resolvconf modifies real file /etc/resolv.conf in lieu of /run/resolvconf/resolv.conf

Bug #1032855 reported by MarianoAbsatz on 2012-08-03

This bug report was converted into a question: question #205014: resolvconf modifies real file /etc/resolv.conf in lieu of /run/resolvconf/resolv.conf.

6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
resolvconf (Ubuntu)
Undecided
Unassigned

Bug Description

I manually compiled and installed the unbound DNS resolver on my 12.04 server (upgraded from a 10.04).

Yesterday, after reading http://www.stgraber.org/2012/02/24/dns-in-ubuntu-12-04/ and http://manpages.ubuntu.com/manpages/precise/man8/resolvconf.8.html I took the "minimum breakage path" and simply erased the symlink /etc/resolv.conf (which points to /run/resolvconf/resolv.conf) and created a plain file for /etc/resolv.conf using ::1 as my only resolver.

However, today I found that the file /etc/resolv.conf had been rewritten with the same contents it had before.

Checking a little I found the file modification time was 12:35 and found the following on my syslog:

Aug 3 12:35:40 abako dhclient: DHCPREQUEST of 66.228.40.90 on eth0 to 207.192.68.72 port 67
Aug 3 12:35:40 abako dhclient: DHCPACK of 66.228.40.90 from 207.192.68.72
Aug 3 12:35:40 abako dhclient: bound to 66.228.40.90 -- renewal in 38228 seconds.

So, the primary cuplrit seems to be resolvconf.

What's more, the file modification time for /run/resolvconf/resolv.conf is on June 20th (the day I upgraded from 10.04 to 12.04.

So, IMHO, either resolvconf has a bug or the following paragraph of its manpage is plain wrong:

      The most important piece of software that subscribes to the
       notification service is the set of functions that make up the GNU C
       Library resolver(3). When nameserver information is updated, the
       script /etc/resolvconf/update.d/libc writes a new resolver
       configuration file to /run/resolvconf/resolv.conf and then runs the
       scripts in /etc/resolvconf/update-libc.d/. To make the resolver use
       the dynamically generated resolver configuration file the administrator
       should ensure that /etc/resolv.conf is a symbolic link to
       /run/resolvconf/resolv.conf. This link is never modified by
       resolvconf(8). If you find that /etc/resolv.conf is not being updated,
       check to make sure that the link is intact.

FWIW, resolvconf's version is 1.63ubuntu14

MarianoAbsatz (el-baby) on 2012-08-03
summary: - resolvconf modifies real file /etc/resolv.conf in lieu of (besides?)
+ resolvconf modifies real file /etc/resolv.conf in lieu of
/run/resolvconf/resolv.conf
Steve Langasek (vorlon) wrote :

This is nothing to do with resolvconf. dhclient itself updates /etc/resolv.conf when it receives DNS information from DHCP; and so does Network Manager. The point of having resolvconf as part of the base system in Ubuntu is precisely that all the network management tools want to be able to provide dynamic DNS information, and resolvconf is the first standard framework to let users control this *without* having to chase down half a dozen scripts.

Far from being a "minimum breakage path", replacing the /etc/resolv.conf file with a symlink means you now don't benefit from the (recommended) resolvconf framework.

A more effective way to manage this is by creating /etc/resolvconf/resolv.conf.d/head with your preferred nameserver information. resolvconf knows that ::1 is special and won't include any other dynamic nameserver information.

Changed in resolvconf (Ubuntu):
status: New → Invalid
MarianoAbsatz (el-baby) wrote :

Thanks for your help, vorlon.

So Network Manager and dhclient are NOT currently invoking resolvconf, BUT they're actually handling /etc/resolv.conf by themselves?

This is not what the manpage implies (or what I understand form it)

Who/what are using resolvconf, then?

On Sat, Aug 04, 2012 at 12:44:34AM -0000, MarianoAbsatz wrote:
> So Network Manager and dhclient are NOT currently invoking resolvconf,
> BUT they're actually handling /etc/resolv.conf by themselves?

This will definitely be the case for dhclient. It may or may not also be
the case for NM, depending on how NM decides whether to invoke resolvconf
vs. editing directly. (I haven't looked closely at the details.)

> This is not what the manpage implies (or what I understand form it)

If you can point to particular language in the manpage which contradicts
this, we should fix it.

> Who/what are using resolvconf, then?

By default, when /etc/resolv.conf is not a symlink, nothing is.

MarianoAbsatz (el-baby) wrote :
Download full text (4.3 KiB)

Hi vorlon,

thanks again for your message. I just tried to convert this bug into a question but launchpad wouldn't let me since it seems that should've been done before turning it into invalid.

Please don't rush an answer since, at least for me, it is now more of a will for understanding what happens than a bug in need of a fix.

On 03/08/12 22:17, Steve Langasek wrote:
> On Sat, Aug 04, 2012 at 12:44:34AM -0000, MarianoAbsatz wrote:
>> So Network Manager and dhclient are NOT currently invoking resolvconf,
>> BUT they're actually handling /etc/resolv.conf by themselves?
>
> This will definitely be the case for dhclient. It may or may not also be
> the case for NM, depending on how NM decides whether to invoke resolvconf
> vs. editing directly. (I haven't looked closely at the details.)
>
>> This is not what the manpage implies (or what I understand form it)
>
> If you can point to particular language in the manpage which contradicts
> this, we should fix it.

Quoting http://manpages.ubuntu.com/manpages/precise/man8/resolvconf.8.html section PUBLICATION:
      Normally resolvconf is run only by hook scripts attached to network
       interface configurers such as pppd(8) (for ppp interfaces), to DHCP
       clients such as dhclient(8), to ifup(8) and ifdown, and to DNS caches
       such as dnsmasq(8) (for the loopback interface). These hook scripts
       furnish resolvconf with information about nameservers. For example,
       dhclient receives one or more nameserver addresses during its
       negotiation with the DHCP server; its hook script /etc/dhcp/dhclient-
       enter-hooks.d/resolvconf pushes this information to resolvconf.

From this paragraph I understand that resolvconf is invoked by dhclient.

Below that, in section PUBLICATION:

      The most important piece of software that subscribes to the
       notification service is the set of functions that make up the GNU C
       Library resolver(3). When nameserver information is updated, the
       script /etc/resolvconf/update.d/libc writes a new resolver
       configuration file to /run/resolvconf/resolv.conf and then runs the
       scripts in /etc/resolvconf/update-libc.d/. To make the resolver use
       the dynamically generated resolver configuration file the administrator
       should ensure that /etc/resolv.conf is a symbolic link to
       /run/resolvconf/resolv.conf. This link is never modified by
       resolvconf(8). If you find that /etc/resolv.conf is not being updated,
       check to make sure that the link is intact.

From this paragraph I understand that resolvconf modifies /run/resolvconf/resolv.conf AND NOT /etc/resolv.conf

After reading these two paragraph I thought (though I can be wrong) that:

1) dhclient doesn't handle /etc/resolv.conf directly but, instead, invokes resolvconf
2) resolvconf NEVER modifies /etc/resolv.conf but, instead, modifies /run/resolvconf/resolv.conf

3) (implied by me) If dhclient doesn't modify /etc/resolv.conf directly AND neither does resolvconf, then, if /etc/resolv.conf is NOT a symlink to /run/resolvconf/resolv.conf, no o...

Read more...

Changed in resolvconf (Ubuntu):
status: Invalid → New
status: New → Invalid
MarianoAbsatz (el-baby) wrote :

I was able to convert the bug into a question :-)

Thomas Hood (jdthood) wrote :

MarianoAbsatz wrote:
> After reading these two paragraph I thought (though I can be wrong) that:
>
> 1) dhclient doesn't handle /etc/resolv.conf directly but, instead, invokes resolvconf

If resolvconf is installed then dhclient calls resolvconf, otherwise it writes to /etc/resolv.conf directly. For details please read the make_resolv_conf() function in /sbin/dhclient-script.

> 2) resolvconf NEVER modifies /etc/resolv.conf but, instead, modifies
> /run/resolvconf/resolv.conf

Correct. The program /bin/resolvconf never touches /etc/resolv.conf directly.

But please note that the resolvconf *package* does put a symbolic link at /etc/resolv.conf at installation time unless you have told it not to or it thinks that it has already been installed before.

My advice: Install resolvconf which causes dhclient and similar programs to refrain from stomping on /etc/resolv.conf. Make sure that /etc/resolv.conf is a symbolic link "../resolvconf/resolv.conf". Then configure resolvconf so that it behaves the way you want. E.g., put

    nameserver ::1

in /etc/resolvconf/resolv.conf.d/base

so that this nameserver address is included in resolv.conf.

Thomas Hood (jdthood) wrote :

Correction. The symbolic link /etc/resolv.conf should be "../run/resolvconf/resolv.conf" (and not "../resolvconf/resolv.conf").

Thomas Hood (jdthood) wrote :

I wrote:
> If resolvconf is installed then dhclient calls resolvconf, otherwise it
> writes to /etc/resolv.conf directly. For details please read the
> make_resolv_conf() function in /sbin/dhclient-script.

And for details of what happens when resolvconf is installed, look at /etc/dhcp/dhclient-enter-hooks.d/resolvconf.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers