This bug report is *not* for resolvconf, but for OpenVPN package, is
indicated at the top of this page. Specifically, it is for the script,
'/etc/openvpn/update-resolv-conf', whch is is included in the OpenVPN
Ubuntu package.
I do know how resolvconf works, which is I say why this script included
with the Ubuntu package for OpenVPN is buggy. Take the following case:
I have /etc/resolvconf/resolv.conf.d/{base|head|etc...} empty because
while my laptop is most often at home and the line 'nameserver
192.168.0.1' is appropriate there, it will not be if I am out somewhere.
Thus 'base' & 'head' are blank, let the nameserver be assigned via DHCP.
Then I go to a client where use their wifi and IP, gateway, and
nameserver are assigned by their DHCP. I start openvpn so I can access
my home LAN for whatever reason.
Because of the way '/etc/openvpn/update-resolv-conf' script is written,
it trashes the nameserver lines added by DHCP for my client's wifi,
overwriting them with whatever was specified by my openvpn server at
home so I can access all the hosts there by name. Whatever nameserver
that was provided by the DHCP on my client's wifi is now gone. I can
still access the Internet, websurfing and whatnot, because my named at
home is answering all queries across the VPN link.
When I shut down openvpn on my laptop, the '/etc/openvpn/update-resolv-
conf' script simply runs 'resolvconf -d ${dev}.inet'. This deletes the
nameserver lines which were supplied by openvpn settings on VPN connect.
Because the original nameserver line was overwritten and not stored, my
resolv.conf no longer has a nameserver line in it. While technically I
still have access to the 'Net, since packets will get routed, for all
practical purposes I do not because domain names cannot be resolved into
addresses.
Simply put, the '/etc/openvpn/update-resolv-conf' provided with the
Ubuntu package for OpenVPN does not play nice in an environment where
other processes like DHCP clients may also be altering
'/etc/resolv.conf'.
--
update-resolv-conf script does not restore old values
https://bugs.launchpad.net/bugs/226185
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvpn in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
