Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

slirp4netns should honour the helper_binaries_dir config #18568

Closed
PhrozenByte opened this issue May 15, 2023 · 4 comments · Fixed by #18620
Closed

slirp4netns should honour the helper_binaries_dir config #18568

PhrozenByte opened this issue May 15, 2023 · 4 comments · Fixed by #18620
Assignees
Labels
Good First Issue This issue would be a good issue for a first time contributor to undertake. kind/feature Categorizes issue or PR as related to a new feature. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@PhrozenByte
Copy link
Contributor

PhrozenByte commented May 15, 2023

Feature request description

Podman's slirp4netns implementation currently uses a custom logic to find the slirp4netns binary. See

path := r.config.Engine.NetworkCmdPath
if path == "" {
var err error
path, err = exec.LookPath("slirp4netns")
if err != nil {
return fmt.Errorf("could not find slirp4netns, the network namespace can't be configured: %w", err)
}
}

For some time now Podman chose to rely on r.config.FindHelperBinary() to find helper binaries. This method uses the helper_binaries_dir config in storage.conf (or the purposely undocumented CONTAINERS_HELPER_BINARY_DIR env variable for testing) and falls back to $PATH otherwise.

slirp4netns instead uses the custom single-purpose CLI option --network-cmd-path with a fallback to $PATH. slirp4netns doesn't honour the helper_binaries_dir config right now. Setting a path for slirp4netns is unnecessary hard because of this; due to the CLI option's generic name and a false documentation it even caused some confusion in the past (see #18560 and #18569 to fix it).

Suggest potential solution

Unify how Podman finds helper binaries: Podman should use r.config.FindHelperBinary() to find the slirp4netns binary and deprecate the --network-cmd-path CLI option.

For backwards compatibility reasons we must keep the --network-cmd-path CLI option for now (it should take precedence for now), but deprecate it by adding a note to the podman(1) manpage. We should then consider removing the option with Podman's next major release.

Have you considered any alternatives?

Previous discussion and reasoning for this approach see #18560

Additional context

Also see #18569 for the docs fixes

Cc: @Luap99

@PhrozenByte PhrozenByte added the kind/feature Categorizes issue or PR as related to a new feature. label May 15, 2023
openshift-merge-robot pushed a commit that referenced this issue May 15, 2023
The `--network-cmd-path` CLI option only affects rootless networks using `slirp4netns(1)`, not `pasta(1)`.  Following #18568 Podman should rather use the more generic `r.config.FindHelperBinary()` method (and therefore honour the `helper_binaries_dir` config) to find the path to the `slirp4netns` binary and deprecate the misleading `--network-cmd-path` CLI option.  However, since this wasn't implemented yet we can't deprecate `--network-cmd-path` as of now.  Adding a note anyway.

Fixes #18560

Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
@rhatdan
Copy link
Member

rhatdan commented May 16, 2023

Interested in opening a PR?

@rhatdan rhatdan added the Good First Issue This issue would be a good issue for a first time contributor to undertake. label May 16, 2023
@PhrozenByte
Copy link
Contributor Author

Even though I'd love to learn Go, time's too limited for that, sorry 😒

@HirazawaUi
Copy link
Contributor

I want work for this, if you don't mind, i will finish this issue.
/assign

@rhatdan
Copy link
Member

rhatdan commented May 18, 2023

SGTM

HirazawaUi added a commit to HirazawaUi/podman that referenced this issue May 18, 2023
[NO NEW TESTS NEEDED]

Fixes: containers#18568

Signed-off-by: binghongtao <695097494plus@gmail.com>
HirazawaUi added a commit to HirazawaUi/podman that referenced this issue May 19, 2023
[NO NEW TESTS NEEDED]

Fixes: containers#18568
Signed-off-by: binghongtao <695097494plus@gmail.com>
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Aug 23, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Good First Issue This issue would be a good issue for a first time contributor to undertake. kind/feature Categorizes issue or PR as related to a new feature. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants