src/lxc/lxc_conf.h | 1 - src/lxc/lxc_driver.c | 36 ------------------------------------ 2 files changed, 37 deletions(-)
Since iproute2 v6.12.0, the command "ip link set lo netns -1" can
no longer be used to check for netns support, as it now validates
PIDs are not less than zero.
Since every kernel we care about has the support, just remove the
check.
Signed-off-by: Leigh Brown <leigh@solinno.co.uk>
---
src/lxc/lxc_conf.h | 1 -
src/lxc/lxc_driver.c | 36 ------------------------------------
2 files changed, 37 deletions(-)
diff --git a/src/lxc/lxc_conf.h b/src/lxc/lxc_conf.h
index c0967ac63b..a639e3989f 100644
--- a/src/lxc/lxc_conf.h
+++ b/src/lxc/lxc_conf.h
@@ -49,7 +49,6 @@ struct _virLXCDriverConfig {
char *stateDir;
char *logDir;
bool log_libvirtd;
- int have_netns;
char *securityDriverName;
bool securityDefaultConfined;
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index d682e7168a..2488940feb 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -422,12 +422,6 @@ lxcDomainDefineXMLFlags(virConnectPtr conn, const char *xml, unsigned int flags)
if (virSecurityManagerVerify(driver->securityManager, def) < 0)
goto cleanup;
- if ((def->nets != NULL) && !(cfg->have_netns)) {
- virReportError(VIR_ERR_OPERATION_INVALID,
- "%s", _("System lacks NETNS support"));
- goto cleanup;
- }
-
if (!(vm = virDomainObjListAdd(driver->domains, &def,
driver->xmlopt,
0, &oldDef)))
@@ -974,12 +968,6 @@ static int lxcDomainCreateWithFiles(virDomainPtr dom,
if (virDomainCreateWithFilesEnsureACL(dom->conn, vm->def) < 0)
goto cleanup;
- if ((vm->def->nets != NULL) && !(cfg->have_netns)) {
- virReportError(VIR_ERR_OPERATION_INVALID,
- "%s", _("System lacks NETNS support"));
- goto cleanup;
- }
-
if (virDomainObjBeginJob(vm, VIR_JOB_MODIFY) < 0)
goto cleanup;
@@ -1088,13 +1076,6 @@ lxcDomainCreateXMLWithFiles(virConnectPtr conn,
if (virSecurityManagerVerify(driver->securityManager, def) < 0)
goto cleanup;
- if ((def->nets != NULL) && !(cfg->have_netns)) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- "%s", _("System lacks NETNS support"));
- goto cleanup;
- }
-
-
if (!(vm = virDomainObjListAdd(driver->domains, &def,
driver->xmlopt,
VIR_DOMAIN_OBJ_LIST_ADD_LIVE |
@@ -1386,22 +1367,6 @@ lxcDomainDestroy(virDomainPtr dom)
return lxcDomainDestroyFlags(dom, 0);
}
-static int lxcCheckNetNsSupport(void)
-{
- g_autoptr(virCommand) cmd = virCommandNewArgList("ip", "link", "set", "lo",
- "netns", "-1", NULL);
- int ip_rc;
-
- if (virCommandRun(cmd, &ip_rc) < 0 || ip_rc == 255)
- return 0;
-
- if (virProcessNamespaceAvailable(VIR_PROCESS_NAMESPACE_NET) < 0)
- return 0;
-
- return 1;
-}
-
-
static virSecurityManager *
lxcSecurityInit(virLXCDriverConfig *cfg)
{
@@ -1481,7 +1446,6 @@ lxcStateInitialize(bool privileged,
goto cleanup;
cfg->log_libvirtd = false; /* by default log to container logfile */
- cfg->have_netns = lxcCheckNetNsSupport();
/* Call function to load lxc driver configuration information */
if (virLXCLoadDriverConfig(cfg, SYSCONFDIR "/libvirt/lxc.conf") < 0)
--
2.39.5On Tue, Dec 03, 2024 at 04:02:08PM +0000, Leigh Brown wrote: > Since iproute2 v6.12.0, the command "ip link set lo netns -1" can > no longer be used to check for netns support, as it now validates > PIDs are not less than zero. > > Since every kernel we care about has the support, just remove the > check. > > Signed-off-by: Leigh Brown <leigh@solinno.co.uk> > --- > src/lxc/lxc_conf.h | 1 - > src/lxc/lxc_driver.c | 36 ------------------------------------ > 2 files changed, 37 deletions(-) Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Thanks for taking the time to contribute the patch after our discussion on irc ! With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
© 2016 - 2024 Red Hat, Inc.