cachix
More robust per devenv host and network control
I've been having an issue where hostctl sometimes doesn't work, but also clashes between active projects with same host names.
As mentioned in #940 it would be good to have something more robust.
I think I might have found that something... but it's unclear if this will work for devenv because I'm not sure what the scope of bwrap is. I think the processes would all need to be wrapped with this bwrap or proxc call that need modified networking, so it should work.
Use Linux's mount namespace to override /etc/resolv.conf with what you want. Bubblewrap is a good tool to do that, without root. bwrap --dev-bind / / --ro-bind-data {FD} /etc/resolv.conf
FD is the file descriptor that contains nameserver {the-dns-you-need}. Remember to make system's DNS cache unaccessable for your process (Plex server) (eg. bwrap --tmpfs /var/run/nscd/)
Whole command: bwrap --dev-bind / / --ro-bind-data {fd} /etc/resolv.conf --tmpfs /var/run/nscd/ sh -c "your command and arguments"
I wrote a bash script to do all the steps. Here you are
The mentioned bash script is at https://github.com/garywill/proxc#start-of-content
It uses bubblewrap to create a mount namespace, in which processes see the DNS you want in a fake /etc/resolv.conf.
It bans in the namespace /var/run/nscd so processes can't use system's DNS cache
However here there is also a downside:
Notice: If network status change, NetworkManager or other program may delete /etc/resolv.conf and create a new one. That makes bubblewrap's file binding lost, causing DNS fallback to original system's DNS
So the point of this issue then is:
- point out shortcomings of hostctl
- share a potential solution
- solicit other ideas on how to handle this problem of per devenv hosts/networking more robustly
