Bug#881310: systemd-container: systemd-nspawn containers get non-functioning /etc/resolv.conf
Alex King
alex at king.net.nz
Fri Nov 10 22:05:37 GMT 2017
Interesting.
I tried to reproduce this myself on another machine and could not. It
may be peculiar to this machine which is a VPS in xen.
Neither host nor guest is running resolved:
$ sudo systemctl status systemd-resolved.service
● systemd-resolved.service - Network Name Resolution
Loaded: loaded (/lib/systemd/system/systemd-resolved.service;
disabled; vendo
Drop-In: /usr/lib/systemd/system/systemd-resolved.service.d
└─resolvconf.conf
Active: inactive (dead)
Docs: man:systemd-resolved.service(8)
http://www.freedesktop.org/wiki/Software/systemd/resolved
http://www.freedesktop.org/wiki/Software/systemd/writing-network-conf
http://www.freedesktop.org/wiki/Software/systemd/writing-resolver-cli
(in the "host")
In the guest:
# cat /etc/resolv.conf
# This is a static resolv.conf file for connecting local clients to
# systemd-resolved via its DNS stub listener on 127.0.0.53.
#
# Third party programs must not access this file directly, but only
through the
# symlink at /etc/resolv.conf. To manage resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
I'll dig further to find out how nspawn determines whether it should
replace resolv.conf....
Thanks,
Alex
On 10/11/17 15:28, Michael Biebl wrote:
> Control: tags -1 + moreinfo
>
> Am 10.11.2017 um 01:10 schrieb Alex King:
>> After installing the package to get systemd-nspawnd, I created an etch
>> image with:
>>
>> # cd /var/lib/machines
>> # debootstrap --variant=minbase --no-check-gpg --arch=i386 etch etchruby \
>> http://archive.debian.org/debian/
>>
>> This system can't resolve DNS names:
>>
>> # systemd-nspawn --directory etchruby/
>> Spawning container etchruby on /var/lib/machines/etchruby.
>> Press ^] three times within 1s to kill container.
>> etchruby:~# apt-get update
>> Err http://archive.debian.org etch Release.gpg
>> Temporary failure resolving 'archive.debian.org'
>> Failed to fetch http://archive.debian.org/debian/dists/etch/Release.gpg Temporary failure resolving 'archive.debian.org'
>> Reading package lists... Done
>> E: Some index files failed to download, they have been ignored, or old ones used instead.
>>
>> /etc/resolv.conf inside the container is apparently bind-mounted from the
>> host's /lib/systemd/resolv.conf, and cannot be modified inside the container.
> I can't reproduce the problem. I don't have systemd-resolved enabled
> though. My guess is that you have resolved enabled (but not properly
> configured), that's why systemd-nspawn picks up /lib/systemd/resolv.conf
>
> How does your /etc/resolv.conf look like in the container?
>
More information about the Pkg-systemd-maintainers
mailing list