From b8ef87a7fcbab6193fb385ccd83bd8f9667b62c8 Mon Sep 17 00:00:00 2001
From: Alex Pyrgiotis <alex.p@freedom.press>
Date: Mon, 10 Mar 2025 14:26:50 +0200
Subject: [PATCH] FIXUP: Document removal of resolv.conf

---
 Dockerfile    | 7 +++++--
 Dockerfile.in | 7 +++++--
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index ca36c6e..bfec87c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -182,8 +182,11 @@ RUN mkdir -p \
     /new_root/tmp \
     /new_root/home/dangerzone/dangerzone-image/rootfs
 
-# XXX: Remove /etc/resolv.conf, so that the network configuration of the host
-# does not leak.
+# Copy the /etc and /var directories under the new root directory. Also,
+# copy /etc/, /opt, and /usr to the Dangerzone image rootfs.
+#
+# XXX: We also have to remove the resolv.conf file, in order to not leak any DNS
+# servers added there during image build time.
 RUN cp -r /etc /var /new_root/ \
     && rm /new_root/etc/resolv.conf
 RUN cp -r /etc /opt /usr /new_root/home/dangerzone/dangerzone-image/rootfs \
diff --git a/Dockerfile.in b/Dockerfile.in
index ebc87ca..3bb5970 100644
--- a/Dockerfile.in
+++ b/Dockerfile.in
@@ -182,8 +182,11 @@ RUN mkdir -p \
     /new_root/tmp \
     /new_root/home/dangerzone/dangerzone-image/rootfs
 
-# XXX: Remove /etc/resolv.conf, so that the network configuration of the host
-# does not leak.
+# Copy the /etc and /var directories under the new root directory. Also,
+# copy /etc/, /opt, and /usr to the Dangerzone image rootfs.
+#
+# XXX: We also have to remove the resolv.conf file, in order to not leak any DNS
+# servers added there during image build time.
 RUN cp -r /etc /var /new_root/ \
     && rm /new_root/etc/resolv.conf
 RUN cp -r /etc /opt /usr /new_root/home/dangerzone/dangerzone-image/rootfs \