built-in dns broken with enable-sandbox

[mohan43u]

I cannot resolve dns queries with build-in dns address 10.0.2.3

(host)$ unshare --map-root-user --user --mount --net
(unshare)# echo $$ >/tmp/pid

In host, I run

(host)$ slirp4netns --disable-host-loopback --enable-sandbox --enable-seccomp --enable-ipv6 --mtu 66520 -c $(cat /tmp/pid) tap0

Then, In guest, I run

(unshare)# echo "nameserver 10.0.2.3" >/tmp/resolv.conf
(unshare)# mount --bind /tmp/resolv.conf /etc/resolv.conf
(unshare)# drill google.com @10.0.2.3
Error: error sending query: Could not send or receive, because of network error
(unshare)#

This should suppose to resolve google.com, but it failed. In host, I killed the previous slirp4netns process and then run again without --enable-sandbox like this

(host)$ slirp4netns --disable-host-loopback --enable-seccomp --enable-ipv6 --mtu 66520 -c $(cat /tmp/pid) tap0

Then, in guest, I run

(unshare)# drill google.com @10.0.2.3
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 45906
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; google.com.  IN      A

;; ANSWER SECTION:
google.com.     223     IN      A       142.250.186.174

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 2 msec
;; SERVER: 10.0.2.3
;; WHEN: Mon Jun 19 20:49:28 2023
;; MSG SIZE  rcvd: 44

I get proper result

Host Details

$ uname -a
Linux host0 6.3.8-arch1-1 #1 SMP PREEMPT_DYNAMIC Wed, 14 Jun 2023 20:10:31 +0000 x86_64 GNU/Linux
$ pacman -Qo $(type -P slirp4netns)
/usr/bin/slirp4netns is owned by slirp4netns 1.2.0-1

[mohan43u]

It was my mistake

my /etc/resolve.conf was pointing to /var/run/systemd/resolve/stub-resolv.conf instead of /run/systemd/resolv/stub-resolv.conf. I fixed it now. everything works as expected