Replies: 1 comment 2 replies
-
|
Do you know exactly how the application is making DNS queries? Is it using another library like glibc or maybe some rust library, or is it directly reading If it's not going through glibc, then an option could be to add a small patch to Shadow which intercepts open() calls for the
I think Docker would work fine here, which is effectively the same but is simple to set up. Just run shadow in docker and modify the contents of You could also possibly run shadow in a new mount namespace using |
Beta Was this translation helpful? Give feedback.
-
|
https://gitlab.com/veilid/veilid/-/blob/main/veilid-core/src/intf/native/system.rs lines 53-70 are where it looks up the resolver, and lines 115-133 are where it performs the TXT lookup. It uses the |
Beta Was this translation helpful? Give feedback.
-
|
Thank you for your suggestions! I will try unshare. I haven't tested Docker in this configuration (Debian 12 under VirtualBox), so I'm a bit wary of it. |
Beta Was this translation helpful? Give feedback.
-
How can I override /etc/resolv.conf for my simulation? I'm working with a piece of software (Veilid, https://gitlab.com/veilid/veilid) that performs direct DNS lookups for TXT records, and I'm spinning up a DNS server within the sim to provide the correct responses. Unfortunately, the only way I can see to override /etc/resolv.conf within the simulation is to put everything in a chroot jail. Otherwise, I end up compromising my shadow VM's functionality by changing the actual nameservers that are queried outside the simulation.
I notice https://github.com/shadow/shadow/milestone/29 is a group of tickets that want to do much more with DNS packets than my own humble desire to get them where they need to be within the simulation, and all of them seem like a lot more work than this.
Beta Was this translation helpful? Give feedback.
All reactions