diff --git a/go.mod b/go.mod index 3cf52fb031..92d1ffb3af 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/checkpoint-restore/go-criu/v7 v7.2.0 github.com/containernetworking/plugins v1.5.1 github.com/containers/buildah v1.38.1-0.20241119213149-52437ef15d33 - github.com/containers/common v0.61.1-0.20241202111335-2d4a9a65dd81 + github.com/containers/common v0.61.1-0.20241211190400-a56e85d51c4e github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.8.1 github.com/containers/image/v5 v5.33.0 diff --git a/go.sum b/go.sum index 97c191c404..9854df66d9 100644 --- a/go.sum +++ b/go.sum @@ -78,8 +78,8 @@ github.com/containernetworking/plugins v1.5.1 h1:T5ji+LPYjjgW0QM+KyrigZbLsZ8jaX+ github.com/containernetworking/plugins v1.5.1/go.mod h1:MIQfgMayGuHYs0XdNudf31cLLAC+i242hNm6KuDGqCM= github.com/containers/buildah v1.38.1-0.20241119213149-52437ef15d33 h1:Ih6KuyByK7ZGGzkS0M5rVBPLWIyeDvdL5klhsKBo8vA= github.com/containers/buildah v1.38.1-0.20241119213149-52437ef15d33/go.mod h1:RxIuKhwTpRl3ma4d4BF6QzSSeg9zNNvo/xhYJOKeDQs= -github.com/containers/common v0.61.1-0.20241202111335-2d4a9a65dd81 h1:Nw7YRDWv0ZO/AINzOeyR2KnJyfcIz1Ek3Ube/akl4U4= -github.com/containers/common v0.61.1-0.20241202111335-2d4a9a65dd81/go.mod h1:ySiyZ85+F3xk7kcQvaZo0Ii67Hma7T4JEeILEQPWEKY= +github.com/containers/common v0.61.1-0.20241211190400-a56e85d51c4e h1:zoIJUzkFYCsHcOnLVcfYKJxEVd/ukq9IxPgs6ZStvN8= +github.com/containers/common v0.61.1-0.20241211190400-a56e85d51c4e/go.mod h1:1fJz0VnMFWWgZ6V4UnKAhiKA+9EYg/fISQxsaXdAc/k= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/gvisor-tap-vsock v0.8.1 h1:88qkOjGMF9NmyoVG/orUw73mdwj3z4aOwEbRS01hF78= diff --git a/vendor/github.com/containers/common/libnetwork/netavark/config.go b/vendor/github.com/containers/common/libnetwork/netavark/config.go index 33ef26acf0..3305258b6c 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/config.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/config.go @@ -30,6 +30,9 @@ func sliceRemoveDuplicates(strList []string) []string { } func (n *netavarkNetwork) commitNetwork(network *types.Network) error { + if err := os.MkdirAll(n.networkConfigDir, 0o755); err != nil { + return nil + } confPath := filepath.Join(n.networkConfigDir, network.Name+".json") f, err := os.Create(confPath) if err != nil { diff --git a/vendor/github.com/containers/common/libnetwork/netavark/network.go b/vendor/github.com/containers/common/libnetwork/netavark/network.go index 6ec4a9d15b..985d0db2dd 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/network.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/network.go @@ -135,10 +135,6 @@ func NewNetworkInterface(conf *InitConfig) (types.ContainerNetwork, error) { return nil, fmt.Errorf("failed to parse default subnet: %w", err) } - if err := os.MkdirAll(conf.NetworkConfigDir, 0o755); err != nil { - return nil, err - } - if err := os.MkdirAll(conf.NetworkRunDir, 0o755); err != nil { return nil, err } @@ -187,6 +183,21 @@ func (n *netavarkNetwork) loadNetworks() error { // check the mod time of the config dir f, err := os.Stat(n.networkConfigDir) if err != nil { + // the directory may not exists which is fine. It will be created on the first network create + if errors.Is(err, os.ErrNotExist) { + // networks are already loaded + if n.networks != nil { + return nil + } + networks := make(map[string]*types.Network, 1) + networkInfo, err := n.createDefaultNetwork() + if err != nil { + return fmt.Errorf("failed to create default network %s: %w", n.defaultNetwork, err) + } + networks[n.defaultNetwork] = networkInfo + n.networks = networks + return nil + } return err } modTime := f.ModTime() diff --git a/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go b/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go index 2ee6369efe..33fbc35e6c 100644 --- a/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go +++ b/vendor/github.com/containers/common/libnetwork/pasta/pasta_linux.go @@ -110,13 +110,26 @@ func Setup(opts *SetupOptions) (*SetupResult, error) { return err } for _, addr := range addrs { - // make sure to skip localhost and other special addresses - if ipnet, ok := addr.(*net.IPNet); ok && ipnet.IP.IsGlobalUnicast() { - result.IPAddresses = append(result.IPAddresses, ipnet.IP) - if !ipv4 && util.IsIPv4(ipnet.IP) { + // make sure to skip loopback and multicast addresses + if ipnet, ok := addr.(*net.IPNet); ok && !ipnet.IP.IsLoopback() && !ipnet.IP.IsMulticast() { + if util.IsIPv4(ipnet.IP) { + result.IPAddresses = append(result.IPAddresses, ipnet.IP) ipv4 = true - } - if !ipv6 && util.IsIPv6(ipnet.IP) { + } else if !ipnet.IP.IsLinkLocalUnicast() { + // Else must be ipv6. + // We shouldn't resolve hosts.containers.internal to IPv6 + // link-local addresses, for two reasons: + // 1. even if IPv6 is disabled in pasta (--ipv4-only), the + // kernel will configure an IPv6 link-local address in the + // container, but that doesn't mean that IPv6 connectivity + // is actually working + // 2. link-local addresses need to be suffixed by the zone + // (interface) to be of any use, but we can't do it here + // + // Thus, don't include IPv6 link-local addresses in + // IPAddresses: Podman uses them for /etc/hosts entries, and + // those need to be functional. + result.IPAddresses = append(result.IPAddresses, ipnet.IP) ipv6 = true } } diff --git a/vendor/github.com/containers/common/pkg/ssh/connection_golang.go b/vendor/github.com/containers/common/pkg/ssh/connection_golang.go index c2b1265c31..0439354c4a 100644 --- a/vendor/github.com/containers/common/pkg/ssh/connection_golang.go +++ b/vendor/github.com/containers/common/pkg/ssh/connection_golang.go @@ -10,7 +10,6 @@ import ( "net/url" "os" "os/user" - "path" "path/filepath" "regexp" "strings" @@ -313,7 +312,7 @@ func ValidateAndConfigure(uri *url.URL, iden string, insecureIsMachineConnection if !errors.Is(err, os.ErrNotExist) { return nil, err } - keyDir := path.Dir(keyFilePath) + keyDir := filepath.Dir(keyFilePath) if err := fileutils.Exists(keyDir); errors.Is(err, os.ErrNotExist) { if err := os.Mkdir(keyDir, 0o700); err != nil { return nil, err diff --git a/vendor/modules.txt b/vendor/modules.txt index f2fba95b14..d2f8dad625 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -178,7 +178,7 @@ github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/pkg/volumes github.com/containers/buildah/util -# github.com/containers/common v0.61.1-0.20241202111335-2d4a9a65dd81 +# github.com/containers/common v0.61.1-0.20241211190400-a56e85d51c4e ## explicit; go 1.22.6 github.com/containers/common/internal github.com/containers/common/internal/attributedstring