func (sb *sandbox) updateDNS(ipv6Enabled bool) error { var ( currHash string hashFile = sb.config.resolvConfHashFile ) // This is for the host mode networking if sb.config.originResolvConfPath != "" { return nil } if len(sb.config.dnsList) > 0 || len(sb.config.dnsSearchList) > 0 || len(sb.config.dnsOptionsList) > 0 { return nil } currRC, err := resolvconf.GetSpecific(sb.config.resolvConfPath) if err != nil { if !os.IsNotExist(err) { return err } } else { h, err := ioutil.ReadFile(hashFile) if err != nil { if !os.IsNotExist(err) { return err } } else { currHash = string(h) } } if currHash != "" && currHash != currRC.Hash { // Seems the user has changed the container resolv.conf since the last time // we checked so return without doing anything. //log.Infof("Skipping update of resolv.conf file with ipv6Enabled: %t because file was touched by user", ipv6Enabled) return nil } // replace any localhost/127.* and remove IPv6 nameservers if IPv6 disabled. newRC, err := resolvconf.FilterResolvDNS(currRC.Content, ipv6Enabled) if err != nil { return err } err = ioutil.WriteFile(sb.config.resolvConfPath, newRC.Content, 0644) if err != nil { return err } // write the new hash in a temp file and rename it to make the update atomic dir := path.Dir(sb.config.resolvConfPath) tmpHashFile, err := ioutil.TempFile(dir, "hash") if err != nil { return err } if err = ioutil.WriteFile(tmpHashFile.Name(), []byte(newRC.Hash), filePerm); err != nil { return err } return os.Rename(tmpHashFile.Name(), hashFile) }
func (sb *sandbox) setupDNS() error { var newRC *resolvconf.File if sb.config.resolvConfPath == "" { sb.config.resolvConfPath = defaultPrefix + "/" + sb.id + "/resolv.conf" } sb.config.resolvConfHashFile = sb.config.resolvConfPath + ".hash" dir, _ := filepath.Split(sb.config.resolvConfPath) if err := createBasePath(dir); err != nil { return err } // This is for the host mode networking if sb.config.originResolvConfPath != "" { if err := copyFile(sb.config.originResolvConfPath, sb.config.resolvConfPath); err != nil { return fmt.Errorf("could not copy source resolv.conf file %s to %s: %v", sb.config.originResolvConfPath, sb.config.resolvConfPath, err) } return nil } currRC, err := resolvconf.Get() if err != nil { return err } if len(sb.config.dnsList) > 0 || len(sb.config.dnsSearchList) > 0 || len(sb.config.dnsOptionsList) > 0 { var ( err error dnsList = resolvconf.GetNameservers(currRC.Content, types.IP) dnsSearchList = resolvconf.GetSearchDomains(currRC.Content) dnsOptionsList = resolvconf.GetOptions(currRC.Content) ) if len(sb.config.dnsList) > 0 { dnsList = sb.config.dnsList } if len(sb.config.dnsSearchList) > 0 { dnsSearchList = sb.config.dnsSearchList } if len(sb.config.dnsOptionsList) > 0 { dnsOptionsList = sb.config.dnsOptionsList } newRC, err = resolvconf.Build(sb.config.resolvConfPath, dnsList, dnsSearchList, dnsOptionsList) if err != nil { return err } } else { // Replace any localhost/127.* (at this point we have no info about ipv6, pass it as true) if newRC, err = resolvconf.FilterResolvDNS(currRC.Content, true); err != nil { return err } // No contention on container resolv.conf file at sandbox creation if err := ioutil.WriteFile(sb.config.resolvConfPath, newRC.Content, filePerm); err != nil { return types.InternalErrorf("failed to write unhaltered resolv.conf file content when setting up dns for sandbox %s: %v", sb.ID(), err) } } // Write hash if err := ioutil.WriteFile(sb.config.resolvConfHashFile, []byte(newRC.Hash), filePerm); err != nil { return types.InternalErrorf("failed to write resolv.conf hash file when setting up dns for sandbox %s: %v", sb.ID(), err) } return nil }
func (sb *sandbox) updateDNS(ipv6Enabled bool) error { var ( currHash string hashFile = sb.config.resolvConfHashFile ) if len(sb.config.dnsList) > 0 || len(sb.config.dnsSearchList) > 0 || len(sb.config.dnsOptionsList) > 0 { return nil } currRC, err := resolvconf.GetSpecific(sb.config.resolvConfPath) if err != nil { if !os.IsNotExist(err) { return err } } else { h, err := ioutil.ReadFile(hashFile) if err != nil { if !os.IsNotExist(err) { return err } } else { currHash = string(h) } } if currHash != "" && currHash != currRC.Hash { // Seems the user has changed the container resolv.conf since the last time // we checked so return without doing anything. log.Infof("Skipping update of resolv.conf file with ipv6Enabled: %t because file was touched by user", ipv6Enabled) return nil } // replace any localhost/127.* and remove IPv6 nameservers if IPv6 disabled. newRC, err := resolvconf.FilterResolvDNS(currRC.Content, ipv6Enabled) if err != nil { return err } // for atomic updates to these files, use temporary files with os.Rename: dir := path.Dir(sb.config.resolvConfPath) tmpHashFile, err := ioutil.TempFile(dir, "hash") if err != nil { return err } tmpResolvFile, err := ioutil.TempFile(dir, "resolv") if err != nil { return err } // Change the perms to filePerm (0644) since ioutil.TempFile creates it by default as 0600 if err := os.Chmod(tmpResolvFile.Name(), filePerm); err != nil { return err } // write the updates to the temp files if err = ioutil.WriteFile(tmpHashFile.Name(), []byte(newRC.Hash), filePerm); err != nil { return err } if err = ioutil.WriteFile(tmpResolvFile.Name(), newRC.Content, filePerm); err != nil { return err } // rename the temp files for atomic replace if err = os.Rename(tmpHashFile.Name(), hashFile); err != nil { return err } return os.Rename(tmpResolvFile.Name(), sb.config.resolvConfPath) }
func (sb *sandbox) setupDNS() error { var newRC *resolvconf.File if sb.config.resolvConfPath == "" { sb.config.resolvConfPath = defaultPrefix + "/" + sb.id + "/resolv.conf" } sb.config.resolvConfHashFile = sb.config.resolvConfPath + ".hash" dir, _ := filepath.Split(sb.config.resolvConfPath) if err := createBasePath(dir); err != nil { return err } // This is for the host mode networking if sb.config.originResolvConfPath != "" { if err := copyFile(sb.config.originResolvConfPath, sb.config.resolvConfPath); err != nil { return fmt.Errorf("could not copy source resolv.conf file %s to %s: %v", sb.config.originResolvConfPath, sb.config.resolvConfPath, err) } return nil } currRC, err := resolvconf.Get() if err != nil { return err } if len(sb.config.dnsList) > 0 || len(sb.config.dnsSearchList) > 0 || len(sb.config.dnsOptionsList) > 0 { var ( err error dnsList = resolvconf.GetNameservers(currRC.Content, types.IP) dnsSearchList = resolvconf.GetSearchDomains(currRC.Content) dnsOptionsList = resolvconf.GetOptions(currRC.Content) ) if len(sb.config.dnsList) > 0 { dnsList = sb.config.dnsList } if len(sb.config.dnsSearchList) > 0 { dnsSearchList = sb.config.dnsSearchList } if len(sb.config.dnsOptionsList) > 0 { dnsOptionsList = sb.config.dnsOptionsList } newRC, err = resolvconf.Build(sb.config.resolvConfPath, dnsList, dnsSearchList, dnsOptionsList) if err != nil { return err } // After building the resolv.conf from the user config save the // external resolvers in the sandbox. Note that --dns 127.0.0.x // config refers to the loopback in the container namespace sb.setExternalResolvers(newRC.Content, types.IPv4, false) } else { // If the host resolv.conf file has 127.0.0.x container should // use the host restolver for queries. This is supported by the // docker embedded DNS server. Hence save the external resolvers // before filtering it out. sb.setExternalResolvers(currRC.Content, types.IPv4, true) // Replace any localhost/127.* (at this point we have no info about ipv6, pass it as true) if newRC, err = resolvconf.FilterResolvDNS(currRC.Content, true); err != nil { return err } // No contention on container resolv.conf file at sandbox creation if err := ioutil.WriteFile(sb.config.resolvConfPath, newRC.Content, filePerm); err != nil { return types.InternalErrorf("failed to write unhaltered resolv.conf file content when setting up dns for sandbox %s: %v", sb.ID(), err) } } // Write hash if err := ioutil.WriteFile(sb.config.resolvConfHashFile, []byte(newRC.Hash), filePerm); err != nil { return types.InternalErrorf("failed to write resolv.conf hash file when setting up dns for sandbox %s: %v", sb.ID(), err) } return nil }
func (sb *sandbox) updateDNS(ipv6Enabled bool) error { var oldHash []byte hashFile := sb.config.resolvConfHashFile resolvConf, err := ioutil.ReadFile(sb.config.resolvConfPath) if err != nil { if !os.IsNotExist(err) { return err } } else { oldHash, err = ioutil.ReadFile(hashFile) if err != nil { if !os.IsNotExist(err) { return err } oldHash = []byte{} } } curHash, err := ioutils.HashData(bytes.NewReader(resolvConf)) if err != nil { return err } if string(oldHash) != "" && curHash != string(oldHash) { // Seems the user has changed the container resolv.conf since the last time // we checked so return without doing anything. log.Infof("Skipping update of resolv.conf file with ipv6Enabled: %t because file was touched by user", ipv6Enabled) return nil } // replace any localhost/127.* and remove IPv6 nameservers if IPv6 disabled. resolvConf, _ = resolvconf.FilterResolvDNS(resolvConf, ipv6Enabled) newHash, err := ioutils.HashData(bytes.NewReader(resolvConf)) if err != nil { return err } // for atomic updates to these files, use temporary files with os.Rename: dir := path.Dir(sb.config.resolvConfPath) tmpHashFile, err := ioutil.TempFile(dir, "hash") if err != nil { return err } tmpResolvFile, err := ioutil.TempFile(dir, "resolv") if err != nil { return err } // Change the perms to filePerm (0644) since ioutil.TempFile creates it by default as 0600 if err := os.Chmod(tmpResolvFile.Name(), filePerm); err != nil { return err } // write the updates to the temp files if err = ioutil.WriteFile(tmpHashFile.Name(), []byte(newHash), filePerm); err != nil { return err } if err = ioutil.WriteFile(tmpResolvFile.Name(), resolvConf, filePerm); err != nil { return err } // rename the temp files for atomic replace if err = os.Rename(tmpHashFile.Name(), hashFile); err != nil { return err } return os.Rename(tmpResolvFile.Name(), sb.config.resolvConfPath) }
func (ep *endpoint) updateDNS(resolvConf []byte) error { ep.Lock() container := ep.container network := ep.network ep.Unlock() if container == nil { return ErrNoContainer{} } oldHash := []byte{} hashFile := container.config.resolvConfPath + ".hash" resolvBytes, err := ioutil.ReadFile(container.config.resolvConfPath) if err != nil { if !os.IsNotExist(err) { return err } } else { oldHash, err = ioutil.ReadFile(hashFile) if err != nil { if !os.IsNotExist(err) { return err } oldHash = []byte{} } } curHash, err := ioutils.HashData(bytes.NewReader(resolvBytes)) if err != nil { return err } if string(oldHash) != "" && curHash != string(oldHash) { // Seems the user has changed the container resolv.conf since the last time // we checked so return without doing anything. return nil } // replace any localhost/127.* and remove IPv6 nameservers if IPv6 disabled. resolvConf, _ = resolvconf.FilterResolvDNS(resolvConf, network.enableIPv6) newHash, err := ioutils.HashData(bytes.NewReader(resolvConf)) if err != nil { return err } // for atomic updates to these files, use temporary files with os.Rename: dir := path.Dir(container.config.resolvConfPath) tmpHashFile, err := ioutil.TempFile(dir, "hash") if err != nil { return err } tmpResolvFile, err := ioutil.TempFile(dir, "resolv") if err != nil { return err } // Change the perms to 0644 since ioutil.TempFile creates it by default as 0600 if err := os.Chmod(tmpResolvFile.Name(), 0644); err != nil { return err } // write the updates to the temp files if err = ioutil.WriteFile(tmpHashFile.Name(), []byte(newHash), 0644); err != nil { return err } if err = ioutil.WriteFile(tmpResolvFile.Name(), resolvConf, 0644); err != nil { return err } // rename the temp files for atomic replace if err = os.Rename(tmpHashFile.Name(), hashFile); err != nil { return err } return os.Rename(tmpResolvFile.Name(), container.config.resolvConfPath) }