[systemd-devel] /etc/resolv.conf link in container

[Lennart Poettering]

On Wed, 17.06.15 13:35, Johannes Ernst (johannes.ernst at gmail.com) wrote:

> > If you pass --private-network / -n, then we never touch resolv.conf.
> > In all other cases, we copy resolv.conf from the host into the
> > container. We usually assume that if your container runs in the same
> > network as the host, then the container must also use the DNS features
> > of the host.
> > 
> > The error code of "Too many levels of symbolic links" is ELOOP. This
> > is returned by open() in many cases. In this example, it is returned
> > because we passed O_NOFOLLOW to open(), but the final part of the path
> > is a symlink. In that case, the kernel returns ELOOP to tell us that
> > we're dealing with a symlink.
> > 
> > Maybe Lennart or Tom have some comments on that? Your example use-case
> > (resolved in the container, even with shared network namespace) looks
> > valid, though odd. I mean, what's the reason not to use "-n”?
> 
> Well, if there isn’t a reason, why does the mode exist?

-n is only fun to use if you have networkd in the container on the
host right now, since only them currently ship the magic defaults
that make networking just work if you use -n. With other network
management solutions it's a much more manual process, and hence it
might be easier to avoid -n for them...

Lennart

-- 
Lennart Poettering, Red Hat