Bug#716908: Please apply patch to dnsmasq's resolvconf hook script

Sun, 14 Jul 2013 08:10:04 -0700 

Package: dnsmasq
Version: 2.65
Severity: wishlist


Please apply the attached patch to dnsmasq's resolvconf hook script
/etc/resolvconf/update.d/dnsmasq.

With the patch the script calls the list-records program with a new option
"--omit-up-to lo.dnsmasq". This causes a new version of list-records in
resolvconf 1.74 to omit list items up to and including the item lo.dnsmasq.

The option has no effect on existing versions of list-records so it won't
cause malfunction with existing (i.e., << 1.74) resolvconf. The "sed -e
'/^lo.dnsmasq$/d'" remains necessary in order to continue supporting
existing resolvconf. After a while perhaps we can add a "Conflicts:
resolvconf (<< 1.74)" and drop the sed.

The purpose of the new option is better to support forwarding nameserver
chains.

Suppose you have two instances of forwarding nameservers that you want to
chain together as follows.

    resolver -> 127.0.0.2 d2 -> 127.0.0.1 d1 -> 8.8.8.8 g

The idea is that d2 registers "lo.d2" with "nameserver 127.0.0.2" and d1
registers "lo.d1" with "127.0.0.1". Assume that something else registers
"NetworkConfigurer" with "8.8.8.8". Assume the list-records program lists
the records as follows.

    lo.d2
    lo.d1
    NetworkConfigurer

The d2 and d1 packages include resolvconf update scripts. At present d2's
update script does "list-records | sed -e '/^lo.d2$/d'" so that it only
looks for forwarding addresses in records lo.d1 and NetworkConfigurer. But
d1 does likewise and looks in lo.d2 and NetworkConfigurer, resulting in a
loop.

To fix this, d1's update script will henceforth do "list-records
--omit-up-to lo.d1" yielding only the item NetworkConfigurer.

This may seem like overkill but cases like this are becoming increasingly
realistic. There are already people running dnsmasq server (record
lo.dnsmasq with "nameserver 127.0.0.1") plus NetworkManager-controlled
dnsmasq (record NetworkManager with "nameserver 127.0.1.1"). And there are
people running dnsmasq server plus dnscrypt-proxy (record lo.dnscrypt with
"nameserver 127.0.2.1"). And there are people running libvirt-controlled
dnsmasq plus NetworkManager-controlled dnsmasq. Other combinations are
possible.

If my plan is misconceived, please don't hesitate to let me know. ;)
-- 
Thomas

Attachment: dnsmasq-resolvconf-hook-script_20130712th1.patch
Description: Binary data

Reply via email to