Add fix for building libnl3 on Ubuntu 24.04

src/libnl3/patch/series

@@ -2,3 +2,4 @@
 switch-to-debhelper.patch
 keep-symbol-versions-in-libraries.patch
 update-changelog.patch
+skip-tests-when-having-no-private-netns.patch

src/libnl3/patch/skip-tests-when-having-no-private-netns.patch

@@ -0,0 +1,163 @@
+From b3822aa3b605b2dc5f01f9aee8ee224fc23e23a0 Mon Sep 17 00:00:00 2001
+From: Thomas Haller <[email protected]>
+Date: Sun, 12 Jan 2025 10:54:59 +0100
+Subject: [PATCH] test: skip tests when having no private netns
+
+In github CI we seem now unable to create the netns. This worked
+previously, now it no longer does.
+
+Handle that by skipping the tests that require a netns.
+---
+ tests/cksuite-all-netns.c | 13 +++++++++-
+ tests/nl-test-util.c      | 50 +++++++++++++++++++++++++++++++++++++--
+ tests/nl-test-util.h      |  3 +++
+ 3 files changed, 63 insertions(+), 3 deletions(-)
+
+diff --git a/tests/cksuite-all-netns.c b/tests/cksuite-all-netns.c
+index 1948c3e8..04e0f6df 100644
+--- a/tests/cksuite-all-netns.c
++++ b/tests/cksuite-all-netns.c
+@@ -73,6 +73,9 @@ START_TEST(cache_and_clone)
+ 	int i;
+ 	int r;
+
++	if (_nltst_skip_no_netns())
++		return;
++
+ 	for (i = 0; i < _NL_N_ELEMENTS(links); i++) {
+ 		if (links[i].add)
+ 			_nltst_add_link(NULL, links[i].ifname, links[i].kind,
+@@ -132,11 +135,16 @@ START_TEST(test_create_iface)
+ 	_nl_auto_rtnl_link struct rtnl_link *link2 = NULL;
+ 	_nl_auto_rtnl_link struct rtnl_link *peer = NULL;
+ 	_nltst_auto_delete_link const char *IFNAME_DUMMY = NULL;
+-	_nltst_auto_delete_link const char *IFNAME = "ifname";
++	_nltst_auto_delete_link const char *IFNAME = NULL;
+ 	int ifindex_dummy;
+ 	uint32_t u32;
+ 	int r;
+
++	if (_nltst_skip_no_netns())
++		return;
++
++	IFNAME = "ifname";
++
+ 	switch (TEST_IDX) {
+ 	case 0:
+ 		link = _nltst_assert(rtnl_link_bridge_alloc());
+diff --git a/tests/nl-test-util.c b/tests/nl-test-util.c
+index dc8dc5ad..d1a8f3f1 100644
+--- a/tests/nl-test-util.c
++++ b/tests/nl-test-util.c
+@@ -84,6 +84,7 @@ uint32_t _nltst_rand_u32(void)
+
+ struct nltst_netns {
+ 	int canary;
++	bool is_unshared;
+ };
+
+ /*****************************************************************************/
+@@ -114,6 +115,23 @@ void nltst_netns_fixture_teardown(void)
+ 	_nl_clear_pointer(&_netns_fixture_global.nsdata, nltst_netns_leave);
+ }
+
++bool nltst_netns_fixture_is_unshared(void)
++{
++	_assert_nltst_netns(_netns_fixture_global.nsdata);
++	return _netns_fixture_global.nsdata->is_unshared;
++}
++
++/*****************************************************************************/
++
++bool _nltst_skip_no_netns(void)
++{
++	if (nltst_netns_fixture_is_unshared())
++		return false;
++
++	printf("skip test due to having no private netns\n");
++	return true;
++}
++
+ /*****************************************************************************/
+
+ static void unshare_user(void)
+@@ -125,6 +143,10 @@ static void unshare_user(void)
+
+ 	/* Become a root in new user NS. */
+ 	r = unshare(CLONE_NEWUSER);
++	if (r != 0 && errno == EPERM) {
++		/* No permissions? Ignore. Will be handled later. */
++		return;
++	}
+ 	_nltst_assert_errno(r == 0);
+
+ 	/* Since Linux 3.19 we have to disable setgroups() in order to map users.
+@@ -149,14 +171,28 @@ static void unshare_user(void)
+ 	}
+ 	r = fprintf(f, "0 %d 1", uid);
+ 	_nltst_assert_errno(r > 0);
+-	_nltst_fclose(f);
++	r = fclose(f);
++	if (r != 0 && errno == EPERM) {
++		/* Oddly, it seems close() can fail at this point. Ignore it,
++		 * but we probably will be unable to unshare (which we handle
++		 * later).
++		 */
++	} else
++		_nltst_assert_errno(r == 0);
+
+ 	/* Map current GID to root in NS to be created. */
+ 	f = fopen("/proc/self/gid_map", "we");
+ 	_nltst_assert_errno(f);
+ 	r = fprintf(f, "0 %d 1", gid);
+ 	_nltst_assert_errno(r > 0);
+-	_nltst_fclose(f);
++	r = fclose(f);
++	if (r != 0 && errno == EPERM) {
++		/* Oddly, it seems close() can fail at this point. Ignore it, but
++		 * we probably will be unable to unshare (which we handle
++		 * later).
++		 */
++	} else
++		_nltst_assert_errno(r == 0);
+ }
+
+ struct nltst_netns *nltst_netns_enter(void)
+@@ -172,6 +208,15 @@ struct nltst_netns *nltst_netns_enter(void)
+ 	unshare_user();
+
+ 	r = unshare(CLONE_NEWNET | CLONE_NEWNS);
++	if (r != 0 && errno == EPERM) {
++		/* The system is probably sandboxed somehow and we are unable
++		 * to create a private netns. That seems questionable, because
++		 * a point of a private netns is to sandbox an application.
++		 * Not having permissions to sandbox sounds bad.
++		 *
++		 * Anyway. We accept this and will later skip some tests. */
++		return nsdata;
++	}
+ 	_nltst_assert_errno(r == 0);
+
+ 	/* We need a read-only /sys so that the platform knows there's no udev. */
+@@ -179,6 +224,7 @@ struct nltst_netns *nltst_netns_enter(void)
+ 	r = mount("sys", "/sys", "sysfs", MS_RDONLY, NULL);
+ 	_nltst_assert_errno(r == 0);
+
++	nsdata->is_unshared = true;
+ 	return nsdata;
+ }
+
+diff --git a/tests/nl-test-util.h b/tests/nl-test-util.h
+index 981228b4..d840a4ab 100644
+--- a/tests/nl-test-util.h
++++ b/tests/nl-test-util.h
+@@ -429,6 +429,9 @@ char **_nltst_strtokv(const char *str);
+
+ void nltst_netns_fixture_setup(void);
+ void nltst_netns_fixture_teardown(void);
++bool nltst_netns_fixture_is_unshared(void);
++
++bool _nltst_skip_no_netns(void);
+
+ struct nltst_netns;
+