containers.no_hosts is not considered by podman system service

libpod/container_config.go

@@ -275,7 +275,7 @@ type ContainerNetworkConfig struct {
 	// UseImageHosts indicates that /etc/hosts should not be
 	// bind-mounted inside the container.
 	// Conflicts with HostAdd.
-	UseImageHosts bool
+	UseImageHosts *bool
 	// Hosts to add in container
 	// Will be appended to host's host file
 	HostAdd []string `json:"hostsAdd,omitempty"`

libpod/container_internal_linux.go

@@ -1865,7 +1865,7 @@ func (c *Container) makeBindMounts() error {
 			}
 		}
 
-		if c.config.NetNsCtr != "" && (!c.config.UseImageResolvConf || !c.config.UseImageHosts) {
+		if c.config.NetNsCtr != "" && (!c.config.UseImageResolvConf || c.config.UseImageHosts == nil || !*c.config.UseImageHosts) {
 			// We share a net namespace.
 			// We want /etc/resolv.conf and /etc/hosts from the
 			// other container. Unless we're not creating both of
@@ -1895,7 +1895,7 @@ func (c *Container) makeBindMounts() error {
 			// check if dependency container has an /etc/hosts file.
 			// It may not have one, so only use it if it does.
 			hostsPath, exists := bindMounts["/etc/hosts"]
-			if !c.config.UseImageHosts && exists {
+			if (c.config.UseImageHosts == nil || !*c.config.UseImageHosts) && exists {
 				depCtr.lock.Lock()
 				// generate a hosts file for the dependency container,
 				// based on either its old hosts file, or the default,
@@ -1937,7 +1937,7 @@ func (c *Container) makeBindMounts() error {
 				}
 			}
 
-			if !c.config.UseImageHosts {
+			if c.config.UseImageHosts == nil || !*c.config.UseImageHosts {
 				if err := c.updateHosts("/etc/hosts"); err != nil {
 					return errors.Wrapf(err, "error creating hosts file for container %s", c.ID())
 				}
@@ -1956,7 +1956,7 @@ func (c *Container) makeBindMounts() error {
 			}
 		}
 	} else {
-		if !c.config.UseImageHosts && c.state.BindMounts["/etc/hosts"] == "" {
+		if (c.config.UseImageHosts == nil || !*c.config.UseImageHosts) && c.state.BindMounts["/etc/hosts"] == "" {
 			if err := c.updateHosts("/etc/hosts"); err != nil {
 				return errors.Wrapf(err, "error creating hosts file for container %s", c.ID())
 			}

libpod/container_validate.go

@@ -84,7 +84,7 @@ func (c *Container) validate() error {
 		return errors.Wrapf(define.ErrInvalidArg, "cannot configure DNS options if using image's resolv.conf")
 	}
 
-	if c.config.UseImageHosts && len(c.config.HostAdd) > 0 {
+	if c.config.UseImageHosts != nil && *c.config.UseImageHosts && len(c.config.HostAdd) > 0 {
 		return errors.Wrapf(define.ErrInvalidArg, "cannot add to /etc/hosts if using image's /etc/hosts")
 	}
 

libpod/options.go

@@ -1312,7 +1312,8 @@ func WithUseImageHosts() CtrCreateOption {
 			return define.ErrCtrFinalized
 		}
 
-		ctr.config.UseImageHosts = true
+		UseImageHosts := true
+		ctr.config.UseImageHosts = &UseImageHosts
 
 		return nil
 	}

libpod/pod_api.go

@@ -593,10 +593,10 @@ func (p *Pod) Inspect() (*define.InspectPodData, error) {
 			return nil, err
 		}
 		infraConfig = new(define.InspectPodInfraConfig)
-		infraConfig.HostNetwork = !infra.config.ContainerNetworkConfig.UseImageHosts
+		infraConfig.HostNetwork = infra.config.ContainerNetworkConfig.UseImageHosts == nil || !*infra.config.ContainerNetworkConfig.UseImageHosts
 		infraConfig.StaticIP = infra.config.ContainerNetworkConfig.StaticIP
 		infraConfig.NoManageResolvConf = infra.config.UseImageResolvConf
-		infraConfig.NoManageHosts = infra.config.UseImageHosts
+		infraConfig.NoManageHosts = infra.config.ContainerNetworkConfig.UseImageHosts != nil && *infra.config.ContainerNetworkConfig.UseImageHosts
 		infraConfig.CPUPeriod = p.CPUPeriod()
 		infraConfig.CPUQuota = p.CPUQuota()
 		infraConfig.CPUSetCPUs = p.ResourceLim().CPU.Cpus

libpod/runtime_ctr.go

@@ -392,6 +392,10 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
 		ctr.config.Timezone = r.config.Containers.TZ
 	}
 
+	if ctr.config.UseImageHosts == nil {
+		ctr.config.UseImageHosts = &r.config.Containers.NoHosts
+	}
+
 	if ctr.restoreFromCheckpoint {
 		// Remove information about bind mount
 		// for new container from imported checkpoint

test/apiv2/20-containers.at

@@ -447,3 +447,40 @@ t GET images/$iid/json 200 \
 
 t DELETE containers/$cid 204
 t DELETE images/docker.io/library/newrepo:v3?force=false 200
+
+# test create without default no_hosts
+t POST containers/create \
+  Image=$IMAGE \
+  201 \
+  .Id~[0-9a-f]\\{64\\}
+cid=$(jq -r '.Id' <<<"$output")
+
+t POST libpod/containers/$cid/init 204
+
+t GET libpod/containers/$cid/json 200
+
+cpid_file=$(jq -r '.ConmonPidFile' <<<"$output")
+userdata_path=$(dirname $cpid_file)
+
+t GET libpod/containers/$cid/json 200 \
+  .HostsPath=$userdata_path/hosts
+
+t DELETE containers/$cid 204
+
+# test create with default no_hosts=true
+stop_service
+CONTAINERS_CONF=$(pwd)/test/apiv2/containers.no_hosts.conf start_service
+t POST containers/create \
+  Image=$IMAGE \
+  201 \
+  .Id~[0-9a-f]\\{64\\}
+cid=$(jq -r '.Id' <<<"$output")
+
+t POST libpod/containers/$cid/init 204
+
+t GET libpod/containers/$cid/json 200 \
+  .HostsPath=""
+
+t DELETE containers/$cid 204
+stop_service
+start_service

test/apiv2/containers.no_hosts.conf

@@ -0,0 +1,2 @@
+[containers]
+no_hosts=true