Modify

Opened 8 years ago

Closed 6 years ago

Last modified 4 years ago

#6899 closed defect (worksforme)

dnsmasq does not pick up nameservers from /tmp/resolv.conf.auto

Reported by: br1@… Owned by: thepeople
Priority: high Milestone: Barrier Breaker 14.07
Component: packages Version: Trunk
Keywords: Cc:

Description

trunk from yesterday:

dns name resolution does not work because dnsmasq does not pick up nameservers from /tmp/resolv.conf.auto. (in my case they come from
ppp, but that does not matter).

interestingly it works if i simply add -n (--no-poll "Do NOT poll
/etc/resolv.conf file, reload only on SIGHUP") to the dnsmasq arguments. seems like the polling does not work???

might be related to tickets #5589 and #6843

Attachments (2)

50-dnsmasq (59 bytes) - added by thepeople 8 years ago.
102-poll.patch (718 bytes) - added by br1@… 8 years ago.
i think this can be fixed with this patch

Download all attachments as: .zip

Change History (16)

comment:1 Changed 8 years ago by anonymous

I see the same on AR71XX (TP-LINK)

Changed 8 years ago by thepeople

comment:2 follow-up: Changed 8 years ago by thepeople

  • Summary changed from dnsmasq does not pick up nameservers from /tmp/resolv.conf.auto to dnsmasq does not pick up nameservers from /tmp/resolv.conf.auto

Please try putting the attached file in /etc/hotplug.d/iface/

comment:3 Changed 8 years ago by thepeople

  • Owner changed from developers to thepeople
  • Status changed from new to assigned

comment:4 in reply to: ↑ 2 Changed 8 years ago by br1@…

Replying to thepeople:

Please try putting the attached file in /etc/hotplug.d/iface/

sorry, doesn't help. i also tried to manually kill -HUP dnsmasq to make it pick up the file, but it doesn't. the only thing i found so far which helps is the -n switch...

comment:5 Changed 8 years ago by anonymous

Same behaviour seen on Wl500G deluxe V1 (ASUS), when using block-extroot to boot from USB storage.

Changed 8 years ago by br1@…

i think this can be fixed with this patch

comment:6 Changed 8 years ago by anonymous

nope, that's not it - forget that patch - sorry

comment:7 Changed 8 years ago by jean-pierre.cartal@…

I'm not quite sure but it seems that this issue only arise when system time is not set i.e. in our case 1/1/1970 0:00.

When time is set correctly dnsmasq behaves properly.

Can anybody confirm this ?

Regards

comment:8 Changed 8 years ago by br1@…

oh, yes, check the following differences:

date -s "1970-1-1 00:00:00"; echo "nameserver 2.2.2.2" > /tmp/resolv.conf.auto; /etc/init.d/dnsmasq restart;

Jan  1 00:00:00 rk1 daemon.info dnsmasq[1491]: exiting on receipt of SIGTERM
Jan  1 00:00:00 rk1 daemon.info dnsmasq[1507]: started, version 2.52 cachesize 150
Jan  1 00:00:00 rk1 daemon.info dnsmasq[1507]: compile time options: IPv6 GNU-getopt no-DBus no-I18N DHCP TFTP
Jan  1 00:00:00 rk1 daemon.info dnsmasq[1507]: using local addresses only for domain lan
Jan  1 00:00:00 rk1 daemon.info dnsmasq[1507]: read /etc/hosts - 1 addresses

one second difference and it works:

root@rk1:~# date -s "1970-1-1 00:00:01"; echo "nameserver 2.2.2.2" > /tmp/resolv.conf.auto; /etc/init.d/dnsmasq restart;

Jan  1 00:00:01 rk1 daemon.info dnsmasq[1523]: exiting on receipt of SIGTERM
Jan  1 00:00:01 rk1 daemon.info dnsmasq[1539]: started, version 2.52 cachesize 150
Jan  1 00:00:01 rk1 daemon.info dnsmasq[1539]: compile time options: IPv6 GNU-getopt no-DBus no-I18N DHCP TFTP
Jan  1 00:00:01 rk1 daemon.info dnsmasq[1539]: using local addresses only for domain lan
Jan  1 00:00:01 rk1 daemon.info dnsmasq[1539]: reading /tmp/resolv.conf.auto
Jan  1 00:00:01 rk1 daemon.info dnsmasq[1539]: using nameserver 2.2.2.2#53
Jan  1 00:00:01 rk1 daemon.info dnsmasq[1539]: using local addresses only for domain lan
Jan  1 00:00:01 rk1 daemon.info dnsmasq[1539]: read /etc/hosts - 1 addresses

comment:9 Changed 7 years ago by nico

  • Milestone changed from Backfire 10.03.1 to Kamikaze

comment:10 Changed 7 years ago by alain.spineux@…

In my case (soekris 4501) the default date is Dec 7 1943,
and dnsmasq ignore my /tmp/resolv.conf.auto
I have added a

/sbin/hwclock -s -u >/dev/null

to my /etc/init.d/boot (because my soekris has a HW clock.
If you don't have any hw clock, a

date 2010.01.01

should work too.

hope this help

comment:11 Changed 7 years ago by karl.hegbloom@…

What I'm seeing is that dnsmasq is running as nobody, but the /tmp/resolv.conf.auto and several other files are owned by root... It works fine when I add the no-daemon option to /etc/dnsmasq.conf, and so what I think is happening is that when it drops privleges and capabilities after the fork, it loses the ability to read those files.

root@OpenWrt:~# cat /var/log/dnsmasq.log 
Oct  7 23:19:30 dnsmasq[10429]: started, version 2.55 cachesize 150
Oct  7 23:19:30 dnsmasq[10429]: compile time options: IPv6 GNU-getopt no-DBus no-I18N DHCP TFTP
Oct  7 23:19:30 dnsmasq-dhcp[10429]: DHCP, IP range 192.168.2.100 -- 192.168.2.250, lease time 12h
Oct  7 23:19:30 dnsmasq-dhcp[10429]: DHCP, IP range 192.168.1.100 -- 192.168.1.250, lease time 12h
Oct  7 23:19:30 dnsmasq[10429]: using local addresses only for domain lan
Oct  7 23:19:30 dnsmasq[10429]: failed to access /tmp/resolv.conf.auto: Permission denied
Oct  7 23:19:30 dnsmasq[10429]: failed to load names from /etc/hosts: Permission denied
Oct  7 23:19:30 dnsmasq-dhcp[10429]: failed to read /etc/ethers: Permission denied

A temporary work-around (not requiring any patches) is to add:

user=root
group=root

... to the /etc/dnsmasq.conf.

comment:12 Changed 6 years ago by anonymous

Adding "-n" doesn't fix it. (but it is NOT a bug in dnsmasq)

Based on my above investigation (see long version below), I took a guess, that apparmor was blocking it.

Viewing the /etc/apparmor.d/usr.sbin.dnsmasq file shows me that /etc/dnsmasq.d/* is readable, so I put my resolv.all.conf file there, and it works.

So therefore, if any change is needed in dnsmasq, it would be a nice user friendly thing to have:

  1. A warning wherever there is a "Permission Denied" error in the log, there should also be a mention about apparmor and selinux.
  2. A warning in the default dnsmasq.conf file next to the "resolv-file=" line that says if there are any permission errors, to be sure apparmor and selinux are not blocking the file.

I submitted an openSUSE feature request bug report here: https://bugzilla.novell.com/show_bug.cgi?id=760325

=========begin long version=========

OK - Here is with

#resolv-file=
(commented out)

May 2 16:51:32 peter dnsmasq[18367]: exiting on receipt of SIGTERM
May 2 16:51:32 peter dnsmasq[18817]: Shutting name service masq caching server ..done
May 2 16:51:32 peter dnsmasq[18837]: started, version 2.59 cachesize 150
May 2 16:51:32 peter dnsmasq[18837]: compile time options: IPv6 GNU-getopt DBus i18n DHCP TFTP no-conntrack IDN
May 2 16:51:32 peter dnsmasq[18837]: read /etc/hosts - 8 addresses
May 2 16:51:32 peter dnsmasq[18837]: using nameserver ...
May 2 16:51:32 peter dnsmasq[18826]: Starting name service masq caching server ..done

FAIL - Here is with:

resolv-file=/etc/resolv.all.conf

May 2 16:53:07 peter dnsmasq[18837]: exiting on receipt of SIGTERM
May 2 16:53:08 peter dnsmasq[19112]: Shutting name service masq caching server ..done
May 2 16:53:08 peter dnsmasq[19133]: started, version 2.59 cachesize 150
May 2 16:53:08 peter dnsmasq[19133]: compile time options: IPv6 GNU-getopt DBus i18n DHCP TFTP no-conntrack IDN
May 2 16:53:08 peter dnsmasq[19133]: read /etc/hosts - 8 addresses
May 2 16:53:08 peter dnsmasq[19133]: failed to read /etc/resolv.all.conf: Permission denied
May 2 16:53:08 peter dnsmasq[19122]: Starting name service masq caching server ..done

OK - Here is with:

resolv-file=/etc/resolv.test.conf
Where resolv.test.conf is a symlink to /etc/resolv.conf

May 2 16:54:38 peter dnsmasq[19133]: exiting on receipt of SIGTERM
May 2 16:54:38 peter dnsmasq[19442]: Shutting name service masq caching server ..done
May 2 16:54:38 peter dnsmasq[19462]: started, version 2.59 cachesize 150
May 2 16:54:38 peter dnsmasq[19462]: compile time options: IPv6 GNU-getopt DBus i18n DHCP TFTP no-conntrack IDN
May 2 16:54:38 peter dnsmasq[19462]: read /etc/hosts - 8 addresses
May 2 16:54:38 peter dnsmasq[19462]: using nameserver ...
May 2 16:54:38 peter dnsmasq[19451]: Starting name service masq caching server ..done

FAIL - Here is the same filename again, except this time it is copied instead of linked:

May 2 16:57:53 peter dnsmasq[19462]: exiting on receipt of SIGTERM
May 2 16:57:53 peter dnsmasq[20043]: Shutting name service masq caching server ..done
May 2 16:57:53 peter dnsmasq[20064]: started, version 2.59 cachesize 150
May 2 16:57:53 peter dnsmasq[20064]: compile time options: IPv6 GNU-getopt DBus i18n DHCP TFTP no-conntrack IDN
May 2 16:57:53 peter dnsmasq[20064]: read /etc/hosts - 8 addresses
May 2 16:57:53 peter dnsmasq[20064]: failed to read /etc/resolv.test.conf: Permission denied
May 2 16:57:53 peter dnsmasq[20053]: Starting name service masq caching server ..done

It has nothing to do with permissions. The files are the same in all ways except filename. And I have this problem with openSUSE, but not with Ubuntu. (I don't know if Ubuntu was set to use root or a specific user)

The workaround that worked for me is to use the following settings:

no-resolv
no-poll
server=#.#.#.#
server=#.#.#.#
server=#.#.#.#

=========end long version=========

comment:13 Changed 6 years ago by nbd

  • Resolution set to worksforme
  • Status changed from assigned to closed

resolv.conf.auto is world readable. no idea what the opensuse stuff above is supposed to tell me...

comment:14 Changed 4 years ago by jow

  • Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07

Milestone Attitude Adjustment 12.09 deleted

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.