No longer update resolv.conf to point to our own DNS server, let user…

…s specify the --dns=127.0.0.1 explicitly.

README

@@ -259,11 +259,8 @@ If you receive error like
 
 you might need to use `ipa-server-install` option `--skip-mem-check`.
 
-When running DNS server (the `--setup-dns` argument to
-`ipa-server-install`) in a container with read-only root filesystem
-(the `--read-only` option to `podman run` or `docker run`), the setup
-code in the container won't be able to edit `/etc/resolv.conf` in the
-container to point it to itself. Add `--dns=127.0.0.1` option to the
+When running DNS server (the `--setup-dns` argument to `ipa-server-install`)
+in the FreeIPA container, add `--dns=127.0.0.1` option to the
 `podman run` or `docker run` invocation to allow the FreeIPA server
 to reach its own DNS server.
 

ipa-server-configure-first

@@ -136,14 +136,6 @@ if [ "$1" == upgrade ] ; then
 		echo "The /data volume was created using incompatible image." >&2
 		exit 2
 	fi
-	if [ -f /data/etc/resolv.conf.ipa ] \
-		&& ! cmp /etc/resolv.conf /data/etc/resolv.conf.ipa \
-		&& ! grep '^nameserver 127\.0\.0\.1$' /etc/resolv.conf ; then
-		perl -pe 's/^(nameserver).*/$1 127.0.0.1/' /data/etc/resolv.conf.ipa > /etc/resolv.conf
-		if ! grep -q "\b$HOSTNAME\b" /etc/hosts ; then
-			echo "127.0.0.2 $HOSTNAME" >> /etc/hosts
-		fi
-	fi
 	# Removing kdcinfo.* which is likely to hold old IP address
 	rm -rf /var/lib/sss/pubconf/kdcinfo.*
 	if cmp /data/build-id /data-template/build-id ; then
@@ -232,7 +224,6 @@ else
 		if [ "$IPA_SERVER_IP" == no-update ] ; then
 			echo "FreeIPA server IP address update disabled, skipping update-self-ip-address."
 		elif ( systemctl is-active -q named named-pkcs11 || [ -n "$IPA_SERVER_IP" ] ) ; then
-			cp -f /etc/resolv.conf /data/etc/resolv.conf.ipa
 			if wait_for_dns 180; then
 				update_server_ip_address
 			else