On Tue, 2014-04-29 at 17:39 +0200, Petr Spacek wrote: > On 29.4.2014 17:27, Colin Walters wrote: > > [ Dropping devel-announce ] > > > > On Tue, Apr 29, 2014 at 11:15 AM, Alexander Larsson <alexl@xxxxxxxxxx> wrote: > >> > >> Not sure how to fix something like that though... > > > > I think in both cases (host and container) it would be best if the local > > resolver offered a local-only API (e.g. unix domain sockets, kdbus). Would > > require teaching glibc how to speak that API though. Then if it was a Unix > > domain socket, we could bind mount that in from the host, same way as is the > > plan for other shared services. > > It can work only for libraries we are able to modify. Don't forget that there > is *a lot* of DNS resolvers. IMHO anything except standard DNS protocol over > UDP/TCP is no-go. I have to concur, unix sockets is a dead end, there are tons of libraries that look at resolv.conf and use the server named there, and they only support the standard DNS protocol over IP (TCP and UDP). Are we going to need a way to "bind-mount" local ports to containers too ? Simo. -- Simo Sorce * Red Hat, Inc * New York -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
