From 26f176e2d9a90f5ee13c5aa5d014399aa49537fc Mon Sep 17 00:00:00 2001
From: Snir Sheriber <ssheribe@redhat.com>
Date: Tue, 5 Jan 2021 16:36:22 +0200
Subject: [PATCH] rustjail: allow network sysctls

The network ns is shared with the guest skip looking for it
in the spec

Fixes: #1228
Signed-off-by: Snir Sheriber <ssheribe@redhat.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
---
 src/agent/rustjail/src/validator.rs | 12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)

diff --git a/src/agent/rustjail/src/validator.rs b/src/agent/rustjail/src/validator.rs
index 0a88fbcec..554ec40e7 100644
--- a/src/agent/rustjail/src/validator.rs
+++ b/src/agent/rustjail/src/validator.rs
@@ -214,16 +214,8 @@ fn sysctl(oci: &Spec) -> Result<()> {
         }
 
         if key.starts_with("net.") {
-            if !contain_namespace(&linux.namespaces, "network") {
-                return Err(anyhow!(nix::Error::from_errno(Errno::EINVAL)));
-            }
-
-            let net = get_namespace_path(&linux.namespaces, "network")?;
-            if net.is_empty() || net == "".to_string() {
-                continue;
-            }
-
-            check_host_ns(net.as_str())?;
+            // the network ns is shared with the guest, don't expect to find it in spec
+            continue;
         }
 
         if contain_namespace(&linux.namespaces, "uts") {