Ubuntu

Please make NetworkManager-controlled dnsmasq respect /etc/hosts

Reported by jerico on 2012-05-02
214
This bug affects 49 people
Affects Status Importance Assigned to Milestone
network-manager (Ubuntu)
Undecided
Unassigned

Bug Description

Since 12.04 NetworkManager uses the dnsmasq plugin by default to resolve DNS requests. Unfortunately the dnsmasq plug-in has --no-hosts, etc. hard coded [1] which means (among other things) that after the upgrade to 12.04 /etc/hosts will no longer be used to resolve DNS requests. This changes the prior behavior of NetworkManager without any visible warning to the end user. AFAICS there's no other way to work around this problem as to manually revert the change and disable the dnsmasq plug-in in the NetworkManager config, see [2,3]:

"To turn off dnsmasq in Network Manager, you need to edit /etc/NetworkManager/NetworkManager.conf and comment the 'dns=dnsmasq' line then do a 'sudo restart network-manager'."

This is of course not a bug in the NetworkManager which just behaves as intended. The problem is in the change of the configuration of the Ubuntu packaging which will probably leave many wondering why their /etc/hosts suddenly no longer works. This cost me considerable time to debug and probably is a usability problem for others, too.

Maybe you could provide a more visible documentation than that in [3]? E.g., *including a comment in /etc/hosts that explains the change* and how to work around it would have saved me a lot of time. It would have automatically alerted me on upgrade as manual changes to /etc/hosts would then have triggered a prompt while leaving those users with standard /etc/hosts in peace.

Probably similar problems arise with other disabled config files and could be alerted to the users? Thinking of resolv.conf, etc.

[1] http://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/src/dnsmasq-manager/nm-dnsmasq-manager.c, line 285
[2] i.e. http://ubuntuforums.org/showthread.php?t=1968061
[3] http://www.stgraber.org/2012/02/24/dns-in-ubuntu-12-04/

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in network-manager (Ubuntu):
status: New → Confirmed
god (humper) wrote :

How come the importance is still not set to 'critical'?
It completely breaks network setup for many users.

Allan Pratt (apratt-) wrote :

I hope the relevant people notice this bug report soon, it's serious. Failure to respect /etc/hosts removes a powerful way to manage networks and also to block ads and some types of web threats.

You can disable dnsmasq by commenting it out in the NetworkManager config, as the OP said, but there is also a hacky way to let run dnsmasq but remove the --no-hosts option: wrap dnsmasq in a shell script that passes all parameters except that one to the original binary.

This answer was found at http://askubuntu.com/questions/117899/configure-dnsmasq-to-use-etc-hosts-file which helpfully linked back to this bug.

Thomas Hood (jdthood) on 2012-06-22
summary: - NetworkManager does not use local hosts configuration any more
+ NetworkManager-controlled dnsmasq does not respect /etc/hosts

This affects me as well. Unfortunately commenting out dns=dnsmasq in /etc/NetworkManager/NetworkManager.conf doesn't seem to help.

Thomas Hood (jdthood) wrote :

@karloskar wrote:
> Unfortunately commenting out dns=dnsmasq in /etc/NetworkManager/NetworkManager.conf doesn't seem to help

What's the "hosts" line in your /etc/nsswitch.conf?

Thomas Hood (jdthood) on 2012-07-17
summary: - NetworkManager-controlled dnsmasq does not respect /etc/hosts
+ Please make NetworkManager-controlled dnsmasq respect /etc/hosts
Thomas Hood (jdthood) wrote :

@Christian: Can you explain how everything was configured when it worked? Were you using dnsmasq locally?

Thomas Hood (jdthood) wrote :

Contributors have claimed here (bug #993298) above that /etc/hosts is no longer respected, but that is not the case. As always, with

    hosts: files [...]

in /etc/nsswitch.conf, the libc resolver consults /etc/hosts first.

Yes, NM runs dnsmasq with the no-hosts option. Consequently a DNS lookup on 127.0.0.1 does not respect /etc/hosts. But prior to Ubuntu 12.04, NM didn't start a local nameserver at all; no DNS lookups were done externally and /etc/hosts wasn't respected then either.

The contributors who say that /etc/hosts is "no longer" consulted must (I conclude) have been running the standalone server version of dnsmasq before. That dnsmasq respects /etc/hosts and listens at 127.0.0.1 by default. Now, because of bug #959037 it is not possible in Ubuntu 12.04 to run standalone dnsmasq alongside nm-dnsmasq. But it *is* possible to run standalone dnsmasq if nm-dnsmasq is disabled (by commenting out "dns=dnsmasq" in /etc/NetworkManager/NetworkManager.conf and restarting network-manager) and that should restore the old situation.

Assuming that the underlying wish is that standalone dnsmasq can be run without the need to comment out "dns=dnsmasq", I propose to merge this report with #959037 which discusses ways of realizing this. See, for example, comment #88 in that bug report.

jerico (jerico-dev) wrote :

The previous poster wrote: "But prior to Ubuntu 12.04, NM didn't start a local nameserver at all; no DNS lookups were done externally and /etc/hosts wasn't respected then either."

IMO this is not true. I've got no instance of dnsmasq running and entries in /etc/hosts are respected when e.g. letting Firefox (or any other application I've access to) resolve URLs.

AFAIK /etc/hosts is in not directly linked to dnsmasq and it doesn't matter whether DNS lookups are done externally or not. The hosts mechanism is much older than dnsmasq. For backwards compatibility it has always been maintained as a first layer of resolving host names. IMO it is most unusual for a Linux distribution to provide a default configuration that does not respect /etc/hosts. To my knowledge there's no other operating system distribution (including Mac + Windows) that does so.

Of course you are free to configure default Ubuntu as you like. But it would be great to respect published upgrade policy. What happened is that the upgrade to 12.04 silently changed the configuration in a way that broke all working /etc/hosts configurations. It is basic Debian/Ubuntu policy that such a thing should not happen without at least consulting the user and giving him/her a choice or a heads up.

Thomas Hood (jdthood) wrote :

Argh, I wrote "But prior to Ubuntu 12.04, NM didn't start a local nameserver at all; no DNS lookups were done externally and /etc/hosts wasn't respected then either." There's a typo in there. I meant to say:

    But prior to Ubuntu 12.04, NM didn't start a local nameserver at all; DNS lookups were done externally and /etc/hosts wasn't respected then either.

Thomas Hood (jdthood) wrote :

jerico wrote:
> I've got no instance of dnsmasq running and entries
> in /etc/hosts are respected when e.g. letting Firefox
> (or any other application I've access to) resolve URLs.

Yes, that is because the libc resolver consults /etc/hosts without doing a DNS lookup.

> AFAIK /etc/hosts is in not directly linked to dnsmasq
> and it doesn't matter whether DNS lookups are done
> externally or not.

The standalone dnsmasq (i.e., the dnsmasq that runs when the dnsmasq package is installed) does consult /etc/hosts when resolving names. This feature can be disabled.

> The hosts mechanism is much older than dnsmasq.

That's true.

[...]
> IMO it is most unusual for a Linux distribution to provide
> a default configuration that does not respect /etc/hosts.

That would be highly unusual. Ubuntu is not unusual in this respect. In Ubuntu 12.04 /etc/nsswitch contains

    hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4

thus for host name lookups the libc resolver looks first at /etc/hosts.

Try this yourself. Add the line

    1.2.3.4 foo

to /etc/hosts and then try "ping foo".

     $ ping foo
    PING foo (1.2.3.4) 56(84) bytes of data.
    ^C

Changed in network-manager (Ubuntu):
status: Confirmed → Opinion
Christian (bolek2000) wrote :

I removed my comment, because I found out that there was a mistake in my Kerberos config. I couldn't figure it out because the ping <host> doesn't work in my case because the companies firewall doesn't allow it. Its better to use something like traceroute <host> in this case. But sometimes one cannot see things ;-) So luckily I must admit that /etc/hosts works for me.

marcond@gmail.com (marcond) wrote :

Well, my system is a fresh install were I just preserved my home directory and the 1.2.3.4 foo doesn't works.

The nsswitch.conf does have the 'files' on the hosts: entry. So, I must assume that either:

1) My system install was broken someway OR
2) There is some config file on user's home which can affect the DNS resolving OR
2) indeed /etc/hosts is being IGNORED, on a fresh install.

Well, I don't have time to dig into this, but I will gladly give any required information you request.

It's great that /etc/hosts is still consulted by ordinary lookups originating from the Ubuntu system, but the hardcoded removal of /etc/hosts use from dnsmasq config causes other problems, for example if you want this system to provide DNS services for other machines, for example even VMs running in VirtualBox, etc. on the same host. So, while there may be some sense of removing the redundant /etc/hosts use for dnsmasq by default, please make it easier to undo this default, by making the command-line arguments / config user-visible in a config file, not hardcoded somewhere inaccessibly. Thanks!

Gary Edwards (gedwards-a) wrote :

I just did a fresh install on 2 laptops that were working fine with version 12.04. Both laptops have this issue with version 12.10. I've tried commenting out dns=dnsmasq in /etc/NetworkManager/NetworkManager.conf and creating a wrapper script for dnsmasq that removes the --no-hosts option. Neither of these suggestions worked and the wrapper script caused the system startup to hang.

I've read comments that the dnsmasq functionality has been part of Network Manager since version 12.04; however, I didn't see this problem on 12.04. It seems that something changed with 12.10 to manifest it. I'm surprised that I haven't seen more reports of it. It also seems odd that some are reporting that the work arounds worked and others are not reporting the problem at all.

I agree with another poster that this bug should be marked critical. It's very annoying that such a basic and critical OS functionality was broken and the bug is only marked as Opinion and remains unassigned. I held off on installing 12.10 to allow time for bug fixes but, sadly, I didn't wait long enough.

lengzhen (hhylx1950) on 2012-12-15
Changed in network-manager (Ubuntu):
status: Opinion → Confirmed

Has this now been resolved?

Because it appears to be working without any of the hack mentioned in askubuntu.

Fastguy (erenoglu) wrote :

I'm on Ubuntu 14.04. This is affecting me. I'm sharing my wifi connection. The problem is that there's a server that has to be queried from a DNS outside of my normal one, but since dnsmasq is using default DNS servers set by dhcp, the devices behind this shared wifi connection can't connect to that specific server.
 I need to add a line to dnsmasq configuration, such as
server=/this.specific.server/specific.dns.ip
I found no way to do it and even trying to send a message with dbus did not work (for me). Probably I could not sort it out.

I have the specific server ip hardcoded in the /etc/hosts file. If dnsmasq respected the /etc/hosts file, then the hosts behind the shared wifi connection could have obtained the right ip address for the server.

It's very strange to hardcode dnsmasq parameters into the C code rather than leaving it out to some configuration file.

Fastguy (erenoglu) wrote :

OK, I managed to send a dbus signal to set specific dns for a specific domain but this signal went to the initial dnsmasq started when system booted up.
So the dnsmasq started by the wifi sharing connection has no dbus interface and it doesn't read the /etc/hosts. It has totally static hardcoded configuration.

The only way to overcome this issue was the very dirty solution of putting dnsmasq in a wrapper script to remove the --no-hosts parameter :(

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers