Tomcat 9 webapp's InetAddress.getByName not working (java.net.UnknownHostException)

Question

I have a .war webapp deployed on tomcat9 (previously running fine on tomcat6).

Within my .war webapp I have a call to InetAddress.getByName which results in an UnknownHostException. However, I know dns is working from the system (ping, dig, and nslookup on it work just fine)

java.net.UnknownHostException: google.com: Name or service not known
    at java.net.Inet4AddressImpl.lookupAllHostAddr(Native Method) ~[na:1.8.0_242]
    at java.net.InetAddress$2.lookupAllHostAddr(InetAddress.java:929) ~[na:1.8.0_242]
    at java.net.InetAddress.getAddressesFromNameService(InetAddress.java:1324) ~[na:1.8.0_242]
    at java.net.InetAddress.getAllByName0(InetAddress.java:1277) ~[na:1.8.0_242]
    at java.net.InetAddress.getAllByName(InetAddress.java:1193) ~[na:1.8.0_242]
    at java.net.InetAddress.getAllByName(InetAddress.java:1127) ~[na:1.8.0_242]
    at java.net.InetAddress.getByName(InetAddress.java:1077) ~[na:1.8.0_242]

Initially I thought it was the enableLookups="true" attribute missing from the Connector on server.xml, but adding it has no effect:

    <Connector port="8080" protocol="HTTP/1.1"
           connectionTimeout="20000"
           enableLookups="true" />

Interestingly if I add the host in question to /etc/hosts, the lookup succeeds - however Id like to figure out whats going on and allow my webapp to actually use DNS.

I'm on CentOS 7, running openjdk-1.8.

EDIT: I should add, tcpdump shows no traffic on port 53 when the tomcat webapp fails - it would seem it doesnt even try to use DNS.

Answer 1

Naturally I found the problem right after I post the question:

my tomcat user did not have proper permissions to read /etc/resolv.conf

sudo chmod a+r /etc/resolv.conf

fixed it...