diff options
| author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2021-12-15 11:42:59 +0100 |
|---|---|---|
| committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2021-12-15 11:47:06 +0100 |
| commit | 0ad4efb14beea9148838a0d974821e3b98cafc47 (patch) | |
| tree | 241f08e7b21fe542871588544d302cf9de135043 /src/resolve/resolved-resolv-conf.c | |
| parent | 9d84fdec287532c0d58914c64988b3027902c4e7 (diff) | |
| download | systemd-0ad4efb14beea9148838a0d974821e3b98cafc47.tar.gz | |
resolved: filter out our own stub resolvers when parsing servers
We get "upstream" dns server config from ~three places: /etc/resolv.conf,
config files, and runtime config via dbus. With this commit, we'll filter out
our own stub listeners if they are configured in either of the first two
sources. For /etc/resolv.conf this is done quitely, and for our own config
files, a LOG_INFO message is emitted, since this is a small inconsistency in
the config.
Setting loops like this over dbus is still allowed. The reason is that in the
past we didn't treat this as an error, and if we were to start responding with
an error, we could break a scenario that worked previously. E.g. NM sends us a
list of servers, and one happens to be the our own. We would just not use that
stub server before, but it'd still be shown in the dbus properties and such.
We would have to return error for the whole message, also rejecting the other
valid servers. I think it's easier to just keep that part unchanged.
Test case:
$ ls -l /etc/resolv.conf
-rw-r--r-- 1 root root 57 Dec 15 10:26 /etc/resolv.conf
$ cat /etc/resolv.conf
nameserver 192.168.150.1
options edns0 trust-ad
search .
$ cat /etc/systemd/resolved.conf.d/stub.conf
[Resolve]
DNSStubListenerExtra=192.168.150.1
$ resolvectl
...
Global
resolv.conf mode: foreign
DNS Servers: 192.168.150.1
Fallback DNS Servers: ...
(with the patch):
Global
resolv.conf mode: foreign
Fallback DNS Servers: ...
Diffstat (limited to 'src/resolve/resolved-resolv-conf.c')
| -rw-r--r-- | src/resolve/resolved-resolv-conf.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/resolve/resolved-resolv-conf.c b/src/resolve/resolved-resolv-conf.c index 100894d6b2..e9785ab964 100644 --- a/src/resolve/resolved-resolv-conf.c +++ b/src/resolve/resolved-resolv-conf.c @@ -143,7 +143,8 @@ int manager_read_resolv_conf(Manager *m) { a = first_word(l, "nameserver"); if (a) { - r = manager_parse_dns_server_string_and_warn(m, DNS_SERVER_SYSTEM, a); + r = manager_parse_dns_server_string_and_warn(m, DNS_SERVER_SYSTEM, a, + true /* don't warn about loops to our own stub listeners */); if (r < 0) log_warning_errno(r, "Failed to parse DNS server address '%s', ignoring.", a); |