From 894fa42a57fdc35dc6bc032da0519412ee11c60b Mon Sep 17 00:00:00 2001
From: Snir Sheriber <ssheribe@redhat.com>
Date: Tue, 5 Jan 2021 16:36:22 +0200
Subject: [PATCH] rustjail: allow network sysctls

The network ns is shared with the guest skip looking for it
in the spec

Fixes: #1228
Signed-off-by: Snir Sheriber <ssheribe@redhat.com>
---
 src/agent/rustjail/src/validator.rs | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/agent/rustjail/src/validator.rs b/src/agent/rustjail/src/validator.rs
index 86e04830d..53e05a45b 100644
--- a/src/agent/rustjail/src/validator.rs
+++ b/src/agent/rustjail/src/validator.rs
@@ -207,6 +207,11 @@ fn sysctl(oci: &Spec) -> Result<()> {
             }
         }
 
+        if key.starts_with("net.") {
+            // the network ns is shared with the guest, don't expect to find it in spec
+            continue;
+        }
+
         if contain_namespace(&linux.namespaces, "uts") {
             if key == "kernel.domainname" {
                 continue;