podman machine: remove hostip from port

Inside the podman machine vm we always remove the hostip from the port mapping because this should only be used on the actual host. Otherwise you run into issues when we would bind 127.0.0.1 or try to bind a host address that is not available in the VM. This was already done for cni/netavark ports and slirp4netns but not for the port bindings inside libpod which are only used as root. [NO NEW TESTS NEEDED] We still do not have machine tests! Fixes containers#13543 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
gbraad-redhat · Jul 13, 2022 · ebfdf91 · ebfdf91
1 parent 0efcc43
commit ebfdf91
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go
@@ -1199,7 +1199,7 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co
 	cmd.ExtraFiles = append(cmd.ExtraFiles, childSyncPipe, childStartPipe)
 
 	if r.reservePorts && !rootless.IsRootless() && !ctr.config.NetMode.IsSlirp4netns() {
-		ports, err := bindPorts(ctr.config.PortMappings)
+		ports, err := bindPorts(ctr.convertPortMappings())
 		if err != nil {
 			return 0, err
 		}