Implement namespace creation method

Since [1], Pyroute forks the namespace creation to avoid calling destructive routine "libc.unshare(CLONE_NEWNET)" from the main process. This implementation uses sockets between both processes to return any error feedback sent from the child process. This patch implements the same fork without any communication. If the child process raises an exception other than "OSError(EEXIST)", the child process returns 1 that is read by the the main process, that raises a "RuntimeError" exception. Related-Bug: #1917487 [1]81db2c98a1 Change-Id: I0294586335a71d0757803843f675124bfb450967 (cherry picked from commit eb56747851)
2021-03-04 15:40:08 +00:00 · 2021-03-04 15:40:08 +00:00 · 0f02f97f25
parent 7119f1babd
commit 0f02f97f25
1 changed files with 13 additions and 5 deletions
--- a/neutron/privileged/agent/linux/ip_lib.py
+++ b/neutron/privileged/agent/linux/ip_lib.py
@ -538,11 +538,19 @@ def create_netns(name, **kwargs):

    :param name: The name of the namespace to create
    """
+    pid = os.fork()
+    if pid == 0:
        try:
-        netns.create(name, libc=priv_linux.get_cdll())
+            netns._create(name, libc=priv_linux.get_cdll())
        except OSError as e:
            if e.errno != errno.EEXIST:
-            raise
+                os._exit(1)
+        except Exception:
+            os._exit(1)
+        os._exit(0)
+    else:
+        if os.waitpid(pid, 0)[1]:
+            raise RuntimeError(_('Error creating namespace %s' % name))


@privileged.default.entrypoint