pkg/ip: don't write to /proc/sys if ipforward enabled

This enables setup in a container env like systemd nspawn where /proc/sys is mouted as read only. Signed-off-by: Shengjing Zhu <i@zhsj.me>
2018-01-11 22:47:39 +08:00
parent 03e316b07b
commit 59f9976017
2 changed files with 37 additions and 0 deletions
--- a/pkg/ip/ipforward_linux.go
+++ b/pkg/ip/ipforward_linux.go
@ -15,6 +15,7 @@
 package ip

 import (
+	"bytes"
 	"io/ioutil"

 	"github.com/containernetworking/cni/pkg/types/current"
@ -51,5 +52,10 @@ func EnableForward(ips []*current.IPConfig) error {
 }

 func echo1(f string) error {
+	if content, err := ioutil.ReadFile(f); err == nil {
+		if bytes.Equal(bytes.TrimSpace(content), []byte("1")) {
+			return nil
+		}
+	}
 	return ioutil.WriteFile(f, []byte("1"), 0644)
 }