Merge pull request #1139 from lifupan/skip_networkcheck

rustjail: remove the network ns validation against container
2026-02-23 15:34:28 +01:00 · 2020-11-25 15:03:18 +08:00
parent a853e8eaca 3b08376c4e
commit 8d19b8e013
1 changed files with 0 additions and 13 deletions
--- a/src/agent/rustjail/src/validator.rs
+++ b/src/agent/rustjail/src/validator.rs
@@ -188,19 +188,6 @@ fn sysctl(oci: &Spec) -> Result<()> {
            }
        }

-        if key.starts_with("net.") {
-            if !contain_namespace(&linux.namespaces, "network") {
-                return Err(anyhow!(nix::Error::from_errno(Errno::EINVAL)));
-            }
-
-            let net = get_namespace_path(&linux.namespaces, "network")?;
-            if net.is_empty() || net == "" {
-                continue;
-            }
-
-            check_host_ns(net.as_str())?;
-        }
-
        if contain_namespace(&linux.namespaces, "uts") {
            if key == "kernel.domainname" {
                continue;