fix: prefer configured nameservers, fix DHCP6 in container

Always prefer explicitly configured nameservers, networkd was missing capability to bind address for DHCP6. Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
2025-10-23 13:31:12 +02:00 · 2021-02-06 00:01:12 +03:00 · 2021-02-06 00:01:12 +03:00 · 757cc204ec
commit 757cc204ec
parent 6cf98a7322
2 changed files with 18 additions and 14 deletions
--- a/internal/app/machined/pkg/system/services/networkd.go
+++ b/internal/app/machined/pkg/system/services/networkd.go
@ -115,6 +115,7 @@ func (n *Networkd) Runner(r runtime.Runtime) (runner.Runner, error) {
 				strings.ToUpper("CAP_" + capability.CAP_NET_ADMIN.String()),
 				strings.ToUpper("CAP_" + capability.CAP_SYS_ADMIN.String()),
 				strings.ToUpper("CAP_" + capability.CAP_NET_RAW.String()),
+				strings.ToUpper("CAP_" + capability.CAP_NET_BIND_SERVICE.String()),
 			}),
 			oci.WithHostNamespace(specs.NetworkNamespace),
 			oci.WithMounts(mounts),
--- a/internal/app/networkd/pkg/networkd/networkd.go
+++ b/internal/app/networkd/pkg/networkd/networkd.go
@ -60,8 +60,6 @@ func New(config config.Provider) (*Networkd, error) {
 		resolvers []string
 	)

-	resolvers = []string{DefaultPrimaryResolver, DefaultSecondaryResolver}
-
 	netconf := make(map[string][]nic.Option)

 	if option = procfs.ProcCmdline().Get("ip").First(); option != nil {
@ -203,20 +201,29 @@ func (n *Networkd) Configure() (err error) {
 		}
 	}

-	resolvers := []string{}
+	// prefer resolvers from the configuration
+	resolvers := append([]string(nil), n.resolvers...)

-	for _, netif := range n.Interfaces {
-		for _, method := range netif.AddressMethod {
-			if !method.Valid() {
-				continue
-			}
+	// if no resolvers configured, use addressing method resolvers
+	if len(resolvers) == 0 {
+		for _, netif := range n.Interfaces {
+			for _, method := range netif.AddressMethod {
+				if !method.Valid() {
+					continue
+				}

-			for _, resolver := range method.Resolvers() {
-				resolvers = append(resolvers, resolver.String())
+				for _, resolver := range method.Resolvers() {
+					resolvers = append(resolvers, resolver.String())
+				}
 			}
 		}
 	}

+	// use default resolvers if nothing is configured
+	if len(resolvers) == 0 {
+		resolvers = append(resolvers, DefaultPrimaryResolver, DefaultSecondaryResolver)
+	}
+
 	// Set hostname must be before the resolv configuration
 	// so we can ensure the hosts domainname is set properly
 	// before we write the search stanza
@ -224,10 +231,6 @@ func (n *Networkd) Configure() (err error) {
 		return err
 	}

-	if len(resolvers) == 0 {
-		resolvers = n.resolvers
-	}
-
 	if err = writeResolvConf(resolvers); err != nil {
 		return err
 	}