search

rootless-containers / slirp4netns

User-mode networking for unprivileged network namespaces
GNU General Public License v2.0
737 stars 82 forks source link

`--enable-sandbox` is not compatible with `--userns-path=... --netns-type=path` #317

Open AkihiroSuda opened 1 year ago

AkihiroSuda commented 1 year ago 
$ slirp4netns --enable-sandbox --userns-path=/proc/98616/ns/user --netns-type=path /proc/98616/ns/net tap0
sent tapfd=5 for tap0
received tapfd=5
Starting slirp
* MTU:             1500
* Network:         10.0.2.0
* Netmask:         255.255.255.0
* Gateway:         10.0.2.2
* DNS:             10.0.2.3
* DHCP begin:      10.0.2.15
* DHCP end:        10.0.2.30
* Recommended IP:  10.0.2.100
WARNING: 127.0.0.1:* on the host is accessible as 10.0.2.2 (set --disable-host-loopback to prohibit connecting to 127.0.0.1:*)
setegid(0)
parent failed

slirp4netns: v1.2.0

igo95862 commented 1 year ago

Confirmed.

Interesting is that it does work if --userns-path is set to /proc/self/ns/user.