Re: [PATCH] resolver: allow writing to /etc/resolv.conf to be disabled

Fri, 04 Sep 2015 07:29:35 -0700 

Hi Patrik,

> Unfortunately there is no motivation for this change

When OSMC uses an nfsroot, we ignore the primary interface (eth0), as the 
kernel is handling the network connection itself. Currently, without this 
patch, ConnMan will try and update /etc/resolv.conf, but may not have 
sufficient 'knowlege' to be able to accurately do so. We still want ConnMan to 
handle other technologies on the system, such as Bluetooth. Whether we used 
DHCP for DNS servers or configured it statically, it is obtainable from procfs. 
For DHCP we can use /proc/net/pnp and for static configuration we can populate 
via /proc/cmdline.

How's about a patch for a command line option called --resolv-path which allows 
writing to an alternative path? Would you accept that?

This would provide sufficient scope in the future for other use cases -- and I 
am sure there are other reasons when someone has to ignore an interface, to 
update /etc/resolv.conf themselves as well as provide a means to which the 
output from ConnMan and another service can be confirmed. 

Sam
________________________________________
From: connman <connman-boun...@connman.net> on behalf of Patrik Flykt 
<patrik.fl...@linux.intel.com>
Sent: 04 September 2015 06:55
To: connman@connman.net
Subject: Re: [PATCH] resolver: allow writing to /etc/resolv.conf to be disabled

        Hi,

On Thu, 2015-09-03 at 16:07 +0000, Sam Nazarko wrote:
> ---

Unfortunately there is no motivation for this change. Apparently it does
something very much needed, as you have sent a patch for the issue. With
this change, how are DNS servers handed down by a DHCP server or
modified manually supposed to handled?

In order to fit into existing frameworks (which? what use cases?), I
could envision ConnMan writing it's resolv.conf into another location
entirely, say /run/connman/resolv.conf, which could then be symlinked
to /etc/resolv.conf if needed.

Comments?

Cheers,

        Patrik

>  src/connman.h  |  2 +-
>  src/main.c     |  6 +++++-
>  src/resolver.c | 10 +++++++++-
>  3 files changed, 15 insertions(+), 3 deletions(-)
>
> diff --git a/src/connman.h b/src/connman.h
> index 35eb3f5..0d7b500 100644
> --- a/src/connman.h
> +++ b/src/connman.h
> @@ -244,7 +244,7 @@ int __connman_inet_get_address_netmask(int ifindex,
>
>  #include <connman/resolver.h>
>
> -int __connman_resolver_init(gboolean dnsproxy);
> +int __connman_resolver_init(gboolean dnsproxy, gboolean allowresolvmodify);
>  void __connman_resolver_cleanup(void);
>  int __connman_resolvfile_append(int index, const char *domain, const char 
> *server);
>  int __connman_resolvfile_remove(int index, const char *domain, const char 
> *server);
> diff --git a/src/main.c b/src/main.c
> index e46fa7b..4d6f064 100644
> --- a/src/main.c
> +++ b/src/main.c
> @@ -468,6 +468,7 @@ static gchar *option_noplugin = NULL;
>  static gchar *option_wifi = NULL;
>  static gboolean option_detach = TRUE;
>  static gboolean option_dnsproxy = TRUE;
> +static gboolean option_allowresolvmodify = TRUE;
>  static gboolean option_backtrace = TRUE;
>  static gboolean option_version = FALSE;
>
> @@ -505,6 +506,9 @@ static GOptionEntry options[] = {
>      { "nodnsproxy", 'r', G_OPTION_FLAG_REVERSE,
>                  G_OPTION_ARG_NONE, &option_dnsproxy,
>                  "Don't enable DNS Proxy" },
> +    { "noresolvmodify", 's', G_OPTION_FLAG_REVERSE,
> +                G_OPTION_ARG_NONE, &option_allowresolvmodify,
> +                "Don't allow resolv.conf changes. Useful if ignoring the 
> primary interface" },
>      { "nobacktrace", 0, G_OPTION_FLAG_REVERSE,
>                  G_OPTION_ARG_NONE, &option_backtrace,
>                  "Don't print out backtrace information" },
> @@ -687,7 +691,7 @@ int main(int argc, char *argv[])
>
>      __connman_plugin_init(option_plugin, option_noplugin);
>
> -    __connman_resolver_init(option_dnsproxy);
> +    __connman_resolver_init(option_dnsproxy, option_allowresolvmodify);
>      __connman_rtnl_start();
>      __connman_dhcp_init();
>      __connman_dhcpv6_init();
> diff --git a/src/resolver.c b/src/resolver.c
> index 6a64938..473412b 100644
> --- a/src/resolver.c
> +++ b/src/resolver.c
> @@ -55,6 +55,7 @@ struct entry_data {
>
>  static GSList *entry_list = NULL;
>  static bool dnsproxy_enabled = false;
> +static bool allowresolvmodify_enabled = true;
>
>  struct resolvfile_entry {
>      int index;
> @@ -89,6 +90,9 @@ static int resolvfile_export(void)
>      unsigned int count;
>      mode_t old_umask;
>
> +    if (! allowresolvmodify_enabled)
> +        return 0;
> +
>      content = g_string_new("# Generated by Connection Manager\n");
>
>      /*
> @@ -619,11 +623,15 @@ static void free_resolvfile(gpointer data)
>      g_free(entry);
>  }
>
> -int __connman_resolver_init(gboolean dnsproxy)
> +int __connman_resolver_init(gboolean dnsproxy, gboolean allowresolvmodify)
>  {
>      int i;
>      char **ns;
>
> +    DBG("allowresolvmodify %d", allowresolvmodify);
> +
> +    allowresolvmodify_enabled = allowresolvmodify;
> +
>      DBG("dnsproxy %d", dnsproxy);
>
>      if (!dnsproxy)
> --
> 2.1.0
>
> _______________________________________________
> connman mailing list
> connman@connman.net
> https://lists.connman.net/mailman/listinfo/connman


_______________________________________________
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman
_______________________________________________
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman

Reply via email to