example usage:
|
|
//
|
|
// defer SetupTestOSContext(t)()
|
|
//
|
|
func SetupTestOSContext(t *testing.T) func() {
|
|
runtime.LockOSThread()
|
|
if err := syscall.Unshare(syscall.CLONE_NEWNET); err != nil {
|
|
t.Fatalf("Failed to enter netns: %v", err)
|
|
}
|
|
|
|
fd, err := syscall.Open("/proc/self/ns/net", syscall.O_RDONLY, 0)
|
|
if err != nil {
|
|
t.Fatal("Failed to open netns file")
|
|
}
|
|
|
|
// Since we are switching to a new test namespace make
|
|
// sure to re-initialize initNs context
|
|
nsInit()
|
|
|
|
return func() {
|
|
if err := syscall.Close(fd); err != nil {
|
|
t.Logf("Warning: netns closing failed (%v)", err)
|
|
}
|
|
runtime.UnlockOSThread()
|
|
}
|
|
}
|