Unable to resolve DNS

[abuaboud]

I am trying to use isolate to run programs that call other APIs using NodeJS, I am running isolate with --share-net but I am getting DNS issue.

This program I ran to check if DNS is resolved correctly, It's working fine without isolate.

const dns = require('dns');

dns.resolve("google.com", 'ANY', (err, records) => {
  if (err) {
    console.log("Error: ", err);
  } else {
    console.log(records);
  }
});

Command:

./isolate --dir=/etc/:rw --dir=/opt/:rw --dir=/usr/bin  --box-id=0 --share-net --processes --share-net --run  /usr/bin/node test.js

I tried to bind /etc/ so it can reach /etc/resolv.conf and /etc/hosts but it still not working.

Steps to reproduce:

1. ./isolate --box-id=0 --init
2. create test.js inside the box directory and paste the above code.
3. run npm install dns
4. run isolate using the following code

   ./isolate --dir=/etc/:rw --dir=/opt/:rw --dir=/usr/bin  --box-id=0 --share-net --processes --run  /usr/bin/node test.js

Any idea what is the issue?

[abuaboud]

I think the issue is with binding /etc/

Running cat /etc/resolv.conf works without isolate, while running ./isolate --share-net --full-env --dir=/etc/:rw --run /bin/cat /etc/resolv.conf The output would be

/bin/cat: /etc/resolv.conf: No such file or directory
Exited with error status 1

[abuaboud]

I found the issue, the /etc/resolv.conf on my machine is a symbolic link, so the symbolink exists in the sandbox but it's unreadable as the end file is not bounded.

I tested it inside docker where /etc/resolv.conf is a static file rather symbolink, the code worked as expected.

If you want to check if the file is symbolink or not run the following command ls -la /etc/resolv.conf I got the following output lrwxrwxrwx 1 root root 39 Dec 8 19:48 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf