From d6a7b431b9a712b05b772ca3bd98b105bed42e8b Mon Sep 17 00:00:00 2001 From: casjay Date: Fri, 5 Jun 2026 14:34:59 -0400 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Fix=20resolv.conf:=20add=20searc?= =?UTF-8?q?h=20.=20and=20ndots:0=20to=20block=20domain=20search=20?= =?UTF-8?q?=F0=9F=90=9B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --domainname on the container sets the kernel domainname, which c-ares uses to infer a search domain even when /etc/resolv.conf has no search line. This caused c-ares to query github.com.casjay.work AAAA and get the host's own IPv6 address, routing all outbound HTTPS to the local nginx instead of the real server. Adding 'search .' and 'options ndots:0' explicitly disables search domain inference regardless of the kernel domainname setting. - rootfs/usr/local/etc/resolv.conf: add search . and options ndots:0 rootfs/usr/local/etc/resolv.conf --- rootfs/usr/local/etc/resolv.conf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rootfs/usr/local/etc/resolv.conf b/rootfs/usr/local/etc/resolv.conf index b48f4bc..7b7a70b 100644 --- a/rootfs/usr/local/etc/resolv.conf +++ b/rootfs/usr/local/etc/resolv.conf @@ -2,3 +2,5 @@ nameserver 1.1.1.1 nameserver 1.0.0.1 nameserver 8.8.8.8 nameserver 8.8.4.4 +search . +options ndots:0