From nobody Mon Jan 8 03:19:40 2024 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4T7fSN4WNqz56k2W for ; Mon, 8 Jan 2024 03:19:48 +0000 (UTC) (envelope-from zlei@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4T7fSN3cmpz3xMH; Mon, 8 Jan 2024 03:19:48 +0000 (UTC) (envelope-from zlei@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1704683988; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=BQ8jqpN9lMvnOpVKA5PicbqWs15AngatmcX4l8J1VJY=; b=iNjMZgWcvvaooXQebnyEgLyYRF+7m/t0TbVAZc4X3dbBXx9bKAGvfF/Ika3b4P6P1VS6oQ fPGT+rMxNX8DB6DAqLPCLJIxw/kXmFBR1XcxmFDplkqc0L5vB5EjJmKaYOdKzjh9xtulIK VcDyIzbHErfrLpSx5W9dqFmG9bud1WPZk8/bMJfLP6NhOJs2Yx/OgcgLBfg0i19kWjUEi3 yDZ4hQKoUqHO+Kz1++cfO5mjUjxXniQT7z8UcftYFkYa6sE2HlgSI/5U6ZwAikeQ4JfFlV e4RjUS18E65TiC9WDF4MpQh2FN0M7usO/KlM18T2NV8oxK6/xBSAPBFP0i48OQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1704683988; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=BQ8jqpN9lMvnOpVKA5PicbqWs15AngatmcX4l8J1VJY=; b=anSqxQT41NueNLzf+jwZmIC8Kva4S3xDHEfmqH94z0w/yhTXnQD8Aldjk2zOSjkYNslYsg VxlNASFNYZdl7ID0QEgxFJJ0PhPglT8WnmuQfoTwvEXDnqRoLAZ31bofRpEJNUAoXnbPuq ALc0mZWd+qdHQuyLHxzfyKftAhqSVmvf6WqhPg4a3Mt9Ix/W3mrJ9O0tQJFYMyAJ5iydwD nYYU3gBfEqYN3Lv3uFY8UPjZiqAz+Xa1GkdvUM/M8G+h2ZOjTYXHIYPrcVsJyrhqbwSH5x rldYHirePdHHhmv2SGmA+0y3LHcgA+zg6sGyaYC4BAANL73Od6vVhVOkGDwisw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1704683988; a=rsa-sha256; cv=none; b=crk1bUeEAPiaRKYjafgqKfYGXmJsBWFxv8FFBBJy+x1mS9DfTz5MAE0Wc2jMB8PWkThYzM sYQcGMmLbhSeS5pgDXjCXRrpNzRCnc2ObbdWjU0whoDdD4faNxcKKI0N1GtzMWj/N5y7d+ kZbSVpSHYRYc06qwBLtebckeC6DNXLW0VWRiLSJ5qXoDvYyEKNHO13rmjMSQmHH5j8Oxb9 HLVwj7Nw2fnLq9aSBvYwCGAfON61+FCvpF0w6umkk/lsU3N05c5111WLakpOdH9mvet9RM I+ZzmPPm0/39HJ732RDLzkxfCRZjY6qiBs8yYxMqeaQDE25LJXplkVwtXyXwUQ== Received: from smtpclient.apple (ns1.oxydns.net [45.32.91.63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: zlei/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4T7fSM4bKgzhfB; Mon, 8 Jan 2024 03:19:47 +0000 (UTC) (envelope-from zlei@FreeBSD.org) From: Zhenlei Huang Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_A10F6BC9-ED1E-4A2E-B9CD-E8954A271FE7" List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.4\)) Subject: Re: /etc/hosts doesn't work in jails? Date: Mon, 8 Jan 2024 11:19:40 +0800 In-Reply-To: <4069a345-5799-4608-9480-f7183ef48ab2@FreeBSD.org> Cc: "freebsd-net@freebsd.org" To: Yuri References: <4069a345-5799-4608-9480-f7183ef48ab2@FreeBSD.org> X-Mailer: Apple Mail (2.3696.120.41.1.4) --Apple-Mail=_A10F6BC9-ED1E-4A2E-B9CD-E8954A271FE7 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On Jan 8, 2024, at 4:05 AM, Yuri wrote: >=20 > For some mysterious reason github.com can't be connected to from my = network because the IP address that DNS returns is unreachable. >=20 >=20 >=20 > Setting the new resolution rules in /etc/hosts works on the base host: >=20 > 140.82.112.4 github.com=20 > 140.82.113.10 codeload.github.com >=20 >=20 > But the same doesn't work in the poudriere jail. The same modification = in the jail's /etc/hosts didn't take effect. >=20 > /etc/resolve.conf files are identical. >=20 >=20 >=20 > I am wondering, are /etc/host files supposed to work in jail? >=20 >=20 If you mean /etc/hosts , I'd say yes. ``` # jail -ic vnet persist 3 # jexec 3 # truss ping -c1 example.org ... open("/etc/nsswitch.conf",O_RDONLY|O_CLOEXEC,0666) =3D 3 (0x3) ... open("/etc/hosts",O_RDONLY|O_CLOEXEC,0666) =3D 3 (0x3) ... ``` >=20 > (I solved this problem by adding the same rules for github.com in = DNSMasq on the router.) >=20 >=20 >=20 >=20 >=20 > Thanks, >=20 > Yuri >=20 Best regards, Zhenlei --Apple-Mail=_A10F6BC9-ED1E-4A2E-B9CD-E8954A271FE7 Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=us-ascii

On Jan 8, 2024, at 4:05 AM, Yuri <yuri@FreeBSD.org> wrote:

For some mysterious reason github.com can't be connected to from my network because the IP address that DNS returns is unreachable.


Setting the new resolution rules in /etc/hosts works on the base host:

140.82.112.4     github.com
140.82.113.10    codeload.github.com

But the same doesn't work in the poudriere jail. The same modification in the jail's /etc/hosts didn't take effect.

/etc/resolve.conf files are identical.


I am wondering, are /etc/host files supposed to work in jail?



If you mean /etc/hosts , I'd say yes.

```
# jail -ic vnet persist
3
# jexec 3
# truss ping -c1 example.org
...

open("/etc/nsswitch.conf",O_RDONLY|O_CLOEXEC,0666) = 3 (0x3)
...
open("/etc/hosts",O_RDONLY|O_CLOEXEC,0666) = 3 (0x3)
...
```


(I solved this problem by adding the same rules for github.com in DNSMasq on the router.)



Thanks,

Yuri


Best regards,
Zhenlei

--Apple-Mail=_A10F6BC9-ED1E-4A2E-B9CD-E8954A271FE7--