Fix up handling of user defined network namespaces

If user specifies network namespace and the /etc/netns/XXX/resolv.conf exists, we should use this rather then /etc/resolv.conf Also fail cleaner if the user specifies an invalid Network Namespace. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2025-09-25 15:55:32 +08:00 · 2019-02-17 21:55:30 -05:00
parent b223d4e136
commit b87bdced1f
7 changed files with 74 additions and 13 deletions
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@ -758,8 +758,24 @@ func (c *Container) makeBindMounts() error {

 // generateResolvConf generates a containers resolv.conf
 func (c *Container) generateResolvConf() (string, error) {
+	resolvConf := "/etc/resolv.conf"
+	for _, ns := range c.config.Spec.Linux.Namespaces {
+		if ns.Type == spec.NetworkNamespace {
+			if ns.Path != "" && !strings.HasPrefix(ns.Path, "/proc/") {
+				definedPath := filepath.Join("/etc/netns", filepath.Base(ns.Path), "resolv.conf")
+				_, err := os.Stat(definedPath)
+				if err == nil {
+					resolvConf = definedPath
+				} else if !os.IsNotExist(err) {
+					return "", errors.Wrapf(err, "failed to stat %s", definedPath)
+				}
+			}
+			break
+		}
+	}
+
 	// Determine the endpoint for resolv.conf in case it is a symlink
-	resolvPath, err := filepath.EvalSymlinks("/etc/resolv.conf")
+	resolvPath, err := filepath.EvalSymlinks(resolvConf)
 	if err != nil {
 		return "", err
 	}