(nixos-install & nixos-enter) Chroot cannot resolve dns names

Question

(nixos-install & nixos-enter) Chroot cannot resolve dns names

nlvw opened this issue 6 years ago · 23 comments

Issue description

After installing NixOS then using nixos-enter to chroot into the installation dns does not work. I am trying to clone down a repository but it fails because it cannot resolve github.com.

Here is a picture of the of some commands run inside the chrooted installation

Bootstrap.sh being run to install and call the chrooted commands.
Configuration.nix being used

Steps to reproduce

Boot a vm using one of the 18.03.132155.b50443b5c4a isos (UEFI Mode).
Clone this repo and tree
run bootstrap.sh
select "test" machine (option 4) when prompted (this is setup for hyper-v so you may need to fix the hardware-configuration.nix back to the default one generated).
Observer error after installation finishes

Technical details

Please run nix-shell -p nix-info --run "nix-info -m" and paste the
results.

Artturin commented 3 years ago

#137677

Answer 1 · 2018-05-01T06:31:32.000Z

I'm guessing this is because nixos-enter doesn't create a resolv.conf. I think the appropriate solution would be to bind-mount that in from the host system.

As a workaround, you should be able to make it work by running cp /etc/resolv.conf /mnt/etc/.

Answer 2 · 2018-05-01T06:54:58.000Z

This leaves me a bit confused. I'm using the nixos-enter after nixos-install has completed. Does resolv.conf not get generated during the build?

I noticed that I did not have networkmanager specifically enabled in my configuration. I'll test that and report back.

Answer 3 · 2018-05-01T07:22:23.000Z

So specifically enabling networkmanager didn't fix anything. Copying resolv.conf into the chroot didn't fix the issue either. It turns out that nixos-enter regenerates the resolv.conf every time it's called

edit: I retested the commands from the pics above with an external network adapter instead of a natted one. Same result.

Answer 4 · 2018-05-01T12:18:35.000Z

And everything works fine outside nixos-enter?

Answer 5 · 2018-05-01T14:39:56.000Z

Yep no issues in the regular environment. DNS resolution works fine, as well, once rebooted into the fresh installation.

It is just in the nixos-enter environment right after installation, before reboot, that DNS doesn't want to work.

Answer 6 · 2018-06-11T13:28:48.000Z

I have a similar problem during install where an overlay does a curl as part of make install - fails because it can't resolve dns (in this case github.com).

Answer 7 · 2018-06-11T13:30:09.000Z

Skipping the install of that overlay and then trying nixos-enter:

nixos-enter -c "curl https://github.com"
setting up /etc...
curl: (6) Could not resolve host: github.com

Answer 8 · 2018-06-11T13:33:08.000Z

Trying the below does work (so clearly something isn't right about the generated resolv.conf):

nixos-enter -c "echo nameserver 8.8.8.8 > /etc/resolv.conf; curl https://github.com"
... lots of html output as expected ...

Answer 9 · 2018-06-11T13:39:20.000Z

Finally, bind mounting the host resolv.conf readonly does allow me to to run nixos-enter:

mount -o bind,ro /etc/resolv.conf /mnt/etc/resolv.conf
nixos-enter -c "curl https://github.com" | head
setting up /etc...
/nix/store/zm1cn7di1zcapka1jlr9w4p714sl3jxq-openresolv-3.9.0/libexec/resolvconf/libc: line 230: /etc/resolv.conf: Read-only file system
... lots of expected html output ...

So now nixos-enter fails to generate the resolv.conf (and a working bind mounted one gets used) as it's readonly. Unfortunately the same doesn't seem to be true for nixos-install strangely enough (the overlay still fails to install), not sure why.

I could however do:

nixos-enter -c "bash"
... enable the overlay again ...
mkdir /tmp
nixos-rebuild switch

I get some errors from the above but it does install the overlay package. In general there seems to be a dns resolution problem during nixos-install (if dns is required by the build, like doing a curl from the Makefile) and also when doing nixos-enter. In my case I was using the unstable image: nixos-minimal-18.09pre140958.696c6bed4e8-x86_64-linux.iso.

Answer 10 · 2018-06-11T14:31:46.000Z

So my host resolv.conf looks like this:

# Generated by resolvconf
nameserver 10.0.2.3
options edns0

The generated resolv.conf under /mnt/etc (when not bind mounting) looks like this:

# Generated by resolvconf
options edns0

So it's missing the nameserver(s).

Answer 11 · 2018-06-12T14:31:07.000Z

Hmm. As I am a nixos newbie it may just be that I don't fully understand the notion of fixedOutput packages. Looking through the sources for the package manager it seems the build environment will only allow networking when the output is a fixedOutputHash one. However, that does seem like it would mean the package cannot be built everywhere as the binary won't have the same hash...

Answer 12 · 2018-06-12T19:24:48.000Z

Ok so I think I get it now. I was installing packages in an impure way I suppose as they were downloading things "behind the scene", sorry I'm a newbie still. So nixos-install is doing what it should do I think.

Still, I don't understand why nixos-enter generates an unusable resolv.conf as detailed above and I think that's what this issue really is about.

Answer 13 · 2018-06-18T04:16:40.000Z

The issue becomes more severe when you take into account that even if you create a correct resolv.conf it will get replaced every time nixos-enter is called. So if you are using nixos-enter in a script it becomes a blocking issue.

Answer 14 · 2018-06-24T17:12:30.000Z

I have the same problem. I'm running a live USB NixOS but I have already installed NixOS on my computer. I'd like to just chroot to my already installed NixOS system and run nixos-install there but it doesn't work because network fails.

Answer 15 · 2018-06-24T18:28:18.000Z

@jluttine After you mount the installation you can just run "nixos-install --no-root-passwd" again. It will pull the configuration from whatever is already installed in the /mnt folder and just update it.

The core root of the problem for this ticket/issue is resolve.conf being generated incorrectly. Just waiting for nixos-enter to be fixed in this regard for the ticket to be closed.

Answer 16 · 2020-06-04T05:57:11.000Z

Thank you for your contributions.

This has been automatically marked as stale because it has had no activity for 180 days.

If this is still important to you, we ask that you leave a comment below. Your comment can be as simple as "still important to me". This lets people see that at least one person still cares about this. Someone will have to do this at most twice a year if there is no other activity.

Here are suggestions that might help resolve this more quickly:

Search for maintainers and people that previously touched the related code and @ mention them in a comment.
Ask on the NixOS Discourse.
Ask on the #nixos channel on irc.freenode.net.

Answer 17 · 2020-06-08T23:19:48.000Z

still important to me.

I confirm that this is still broken as of 20.03.2102.e2bb73ce5f7

Answer 18 · 2020-12-06T00:46:39.000Z

I marked this as stale due to inactivity. → More info

Answer 19 · 2021-04-21T14:39:47.000Z

Still broken in 20.09

Answer 20 · 2021-06-07T20:30:22.000Z

$ sudo cp /etc/resolv.conf /mnt/etc/resolv.conf solved it for me.
The file did not get replaced when running nixos-enter.
Still far from ideal though

Answer 21 · 2021-09-13T00:27:00.000Z

I have to be that person ("use the reactions instead of posting you also have this issue"), but this issue is from 2018.

Well, I'm having this issue with the GNOME 21.05 ISO.

Answer 22 · 2021-09-13T15:01:00.000Z

arch-chroot bind mounts resolv.conf
https://github.com/archlinux/arch-install-scripts/blob/bb04ab435a5a89cd5e5ee821783477bc80db797f/arch-chroot.in#L51