[systemd-devel] /etc/resolv.conf link in container

[Lennart Poettering]

On Wed, 17.06.15 10:07, David Herrmann (dh.herrmann at gmail.com) wrote:

> Hi
> 
> On Tue, Jun 16, 2015 at 11:39 PM, Johannes Ernst
> <johannes.ernst at gmail.com> wrote:
> > I have a root filesystem in directory foo/
> > It has symlink
> >     foo/etc/resolv.conf -> /run/systemd/resolve/resolv.conf
> >
> > When I’m booting the container:
> >     sudo systemd-nspawn --directory foo --boot
> >
> > I’m getting:
> >     Failed to copy /etc/resolv.conf to /home/…./foo/etc/resolv.conf: Too many levels of symbolic links
> >
> > This message makes very little sense to me. Why is a copy necessary? and is that indeed /etc/resolv.conf or foo/etc/resolv.conf?
> >
> > If I boot with -n, I don’t seem to get the error.
> 
> If you pass --private-network / -n, then we never touch resolv.conf.
> In all other cases, we copy resolv.conf from the host into the
> container. We usually assume that if your container runs in the same
> network as the host, then the container must also use the DNS features
> of the host.
> 
> The error code of "Too many levels of symbolic links" is ELOOP. This
> is returned by open() in many cases. In this example, it is returned
> because we passed O_NOFOLLOW to open(), but the final part of the path
> is a symlink. In that case, the kernel returns ELOOP to tell us that
> we're dealing with a symlink.
> 
> Maybe Lennart or Tom have some comments on that? Your example use-case
> (resolved in the container, even with shared network namespace) looks
> valid, though odd. I mean, what's the reason not to use "-n"? Anyway,
> maybe we can deal with ELOOP in setup_resolv_conf() and just print a
> big fat warning?
> But lets people who know that stuff comment first..

I have now prepped this PR:

https://github.com/systemd/systemd/pull/291

It suppresses the ELOOP (and also EROFS) in this case. Please review.

Lennart

-- 
Lennart Poettering, Red Hat