Date: Mon, 8 Jan 2024 11:19:40 +0800 From: Zhenlei Huang <zlei@FreeBSD.org> To: Yuri <yuri@FreeBSD.org> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org> Subject: Re: /etc/hosts doesn't work in jails? Message-ID: <DA8A889B-271A-431B-AAB1-35FFE19D8F57@FreeBSD.org> In-Reply-To: <4069a345-5799-4608-9480-f7183ef48ab2@FreeBSD.org> References: <4069a345-5799-4608-9480-f7183ef48ab2@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_A10F6BC9-ED1E-4A2E-B9CD-E8954A271FE7 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On Jan 8, 2024, at 4:05 AM, Yuri <yuri@FreeBSD.org> wrote: >=20 > For some mysterious reason github.com can't be connected to from my = network because the IP address that DNS returns is unreachable. >=20 >=20 >=20 > Setting the new resolution rules in /etc/hosts works on the base host: >=20 > 140.82.112.4 github.com=20 > 140.82.113.10 codeload.github.com >=20 >=20 > But the same doesn't work in the poudriere jail. The same modification = in the jail's /etc/hosts didn't take effect. >=20 > /etc/resolve.conf files are identical. >=20 >=20 >=20 > I am wondering, are /etc/host files supposed to work in jail? >=20 >=20 If you mean /etc/hosts , I'd say yes. ``` # jail -ic vnet persist 3 # jexec 3 # truss ping -c1 example.org <http://example.org/>; ... open("/etc/nsswitch.conf",O_RDONLY|O_CLOEXEC,0666) =3D 3 (0x3) ... open("/etc/hosts",O_RDONLY|O_CLOEXEC,0666) =3D 3 (0x3) ... ``` >=20 > (I solved this problem by adding the same rules for github.com in = DNSMasq on the router.) >=20 >=20 >=20 >=20 >=20 > Thanks, >=20 > Yuri >=20 Best regards, Zhenlei --Apple-Mail=_A10F6BC9-ED1E-4A2E-B9CD-E8954A271FE7 Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=us-ascii <html><head><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On Jan 8, 2024, at 4:05 AM, Yuri <<a href="mailto:yuri@FreeBSD.org" class="">yuri@FreeBSD.org</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""> <meta http-equiv="content-type" content="text/html; charset=UTF-8" class=""> <div class=""><p class="">For some mysterious reason <a href="http://github.com" class="">github.com</a> can't be connected to from my network because the IP address that DNS returns is unreachable.</p><p class=""><br class=""> </p><p class="">Setting the new resolution rules in /etc/hosts works on the base host:</p><p class="">140.82.112.4 <a href="http://github.com" class="">github.com</a> <br class=""> 140.82.113.10 <a href="http://codeload.github.com" class="">codeload.github.com</a><br class=""> <br class=""> <span style="font-family:monospace" class=""></span></p><p class=""><span style="font-family:monospace" class="">But the same doesn't work in the poudriere jail. The same modification in the jail's /etc/hosts didn't take effect.<br class=""> </span></p><p class=""><span style="font-family:monospace" class="">/etc/resolve.conf files are identical.<br class=""> </span></p><p class=""><span style="font-family:monospace" class=""><br class=""> </span></p><p class=""><span style="font-family:monospace" class="">I am wondering, are /etc/host files supposed to work in jail?</span></p><div class=""><br class=""></div></div></div></blockquote><div><br class=""></div>If you mean /etc/hosts , I'd say yes.</div><div><br class=""></div><div>```</div><div># jail -ic vnet persist</div><div>3</div><div># jexec 3</div><div># truss ping -c1 <a href="http://example.org" class="">example.org</a></div><div>...</div><div><div><br class=""></div><div>open("/etc/nsswitch.conf",O_RDONLY|O_CLOEXEC,0666) = 3 (0x3)</div><div>...</div><div>open("/etc/hosts",O_RDONLY|O_CLOEXEC,0666)<span class="Apple-tab-span" style="white-space:pre"> </span> = 3 (0x3)</div><div>...</div></div><div>```<br class=""><blockquote type="cite" class=""><div class=""><div class=""><p class=""><span style="font-family:monospace" class=""><br class=""> </span></p><p class=""><span style="font-family:monospace" class="">(I solved this problem by adding the same rules for <a href="http://github.com" class="">github.com</a> in DNSMasq on the router.)<br class=""> </span></p><p class=""><span style="font-family:monospace" class=""><br class=""> </span></p><p class=""><span style="font-family:monospace" class=""><br class=""> </span></p><p class=""><span style="font-family:monospace" class="">Thanks,</span></p><p class=""><span style="font-family:monospace" class="">Yuri<br class=""> </span></p> </div> </div></blockquote></div><br class=""><div class=""> <div>Best regards,</div><div>Zhenlei</div> </div> <br class=""></body></html> --Apple-Mail=_A10F6BC9-ED1E-4A2E-B9CD-E8954A271FE7--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DA8A889B-271A-431B-AAB1-35FFE19D8F57>