kvpnc: wrong modification of resolv.conf

fixed in hardy

In 8.10 the bug is still here.

More precisely with DSN_UPDATE to set to NO as you can see from the debug output

debug: Setting DNS_UPDATE "NO".
debug: vpnc arguments: /usr/sbin/vpnc --script /root/.kde/share/apps/kvpnc/vpnc-script.infn --pid-file /root/.kde/share/apps/kvpnc/vpnc-pid.infn.pid --natt-mode natt --ifmode tun -
debug: "vpnc" started.

kvpnc _overwrites_ /etc/resolv.conf as follows

#@VPNC_GENERATED@ -- this file is generated by vpnc
# and will be overwritten by vpnc
# as long as the above mark is intact
search to.infn.it nbi.dk ph.unito.it to.infn.it
nameserver 192.84.137.2
nameserver 192.84.137.1

Same problem here in Intrepid Ibex, but here when I start PC, nm-applet
commonly connects to my AP and says, that connection was established.
But when I try to open some web page, only some works, and others says, they
were not resolved. When I look into /etc/resolv.conf , i see there:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 158.196.149.9
nameserver 158.196.162.8
nameserver 212.71.150.2
search vsb.cz

-------------

where the "search vsb.cz" should not be there - also i think so.

When I connect again with kvpnc to our VPN at vpn.vsb.cz , all domains
work well again..

Is this symptom still reproducible in 8.10? What happens if you deinstall resolvconf?

Daniel T Chen:

So I installend kvpnc and vpnc again, and removed resolvconf. I tried
to connect to VPN - OK. DNS worker. I disconnected from VPN, and DNS
work also. So I installed resolvconf back again. Made the same test, and
there was no problem now :-) so maybe reinstallation of resolvconf is the
solution, or removal. Thanks for the tip! :-)

New finding: so when I installed resolvconf back, the DNS problems occured again, but now when I connect to VPN. After disconnecting, DNS worked properly again. So I removed resolvconf again and DNS problems disappeared :-) so maybe resolvconf causes this problem.

Using Hardy on AMD64.

To me it looks as though the DNS handling of kvpnc (or openvpn?), NetworkManager and resolvconf do not really go well together.

Case 1: kvpnc, openvpn, NetworkManager, but NO resolvconf:
I can open a VPN connection and everything works fine for some minutes. After some minutes, however, /etc/resolv.conf is overwritten by the default nameserver (I assume by NetworkManager), so that the VPN nameservice doesn't wokr anymore.

Case 2: kvpnc, openvpn, NetworkManager and resolvconf:
NetworkManager uses resolvconf (by way of the ifup-scripts, if I'm not mistaken), however kvpnc does not - it simply overwrites /etc/resolv.conf and saves a copy of the old one. When /etc/resolv.conf is reinstalled by kvpnc after the VPN has been disconnected, it copies the old version of resolv.conf over the kvpnc-version. However, as resolvconf requires a symbolic link, this will destroy the functionality of resolvconf...

Does anybody know how to get kvpnc to use resolvconf? That would probably be the best solution...

I have just filed bug #362747, in which I summarize all the problems in connecting OpenVPN under Kubutnu jaunty.