Ah, you are correct. Every container can now modify its own /etc/resolv.conf and /etc/hosts, but these changes are not kept when a new image is committed from the filesystem of that container. Even if they were committed, the runtime would overwrite them when creating a new container (Docker continues to inject initial values into these files to provide a predictable networking environment to the application).

Now, in its current implementation "docker build" commits an intermediary image after each build step. These intermediary images are used by the build cache, to speed up successive builds. These intermediary images are created in exactly the same way as every other image - which means the same rules apply for /etc/resolv.conf and /etc/hosts. An unfortunate side effect is that changes to these files are not shared between build steps.

We can solve this in a future version (or even a hotfix if necessary). A relatively quick stopgap would be for "docker build" to copy these files across build steps. The long-term solution is to no longer commit a full-blown intermediary image at each build step, but instead to use a snapshotting facility more tailored to the needs of the build caching system. While we're at it we can make sure it preserves /etc/hosts and /etc/resolv.conf.

Sorry for the inconvenience, I hope the explanation helps.