diff options
author | Brent Baude <bbaude@redhat.com> | 2020-02-19 14:14:41 -0600 |
---|---|---|
committer | Brent Baude <bbaude@redhat.com> | 2020-02-20 08:00:40 -0600 |
commit | 921f29c902ea6755f58a88637f447ddcf278f6ba (patch) | |
tree | 50e9f4278f4400cd48120f404eb4613bd5dfbc33 /libpod | |
parent | cf8e34c28ed623b8fe58c66ead180298210e53bb (diff) | |
download | podman-921f29c902ea6755f58a88637f447ddcf278f6ba.tar.gz podman-921f29c902ea6755f58a88637f447ddcf278f6ba.tar.bz2 podman-921f29c902ea6755f58a88637f447ddcf278f6ba.zip |
populate resolv.conf with dnsname responses when in usernamespace
when using usernamespace, dnsname respondes from cni were not making it into the containers /etc/resolv.conf because of a timing issue. this corrects that behavior.
Fixes: #5256
Signed-off-by: Brent Baude <bbaude@redhat.com>
Diffstat (limited to 'libpod')
-rw-r--r-- | libpod/container_internal.go | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go index 216bbe669..11f9721dc 100644 --- a/libpod/container_internal.go +++ b/libpod/container_internal.go @@ -914,6 +914,7 @@ func (c *Container) checkDependenciesRunning() ([]string, error) { } func (c *Container) completeNetworkSetup() error { + var outResolvConf []string netDisabled, err := c.NetworkDisabled() if err != nil { return err @@ -927,7 +928,37 @@ func (c *Container) completeNetworkSetup() error { if c.config.NetMode == "slirp4netns" { return c.runtime.setupRootlessNetNS(c) } - return c.runtime.setupNetNS(c) + if err := c.runtime.setupNetNS(c); err != nil { + return err + } + state := c.state + // collect any dns servers that cni tells us to use (dnsname) + for _, cni := range state.NetworkStatus { + if cni.DNS.Nameservers != nil { + for _, server := range cni.DNS.Nameservers { + outResolvConf = append(outResolvConf, fmt.Sprintf("nameserver %s", server)) + } + } + } + // check if we have a bindmount for resolv.conf + resolvBindMount := state.BindMounts["/etc/resolv.conf"] + if len(outResolvConf) < 1 || resolvBindMount == "" || len(c.config.NetNsCtr) > 0 { + return nil + } + // read the existing resolv.conf + b, err := ioutil.ReadFile(resolvBindMount) + if err != nil { + return err + } + for _, line := range strings.Split(string(b), "\n") { + // only keep things that dont start with nameserver from the old + // resolv.conf file + if !strings.HasPrefix(line, "nameserver") { + outResolvConf = append([]string{line}, outResolvConf...) + } + } + // write and return + return ioutil.WriteFile(resolvBindMount, []byte(strings.Join(outResolvConf, "\n")), 0644) } // Initialize a container, creating it in the runtime |