diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2018-11-28 07:58:55 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-11-28 07:58:55 -0800 |
commit | ade0b3084436f1b9325fd689529db03294a0d1f8 (patch) | |
tree | cd8adb010f9dac99862a528877ec7513c1fcd804 | |
parent | 7ae37dcafced4da7fd1e65e6ec41a07220c06542 (diff) | |
parent | 870eed9378c025f3684aa8baf3db6de969da3c5d (diff) | |
download | podman-ade0b3084436f1b9325fd689529db03294a0d1f8.tar.gz podman-ade0b3084436f1b9325fd689529db03294a0d1f8.tar.bz2 podman-ade0b3084436f1b9325fd689529db03294a0d1f8.zip |
Merge pull request #1846 from cgwalters/netns-dns-localhost
Use host's resolv.conf if no network namespace enabled
-rw-r--r-- | libpod/container_internal_linux.go | 5 | ||||
-rw-r--r-- | pkg/resolvconf/resolvconf.go | 12 |
2 files changed, 13 insertions, 4 deletions
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go index 99f8652df..6b21bc3d6 100644 --- a/libpod/container_internal_linux.go +++ b/libpod/container_internal_linux.go @@ -729,9 +729,10 @@ func (c *Container) generateResolvConf() (string, error) { return "", errors.Wrapf(err, "unable to read %s", resolvPath) } - // Process the file to remove localhost nameservers + // Ensure that the container's /etc/resolv.conf is compatible with its + // network configuration. // TODO: set ipv6 enable bool more sanely - resolv, err := resolvconf.FilterResolvDNS(contents, true) + resolv, err := resolvconf.FilterResolvDNS(contents, true, c.config.CreateNetNS) if err != nil { return "", errors.Wrapf(err, "error parsing host resolv.conf") } diff --git a/pkg/resolvconf/resolvconf.go b/pkg/resolvconf/resolvconf.go index fccd60093..e85bcb377 100644 --- a/pkg/resolvconf/resolvconf.go +++ b/pkg/resolvconf/resolvconf.go @@ -103,13 +103,21 @@ func GetLastModified() *File { } // FilterResolvDNS cleans up the config in resolvConf. It has two main jobs: -// 1. It looks for localhost (127.*|::1) entries in the provided +// 1. If a netns is enabled, it looks for localhost (127.*|::1) entries in the provided // resolv.conf, removing local nameserver entries, and, if the resulting // cleaned config has no defined nameservers left, adds default DNS entries // 2. Given the caller provides the enable/disable state of IPv6, the filter // code will remove all IPv6 nameservers if it is not enabled for containers // -func FilterResolvDNS(resolvConf []byte, ipv6Enabled bool) (*File, error) { +func FilterResolvDNS(resolvConf []byte, ipv6Enabled bool, netnsEnabled bool) (*File, error) { + // If we're using the host netns, we have nothing to do besides hash the file. + if !netnsEnabled { + hash, err := ioutils.HashData(bytes.NewReader(resolvConf)) + if err != nil { + return nil, err + } + return &File{Content: resolvConf, Hash: hash}, nil + } cleanedResolvConf := localhostNSRegexp.ReplaceAll(resolvConf, []byte{}) // if IPv6 is not enabled, also clean out any IPv6 address nameserver if !ipv6Enabled { |