opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-28 13:40:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

In shared networkNS /etc/resolv.conf&/etc/hosts should be shared

Browse Source 
We should just bind mount the original containers /etc/resolv.conf and /etchosts
into the new container.  Changes in the resolv.conf and hosts should be seen
by all containers,  This matches Docker behaviour.

In order to make this work the labels on these files need to have a shared
SELinux label.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
Daniel J Walsh
2019-02-23 07:52:05 -05:00
parent 0969d725a3
commit c83e78277a
1 changed files with 12 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
libpod/container_internal_linux.go
View File

@ -26,7 +26,6 @@ import (
"github.com/containers/libpod/pkg/rootless"
"github.com/containers/libpod/pkg/secrets"
"github.com/containers/storage/pkg/idtools"
"github.com/mrunalp/fileutils"
"github.com/opencontainers/runc/libcontainer/user"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/runtime-tools/generate"
@ -677,20 +676,12 @@ func (c *Container) makeBindMounts() error {
// If it doesn't, don't copy them
resolvPath, exists := bindMounts["/etc/resolv.conf"]
if exists {
resolvDest := filepath.Join(c.state.RunDir, "resolv.conf")
if err := fileutils.CopyFile(resolvPath, resolvDest); err != nil {
return errors.Wrapf(err, "error copying resolv.conf from dependency container %s of container %s", depCtr.ID(), c.ID())
}
c.state.BindMounts["/etc/resolv.conf"] = resolvDest
}
c.state.BindMounts["/etc/resolv.conf"] = resolvPath
}
hostsPath, exists := bindMounts["/etc/hosts"]
if exists {
hostsDest := filepath.Join(c.state.RunDir, "hosts")
if err := fileutils.CopyFile(hostsPath, hostsDest); err != nil {
return errors.Wrapf(err, "error copying hosts file from dependency container %s of container %s", depCtr.ID(), c.ID())
}
c.state.BindMounts["/etc/hosts"] = hostsDest
c.state.BindMounts["/etc/hosts"] = hostsPath
}
} else {
newResolv, err := c.generateResolvConf()
@ -705,6 +696,14 @@ func (c *Container) makeBindMounts() error {
}
c.state.BindMounts["/etc/hosts"] = newHosts
}
if err := label.Relabel(c.state.BindMounts["/etc/hosts"], c.config.MountLabel, true); err != nil {
return err
}
if err := label.Relabel(c.state.BindMounts["/etc/resolv.conf"], c.config.MountLabel, true); err != nil {
return err
}
}
// SHM is always added when we mount the container
@ -809,7 +808,7 @@ func (c *Container) generateResolvConf() (string, error) {
}
// Relabel resolv.conf for the container
if err := label.Relabel(destPath, c.config.MountLabel, false); err != nil {
if err := label.Relabel(destPath, c.config.MountLabel, true); err != nil {
return "", err
}