Oho, that makes sense. 'ujail' sure is poorly documented, isn't it? I'm just finding an old lwn.net article on it, and basically nothing on the OpenWrt wiki or forum. Maybe ask over on OpenWrt, see if one of the devs there can point us to better docs.
Also, maybe report this as a bug on the package? I looked at the source (over 2 years since any updates) and it sure does assume that a simple symlink will work. On Sat, Nov 26, 2022 at 12:45 PM Gordon Shawn <[email protected]> wrote: > it has something to do with openwrt's ujail (seccomp) I believe, probably > to avoid symlink attacks? i.e. file works, symlink does not work. > > On Sat, Nov 26, 2022 at 2:19 PM Eric Fahlgren <[email protected]> > wrote: > >> I can't imagine that dnsmasq would even know that the file it was opening >> was a symlink. I'd suspect ownership or permissions. The dnsmasq process >> in OpenWrt is run as the 'dnsmasq' user, so maybe 'chown dnsmasq:dnsmasq >> /etc/safe-search/enabled/*' or some variant would resolve your issue. >> >> On Fri, Nov 25, 2022 at 7:05 PM Gordon Shawn <[email protected]> wrote: >> >>> On the newest openwrt I installed 'safe-search' which has a few files >>> under /etc/safe-search/available/ and they're symlinked to >>> /etc/safe-search/enable/ by choice. >>> >>> dnsmasq reports it failed to load those symlinks under enable/ >>> >>> if I remove the symlinks, and copy the real files over from available/, >>> dnsmasq read them all and works fine. >>> >>> can dnsmasq read addn-hosts files when they're symbolic links? >>> >>> Thanks, >>> Gordon >>> _______________________________________________ >>> Dnsmasq-discuss mailing list >>> [email protected] >>> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss >>> >>
_______________________________________________ Dnsmasq-discuss mailing list [email protected] https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
