Re: [patch] Remove local nameservers from dhclient.conf during an upgrade.

Fri, 08 Sep 2017 03:45:08 -0700 

On Fri, Sep 08, 2017 at 12:12:09PM +0200, Jesper Wallin wrote:
> Hi all,
> 
> I have a local unbound running for caching purposes as well as ensuring
> that my DNS traffic is encrypted, using DNS-over-TLS.  This works just
> fine, except for when I try to run the snapshot upgrade process.
> 
> The installer will copy my on-disk configuration and try to setup the
> network, using the "supersede domain-name-servers 127.0.0.1;" in my
> /etc/dhclient.conf.  This gives me no errors, of course, since nothing
> is wrong with the configuration.  But since no nameserver is running on
> localhost, we're unable to resolve hosts.  The first indication of this
> is "Unable to connect using https. Use http instead?" which is somewhat
> unclear, as it led me to believe it's an issue with TLS.
> 
> Anyway, the patch below will basically try to ignore any local
> nameservers when copying the on-disk configuration.  My first approach
> was to check if we could resolve a hostname instead, before givig the
> https error, but seeing that host, dig or nslookup is unavailable, I
> decided to go with this instead.
> 
> 
> Jesper Wallin
> 
> 
> Index: distrib/miniroot/install.sub
> ===================================================================
> RCS file: /cvs/src/distrib/miniroot/install.sub,v
> retrieving revision 1.1035
> diff -u -p -r1.1035 install.sub
> --- distrib/miniroot/install.sub      25 Aug 2017 18:21:30 -0000      1.1035
> +++ distrib/miniroot/install.sub      8 Sep 2017 09:25:51 -0000
> @@ -2258,6 +2258,13 @@ enable_network() {
>               fi
>       done
>  
> +     # Remove local nameservers since they are unavailable.
> +     if [ -f "/etc/dhclient.conf" ]; then
> +             cat /etc/dhclient.conf | sed -E \
> +             '/supersede +domain-name-servers +.*(127.0.0.1|::1)/d' \
> +             > /etc/dhclient.conf
> +     fi

^^ if you would append a dns server which it provided by dhcp to your
regular /etc/dhclient.conf, then it should work find, shouldn't it?
it would try first one, fail, try second one.

and your changed doesn't work for servers with do use static ip
settings and have local dns in /etc/resolv.conf. am I not right?

j.

Reply via email to