From 1c4a7bd5dd287b4bdbe72fa067a87000070c8a96 Mon Sep 17 00:00:00 2001 From: Michael Shigorin Date: Mon, 19 Feb 2018 12:51:46 +0300 Subject: [PATCH] net, net-dns: don't spam lo iface Putting any configuration into /etc/net/ifaces/lo/resolv.conf makes etcnet *overwrite* /etc/resolv.conf, while putting that into /etc/resolv.conf itself makes e.g. vzctl --nameserver *append* to what's been specified. Reported-by: Gleb Fotengauer-Malinovskiy --- .../net-dns/rootfs/image-scripts.d/60-net-dns | 16 +++++++++++++++- .../net/rootfs/image-scripts.d/50-net-resolv | 17 +++-------------- 2 files changed, 18 insertions(+), 15 deletions(-) diff --git a/features.in/net-dns/rootfs/image-scripts.d/60-net-dns b/features.in/net-dns/rootfs/image-scripts.d/60-net-dns index 4630c6ba..01dfa901 100755 --- a/features.in/net-dns/rootfs/image-scripts.d/60-net-dns +++ b/features.in/net-dns/rootfs/image-scripts.d/60-net-dns @@ -1,3 +1,17 @@ #!/bin/sh # set default nameserver, if any -for i in $GLOBAL_NAMESERVERS; do echo "nameserver $i"; done >> /etc/resolv.conf + +if [ $GLOBAL_NAMESERVERS = "example" ]; then + echo "# yandex" + echo "#nameserver 77.88.8.1" + echo "# google" + echo "#nameserver 8.8.8.8" + echo "# level3" + echo "#nameserver 4.2.2.1" + echo "#nameserver 4.2.2.2" + echo "#nameserver 4.2.2.3" +else + for i in $GLOBAL_NAMESERVERS; do + echo "nameserver $i" + done +fi >> /etc/resolv.conf diff --git a/features.in/net/rootfs/image-scripts.d/50-net-resolv b/features.in/net/rootfs/image-scripts.d/50-net-resolv index d5863ac5..e1222fa1 100755 --- a/features.in/net/rootfs/image-scripts.d/50-net-resolv +++ b/features.in/net/rootfs/image-scripts.d/50-net-resolv @@ -1,19 +1,8 @@ #!/bin/sh +# see also net-dns feature for actual nameserver control -# offer some convenient servers for static configuration cases -# (see also net-dns feature) -if [ -d /etc/net/ifaces/lo ]; then - { - echo "# yandex" - echo "#nameserver 77.88.8.1" - echo "# google" - echo "#nameserver 8.8.8.8" - echo "# level3" - echo "#nameserver 4.2.2.1" - echo "#nameserver 4.2.2.2" - echo "#nameserver 4.2.2.3" - } >> /etc/net/ifaces/lo/resolv.conf -fi +# purge hasher-provided files potentially disclosing +# build host's network configuration bits find /var -name resolv.conf -or -name nsswitch.conf -delete # hasher might have carried host /etc/hosts over, need to overwrite