Do not lock network if running in the host network namespace

Related: https://github.com/checkpoint-restore/criu/issues/577 Restoring a runc container which is running in the host's network namespace locked the network (iptables-restore) without unlocking it. This disables network logging if running in the host's network namespace. Suggested-by: Andrei Vagin <avagin@gmail.com> Signed-off-by: Adrian Reber <areber@redhat.com> Signed-off-by: Andrei Vagin <avagin@gmail.com>

Do not lock network if running in the host network namespace
Related: https://github.com/checkpoint-restore/criu/issues/577 Restoring a runc container which is running in the host's network namespace locked the network (iptables-restore) without unlocking it. This disables network logging if running in the host's network namespace. Suggested-by: Andrei Vagin <avagin@gmail.com> Signed-off-by: Adrian Reber <areber@redhat.com> Signed-off-by: Andrei Vagin <avagin@gmail.com>
df107d63 · Adrian Reber · Andrei Vagin · b71727bc · df107d63
Commit df107d63 authored Nov 29, 2018 by Adrian Reber Committed by Andrei Vagin Apr 21, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

cr-restore.c criu/cr-restore.c +1 -1

No files found.
--- a/criu/cr-restore.c
+++ b/criu/cr-restore.c
@@ -2134,7 +2134,7 @@ static int restore_root_task(struct pstree_item *init)
 			goto out_kill;
 	}

-	if (opts.empty_ns & CLONE_NEWNET) {
+	if (root_ns_mask & opts.empty_ns & CLONE_NEWNET) {
 		/*
 		 * Local TCP connections were locked by network_lock_internal()
 		 * on dump and normally should have been C/R-ed by respectively