Special FUSE filesystem to map /etc/resolv.conf to different files depending on Linux network namespace

Related tags

Data structures resolvconffs
Overview

resolvconffs

Linux network namespaces allow separate networking environment for a group of processes (sharing uid or from a separate user). DNS settings (/etc/resolv.conf) are however shared between all those environments, which may be inconvenient in some setups.

Typically (i.e. in ip netns tool) the mount (filesystem) namespace is used along with netns as a workaround, mapping distinct /etc/netns/... files to main /etc/resolv.conf. This tool provides different approach based on a FUSE filesystem which provides similar mapping without using additional mount namespace.

It works by inspecing PIDs of each programs that access the mounted /etc/resolv.conf and using /proc/ /ns/net to find out which underlying file should be used and forwarding reads and writes to that file instead. Missing files may be propagated from a user-specified template file.

Example

(untested)

# cp /etc/resolv.conf /etc/resolv.conf.bak
# mkdir /tmp/resolvconfs
# /opt/resolvconffs -d /etc/resolv.conf.bak /tmp/resolvconfs /etc/resolv.conf&

Installation

Download a pre-built x64_64 version from Github releases or try cargo install or download source code and use cargo build --release. Copy resulting executable where you want.

Integrating the tool with distro's networking stack is out of scope for this document.

Usage output

resolvconffs --help
Usage: /opt/resolvconffs [OPTIONS]

Special FUSE filesystem that maps its sole file to other files based on network namespace of process that queries the file.

Positional arguments:
  backing_directory          Directory where to look for resolv.conf-like files for each netns.
  mountpoint_file

Optional arguments:
  -h, --help
  -p, --extension EXTENSION  Filename extension. resolvconffs maps its file to 
   
    /
    
     
       (default: conf)
  -d, --default-file DEFAULT-FILE
                             In case of target file does not exist, copy this file to target instead of returning ENOENT.
  -P, --procfs PROCFS        Directory where to look up network namespace IDs based on PIDs. (default: /proc)
  -o, --fuse-opt OTHER-FUSE-OPTS

Library usage

The project is not libified and library usage is not intended.

There is a simple reusable component named FileMapperFs inside, allowing implementing similar single-file filesystems based on fuser crate that maps the file based on uid, gid or pid of accessing process.

You might also like...
Rust command line utility to quickly display useful secrets in a Kubernetes namespace
Rust command line utility to quickly display useful secrets in a Kubernetes namespace

kube-secrets This is a command line utility for quickly looking at secrets in a Kubernetes namespace that are typically looked at by humans. It specif

Frank Wiles 8 Feb 10, 2022
the file filesystem: mount semi-structured data (like JSON) as a Unix filesystem

ffs: the file filesystem ffs, the file filessytem, let's you mount semi-structured data as a fileystem---a tree structure you already know how to work

Michael Greenberg 176 Dec 31, 2022
Rust lib for a Vec-like structure that can store different types of different sizes contiguous with each other in memory.

hvec In memory of Anna Harren, who coined the term turbofish - which you'll see a lot of if you use this crate. The main purpose of this crate is the

Vi 2 Oct 23, 2022
This is a cross-platform tool to historicize different branches/depots/manifests and generating pseudocode for it to compare different game updates
This is a cross-platform tool to historicize different branches/depots/manifests and generating pseudocode for it to compare different game updates

CSHP This is a cross-platform tool to historicize different branches/depots/manifests and generating pseudocode for it to compare different game updat

raizo 6 Jan 28, 2022
Test cargo crates in different envs & via different methods
Test cargo crates in different envs & via different methods

Test cargo crates in different envs & via different methods

@Vlad@ 2 Mar 22, 2022
A utility that can download JavaScript and TypeScript module graphs and store them locally in a special zip file.

eszip A utility that can download JavaScript and TypeScript module graphs and store them locally in a special zip file. To create a new archive: esz

Deno Land 162 Dec 24, 2022
A special web app to render fancy UTF-8 sequences. :hindu_temple: :scroll:

UTF RENDER 🛕 📜 A special web app to render fancy UTF-8 sequences. 🛕 📜 ABOUT 📚 Emojis and fancy symbols are part of the UTF-8 character standard (

✭ ANGEL DOLLFACE ✭ 4 Jan 15, 2023
A special rope, designed to work with any data type that is not String

AnyRope AnyRope is an arbitrary data type rope for Rust, designed for similar operations that a rope would do, but targeted at data types that are not

ahoyiski 27 Mar 22, 2023
SELYA (Special Esoteric Language for Young and Adult)

SELYA (Special Esoteric Language for Young and Adult) -- it is esoteric language for everyone based on hex :D

Crinax 5 Jun 30, 2023
Supertag is a tag-based filesystem, written in Rust, for Linux and MacOS
Supertag is a tag-based filesystem, written in Rust, for Linux and MacOS

Supertag is a tag-based filesystem, written in Rust, for Linux and MacOS. It provides a tag-based view of your files by removing the hierarchy constraints typically imposed on files and folders. In other words, it allows you to think about your files not as objects stored in folders, but as objects that can be filtered by folders.

Andrew Moffat 539 Dec 24, 2022
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

moonwalk Cover your tracks during Linux Exploitation / Penetration Testing by leaving zero traces on system logs and filesystem timestamps. 📖 Table o

Mufeed VH 1.1k Jan 6, 2023
Rust library for filesystems in userspace (FUSE)

Rust FUSE - Filesystem in Userspace About fuse-rs is a Rust library crate for easy implementation of FUSE filesystems in userspace. fuse-rs does not j

Andreas Neuhaus 916 Jan 9, 2023
Swap token protocol for cryptocurrencies, supported in cosmos network, such as UST, LUNA, LUNI, etc.

Tokenswap This is a Smart Contract built in Rust to run inside Cosmos SDK module on all chains that enable it. To understand the framework better, ple

Smart Geek 6 Dec 12, 2022
A lite tool to make systemd work in any container(Windows Subsystem for Linux 2, Docker, Podman, etc.)

Angea Naming from hydrangea(アジサイ) A lite tool to make systemd work in any container(Windows Subsystem for Linux 2, Docker, Podman, etc.) WSL1 is not s

いんしさくら 16 Dec 5, 2022
A lite tool to make systemd work in any container(Windows Subsystem for Linux 2, Docker, Podman, etc.)

Angea Naming from hydrangea(アジサイ) A lite tool to make systemd work in any container(Windows Subsystem for Linux 2, Docker, Podman, etc.) WSL1 is not s

いんしさくら 16 Dec 5, 2022
Prints the absolute path of all regular files in an unmounted btrfs filesystem image.

btrfs-walk-tut Prints the absolute path of all regular files in an unmounted btrfs filesystem image. Learning about btrfs: Btrfs Basics Series This re

Nishal Kulkarni 2 Feb 3, 2022
This utility traverses through your filesystem looking for open-source dependencies that are seeking donations by parsing README.md and FUNDING.yml files
This utility traverses through your filesystem looking for open-source dependencies that are seeking donations by parsing README.md and FUNDING.yml files

This utility traverses through your filesystem looking for open-source dependencies that are seeking donations by parsing README.md and FUNDING.yml files

Mufeed VH 38 Dec 30, 2022
A filesystem driver that allows you to view your Blackboard course contents as if they were normal files and folders on your system!
A filesystem driver that allows you to view your Blackboard course contents as if they were normal files and folders on your system!

BlackboardFS Blackboard: noun A website so bad that it might as well be a network drive. BlackboardFS is a filesystem driver that allows you to view y

null 22 Sep 4, 2023
Everyday-use client-side map-aware Arch Linux mirror ranking tool

Rate Arch Mirrors This is a tool, which fetches mirrors, skips outdated/syncing Arch Linux mirrors, then uses info about submarine cables and internet

Nikita Almakov 196 Jan 2, 2023
Releases(v0.1.0)
Owner
Vitaly Shukela
Vitaly Shukela
GitHub
A simple Vec-based Map inspired on JavaScript for rust.

A simple alternative to HashMap inspired on JavaScript's Map.

Squioole 2 Oct 3, 2021
B-Tree map for pub/sub services

submap B-tree map for pub/sub services. Create a new subscription map let mut smap: SubMap<Client> = SubMap::new(); where "Client" is a pub/sub client

Altertech 6 Sep 21, 2022
Serializable map of any type.

??️ type_reg Serializable map of any type. This library provides a map that can store any serializable type, and retrieve it as the strong type. Seria

Azriel Hoh 3 Dec 26, 2022
enum-map enum-map xfix/enum-map [enum-map] — An optimized map implementation for enums using an array to store values.

enum-map A library providing enum map providing type safe enum array. It is implemented using regular Rust arrays, so using them is as fast as using r

Konrad Borowski 57 Dec 19, 2022
The reference implementation of the Linux FUSE (Filesystem in Userspace) interface

libfuse About FUSE (Filesystem in Userspace) is an interface for userspace programs to export a filesystem to the Linux kernel. The FUSE project consi

null 4.2k Jan 4, 2023
Fuse filesystem that returns symlinks to executables based on the PATH of the requesting process.

Envfs Fuse filesystem that returns symlinks to executables based on the PATH of the requesting process. This is useful to execute shebangs on NixOS th

Jörg Thalheim 98 Jan 2, 2023
A small in-memory filesystem using FUSE.

slabfs A small in-memory filesystem using FUSE. Running Simply run: RUST_LOG="slabfs=trace" cargo r -r -- <mountpoint> To suppress most log messages:

Carlos López 2 Jul 7, 2023
API bindings, CLI client and FUSE filesystem for Wiki.js written in Rust.

wikijs-rs API bindings, CLI client and FUSE filesystem for Wiki.js written in Rust. What's inside? Library: Rust bindings to Wiki.js's entire GraphQL

Sandro-Alessio Gierens 4 Sep 19, 2023
FUSE filesystem that provides FizzBuzz.txt(8 Exabyte)

FizzBuzzFS root@8a2db3fc6292:/# cd /mnt/FizzBuzz/ root@8a2db3fc6292:/mnt/FizzBuzz# ls -l total 9007199254740992 -rw-r--r-- 1 501 dialout 9223372036854

todesking 8 Oct 1, 2023
Self Organizing Map (SOM) is a type of Artificial Neural Network (ANN) that is trained using an unsupervised, competitive learning to produce a low dimensional, discretized representation (feature map) of higher dimensional data.

som Self Organizing Map Pre-requisites Setup rust To download Rustup and install Rust, run the following in your terminal, then follow the on-screen i

SelfOrgMap 5 Nov 4, 2020