From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Wed, 10 Apr 2019 18:06:33 +0300 From: "Dmitry V. Levin" To: ALT Sisyphus mailing list Message-ID: <20190410150633.GC13460@altlinux.org> References: <770908e7-9c0e-1c60-8acb-74d6b200437a@complife.ru> <20190409001550.GD16603@altlinux.org> <201904091647.23059.a_s_y@sama.ru> <92593e51-3faf-bbc1-fa1d-3a0a77f07c4e@complife.ru> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="t0UkRYy7tHLRMCai" Content-Disposition: inline In-Reply-To: <92593e51-3faf-bbc1-fa1d-3a0a77f07c4e@complife.ru> Subject: Re: [sisyphus] =?koi8-r?b?0sXaz8zXxdI=?= X-BeenThere: sisyphus@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Sisyphus discussions List-Id: ALT Linux Sisyphus discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Apr 2019 15:06:34 -0000 Archived-At: List-Archive: List-Post: --t0UkRYy7tHLRMCai Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Apr 10, 2019 at 04:50:55PM +0200, Michael A. Kangin wrote: > On 04/09/2019 02:47 PM, Sergey wrote: >=20 > > =F1 =D4=C1=CB =D0=CF=CE=C9=CD=C1=C0, =DE=D4=CF =D7=CF=D0=D2=CF=D3 =C9= =DA-=DA=C1 =D4=CF=C7=CF, =DE=D4=CF =CB=C1=CB=CF=CA-=D4=CF resolv.conf > > =CC=C5=D6=C9=D4 =D7 /var/resolv/etc/, =C1 =C9=DA=CD=C5=CE=C5=CE=C9=D1 = =D7 /etc/resolv.conf =CE=C5 > > =D7=CF =D7=D3=C5=C8 =D3=CC=D5=DE=C1=D1=C8 =D3=D4=C1=CE=CF=D7=D1=D4=D3= =D1 =C1=CB=D4=D5=C1=CC=D8=CE=D9=CD=C9 =C2=C5=DA =DA=C1=D0=D5=D3=CB=C1 updat= e_chrooted > > (=C9=CC=C9 =C9=DA=CD=C5=CE=C5=CE=C9=D1 /var/resolv/etc/resolv.conf =C4= =D2=D5=C7=C9=CD =D3=D0=CF=D3=CF=C2=CF=CD =CB=C1=CB=C9=CD- > > =CE=C9=C2=D5=C4=D8). =E8=CF=D4=D1 =D7=CF=D0=D2=CF=D3, =CB=C1=CB=CF=D7 = =D3=C5=CA=DE=C1=D3 =D3=D0=C9=D3=CF=CB =D0=D2=C9=CC=CF=D6=C5=CE=C9=CA, =CB= =CF=D4=CF=D2=D9=C5 > > =C9=D3=D0=CF=CC=D8=DA=D5=C0=D4 /var/resolv/ =D4=C5=CD =C9=CC=C9 =C9=CE= =D9=CD =CF=C2=D2=C1=DA=CF=CD. >=20 >=20 >=20 > "=CB=C1=CB=CF=D7 =D3=C5=CA=DE=C1=D3 =D3=D0=C9=D3=CF=CB =D0=D2=C9=CC=CF=D6= =C5=CE=C9=CA" - =C1 =DC=D4=CF =D2=C1=DA=D7=C5 =CE=C5 =CE=C1 =CF=C2=DD=C5=D3= =C9=D3=D4=C5=CD=CE=CF=CD=20 > =D5=D2=CF=D7=CE=C5 =D0=D2=C9=CD=C5=CE=D1=C5=D4=D3=D1? =EE=C5=D4, =CB=CF=CE=C5=DE=CE=CF, =CE=C1 =D5=D2=CF=D7=CE=C5 =D0=D2=C9=CC=CF= =D6=C5=CE=C9=CA. > =F0=CF =CB=D2=C1=CA=CE=C5=CA =CD=C5=D2=C5, ping =D2=C1=C2=CF=D4=C1=C5=D4 = =D3 =C6=C1=CA=CC=C1=CD=C9 =C9=CD=C5=CE=CE=CF =C9=DA /var/resolv/etc/ >=20 > =F5 =CD=C5=CE=D1 =D4=C1=CB=C1=D1 =D0=D2=CF=C2=CC=C5=CD=C1 - =CE=C1 =C8=CF= =D3=D4=C5 =D2=C1=C2=CF=D4=C1=C5=D4 =D3=D7=CF=CA =D2=C5=DA=CF=CC=D7=C5=D2, = =CF=CE =D0=D2=CF=D0=C9=D3=C1=CE =D7=20 > /etc/net/ifaces/{iface}/resolv.conf =CB=C1=CB 127.0.0.1. > =F0=D2=C9 =D3=D4=C1=D2=D4=C5 =D3=C9=D3=D4=C5=CD=D9 =D7=D3=A3 =DC=D4=CF = =D0=D2=CF=D0=C9=D3=D9=D7=C1=C5=D4=D3=D1 =D7 /etc/resolv.conf,=20 > /var/resolv/etc/resolv.conf, =D7=D3=A3 =C8=CF=D2=CF=DB=CF =C9 =C2=CC=C1= =C7=CF=D3=D4=CE=CF. >=20 > =F4=C5=D0=C5=D2=D8 =D3=CF=DA=C4=C1=A3=CD netns, =D5 =CB=CF=D4=CF=D2=CF=C7= =CF =D3=D7=CF=CA =D3=CF=C2=D3=D4=D7=C5=CE=CE=D9=CA lo =D3=CF =D3=D7=CF=C9= =CD=20 > =D3=CF=C2=D3=D4=D7=C5=CE=CE=D9=CD 127.0.0.1, =C9 =CF=C2=CE=C1=D2=D5=D6=C9= =D7=C1=C5=CD, =DE=D4=CF =D2=C5=DA=CF=CC=D7=C9=CE=C7 =D7 =DC=D4=CF=CD =CE=C5= =CA=CD=D3=D0=C5=CA=D3=C5=20 > =CE=C5 =D2=C1=C2=CF=D4=C1=C5=D4. >=20 > =EF=CB, =D7 man ip-netns =D3=CB=C1=DA=C1=CE=CF: > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > For applications that are aware of network namespaces, the convention is= =20 > to look for global network configuration files first in /etc/netns/NAME/= =20 > then in /etc/. For example, if you want a different version of > /etc/resolv.conf for a network namespace used to isolate your vpn you=20 > would name it /etc/netns/myvpn/resolv.conf. >=20 > ip netns exec automates handling of this configuration, file convention= =20 > for network namespace unaware applications, by creating a mount=20 > namespace and bind mounting all of the per network namespace configure=20 > files into their traditional location in /etc. > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > =E4=C5=CC=C1=C5=CD =C4=C9=D2=C5=CB=D4=CF=D2=C9=C0 /etc/netns/myns, =CB=CC= =C1=C4=A3=CD =D4=D5=C4=C1 =C9=D3=D0=D2=C1=D7=CC=C5=CE=CE=D9=CA =DC=CB=DA=C5= =CD=D0=CC=D1=D2=20 > resolv.conf > =FA=C1=C8=CF=C4=C9=CD =D3=CE=CF=D7=C1 =D7 =CE=C5=CA=CD=D3=D0=C5=CA=D3, = =D3=CD=CF=D4=D2=C9=CD, =DE=D4=CF =C9=DA=CE=D5=D4=D2=C9 =CE=C5=C7=CF /etc/re= solv.conf=20 > =D7=C9=C4=C5=CE =CB=C1=CB =C9=D3=D0=D2=C1=D7=CC=C5=CE=CE=CF-=D0=D2=C1=D7= =C9=CC=D8=CE=D9=CA, =CF=C4=CE=C1=CB=CF =D2=C5=DA=CF=CC=D7=C9=CE=C7 =D0=CF-= =D0=D2=C5=D6=CE=C5=CD=D5 =CE=C5=20 > =D2=C1=C2=CF=D4=C1=C5=D4, =D0=CF=D4=CF=CD=D5 =DE=D4=CF /var/resolv/etc/re= solv.conf =CF=D3=D4=C1=CC=D3=D1 =D3=D4=C1=D2=D9=CA,=20 > =CE=C5=CD=CF=C4=C9=C6=C9=C3=C9=D2=CF=D7=C1=CE=CE=D9=CA. > =E5=D3=CC=C9 =D4=C5=D0=C5=D2=D8 =C9=DA=CE=D5=D4=D2=C9 =CE=C5=CA=CD=D3=D0= =C5=CA=D3=C1 =D3=CB=C1=DA=C1=D4=D8 update_chrooted, =D4=CF =D2=C5=DA=CF=CC= =D7=C9=CE=C7=20 > =DE=C9=CE=C9=D4=D3=D1 =C4=CC=D1 =CE=C5=CA=CD=D3=D0=C5=CA=D3=C1, =CE=CF = =D4=D5=D4 =D6=C5 (=CF=D6=C9=C4=C1=C5=CD=CF) =CC=CF=CD=C1=C5=D4=D3=D1 =C4=CC= =D1 =CF=D3=D4=C1=CC=D8=CE=CF=CA=20 > =C8=CF=D3=D4-=D3=C9=D3=D4=C5=CD=D9. =EE=C1=D5=DE=C9=D4=C5 ip netns exec, =CB=CF=D4=CF=D2=D9=CA "automates handl= ing of this configuration =2E.. by creating a mount namespace and bind mounting all of the per network namespace configure files into their traditional location in /etc", =CE=C5 =DA=C1=C2=D9=D7=C1=D4=D8 =D0=D2=CF /var/resolv/. > =F7 =CF=C2=DD=C5=CD, =C4=CC=D1 =CD=C5=CE=D1 =D4=CF=D4 =C6=C1=CB=D4, =DE= =D4=CF resolv.conf =C9 hosts =C9=D3=D0=CF=CC=D8=DA=D5=C0=D4=D3=D1 =C9=DA=20 > =DE=D2=D5=D4=C1 /var/resolv/, =D3=CF=DA=C4=C1=A3=D4 =C4=C9=CB=CF=C5 =CB= =CF=CC=C9=DE=C5=D3=D4=D7=CF =DA=C1=D4=D2=D5=C4=CE=C5=CE=C9=CA =C9 =D0=D2=CF= =C2=CC=C5=CD, =C9 =D1=20 > =C2=D9=CC =C2=D9 =CF=DE=C5=CE=D8 =D2=C1=C4, =C5=D3=CC=C9 =C2=D9 =CE=C1=DB= =A3=CC=D3=D1 =D0=D5=D4=D8 =C9=D3=D0=CF=CC=D8=DA=CF=D7=C1=D4=D8 =D7=C5=D2=D3= =C9=C9 =C6=C1=CA=CC=CF=D7=20 > =CE=C5=D0=CF=D3=D2=C5=C4=D3=D4=D7=C5=CE=CE=CF =C9=DA /etc (=CB=C1=CB =DC= =D4=CF =D7 RHEL =CE=C1=D0=D2=C9=CD=C5=D2 =D2=C1=C2=CF=D4=C1=C5=D4). =FE=D4=CF =DA=C1 =C4=C9=CB=CF=C5 =CB=CF=CC=C9=DE=C5=D3=D4=D7=CF =DA=C1=D4= =D2=D5=C4=CE=C5=CE=C9=CA =C9 =D0=D2=CF=C2=CC=C5=CD? =F7=D9 =D7=D3=C0 =D3=C9=D3=D4=C5=CD=D5 =D7 netns =DA=C1=D0=C9=C8=C9=D7=C1= =C5=D4=C5, =DE=D4=CF =CC=C9? --=20 ldv --t0UkRYy7tHLRMCai Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJcrgZ5AAoJEAVFT+BVnCUIT7QP/jWNlfV1FCUWDxup+E2sLQxa Q8GdPI0scNwE49SnViKjNS9WDyi5HxgxrDyzIyfePxAfD96gRRvCTeERRLrhqr3O NMFBGTsxojP7GTGLzlz8iplmgenjbcALoX57xIOArnlxhhvD2UBvujiJeiTpd7NL pfg965Jpy474/Aj+Jvn7PekwXSpk6Rb0Oc9k7meAgNA9/Gt3nNUt5N/P2VySBedb Oa9pW6eiVZ3rqZSUGHRZeioAtHkCiT+DW6B3jILpmzzT3hDgBCcOXlmIrl4fLhwJ W6/Z17/ysA90MTutWddUWE4PC7jQzdtaZdV1v3VcE8aEJayybYD3yePzKdp7lGrV INoD3Y+jys2LlMUfSqnjRfo9nLvyFOonPqQZza7f/k5CxjW0ttdBYqqpXyA8Q78t zKp8Tarag2hJn5FxzltSRRvdM/0i2xthQx2elH9DUYVz/k9inpHiCxuit7nJ0aXA V/heFQaGtdPdczIthko8NG4QUleulraCRHsskatjbouS1cbeXCAQ4LnWvArk/LJf +g5fEncrJqM8LipdQlRCUygqwIwjyHP9Pc1uGK/kP/Fq/gJH7HOJ8/oXNZCNxuX+ 1PvsPjdJLy9kw3BGa2MSUPDSLZxLVDRWEyypQ2NuW5IOfrk8Yqy9OwekCFHh75kA 87qjZs1cz2MI0EkNwg6X =u2Uw -----END PGP SIGNATURE----- --t0UkRYy7tHLRMCai--