I have the same problem on Ubuntu 14.04 Trusty Tahr.
Not sure this is a bug, though, just a M$ Windows-only feature as it's a TCP/IP extended property. The man page for OpenVPN describes --dhcp-option as a Windows-specific option.
If the OpenVPN server pushes a DNS server address to the client with, eg
dhcp-option DNS 8.8.8.8
then on a Linux platform this option is not actioned by the client. Instead it is copied to a set of incrementally numbered local environment variables named
foreign_option_{n}
which are available to scripts run by the --up and --down OpenVPN options.
The /etc/openvpn/update-resolve-conf script provided with the OpenVPN package parses these environment variables and
calls resolvconf to effectively do the same job in a Linuxy way.
Comment #5 is invalid since the script uses resolvconf to update /etc/resolv.conf -- it is not edited directly.
This is not, therefore, an OpenVPN bug, excepting that the current OpenVPN solution requires a reduced security policy by allowing builtin executables and scripts to be called when, by design, this is normally prohibited by default.
It is a feature request for Network Manager, though.
I have the same problem on Ubuntu 14.04 Trusty Tahr.
Not sure this is a bug, though, just a M$ Windows-only feature as it's a TCP/IP extended property. The man page for OpenVPN describes --dhcp-option as a Windows-specific option.
If the OpenVPN server pushes a DNS server address to the client with, eg
dhcp-option DNS 8.8.8.8
then on a Linux platform this option is not actioned by the client. Instead it is copied to a set of incrementally numbered local environment variables named
foreign_option_{n}
which are available to scripts run by the --up and --down OpenVPN options.
The /etc/openvpn/ update- resolve- conf script provided with the OpenVPN package parses these environment variables and
calls resolvconf to effectively do the same job in a Linuxy way.
Comment #5 is invalid since the script uses resolvconf to update /etc/resolv.conf -- it is not edited directly.
This is not, therefore, an OpenVPN bug, excepting that the current OpenVPN solution requires a reduced security policy by allowing builtin executables and scripts to be called when, by design, this is normally prohibited by default.
It is a feature request for Network Manager, though.