subject:"Re\: systemd\-nspawn and \/run\/resolvconf\/resolv.conf"

Re: systemd-nspawn and /run/resolvconf/resolv.conf

2015-09-24 Thread Tom H

On Tue, Sep 22, 2015 at 10:19 AM, Ralf Mardorf
 wrote:
> On Tue, 22 Sep 2015 08:36:27 -0400, Tom H wrote:

> Thank you Tom for taking the time.

You're welcome.

>> So it works when using "-b".
>>
>> But you're right, it doesn't when not using "-b".
>>
>> Ubuntu decided to default to using resolvconf with 12.04. I suspect
>> that it'll take more than "it doesn't work when using systemd-nspawn
>> as a basic chroot process" for this change to be reversed.
>
> So I don't report it as a bug.

It might be worth reporting it so something like what lxc used to do
(see below; I grepped through the various lxc scripts and didn't find
anything resolv.conf related, so it no longer does this AFAICS).

When systemd-nspawn is used without "-b" it's eseentially a chroot
without having to mount/bind-mount anything before entering the
chroot.

You need to ensure that a proper resolv.conf exists in a chroot before
switching to it. When installing Gentoo, for example, you "cp -L
/etc/resolv.conf $chroot/etc" before chrooting because the
installation tarball doesn't have a resolv.conf. I'm sure that if you
check the Arch installation scripts, you'll find something similar.

>> Do you have lxc installed? How does it handle resolv.conf as a symlink?
>
> No. Since I never used it, it's too time consuming to care about
> LinuxContainers now.

I installed lxc and set up a container. I'd forgotten that it starts
up with the systemd-nspawn "-b" by default so a resolv.conf symlink
works.

I haven't used lxc in a while but I remembered as I was setting up my
container that there used to be a routine to detect whether
resolv.conf was a symlink and, if it was, back it up and copy the
host's resolv.conf.

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: systemd-nspawn and /run/resolvconf/resolv.conf

2015-09-24 Thread Ralf Mardorf

On Thu, 24 Sep 2015 13:03:32 -0400, Tom H wrote:
>  chroot_add_mount /etc/resolv.conf "$resolv_conf" --bind
>}
>
>So they mount the host's resolv.conf on the chroot's.
>
>And there's the following patch in lxc 0.7.5-3ubuntu69:
>
># cat 0031-ubuntu-template-resolvconf.patch
>Description: handle /etc/resolv.conf being a symlink

:)

Since I don't want to use the systemd-nspawn boot option, I'll keep a
resolv.conf in Ubuntu's /etc.

Regards,
Ralf

PS: OT: Today I replaced my ADSL-modem with a router.

# pidof pppd || echo ":D"
:D

I still use a LAN cable for my PC and WLAN only for a tablet PC. I
wonder how secure the WLAN is and how to disable it, so I have to read
a little bit.

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: systemd-nspawn and /run/resolvconf/resolv.conf

2015-09-24 Thread Tom H

On Thu, Sep 24, 2015 at 10:18 AM, Tom H  wrote:
>
> You need to ensure that a proper resolv.conf exists in a chroot before
> switching to it. When installing Gentoo, for example, you "cp -L
> /etc/resolv.conf $chroot/etc" before chrooting because the
> installation tarball doesn't have a resolv.conf. I'm sure that if you
> check the Arch installation scripts, you'll find something similar.

The arch-chroot installation script has the following function:

chroot_add_resolv_conf() {
  local chrootdir=$1 resolv_conf=$1/etc/resolv.conf

  # Handle resolv.conf as a symlink to somewhere else.
  if [[ -L $chrootdir/etc/resolv.conf ]]; then
# readlink(1) should always give us *something* since we know at this point
# it's a symlink. For simplicity, ignore the case of nested symlinks.
resolv_conf=$(readlink "$chrootdir/etc/resolv.conf")
if [[ $resolv_conf = /* ]]; then
  resolv_conf=$chrootdir$resolv_conf
else
  resolv_conf=$chrootdir/etc/$resolv_conf
fi

# ensure file exists to bind mount over
if [[ ! -f $resolv_conf ]]; then
  install -Dm644 /dev/null "$resolv_conf" || return 1
fi
  elif [[ ! -e $chrootdir/etc/resolv.conf ]]; then
# The chroot might not have a resolv.conf.
return 0
  fi

  chroot_add_mount /etc/resolv.conf "$resolv_conf" --bind
}

So they mount the host's resolv.conf on the chroot's.

And there's the following patch in lxc 0.7.5-3ubuntu69:

# cat 0031-ubuntu-template-resolvconf.patch
Description: handle /etc/resolv.conf being a symlink
 This will be forwarded upstream.
Author: Serge Hallyn 
Forwarded: no
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/922706

Index: lxc/templates/lxc-ubuntu.in
===
--- lxc.orig/templates/lxc-ubuntu.in 2012-01-27 10:45:16.167886074 -0600
+++ lxc/templates/lxc-ubuntu.in 2012-01-27 10:50:39.567880601 -0600
@@ -389,9 +389,13 @@
 chroot $rootfs apt-get install --force-yes -y
python-software-properties
 chroot $rootfs add-apt-repository ppa:ubuntu-virt/ppa
 fi
-cp /etc/resolv.conf "${rootfs}/etc"
+ cresolvonf="${rootfs}/etc/resolv.conf"
+ mv $cresolvonf ${cresolvonf}.lxcbak
+cat /etc/resolv.conf > ${cresolvonf}
 chroot $rootfs apt-get update
 chroot $rootfs apt-get install --force-yes -y lxcguest
+ rm -f ${cresolvonf}
+ mv ${cresolvonf}.lxcbak ${cresolvonf}
 fi
 }

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: systemd-nspawn and /run/resolvconf/resolv.conf

2015-09-22 Thread Ralf Mardorf

On Mon, 21 Sep 2015 21:51:35 -0400, Tom H wrote:
>On Sun, Sep 20, 2015 at 1:11 PM, Ralf Mardorf
> wrote:
>>
>> by default Wily's /etc/resolv.conf is a link against
>> ../run/resolvconf/resolv.conf. If you want to maintain Wily from
>> another install in a systemd-nspawn container, the link needs to be
>> replaced by a file /etc/resolv.conf. Since Wily is based on systemd
>> by itself, it IMO should care about systemd-nspawn compatibility and
>> by default not link against /run.
>>
>> Assumed nobody should be aware about a reason that a link is a better
>> solution, I would report it as a bug.
>
>If you were to set up the "full systemd upstream experience", you'd be
>using systemd-resolved and "/etc/resolv.conf" would be a symlink to
>"/run/systemd/resolve/resolv.conf", so there's no reason why Ubuntu's
>default resolvconf setup shouldn't work, at least when using
>"systemd-nspawn -bD ...".

You are missing the point, Arch Linux does not split packages from
upstream. If I want to maintain Ubuntu from my Arch Linux install I
only get access to the Ubuntu repositories, if Ubuntu does not link.

[rocketmouse@archlinux ~]$ sudo systemd-nspawn -qD /mnt/moonstudio
[root@moonstudio ~]# ls -l /etc/resolv.*
-rw-r--r-- 1 root root 48 Sep 22 08:43 /etc/resolv.conf
lrwxrwxrwx 1 root root 29 Jul 25 22:50 /etc/resolv.conf.bak -> 
../run/resolvconf/resolv.conf
[root@moonstudio ~]# dpkg -l systemd-resolved
dpkg-query: no packages found matching systemd-resolved

As you can see systemd-resolved isn't installed, but I needed to replace
the link with a resolve.conf file.

Now I can

  [root@moonstudio ~]# apt-get update
  Ign http://de.archive.ubuntu.com wily InRelease
  Ign http://de.archive.ubuntu.com wily-updates InRelease
  Ign http://de.archive.ubuntu.com wily-backports InRelease
  Ign http://security.ubuntu.com wily-security InRelease
  Get:1 http://de.archive.ubuntu.com wily Release.gpg [933 B]
  Hit http://de.archive.ubuntu.com wily-updates Release.gpg  
  Hit http://de.archive.ubuntu.com wily-backports Release.gpg
  Hit http://security.ubuntu.com wily-security Release.gpg
  Get:2 http://de.archive.ubuntu.com wily Release [217 kB]
  Hit http://security.ubuntu.com wily-security Release 
  Hit http://security.ubuntu.com wily-security/main Sources
  Hit http://security.ubuntu.com wily-security/restricted Sources  
  Hit http://security.ubuntu.com wily-security/universe Sources
  99% [2 Release 214 kB/217 kB 99%] [Waiting for headers]^C

But if I would keep the link

  [root@moonstudio ~]# mv -i /etc/resolv.conf /etc/resolv.conf.fix
  [root@moonstudio ~]# mv -i /etc/resolv.conf.bak /etc/resolv.conf 
  [root@moonstudio ~]# ls -l /etc/resolv.*
  lrwxrwxrwx 1 root root 29 Jul 25 22:50 /etc/resolv.conf -> 
../run/resolvconf/resolv.conf
  -rw-r--r-- 1 root root 48 Sep 22 08:43 /etc/resolv.conf.fix
  [root@moonstudio ~]# apt-get update
  Err http://de.archive.ubuntu.com wily InRelease
  
  Err http://security.ubuntu.com wily-security InRelease
  
  Err http://de.archive.ubuntu.com wily-updates InRelease
  
  Err http://de.archive.ubuntu.com wily-backports InRelease
  
  Err http://security.ubuntu.com wily-security Release.gpg
  Temporary failure resolving 'security.ubuntu.com'
  Err http://de.archive.ubuntu.com wily Release.gpg
  Temporary failure resolving 'de.archive.ubuntu.com'
  Err http://de.archive.ubuntu.com wily-updates Release.gpg
  Temporary failure resolving 'de.archive.ubuntu.com'
  Err http://de.archive.ubuntu.com wily-backports Release.gpg
  Temporary failure resolving 'de.archive.ubuntu.com'
  ^Cading package lists... 17%

And again, if I remove the annoying Ubuntu default link everything is
working again.

  [root@moonstudio ~]# mv -i /etc/resolv.conf /etc/resolv.conf.bak
  [root@moonstudio ~]# mv -i /etc/resolv.conf.fix /etc/resolv.conf 
  [root@moonstudio ~]# ls -l /etc/resolv.*
  -rw-r--r-- 1 root root 48 Sep 22 08:43 /etc/resolv.conf
  lrwxrwxrwx 1 root root 29 Jul 25 22:50 /etc/resolv.conf.bak -> 
../run/resolvconf/resolv.conf
  [root@moonstudio ~]# apt-get update
  Ign http://de.archive.ubuntu.com wily InRelease
  Ign http://security.ubuntu.com wily-security InRelease
  Ign http://de.archive.ubuntu.com wily-updates InRelease
  Hit http://security.ubuntu.com wily-security Release.gpg
  Ign http://de.archive.ubuntu.com wily-backports InRelease
  Hit http://security.ubuntu.com wily-security Release

sytemd from upstream doesn't contain /etc/resolv.conf
https://www.archlinux.org/packages/core/x86_64/systemd/files/

Ubuntu and Arch's systemd from upstream contain another file.

  [root@moonstudio ~]# cat /etc/systemd/resolved.conf
  #  This file is part of systemd.
  #
  #  systemd is free software; you can redistribute it and/or modify it
  #  under the terms of the GNU Lesser General Public License as published by
  #  the Free Software Foundation; either version 2.1 of the License, or
  #  (at your option) any later version.
  #
  # Entries in this file show the

Re: systemd-nspawn and /run/resolvconf/resolv.conf

2015-09-22 Thread Ralf Mardorf

On Mon, 21 Sep 2015 21:51:35 -0400, Tom H wrote:
>"systemd-nspawn -bD ...".

I missed this.

  -b --boot

I'll test it now ...

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: systemd-nspawn and /run/resolvconf/resolv.conf

2015-09-22 Thread Ralf Mardorf

On Tue, 22 Sep 2015 10:19:11 +0200, Ralf Mardorf wrote:
>On Mon, 21 Sep 2015 21:51:35 -0400, Tom H wrote:
>>"systemd-nspawn -bD ...".
>
>I missed this.
>
>  -b --boot
>
>I'll test it now ...

[rocketmouse@archlinux ~]$ sudo mv -i /mnt/moonstudio/etc/resolv.conf 
/mnt/moonstudio/etc/resolv.conf.fix 
[rocketmouse@archlinux ~]$ sudo mv -i /mnt/moonstudio/etc/resolv.conf.bak 
/mnt/moonstudio/etc/resolv.conf
[rocketmouse@archlinux ~]$ ls -l /mnt/moonstudio/etc/resolv.conf
lrwxrwxrwx 1 root root 29 Jul 25 22:50 /mnt/moonstudio/etc/resolv.conf -> 
../run/resolvconf/resolv.conf
[rocketmouse@archlinux ~]$ sudo systemd-nspawn -qbD /mnt/moonstudio
[snip]
Ubuntu Wily Werewolf (development branch) moonstudio console

moonstudio login: root
Password: 

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

  [root@moonstudio ~]# apt-get update
  Err http://de.archive.ubuntu.com wily InRelease
  
  Err http://de.archive.ubuntu.com wily-updates InRelease
  
  Err http://de.archive.ubuntu.com wily-backports InRelease
  
  Err http://security.ubuntu.com wily-security InRelease
  
  Err http://security.ubuntu.com wily-security Release.gpg
  Temporary failure resolving 'security.ubuntu.com'
  Err http://de.archive.ubuntu.com wily Release.gpg
  Temporary failure resolving 'de.archive.ubuntu.com'
  Err http://de.archive.ubuntu.com wily-updates Release.gpg
  Temporary failure resolving 'de.archive.ubuntu.com'
  Err http://de.archive.ubuntu.com wily-backports Release.gpg
  Temporary failure resolving 'de.archive.ubuntu.com'
  ^Cading package lists... 33%
  [root@moonstudio ~]#
  [root@moonstudio ~]# mv -i /etc/resolv.conf /etc/resolv.conf.bak
  [root@moonstudio ~]# mv -i /etc/resolv.conf.fix /etc/resolv.conf 
  [root@moonstudio ~]# ls -l /etc/resolv.*
  -rw-r--r-- 1 root root 48 Sep 22 08:43 /etc/resolv.conf
  lrwxrwxrwx 1 root root 29 Jul 25 22:50 /etc/resolv.conf.bak -> 
../run/resolvconf/resolv.conf
  [root@moonstudio ~]# apt-get update
  Ign http://security.ubuntu.com wily-security InRelease
  Ign http://de.archive.ubuntu.com wily InRelease
  Hit http://security.ubuntu.com wily-security Release.gpg
  Ign http://de.archive.ubuntu.com wily-updates InRelease
  Hit http://security.ubuntu.com wily-security Release
  Ign http://de.archive.ubuntu.com wily-backports InRelease
  Hit http://de.archive.ubuntu.com wily Release.gpg
  Hit http://security.ubuntu.com wily-security/main Sources
  Hit http://de.archive.ubuntu.com wily-updates Release.gpg
  Hit http://security.ubuntu.com wily-security/restricted Sources
  Hit http://de.archive.ubuntu.com wily-backports Release.gpg

It's the same issue. It only works without the link, but starting in the
container takes longer. The only advantage seems to be the possibility to
login as user without root privileges.

Regards,
Ralf

  

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: systemd-nspawn and /run/resolvconf/resolv.conf

2015-09-22 Thread Tom H

On Tue, Sep 22, 2015 at 4:16 AM, Ralf Mardorf
 wrote:
> On Mon, 21 Sep 2015 21:51:35 -0400, Tom H wrote:
>> On Sun, Sep 20, 2015 at 1:11 PM, Ralf Mardorf  
>> wrote:


>>> by default Wily's /etc/resolv.conf is a link against
>>> ../run/resolvconf/resolv.conf. If you want to maintain Wily from
>>> another install in a systemd-nspawn container, the link needs to be
>>> replaced by a file /etc/resolv.conf. Since Wily is based on systemd
>>> by itself, it IMO should care about systemd-nspawn compatibility and
>>> by default not link against /run.
>>>
>>> Assumed nobody should be aware about a reason that a link is a better
>>> solution, I would report it as a bug.
>>
>> If you were to set up the "full systemd upstream experience", you'd be
>> using systemd-resolved and "/etc/resolv.conf" would be a symlink to
>> "/run/systemd/resolve/resolv.conf", so there's no reason why Ubuntu's
>> default resolvconf setup shouldn't work, at least when using
>> "systemd-nspawn -bD ...".
>
> You are missing the point, Arch Linux does not split packages from
> upstream. If I want to maintain Ubuntu from my Arch Linux install I
> only get access to the Ubuntu repositories, if Ubuntu does not link.

I didn't realize that your point was about Ubuntu splitting up
upstream packages. It seemed to be about Ubuntu defaulting to using
resolvconf. :)


> [rocketmouse@archlinux ~]$ sudo systemd-nspawn -qD /mnt/moonstudio
> [root@moonstudio ~]# ls -l /etc/resolv.*
> -rw-r--r-- 1 root root 48 Sep 22 08:43 /etc/resolv.conf
> lrwxrwxrwx 1 root root 29 Jul 25 22:50 /etc/resolv.conf.bak -> 
> ../run/resolvconf/resolv.conf
> [root@moonstudio ~]# dpkg -l systemd-resolved
> dpkg-query: no packages found matching systemd-resolved
>
> As you can see systemd-resolved isn't installed, but I needed to replace
> the link with a resolve.conf file.

systemd-resolved is a service not a package.

I've just installed systemd-container and set up an Arch container (on
a laptop running 15.10).

I enabled systemd-resolved.service in the container and set up
resolv.conf as a symlink.

/var/lib/machines# systemd-nspawn -bD arch

[root@arch ~]# ls -l /etc/resolv.conf
lrwxrwxrwx 1 root root 34 Sep 22 11:37 /etc/resolv.conf ->
../run/systemd/resolve/resolv.conf

[root@arch ~]# cat /etc/resolv.conf
# This file is managed by systemd-resolved(8). Do not edit.
#
# Third party programs must not access this file directly, but
# only through the symlink at /etc/resolv.conf. To manage
# resolv.conf(5) in a different way, replace the symlink by a
# static file or a different symlink.

nameserver 8.8.4.4

[root@arch ~]# cat /etc/systemd/resolved.conf.d/google.conf
[Resolve]
DNS=8.8.4.4

[root@arch ~]# pacman -S ldns

[root@arch ~]# drill
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 2211
;; flags: qr rd ra ; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; . IN NS

;; ANSWER SECTION:
. 9635 IN NS h.root-servers.net.
. 9635 IN NS k.root-servers.net.
. 9635 IN NS i.root-servers.net.
. 9635 IN NS g.root-servers.net.
. 9635 IN NS a.root-servers.net.
. 9635 IN NS m.root-servers.net.
. 9635 IN NS b.root-servers.net.
. 9635 IN NS d.root-servers.net.
. 9635 IN NS l.root-servers.net.
. 9635 IN NS c.root-servers.net.
. 9635 IN NS f.root-servers.net.
. 9635 IN NS j.root-servers.net.
. 9635 IN NS e.root-servers.net.

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 47 msec
;; SERVER: 8.8.4.4
;; WHEN: Tue Sep 22 12:17:40 2015
;; MSG SIZE  rcvd: 228

[root@arch ~]#

So it works when using "-b".

But you're right, it doesn't when not using "-b".

Ubuntu decided to default to using resolvconf with 12.04. I suspect
that it'll take more than "it doesn't work when using systemd-nspawn
as a basic chroot process" for this change to be reversed.

Do you have lxc installed? How does it handle resolv.conf as a symlink?

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: systemd-nspawn and /run/resolvconf/resolv.conf

2015-09-22 Thread Ralf Mardorf

Thank you Tom for taking the time.

On Tue, 22 Sep 2015 08:36:27 -0400, Tom H wrote:
>systemd-resolved is a service not a package.

Ok, I didn't know it.

[rocketmouse@archlinux ~]$ systemctl status systemd-resolved
● systemd-resolved.service - Network Name Resolution
   Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; disabled; 
vendor preset: enabled)
   Active: inactive (dead)
 Docs: man:systemd-resolved.service(8)

>So it works when using "-b".
>
>But you're right, it doesn't when not using "-b".
>
>Ubuntu decided to default to using resolvconf with 12.04. I suspect
>that it'll take more than "it doesn't work when using systemd-nspawn
>as a basic chroot process" for this change to be reversed.

So I don't report it as a bug.

>Do you have lxc installed? How does it handle resolv.conf as a symlink?

No. Since I never used it, it's too time consuming to care about
LinuxContainers now.

Regards,
Ralf


-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: systemd-nspawn and /run/resolvconf/resolv.conf

2015-09-21 Thread Tom H

On Sun, Sep 20, 2015 at 1:11 PM, Ralf Mardorf
 wrote:
>
> by default Wily's /etc/resolv.conf is a link against
> ../run/resolvconf/resolv.conf. If you want to maintain Wily from another
> install in a systemd-nspawn container, the link needs to be replaced by a
> file /etc/resolv.conf. Since Wily is based on systemd by itself, it IMO
> should care about systemd-nspawn compatibility and by default not link
> against /run.
>
> Assumed nobody should be aware about a reason that a link is a better
> solution, I would report it as a bug.

If you were to set up the "full systemd upstream experience", you'd be
using systemd-resolved and "/etc/resolv.conf" would be a symlink to
"/run/systemd/resolve/resolv.conf", so there's no reason why Ubuntu's
default resolvconf setup shouldn't work, at least when using
"systemd-nspawn -bD ...".

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: systemd-nspawn and /run/resolvconf/resolv.conf

Re: systemd-nspawn and /run/resolvconf/resolv.conf

Re: systemd-nspawn and /run/resolvconf/resolv.conf

Re: systemd-nspawn and /run/resolvconf/resolv.conf

Re: systemd-nspawn and /run/resolvconf/resolv.conf

Re: systemd-nspawn and /run/resolvconf/resolv.conf

Re: systemd-nspawn and /run/resolvconf/resolv.conf

Re: systemd-nspawn and /run/resolvconf/resolv.conf

Re: systemd-nspawn and /run/resolvconf/resolv.conf

9 matches

Site Navigation

Mail list logo

Footer information