systemd-nspawn and /run/resolvconf/resolv.conf

[Tom H]

On Tue, Sep 22, 2015 at 4:16 AM, Ralf Mardorf
<ralf.mardorf at alice-dsl.net> wrote:
> On Mon, 21 Sep 2015 21:51:35 -0400, Tom H wrote:
>> On Sun, Sep 20, 2015 at 1:11 PM, Ralf Mardorf <ralf.mardorf at alice-dsl.net> wrote:


>>> by default Wily's /etc/resolv.conf is a link against
>>> ../run/resolvconf/resolv.conf. If you want to maintain Wily from
>>> another install in a systemd-nspawn container, the link needs to be
>>> replaced by a file /etc/resolv.conf. Since Wily is based on systemd
>>> by itself, it IMO should care about systemd-nspawn compatibility and
>>> by default not link against /run.
>>>
>>> Assumed nobody should be aware about a reason that a link is a better
>>> solution, I would report it as a bug.
>>
>> If you were to set up the "full systemd upstream experience", you'd be
>> using systemd-resolved and "/etc/resolv.conf" would be a symlink to
>> "/run/systemd/resolve/resolv.conf", so there's no reason why Ubuntu's
>> default resolvconf setup shouldn't work, at least when using
>> "systemd-nspawn -bD ...".
>
> You are missing the point, Arch Linux does not split packages from
> upstream. If I want to maintain Ubuntu from my Arch Linux install I
> only get access to the Ubuntu repositories, if Ubuntu does not link.

I didn't realize that your point was about Ubuntu splitting up
upstream packages. It seemed to be about Ubuntu defaulting to using
resolvconf. :)


> [rocketmouse at archlinux ~]$ sudo systemd-nspawn -qD /mnt/moonstudio
> [root at moonstudio ~]# ls -l /etc/resolv.*
> -rw-r--r-- 1 root root 48 Sep 22 08:43 /etc/resolv.conf
> lrwxrwxrwx 1 root root 29 Jul 25 22:50 /etc/resolv.conf.bak -> ../run/resolvconf/resolv.conf
> [root at moonstudio ~]# dpkg -l systemd-resolved
> dpkg-query: no packages found matching systemd-resolved
>
> As you can see systemd-resolved isn't installed, but I needed to replace
> the link with a resolve.conf file.

systemd-resolved is a service not a package.

I've just installed systemd-container and set up an Arch container (on
a laptop running 15.10).

I enabled systemd-resolved.service in the container and set up
resolv.conf as a symlink.

/var/lib/machines# systemd-nspawn -bD arch

[root at arch ~]# ls -l /etc/resolv.conf
lrwxrwxrwx 1 root root 34 Sep 22 11:37 /etc/resolv.conf ->
../run/systemd/resolve/resolv.conf

[root at arch ~]# cat /etc/resolv.conf
# This file is managed by systemd-resolved(8). Do not edit.
#
# Third party programs must not access this file directly, but
# only through the symlink at /etc/resolv.conf. To manage
# resolv.conf(5) in a different way, replace the symlink by a
# static file or a different symlink.

nameserver 8.8.4.4

[root at arch ~]# cat /etc/systemd/resolved.conf.d/google.conf
[Resolve]
DNS=8.8.4.4

[root at arch ~]# pacman -S ldns

[root at arch ~]# drill
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 2211
;; flags: qr rd ra ; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; . IN NS

;; ANSWER SECTION:
. 9635 IN NS h.root-servers.net.
. 9635 IN NS k.root-servers.net.
. 9635 IN NS i.root-servers.net.
. 9635 IN NS g.root-servers.net.
. 9635 IN NS a.root-servers.net.
. 9635 IN NS m.root-servers.net.
. 9635 IN NS b.root-servers.net.
. 9635 IN NS d.root-servers.net.
. 9635 IN NS l.root-servers.net.
. 9635 IN NS c.root-servers.net.
. 9635 IN NS f.root-servers.net.
. 9635 IN NS j.root-servers.net.
. 9635 IN NS e.root-servers.net.

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 47 msec
;; SERVER: 8.8.4.4
;; WHEN: Tue Sep 22 12:17:40 2015
;; MSG SIZE  rcvd: 228

[root at arch ~]#

So it works when using "-b".

But you're right, it doesn't when not using "-b".

Ubuntu decided to default to using resolvconf with 12.04. I suspect
that it'll take more than "it doesn't work when using systemd-nspawn
as a basic chroot process" for this change to be reversed.

Do you have lxc installed? How does it handle resolv.conf as a symlink?