From 879b0c4eb502ca59fc9ca996c48295eb6b8333a9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kai=20L=C3=BCke?= <kai@kinvolk.io>
Date: Tue, 13 Oct 2020 13:45:27 +0900
Subject: [PATCH] sys-apps/systemd: Document why resolv.conf contains real IP
 addresses

---
 .../coreos-overlay/sys-apps/systemd/systemd-9999.ebuild      | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild
index aefba443c4..b3149162dc 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/systemd/systemd-9999.ebuild
@@ -184,7 +184,10 @@ src_prepare() {
 	# This shouldn't be necessary anymore. Added because of a bug
 	# https://github.com/systemd/systemd/issues/3826, which is
 	# apparently resolved in
-	# https://github.com/systemd/systemd/pull/5276.
+	# https://github.com/systemd/systemd/pull/5276 but another reason is
+	# that when /etc/resolve.conf is bind-mounted to a new network
+	# namespace it shouldn't contain the loopback IP address of the host
+	# which is not reachable from another network namespace.
 	sed -i -e 's,/run/systemd/resolve/stub-resolv.conf,/run/systemd/resolve/resolv.conf,' tmpfiles.d/etc.conf.m4 || die
 
 	default