diff --git a/cmd/podman/create.go b/cmd/podman/create.go index 93141a800960..bcb1671ea723 100644 --- a/cmd/podman/create.go +++ b/cmd/podman/create.go @@ -77,6 +77,10 @@ func createInit(c *cliconfig.PodmanCommand) error { logrus.Warn("setting security options with --privileged has no effect") } + if (c.IsSet("dns") || c.IsSet("dns-opt") || c.IsSet("dns-search")) && c.IsSet("network") { + return errors.Errorf("conflicting options: dns and the network mode.") + } + // Docker-compatibility: the "-h" flag for run/create is reserved for // the hostname (see https://github.com/containers/libpod/issues/1367). diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md index 87e18dbb971c..0c800a5a9f42 100644 --- a/docs/podman-create.1.md +++ b/docs/podman-create.1.md @@ -206,7 +206,7 @@ Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda: **--dns**=*dns* -Set custom DNS servers +Set custom DNS servers. Invalid if using **--dns** and **--network** flags at the same time. This option can be used to override the DNS configuration passed to the container. Typically this is necessary when the @@ -218,11 +218,11 @@ The **/etc/resolv.conf** file in the image will be used without changes. **--dns-option**=*option* -Set custom DNS options +Set custom DNS options. Invalid if using **--dns-option** and **--network** flags at the same time. **--dns-search**=*domain* -Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain) +Set custom DNS search domains. Invalid if using **--dns-search** and **--network** flags at the same time. (Use --dns-search=. if you don't wish to set the search domain) **--entrypoint**=*"command"* | *'["command", "arg1", ...]'* @@ -488,7 +488,7 @@ This works for both background and foreground containers. **--network**, **--net**="*bridge*" -Set the Network mode for the container +Set the Network mode for the container. Invalid if using **--dns**, **--dns-option**, or **--dns-search** with **--network** at the same time. 'bridge': create a network stack on the default bridge 'none': no networking 'container:': reuse another container's network stack diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md index 95499edd6461..7c67dbe7121a 100644 --- a/docs/podman-run.1.md +++ b/docs/podman-run.1.md @@ -212,7 +212,7 @@ Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda: **--dns**=*dns* -Set custom DNS servers +Set custom DNS servers. Invalid if using **--dns** and **--network** flags at the same time. This option can be used to override the DNS configuration passed to the container. Typically this is necessary when the @@ -224,11 +224,11 @@ The **/etc/resolv.conf** file in the image will be used without changes. **--dns-option**=*option* -Set custom DNS options +Set custom DNS options. Invalid if using **--dns-option** and **--network** flags at the same time. **--dns-search**=*domain* -Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain) +Set custom DNS search domains. Invalid if using **--dns-search** and **--network** flags at the same time. (Use --dns-search=. if you don't wish to set the search domain) **--entrypoint**=*"command"* | *'["command", "arg1", ...]'* @@ -501,7 +501,7 @@ This works for both background and foreground containers. **--network**, **--net**=*mode* -Set the Network mode for the container: +Set the Network mode for the container. Invalid if using **--dns**, **--dns-option**, or **--dns-search** with **--network** at the same time. - `bridge`: create a network stack on the default bridge - `none`: no networking - `container:`: reuse another container's network stack diff --git a/test/e2e/run_dns_test.go b/test/e2e/run_dns_test.go index f1196ff38a37..82810a732b48 100644 --- a/test/e2e/run_dns_test.go +++ b/test/e2e/run_dns_test.go @@ -94,4 +94,18 @@ var _ = Describe("Podman run dns", func() { Expect(session.ExitCode()).To(Equal(0)) Expect(session.LineInOutputContains("foobar")).To(BeTrue()) }) + + It("podman run mutually excludes --dns* and --network", func() { + session := podmanTest.Podman([]string{"run", "--dns=1.2.3.4", "--network", "container:ALPINE", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Not(Equal(0))) + + session = podmanTest.Podman([]string{"run", "--dns-opt=1.2.3.4", "--network", "container:ALPINE", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Not(Equal(0))) + + session = podmanTest.Podman([]string{"run", "--dns-search=foobar.com", "--network", "container:ALPINE", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Not(Equal(0))) + }) })