Unable to resolve hostnames inside macOS chroot jail
Solution 1:
I was able to get it to work by making sure the /etc/resolver.conf
existed in the chroot
and then symlinking /var/run/mDNSResponder
into the chroot
.
$ sudo chroot -u user "/Users/user/Source/macos-mkjail/test_jail" /bin/bash
bash-4.4$ ping www.google.com
PING www.google.com (216.58.194.164): 56 data bytes
64 bytes from 216.58.194.164: icmp_seq=0 ttl=53 time=10326.366 ms
64 bytes from 216.58.194.164: icmp_seq=1 ttl=53 time=44.899 ms
64 bytes from 216.58.194.164: icmp_seq=2 ttl=53 time=39.388 ms
^C--- www.google.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 39.388/3470.218/10326.366/4848.030 ms
bash-4.4$exit
$
Solution 2:
Basically the problem is that newer macOS versions use mDNSResponder to resolve host names, and the standard library inside the chroot isn't able to contact the mDNSResponder. Without that communication, resolving names isn't possible. You'll want to install an responder inside the chroot jail in order to get it working.
You can find more information in this post:
https://stackoverflow.com/questions/33356677/how-can-i-get-dns-resolution-to-work-inside-a-mac-os-x-chroot-on-el-capitan
Solution 3:
Copy /etc/resolv.conf
from your host-system into the chroot and hardlink the mDNSresponder-socket into the chroot and sudo ln /var/run/mDNSResponder $CHROOT_ROOT_DIRECTORY/var/run/mDNSResponder
. By hardlinking the socket will be reachable inside the chroot too. Works on 10.15.