Skip to content

Commit

Permalink
Fix race conditions in rootless cni setup
Browse files Browse the repository at this point in the history
There was an race condition when calling `GetRootlessCNINetNs()`. It
created the rootless cni directory before it got locked. Therefore
another process could have called cleanup and removed this directory
before it was used resulting in errors. The lockfile got moved into the
XDG_RUNTIME_DIR directory to prevent a panic when the parent dir was
removed by cleanup.

Fixes containers#10930
Fixes containers#10922

To make this even more robust `GetRootlessCNINetNs()` will now return
locked. This guarantees that we can run `Do()` after `GetRootlessCNINetNs()`
before another process could have called `Cleanup()` in between.

[NO TESTS NEEDED] CI is flaking, hopefully this will fix it.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
  • Loading branch information
Luap99 committed Jul 15, 2021
1 parent 1568247 commit 0007c98
Show file tree
Hide file tree
Showing 2 changed files with 194 additions and 182 deletions.
Loading

0 comments on commit 0007c98

Please sign in to comment.