Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

/etc/resolv.conf with dnsname plugin and user namespace not using dnsname resolver #5256

Closed
ykuksenko opened this issue Feb 19, 2020 · 0 comments · Fixed by #5271
Closed

/etc/resolv.conf with dnsname plugin and user namespace not using dnsname resolver #5256

ykuksenko opened this issue Feb 19, 2020 · 0 comments · Fixed by #5271
Assignees
@baude
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@ykuksenko
Copy link

/kind bug

Description

When running a container that is using a user namespace attached to a non default network with dnsname plugin enabled /etc/resolv.conf contains the hosts resolvers instead of the dnsmasq resolver for the network.

Steps to reproduce the issue:

[root@f31 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search example.org
nameserver 192.168.0.200
[root@f31 ~]# useradd woot
[root@f31 ~]# podman network create woot
/etc/cni/net.d/woot.conflist
[root@f31 ~]# podman run --rm -ti -p 2000:2000 --network=woot library/alpine cat /etc/resolv.conf
search example.org
nameserver 10.89.0.1
[root@f31 ~]# podman run --rm -ti -p 2000:2000 --subuidname=woot --subgidname=woot --network=woot library/alpine cat /etc/resolv.conf
search example.org
nameserver 192.168.0.200

Describe the results you received:
The output for /etc/resolv.conf for the two runs was different, first producing the dnsmasq resolver and the second time producing the hosts resolver.

Describe the results you expected:
I expected /etc/resolv.conf to contain 10.89.0.1 in both cases.

Additional information you deem important (e.g. issue happens only occasionally):
This is on a fedora 31 server system.
Output of podman version:

Version:            1.8.0
RemoteAPI Version:  1
Go Version:         go1.13.6
OS/Arch:            linux/amd64

Output of podman info --debug:

debug:
  compiler: gc
  git commit: ""
  go version: go1.13.6
  podman version: 1.8.0
host:
  BuildahVersion: 1.13.1
  CgroupVersion: v2
  Conmon:
    package: conmon-2.0.10-2.fc31.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.10, commit: 6b526d9888abb86b9e7de7dfdeec0da98ad32ee0'
  Distribution:
    distribution: fedora
    version: "31"
  MemFree: 4174106624
  MemTotal: 6228332544
  OCIRuntime:
    name: crun
    package: crun-0.12.1-1.fc31.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 0.12.1
      commit: df5f2b2369b3d9f36d175e1183b26e5cee55dd0a
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  SwapFree: 6371143680
  SwapTotal: 6371143680
  arch: amd64
  cpus: 4
  eventlogger: journald
  hostname: f31
  kernel: 5.4.17-200.fc31.x86_64
  os: linux
  rootless: false
  uptime: 45h 48m 32.9s (Approximately 1.88 days)
registries:
  search:
  - docker.io
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - registry.centos.org
  - quay.io
store:
  ConfigFile: /etc/containers/storage.conf
  ContainerStore:
    number: 5
  GraphDriverName: overlay
  GraphOptions:
    overlay.mountopt: nodev,metacopy=on
  GraphRoot: /var/lib/containers/storage
  GraphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "true"
  ImageStore:
    number: 9
  RunRoot: /var/run/containers/storage
  VolumePath: /var/lib/containers/storage/volumes

Package info (e.g. output of rpm -q podman or apt list podman):

podman-1.8.0-2.fc31.x86_64

Additional environment details (AWS, VirtualBox, physical, etc.):
qemu virtual machine.
@openshift-ci-robot openshift-ci-robot added the kind/bug Categorizes issue or PR as related to a bug. label Feb 19, 2020
@baude baude mentioned this issue Feb 19, 2020
Merged
baude added a commit to baude/podman that referenced this issue Feb 20, 2020
@baude
populate resolv.conf with dnsname responses when in usernamespace
921f29c 
when using usernamespace, dnsname respondes from cni were not making it into the containers /etc/resolv.conf because of a timing issue.  this corrects that behavior.

Fixes: containers#5256

Signed-off-by: Brent Baude <[email protected]>
snj33v pushed a commit to snj33v/libpod that referenced this issue May 31, 2020
@baude @snj33v
populate resolv.conf with dnsname responses when in usernamespace
5e46f10 
when using usernamespace, dnsname respondes from cni were not making it into the containers /etc/resolv.conf because of a timing issue.  this corrects that behavior.

Fixes: containers#5256

Signed-off-by: Brent Baude <[email protected]>
@peterpramb peterpramb mentioned this issue Oct 5, 2022
Closed
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 23, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@baude baude

Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

populate resolv.conf with dnsname responses when in usernamespace baude/podman
3 participants
@ykuksenko @baude @openshift-ci-robot