Re: [PATCH] Add setting: UpdateResolvConf
On Wed, Feb 4, 2015, at 16:06, Jukka Rissanen wrote: > You might be able to configure connman to use your 127.0.0.53 server by > configuring it to each service you are using (have not tested this > thou). Example: connmanctl config your_service_id --nameservers > 127.0.0.53 > and then running connman with dnsproxy enabled. Thanks Yeah, I saw some settings for this today, but then I need to do this for every network I connect with, not to mention setting might get "lost" on upgrades/reinstalls since they're not in /etc... Simply leaving /etc/resolv.conf alone seems like the simplest/most foolproof way to me. It gives the user control to do "exotic" (which my setup apparently is) and/or "smart" things; this fits well with my UNIX philosophy :-) But I don't know if it also fits with connman's philosophy ;-) Another way might be to add some way to (globally) control nameserver settings from connman, but that's more complicated... Or connman could be left as-is, and my esoteric setup would be considered "unsupported" (I would not prefer this, obviously :-) ). Cheers ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: [PATCH] Add setting: UpdateResolvConf
On Wed, Feb 4, 2015, at 16:06, Tomasz Bursztyka wrote: > Hi, > > > It makes sense to me to > > not use every random DNS server out there... > > Sure, but your ubound does not magically resolve names by itself: it > does forward the > DNS queries to whatever has been configured (check > /etc/unbound/unbound.conf keyword "forward-zone") > and cache the results relevantly. It's not magic :-) But it queries the root server, then .com from that, and then example.com from that, insofar as I understand DNS. Or maybe I misunderstood something? I have no lines with forward-zone in /etc/unbound/unbound.conf I followed this guide btw: https://wiki.archlinux.org/index.php/Unbound (but *not* section 2.6 Forwarding queries). ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: [PATCH] Add setting: UpdateResolvConf
On Wed, Feb 4, 2015, at 15:41, Jukka Rissanen wrote: > Just wondering where do you get the nameserver IP addresses in this > case? Are you manually updating resolv.conf? Not sure if I understand this question? Let me explain my setup in more detail: - Run unbound on 127.0.0.54 - Run adsuck on 127.0.0.53, this filters ad domains (spoofs reply with 127.0.0.2), and forwards other queries to 127.0.0.42 (unbound). - Start connman with --nodnsproxy - For the root user, run a crontab with: */5 * * * * echo 'nameserver 127.0.0.53' > /etc/resolv.conf unbound works as recursive resolver, no other DNS server required. This works, except for the first 0 to 5 minutes I connected to a new network. It's also more than a bit ugly... Is this a very esoteric setup? I don't know ... It makes sense to me to not use every random DNS server out there... DNSSEC should ensure I get responses that haven't been tampered with... I don't know what random DNS servers do at starbucks do... Thanks, Martin ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: [PATCH] Add setting: UpdateResolvConf
On Wed, Feb 4, 2015, at 15:28, Patrik Flykt wrote: > So if you do a lookup for 'slashdot.org', how is unbound configured to > properly resolve that name from any network you visit? Google? If you wanted to, you could still get the DNS servers the DHCP dishes out with: $ connmanctl services wifi_5c514f7cdc83_4c49434f_managed_psk | grep Nameserver And do something manually with it (by monitoring for changes to connman or /etc/resolv.conf maybe). ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: [PATCH] Add setting: UpdateResolvConf
On Wed, Feb 4, 2015, at 15:28, Patrik Flykt wrote: > > Hi, > > On Wed, 2015-02-04 at 15:23 +0100, Martin Tournoij wrote: > > > How do you pick up the DNS servers when changing networks if ConnMan > > > never writes the ones obtained via DHCP anywhere? How do you update > > the > > > DNS servers at the moment when using your own resolver? > > > > I don't. I run unbound (& adsuck) on my laptop, so it works > > everywhere. > > So if you do a lookup for 'slashdot.org', how is unbound configured to > properly resolve that name from any network you visit? Google? It just works as a recursive resolver, I don't need to rely on any "external" DNS resolvers (which is how unbound works by default). ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: [PATCH] Add setting: UpdateResolvConf
On Wed, Feb 4, 2015, at 14:59, Patrik Flykt wrote: > On Tue, 2015-01-06 at 05:01 +0100, Martin Tournoij wrote: > > This is useful because my laptop runs it's own resolver. Every time I > > connect, Connman overwrites /etc/resolv.conf, and I need to script > > around this by overwriting it again after this... > > How do you pick up the DNS servers when changing networks if ConnMan > never writes the ones obtained via DHCP anywhere? How do you update the > DNS servers at the moment when using your own resolver? I don't. I run unbound (& adsuck) on my laptop, so it works everywhere. ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: [PATCH] Add setting: UpdateResolvConf
Hi, Is there any response on this? I don't want to badger anyone, but I'm subscribed to the connman mail list just for this issue. It would like to give my INBOX a break ;-) Thanks a lot! Martin ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: [PATCH] Add setting: UpdateResolvConf
On Tue, Jan 6, 2015, at 12:06, Pasi Sjöholm wrote: > Hi Martin, > > >This patch adds a new setting to main.conf, `UpdateResolvConf' (default > >true), which controls the updating of /etc/resolv.conf. > > > >If set to False, /etc/resolv.conf will not be updated. > > You know there is "--nodnsproxy" option when starting connman? Yup :-) And I enabled that, but it then updates /etc/resolv.conf with the settings from the DHCP server, ie.: # Generated by Connection Manager nameserver 8.8.8.8 nameserver 8.8.4.4 There is, as far as I've been able to determine, no easy way to prevent this. ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
[PATCH] Add setting: UpdateResolvConf
Hi there, This patch adds a new setting to main.conf, `UpdateResolvConf' (default true), which controls the updating of /etc/resolv.conf. If set to False, /etc/resolv.conf will not be updated. This is useful because my laptop runs it's own resolver. Every time I connect, Connman overwrites /etc/resolv.conf, and I need to script around this by overwriting it again after this... I didn't update the docs and such, but if this change is okay, I will do that as well. PS. I am *not* subscribed to this list! Please CC me in replies! Thank you, Martin diff --git i/src/main.c w/src/main.c index ba09eb6..c2058bb 100644 --- i/src/main.c +++ w/src/main.c @@ -73,6 +73,7 @@ static struct { bool single_tech; char **tethering_technologies; bool persistent_tethering_mode; + bool update_resolv_conf; } connman_settings = { .bg_scan = true, .pref_timeservers = NULL, @@ -86,6 +87,7 @@ static struct { .single_tech = false, .tethering_technologies = NULL, .persistent_tethering_mode = false, + .update_resolv_conf = true, }; #define CONF_BG_SCAN"BackgroundScanning" @@ -98,8 +100,9 @@ static struct { #define CONF_BLACKLISTED_INTERFACES "NetworkInterfaceBlacklist" #define CONF_ALLOW_HOSTNAME_UPDATES "AllowHostnameUpdates" #define CONF_SINGLE_TECH"SingleConnectedTechnology" -#define CONF_TETHERING_TECHNOLOGIES "TetheringTechnologies" +#define CONF_TETHERING_TECHNOLOGIES "TetheringTechnologies" #define CONF_PERSISTENT_TETHERING_MODE "PersistentTetheringMode" +#define CONF_UPDATE_RESOLV_CONF "UpdateResolvConf" static const char *supported_options[] = { CONF_BG_SCAN, @@ -114,6 +117,7 @@ static const char *supported_options[] = { CONF_SINGLE_TECH, CONF_TETHERING_TECHNOLOGIES, CONF_PERSISTENT_TETHERING_MODE, + CONF_UPDATE_RESOLV_CONF, NULL }; @@ -354,6 +358,14 @@ static void parse_config(GKeyFile *config) connman_settings.persistent_tethering_mode = boolean; g_clear_error(&error); + + boolean = __connman_config_get_bool(config, "General", + CONF_UPDATE_RESOLV_CONF, + &error); + if (!error) + connman_settings.update_resolv_conf = boolean; + + g_clear_error(&error); } static int config_init(const char *file) @@ -528,6 +540,9 @@ bool connman_setting_get_bool(const char *key) if (g_str_equal(key, CONF_PERSISTENT_TETHERING_MODE)) return connman_settings.persistent_tethering_mode; + if (g_str_equal(key, CONF_UPDATE_RESOLV_CONF)) + return connman_settings.update_resolv_conf; + return false; } diff --git i/src/resolver.c w/src/resolver.c index 01e7c0e..dff8c10 100644 --- i/src/resolver.c +++ w/src/resolver.c @@ -89,6 +89,10 @@ static int resolvfile_export(void) unsigned int count; mode_t old_umask; + if (!connman_setting_get_bool("UpdateResolvConf")) { + return 0; + } + content = g_string_new("# Generated by Connection Manager\n"); /* ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman