Load br-netfilter for rootless test-integration

If kernel module br_netfilter isn't loaded on the test host before rootless test-integration tests that need it, the rootless daemon hits a permission error when trying to do the load. So, try to load the module before going rootless. Signed-off-by: Rob Murray <rob.murray@docker.com>
2026-01-11 18:51:37 +00:00 · 2025-05-09 17:27:25 +01:00
parent e205701266
commit 4b9092aa27
1 changed files with 3 additions and 0 deletions
--- a/hack/make/.integration-daemon-start
+++ b/hack/make/.integration-daemon-start
@@ -84,6 +84,9 @@ if [ -n "$DOCKER_ROOTLESS" ]; then
 	mkdir -p -m 700 "/tmp/docker-${uid}"
 	chown "$user" "/tmp/docker-${uid}"
 	chmod -R o+w "$DEST"
+	# The rootless daemon won't be able to load modules for tests that need them, so do it here.
+	# There's no modprobe in the dev container, so https://x.com/lucabruno/status/902934379835662336
+	ip link show br_netfilter || true
 	dockerd="sudo -u $user -E -E XDG_RUNTIME_DIR=/tmp/docker-${uid} -E HOME=/home/${user} -E PATH=$PATH -- dockerd-rootless.sh"
 fi