[Bug 1820278] [NEW] Incorrect DNS (resolv.conf) setup inside docker images

Fri, 15 Mar 2019 06:11:13 -0700 

Public bug reported:

I've encountered a problem after upgrading docker.io to
18.09.2-0ubuntu1~18.04.1 . I currently workarounded it by downgrading
back to 18.06.1-0ubuntu1.2~18.04.1 , so I can verify that it's related
to it.

In my current setup, I'm using ubuntu 18.04 and connecting from home to
a local ISP, and then using a VPN to access some private resources from
the company I work for (I use globalprotect as VPN software). I have no
connectivity issues whatsoever from my OS. Before connecting to the VPN,
my /etc/resolv.conf looks like

# This file is managed by man:systemd-resolved(8). Do not edit.
# A lot of comments cut-out 
nameserver 217.169.20.20
nameserver 217.169.20.21

After connecting to the VPN I get this:

search ml.com adminml.com mercadolibre.com
nameserver 10.x.x.x  # I edited out the actual IPs, I'm not allowed to share 
them
nameserver 10.x.x.x 

After upgrading to docker.io 18.09.2, when I start a docker container
(using docker run, and an ubuntu 16.04 image inside the container), the
container has my ISP config (ie the 217.x.x.x nameservers) in its
/etc/resolv.conf, while the older version (docker.io 18.06.1) uses the
correct VPN configuration (with the search domains and the 10.x.x.x
address). This new behaviour makes my containers unusable (given that I
expect to access some VPN-only resources from the software running
inside them)

Some extra information I found while trying to diagnose this:
- my host system /etc/resolv.conf is a symlink to 
../run/systemd/resolve/stub-resolv.conf
- the "old" (217.x.x.x) resolver configuration seems to be kept at 
/run/systemd/resolve/resolv.conf
- docker 18.09.2 seems to be copying this old configuration; if I 1) edit the 
/run/systemd/resolve/resolv.conf adding a comment 2) docker -ti run myimage 3) 
cat /etc/resolv.conf , then I see the comment I added. This doesn't happen in 
docker.io 18.06.1

I expect the old behaviour to be kept, can you confirm it is a bug?

** Affects: docker.io (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820278

Title:
  Incorrect DNS (resolv.conf) setup inside docker images

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1820278/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to