Skip to content

Commit

Permalink
add hostname to /etc/hosts when running with host network
Browse files Browse the repository at this point in the history 
Some tools depend on the hostname being present in /etc/hosts. I would
argue they are broken but its not like we can do anything about that.

This adds the hostname with the local host ip when the host network is
used. For private networking we already add the hostname.

We also now correctly force host networking in chroot mode, it was
silently ignored before thus causing extra confusion here.

Fixes #4446

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
  • Loading branch information
@Luap99
Luap99 committed Jun 20, 2023
1 parent eb135b8 commit 14cd28c
Show file tree
Hide file tree
Showing 4 changed files with 34 additions and 4 deletions.
28 changes: 27 additions & 1 deletion run_common.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ import (
"github.com/containers/common/libnetwork/network"
"github.com/containers/common/libnetwork/resolvconf"
netTypes "github.com/containers/common/libnetwork/types"
netUtil "github.com/containers/common/libnetwork/util"
"github.com/containers/common/pkg/config"
"github.com/containers/common/pkg/subscriptions"
imageTypes "github.com/containers/image/v5/types"
Expand Down Expand Up @@ -117,7 +118,7 @@ func (b *Builder) addResolvConf(rdir string, chownOpts *idtools.IDPair, dnsServe
}

// generateHosts creates a containers hosts file
func (b *Builder) generateHosts(rdir string, chownOpts *idtools.IDPair, imageRoot string) (string, error) {
func (b *Builder) generateHosts(rdir string, chownOpts *idtools.IDPair, imageRoot string, spec *spec.Spec) (string, error) {
conf, err := config.Default()
if err != nil {
return "", err
Expand All @@ -128,12 +129,34 @@ func (b *Builder) generateHosts(rdir string, chownOpts *idtools.IDPair, imageRoo
return "", err
}

var entries etchosts.HostEntries
isHost := true
if spec.Linux != nil {
for _, ns := range spec.Linux.Namespaces {
if ns.Type == specs.NetworkNamespace {
isHost = false
break
}
}
}
// add host entry for local ip when running in host network
if spec.Hostname != "" && isHost {
ip := netUtil.GetLocalIP()
if ip != "" {
entries = append(entries, etchosts.HostEntry{
Names: []string{spec.Hostname},
IP: ip,
})
}
}

targetfile := filepath.Join(rdir, "hosts")
if err := etchosts.New(&etchosts.Params{
BaseFile: path,
ExtraHosts: b.CommonBuildOpts.AddHost,
HostContainersInternalIP: etchosts.GetHostContainersInternalIP(conf, nil, nil),
TargetFile: targetfile,
ContainerIPs: entries,
}); err != nil {
return "", err
}
Expand Down Expand Up @@ -368,6 +391,9 @@ func checkAndOverrideIsolationOptions(isolation define.Isolation, options *RunOp
if (pidns != nil && pidns.Host) && (userns != nil && !userns.Host) {
return fmt.Errorf("not allowed to mix host PID namespace with container user namespace")
}
case IsolationChroot:
logrus.Info("network namespace isolation not supported with chroot isolation, forcing host network")
options.NamespaceOptions.AddOrReplace(define.NamespaceOption{Name: string(specs.NetworkNamespace), Host: true})
}
return nil
}
Expand Down
2 changes: 1 addition & 1 deletion run_freebsd.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ func (b *Builder) Run(command []string, options RunOptions) error {

hostFile := ""
if !options.NoHosts && !contains(volumes, config.DefaultHostsFile) && options.ConfigureNetwork != define.NetworkDisabled {
hostFile, err = b.generateHosts(path, rootIDPair, mountPoint)
hostFile, err = b.generateHosts(path, rootIDPair, mountPoint, spec)
if err != nil {
return err
}
Expand Down
2 changes: 1 addition & 1 deletion run_linux.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -264,7 +264,7 @@ func (b *Builder) Run(command []string, options RunOptions) error {

hostFile := ""
if !options.NoHosts && !contains(volumes, config.DefaultHostsFile) && options.ConfigureNetwork != define.NetworkDisabled {
hostFile, err = b.generateHosts(path, rootIDPair, mountPoint)
hostFile, err = b.generateHosts(path, rootIDPair, mountPoint, spec)
if err != nil {
return err
}
Expand Down
6 changes: 5 additions & 1 deletion tests/run.bats
View file
Original file line number Diff line number Diff line change
Expand Up @@ -682,14 +682,18 @@ function configure_and_check_user() {

run_buildah from --quiet --pull=false $WITH_POLICY_JSON debian
cid=$output
run_buildah run --network=host $cid cat /etc/hosts
run_buildah run --network=host --hostname $hostname $cid cat /etc/hosts
assert "$output" =~ "$ip[[:blank:]]$hostname"
hostOutput=$output
m=$(buildah mount $cid)
run cat $m/etc/hosts
[ "$status" -eq 0 ]
expect_output --substring ""
run_buildah run --network=host --no-hosts $cid cat /etc/hosts
[ "$output" != "$hostOutput" ]
# --isolation chroot implies host networking so check for the correct hosts entry
run_buildah run --isolation chroot --hostname $hostname $cid cat /etc/hosts
assert "$output" =~ "$ip[[:blank:]]$hostname"
run_buildah rm -a

run_buildah from --quiet --pull=false $WITH_POLICY_JSON debian
Expand Down

0 comments on commit 14cd28c

Please sign in to comment.