Crates.io | resolvconffs |
lib.rs | resolvconffs |
version | 0.1.1 |
source | src |
created_at | 2022-01-30 20:28:34.588807 |
updated_at | 2023-03-05 20:25:03.154145 |
description | Special single-file FUSE filesystem that maps the file depending on requestor's process's Linux network namespace |
homepage | |
repository | https://github.com/vi/resolvconffs |
max_upload_size | |
id | 524180 |
size | 24,164 |
Linux network namespaces allow separate networking environment for a group of processes (sharing uid or from a separate user).
DNS settings (/etc/resolv.conf
) is however shared between all those environments, which provides certain inconvenience.
Typically (i.e. in ip netns
tool) mount (filesystem) namespace is used along with netns as a workaround, mapping distinct /etc/netns/...
files to main /etc/resolv.conf
. This tool provides different approach based on a FUSE filesystem which provides this mapping without using additional mount namespaces.
It works by inspecing PIDs of each programs that access the mounted /etc/resolv.conf
, using /proc/<pid>/ns/net
to find out which underlying file should be used and forwarding reads and writes to that file instead. Missing files may be propagated from a user-specified template file.
(untested)
# cp /etc/resolv.conf /etc/resolv.conf.bak
# mkdir /tmp/resolvconfs
# /opt/resolvconffs -d /etc/resolv.conf.bak /tmp/resolvconfs /etc/resolv.conf&
Download a pre-built x64_64 version from Github releases or try cargo install
or download source code and use cargo build --release
. Copy resulting executable where you want.
Integrating the tool with distro's networking stack is out of scope for this document.
resolvconffs --help
Usage: /opt/resolvconffs [OPTIONS]
Special FUSE filesystem that maps its sole file to other files based on network namespace of process that queries the file.
Positional arguments:
backing_directory Directory where to look for resolv.conf-like files for each netns.
mountpoint_file
Optional arguments:
-h, --help
-p, --extension EXTENSION Filename extension. resolvconffs maps its file to <backing_directory>/<netns_identifier><postfix> (default: conf)
-d, --default-file DEFAULT-FILE
In case of target file does not exist, copy this file to target instead of returning ENOENT.
-P, --procfs PROCFS Directory where to look up network namespace IDs based on PIDs. (default: /proc)
-o, --fuse-opt OTHER-FUSE-OPTS
The project is not libified and library usage is not intended.
There is simple reusable component named FileMapperFs
inside, allowing implementing similar single-file filesystems based on fuser
crate that maps the file based on uid
, gid
or pid
of accessing process.