From fce4e0b5b25479633aceb7396db966665639a4b0 Mon Sep 17 00:00:00 2001
From: Paul Holzinger <paul.holzinger@web.de>
Date: Tue, 11 May 2021 18:41:36 +0200
Subject: [PATCH] fix restart always with slirp4netns

When a container is automatically restarted due its restart policy and
the container used the slirp4netns netmode, the slirp4netns process
died. This caused the container to lose network connectivity.

To fix this we have to start a new slirp4netns process.

Fixes #8047

Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
---
 libpod/container_internal.go    |  8 +++++++
 test/system/500-networking.bats | 40 +++++++++++++++++++++++++++++++++
 2 files changed, 48 insertions(+)

diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 051fe4b9ee46..53b85a466e6b 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -283,6 +283,14 @@ func (c *Container) handleRestartPolicy(ctx context.Context) (_ bool, retErr err
 		return false, err
 	}
 
+	// setup slirp4netns again because slirp4netns will die when conmon exits
+	if c.config.NetMode.IsSlirp4netns() {
+		err := c.runtime.setupSlirp4netns(c)
+		if err != nil {
+			return false, err
+		}
+	}
+
 	if c.state.State == define.ContainerStateStopped {
 		// Reinitialize the container if we need to
 		if err := c.reinit(ctx, true); err != nil {
diff --git a/test/system/500-networking.bats b/test/system/500-networking.bats
index 788dc4cd1251..08026c5f75fe 100644
--- a/test/system/500-networking.bats
+++ b/test/system/500-networking.bats
@@ -251,4 +251,44 @@ load helpers
     run_podman network rm -f $mynetname
 }
 
+@test "podman networking: restart always with slirp4netns" {
+    # Check that with podman run --restart always the network connectivity
+    # still works after the restart.
+
+    random_1=$(random_string 30)
+    HOST_PORT=12345
+    SERVER=http://127.0.0.1:$HOST_PORT
+
+    # Create a test file with random content
+    INDEX1=$PODMAN_TMPDIR/hello.txt
+    echo $random_1 > $INDEX1
+
+
+     # Bind-mount this file with a different name to a container running httpd and --restart always
+    run_podman run -d -p "$HOST_PORT:80" --network slirp4netns \
+            --restart always \
+            -v $INDEX1:/var/www/index.txt \
+            -w /var/www \
+            $IMAGE /bin/busybox-extras httpd -f -p 80
+    cid=$output
+
+    # Verify http contents: curl from localhost
+    run curl -s $SERVER/index.txt
+    is "$output" "$random_1" "curl 127.0.0.1:/index.txt"
+
+    # Get the container process pid
+    run_podman container inspect --format "{{.State.Pid}}" $cid
+    pid=$output
+
+    # Kill the process so that the podman restart policy will restart the container
+    run kill $pid
+
+    # Verify http contents again: curl from localhost
+    # Use retry since it can take a moment until the new container is ready
+    run curl --retry 2 -s $SERVER/index.txt
+    is "$output" "$random_1" "curl 127.0.0.1:/index.txt"
+
+    run_podman rm -f $cid
+}
+
 # vim: filetype=sh