From 7fbc1890a92842302cd06afa7c489f7f488f089a Mon Sep 17 00:00:00 2001 From: "Jiaxiao (mossaka) Zhou" Date: Fri, 6 Feb 2026 00:58:15 +0000 Subject: [PATCH] fix: mount /etc/hosts in chroot mode for localhost resolution In chroot mode with selective /etc mounts, /etc/hosts was not mounted, causing tools like JSDOM/Vitest to fail with "getaddrinfo EAI_AGAIN localhost". Add a read-only bind mount of /etc/hosts into the chroot so hostname resolution works correctly. Co-Authored-By: Claude Opus 4.6 (1M context) --- src/docker-manager.test.ts | 1 + src/docker-manager.ts | 1 + 2 files changed, 2 insertions(+) diff --git a/src/docker-manager.test.ts b/src/docker-manager.test.ts index 541a7d69..acb9437d 100644 --- a/src/docker-manager.test.ts +++ b/src/docker-manager.test.ts @@ -557,6 +557,7 @@ describe('docker-manager', () => { expect(volumes).toContain('/etc/ca-certificates:/host/etc/ca-certificates:ro'); expect(volumes).toContain('/etc/alternatives:/host/etc/alternatives:ro'); expect(volumes).toContain('/etc/ld.so.cache:/host/etc/ld.so.cache:ro'); + expect(volumes).toContain('/etc/hosts:/host/etc/hosts:ro'); // Should still include essential mounts expect(volumes).toContain('/tmp:/tmp:rw'); diff --git a/src/docker-manager.ts b/src/docker-manager.ts index ef1602c9..cbba754a 100644 --- a/src/docker-manager.ts +++ b/src/docker-manager.ts @@ -469,6 +469,7 @@ export function generateDockerCompose( '/etc/passwd:/host/etc/passwd:ro', // User database (needed for getent/user lookup) '/etc/group:/host/etc/group:ro', // Group database (needed for getent/group lookup) '/etc/nsswitch.conf:/host/etc/nsswitch.conf:ro', // Name service switch config + '/etc/hosts:/host/etc/hosts:ro', // Host name resolution (localhost, etc.) ); // SECURITY: Hide Docker socket to prevent firewall bypass via 'docker run'