From 21573af9fb0b53806703c44b46d813b0c5d6efa5 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 18 Apr 2014 16:40:27 +0200 Subject: Containers: Use /etc/resolv.conf supplied by the host This used to work with systemd-nspawn 203, because it bind-mounted /etc/resolv.conf (so openresolv couldn't overwrite it). Now it's just copied, so we need some special handling. --- nixos/modules/system/boot/stage-2-init.sh | 8 ++++++-- nixos/modules/system/boot/stage-2.nix | 2 ++ nixos/modules/tasks/network-interfaces.nix | 9 +++++++++ nixos/modules/virtualisation/container-config.nix | 2 ++ 4 files changed, 19 insertions(+), 2 deletions(-) (limited to 'nixos') diff --git a/nixos/modules/system/boot/stage-2-init.sh b/nixos/modules/system/boot/stage-2-init.sh index 6657897750eb..62e08bb9ece5 100644 --- a/nixos/modules/system/boot/stage-2-init.sh +++ b/nixos/modules/system/boot/stage-2-init.sh @@ -96,8 +96,6 @@ mkdir -m 0755 -p /etc/nixos # Miscellaneous boot time cleanup. rm -rf /var/run /var/lock -rm -f /etc/resolv.conf -touch /etc/resolv.conf rm -f /etc/{group,passwd,shadow}.lock if test -n "@cleanTmpDir@"; then @@ -149,6 +147,12 @@ if test -n "$resumeDevice"; then fi +# Use /etc/resolv.conf supplied by systemd-nspawn, if applicable. +if [ -n "@useHostResolvConf@" -a -e /etc/resolv.conf ]; then + cat /etc/resolv.conf | resolvconf -m 1000 -a host +fi + + # Run the script that performs all configuration activation that does # not have to be done at boot time. echo "running activation script..." diff --git a/nixos/modules/system/boot/stage-2.nix b/nixos/modules/system/boot/stage-2.nix index f2a177fbdbc1..f53c3b8b8e70 100644 --- a/nixos/modules/system/boot/stage-2.nix +++ b/nixos/modules/system/boot/stage-2.nix @@ -19,11 +19,13 @@ let isExecutable = true; inherit (config.boot) devShmSize runSize cleanTmpDir; inherit (config.nix) readOnlyStore; + inherit (config.networking) useHostResolvConf; ttyGid = config.ids.gids.tty; path = [ pkgs.coreutils pkgs.utillinux pkgs.sysvtools + pkgs.openresolv ] ++ (optional config.boot.cleanTmpDir pkgs.findutils) ++ optional config.nix.readOnlyStore readonlyMountpoint; postBootCommands = pkgs.writeText "local-cmds" diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index a33b571d4371..9cc8b154324f 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -191,6 +191,15 @@ in ''; }; + networking.useHostResolvConf = mkOption { + type = types.bool; + default = false; + description = '' + In containers, whether to use the + resolv.conf supplied by the host. + ''; + }; + networking.localCommands = mkOption { default = ""; example = "text=anything; echo You can put $text here."; diff --git a/nixos/modules/virtualisation/container-config.nix b/nixos/modules/virtualisation/container-config.nix index ae06fcb41e38..46dcdbd77128 100644 --- a/nixos/modules/virtualisation/container-config.nix +++ b/nixos/modules/virtualisation/container-config.nix @@ -8,6 +8,8 @@ with lib; sound.enable = mkDefault false; + networking.useHostResolvConf = true; + # Provide a login prompt on /var/lib/login.socket. On the host, # you can connect to it by running ‘socat # unix:/var/lib/login.socket -,echo=0,raw’. -- cgit 1.4.1