fix: start runc with network and mount namespaces

steadybit · Jan 10, 2025 · 9709b41 · 9709b41
1 parent 1bff653
commit 9709b41
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/go/action_kit_commons/runc/runc.go b/go/action_kit_commons/runc/runc.go
@@ -283,7 +283,9 @@ func (r *defaultRunc) createSpec(ctx context.Context, bundle string) error {
 }
 
 func (r *defaultRunc) command(ctx context.Context, args ...string) *exec.Cmd {
-	nsenterArgs := []string{"-t", "1", "-C", "--", "runc"}
+	// Enter network and mount namespaces as well, as the network could be a named network namespace
+	// which are located in /var/run/netns and otherwise not accessible.
+	nsenterArgs := []string{"-t", "1", "-C", "-n", "-m", "--", "runc"}
 	nsenterArgs = append(nsenterArgs, r.defaultArgs()...)
 	nsenterArgs = append(nsenterArgs, args...)
 	return RootCommandContext(ctx, "nsenter", nsenterArgs...)

diff --git a/go/action_kit_commons/runc/utils.go b/go/action_kit_commons/runc/utils.go
@@ -463,7 +463,7 @@ func NamespacesExists(ctx context.Context, namespaces []LinuxNamespace, nsType .
 
 		RefreshNamespace(ctx, &ns)
 
-		if _, err := os.Lstat(ns.Path); err != nil && os.IsNotExist(err) {
+		if _, err := executeReadInodes(ctx, ns.Path); err != nil && os.IsNotExist(err) {
 			return fmt.Errorf("namespace %s doesn't exist: %w", ns.Path, err)
 		}
 	}