[Bug 1888391] Re: /etc/dhcp/dhclient-enter-hooks.d/resolved should not run in non-root network namespaces

[Steffan Karger]

Gah, the -n should of course be a -z.

** Description changed:

  Running dhclient in a (non-root) network namespace on a system with
  systemd enabled fails because the hook installed by the systemd package
  updates the DNS configuration of the core/root namespace, instead of
  simply the /etc/resolv.conf file of that particular network namespace.
  
  ("ip netns add <name>" nicely links /etc/resolv.conf in that namespace
  to /etc/netns/<name>/resolv.conf if it exists.)
  
  The following patch ensures that this script no longer misbehaves for
  this scenario:
  
  --- /etc/dhcp/dhclient-enter-hooks.d/resolved.bak	2020-07-21 14:05:23.390989468 +0200
  +++ /etc/dhcp/dhclient-enter-hooks.d/resolved	2020-07-21 14:03:18.566046842 +0200
  @@ -14,7 +14,7 @@
-  #   (D) = master script downs interface
-  #   (-) = master script does nothing with this
-  
+  #   (D) = master script downs interface
+  #   (-) = master script does nothing with this
+ 
  -if [ -x /lib/systemd/systemd-resolved ] ; then
- +if [ -x /lib/systemd/systemd-resolved ] && [ -n "$(ip netns identify)" ] ; then
-          # For safety, first undefine the nasty default make_resolv_conf()
-          make_resolv_conf() { : ; }
-          case "$reason" in
+ +if [ -x /lib/systemd/systemd-resolved ] && [ -z "$(ip netns identify)" ] ; then
+          # For safety, first undefine the nasty default make_resolv_conf()
+          make_resolv_conf() { : ; }
+          case "$reason" in

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1888391

Title:
  /etc/dhcp/dhclient-enter-hooks.d/resolved should not run in non-root
  network namespaces

Status in systemd package in Ubuntu:
  New

Bug description:
  Running dhclient in a (non-root) network namespace on a system with
  systemd enabled fails because the hook installed by the systemd
  package updates the DNS configuration of the core/root namespace,
  instead of simply the /etc/resolv.conf file of that particular network
  namespace.

  ("ip netns add <name>" nicely links /etc/resolv.conf in that namespace
  to /etc/netns/<name>/resolv.conf if it exists.)

  The following patch ensures that this script no longer misbehaves for
  this scenario:

  --- /etc/dhcp/dhclient-enter-hooks.d/resolved.bak	2020-07-21 14:05:23.390989468 +0200
  +++ /etc/dhcp/dhclient-enter-hooks.d/resolved	2020-07-21 14:03:18.566046842 +0200
  @@ -14,7 +14,7 @@
   #   (D) = master script downs interface
   #   (-) = master script does nothing with this

  -if [ -x /lib/systemd/systemd-resolved ] ; then
  +if [ -x /lib/systemd/systemd-resolved ] && [ -z "$(ip netns identify)" ] ; then
           # For safety, first undefine the nasty default make_resolv_conf()
           make_resolv_conf() { : ; }
           case "$reason" in

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1888391/+subscriptions