From 8fb9165f829bfb265e351d590a6911d8745291e4 Mon Sep 17 00:00:00 2001
From: Alex Andrews <alias-dev@protonmail.com>
Date: Tue, 19 Oct 2021 20:44:47 +0100
Subject: [PATCH 1/3] fix NixOS kernel modules path in podman driver

---
 pkg/drivers/kic/oci/oci.go | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/pkg/drivers/kic/oci/oci.go b/pkg/drivers/kic/oci/oci.go
index 9516af6b6f..b02e0a53b0 100644
--- a/pkg/drivers/kic/oci/oci.go
+++ b/pkg/drivers/kic/oci/oci.go
@@ -108,6 +108,21 @@ func PrepareContainerNode(p CreateParams) error {
 	return nil
 }
 
+// kernelModulesPath checks for the existence of a known kernel modules directory, returning the
+// first valid path
+func kernelModulesPath() (string, error) {
+	paths := []string{
+		"/lib/modules",
+		"/run/current-system/kernel-modules/lib/modules", // NixOS
+	}
+	for _, path := range paths {
+		if _, err := os.Stat(path); !os.IsNotExist(err) {
+			return path, nil
+		}
+	}
+	return "", errors.New("Unable to locate kernel modules")
+}
+
 // CreateContainerNode creates a new container node
 func CreateContainerNode(p CreateParams) error {
 	// on windows os, if docker desktop is using Windows Containers. Exit early with error
@@ -122,6 +137,12 @@ func CreateContainerNode(p CreateParams) error {
 		}
 	}
 
+	modulesPath, err := kernelModulesPath()
+	if err != nil {
+		klog.Errorf("error getting kernel modules path: %v", err)
+		return errors.Wrap(err, "kernel modules")
+	}
+
 	runArgs := []string{
 		"-d", // run the container detached
 		"-t", // allocate a tty for entrypoint logs
@@ -136,7 +157,7 @@ func CreateContainerNode(p CreateParams) error {
 		"--tmpfs", "/run", // systemd wants a writable /run
 		// logs,pods be stroed on  filesystem vs inside container,
 		// some k8s things want /lib/modules
-		"-v", "/lib/modules:/lib/modules:ro",
+		"-v", fmt.Sprintf("%s:/lib/modules:ro", modulesPath),
 		"--hostname", p.Name, // make hostname match container name
 		"--name", p.Name, // ... and set the container name
 		"--label", fmt.Sprintf("%s=%s", CreatedByLabelKey, "true"),

From e5d8c9d8ef38522247082963319860ad9cdfead8 Mon Sep 17 00:00:00 2001
From: Alex Andrews <alias-dev@protonmail.com>
Date: Wed, 17 Nov 2021 22:03:39 +0000
Subject: [PATCH 2/3] move checkRunning out of CreateContainerNode

---
 pkg/drivers/kic/oci/oci.go | 48 ++++++++++++++++++++------------------
 1 file changed, 25 insertions(+), 23 deletions(-)

diff --git a/pkg/drivers/kic/oci/oci.go b/pkg/drivers/kic/oci/oci.go
index b02e0a53b0..6041c4ce62 100644
--- a/pkg/drivers/kic/oci/oci.go
+++ b/pkg/drivers/kic/oci/oci.go
@@ -123,6 +123,30 @@ func kernelModulesPath() (string, error) {
 	return "", errors.New("Unable to locate kernel modules")
 }
 
+func checkRunning(p CreateParams) func() error {
+	return func() error {
+		r, err := ContainerRunning(p.OCIBinary, p.Name)
+		if err != nil {
+			return fmt.Errorf("temporary error checking running for %q : %v", p.Name, err)
+		}
+		if !r {
+			return fmt.Errorf("temporary error created container %q is not running yet", p.Name)
+		}
+		s, err := ContainerStatus(p.OCIBinary, p.Name)
+		if err != nil {
+			return fmt.Errorf("temporary error checking status for %q : %v", p.Name, err)
+		}
+		if s != state.Running {
+			return fmt.Errorf("temporary error created container %q is not running yet", p.Name)
+		}
+		if !iptablesFileExists(p.OCIBinary, p.Name) {
+			return fmt.Errorf("iptables file doesn't exist, see #8179")
+		}
+		klog.Infof("the created container %q has a running status.", p.Name)
+		return nil
+	}
+}
+
 // CreateContainerNode creates a new container node
 func CreateContainerNode(p CreateParams) error {
 	// on windows os, if docker desktop is using Windows Containers. Exit early with error
@@ -247,29 +271,7 @@ func CreateContainerNode(p CreateParams) error {
 		return errors.Wrap(err, "create container")
 	}
 
-	checkRunning := func() error {
-		r, err := ContainerRunning(p.OCIBinary, p.Name)
-		if err != nil {
-			return fmt.Errorf("temporary error checking running for %q : %v", p.Name, err)
-		}
-		if !r {
-			return fmt.Errorf("temporary error created container %q is not running yet", p.Name)
-		}
-		s, err := ContainerStatus(p.OCIBinary, p.Name)
-		if err != nil {
-			return fmt.Errorf("temporary error checking status for %q : %v", p.Name, err)
-		}
-		if s != state.Running {
-			return fmt.Errorf("temporary error created container %q is not running yet", p.Name)
-		}
-		if !iptablesFileExists(p.OCIBinary, p.Name) {
-			return fmt.Errorf("iptables file doesn't exist, see #8179")
-		}
-		klog.Infof("the created container %q has a running status.", p.Name)
-		return nil
-	}
-
-	if err := retry.Expo(checkRunning, 15*time.Millisecond, 25*time.Second); err != nil {
+	if err := retry.Expo(checkRunning(p), 15*time.Millisecond, 25*time.Second); err != nil {
 		excerpt := LogContainerDebug(p.OCIBinary, p.Name)
 		_, err := DaemonInfo(p.OCIBinary)
 		if err != nil {

From 1d35e4fcf9c08f3bcb7cde44e4ac5542113a5f2f Mon Sep 17 00:00:00 2001
From: Alex Andrews <alias-dev@protonmail.com>
Date: Wed, 17 Nov 2021 22:50:28 +0000
Subject: [PATCH 3/3] return default kernel modules path if alternatives are
 not found

---
 pkg/drivers/kic/oci/oci.go | 21 +++++++--------------
 1 file changed, 7 insertions(+), 14 deletions(-)

diff --git a/pkg/drivers/kic/oci/oci.go b/pkg/drivers/kic/oci/oci.go
index 6041c4ce62..16572d2127 100644
--- a/pkg/drivers/kic/oci/oci.go
+++ b/pkg/drivers/kic/oci/oci.go
@@ -108,19 +108,18 @@ func PrepareContainerNode(p CreateParams) error {
 	return nil
 }
 
-// kernelModulesPath checks for the existence of a known kernel modules directory, returning the
-// first valid path
-func kernelModulesPath() (string, error) {
+// kernelModulesPath checks for the existence of a known alternative kernel modules directory,
+// returning the default if none are present
+func kernelModulesPath() string {
 	paths := []string{
-		"/lib/modules",
 		"/run/current-system/kernel-modules/lib/modules", // NixOS
 	}
 	for _, path := range paths {
-		if _, err := os.Stat(path); !os.IsNotExist(err) {
-			return path, nil
+		if _, err := os.Stat(path); err == nil {
+			return path
 		}
 	}
-	return "", errors.New("Unable to locate kernel modules")
+	return "/lib/modules"
 }
 
 func checkRunning(p CreateParams) func() error {
@@ -161,12 +160,6 @@ func CreateContainerNode(p CreateParams) error {
 		}
 	}
 
-	modulesPath, err := kernelModulesPath()
-	if err != nil {
-		klog.Errorf("error getting kernel modules path: %v", err)
-		return errors.Wrap(err, "kernel modules")
-	}
-
 	runArgs := []string{
 		"-d", // run the container detached
 		"-t", // allocate a tty for entrypoint logs
@@ -181,7 +174,7 @@ func CreateContainerNode(p CreateParams) error {
 		"--tmpfs", "/run", // systemd wants a writable /run
 		// logs,pods be stroed on  filesystem vs inside container,
 		// some k8s things want /lib/modules
-		"-v", fmt.Sprintf("%s:/lib/modules:ro", modulesPath),
+		"-v", fmt.Sprintf("%s:/lib/modules:ro", kernelModulesPath()),
 		"--hostname", p.Name, // make hostname match container name
 		"--name", p.Name, // ... and set the container name
 		"--label", fmt.Sprintf("%s=%s", CreatedByLabelKey, "true"),