mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-23 17:34:00 +03:00
resolve: warn when our stub listener is disabled but resolv.conf uses it
Closes #9450.
This commit is contained in:
parent
48f5da19b6
commit
f43580f17d
@ -21,9 +21,49 @@
|
||||
/* A resolv.conf file containing the domain data we learnt from uplink, but our own DNS server address. */
|
||||
#define PRIVATE_STUB_RESOLV_CONF "/run/systemd/resolve/stub-resolv.conf"
|
||||
|
||||
/* A static resolv.conf file containing no domains, but only our own DNS sever address */
|
||||
/* A static resolv.conf file containing no domains, but only our own DNS server address */
|
||||
#define PRIVATE_STATIC_RESOLV_CONF ROOTLIBEXECDIR "/resolv.conf"
|
||||
|
||||
int manager_check_resolv_conf(const Manager *m) {
|
||||
const char *path;
|
||||
struct stat st;
|
||||
int r;
|
||||
|
||||
assert(m);
|
||||
|
||||
/* This warns only when our stub listener is disabled and /etc/resolv.conf is a symlink to
|
||||
* PRIVATE_STATIC_RESOLV_CONF or PRIVATE_STUB_RESOLV_CONF. */
|
||||
|
||||
if (m->dns_stub_listener_mode != DNS_STUB_LISTENER_NO)
|
||||
return 0;
|
||||
|
||||
r = stat("/etc/resolv.conf", &st);
|
||||
if (r < 0) {
|
||||
if (errno == ENOENT)
|
||||
return 0;
|
||||
|
||||
return log_warning_errno(errno, "Failed to stat /etc/resolv.conf: %m");
|
||||
}
|
||||
|
||||
FOREACH_STRING(path,
|
||||
PRIVATE_STUB_RESOLV_CONF,
|
||||
PRIVATE_STATIC_RESOLV_CONF) {
|
||||
|
||||
struct stat own;
|
||||
|
||||
/* Is it symlinked to our own uplink file? */
|
||||
if (stat(path, &own) >= 0 &&
|
||||
st.st_dev == own.st_dev &&
|
||||
st.st_ino == own.st_ino) {
|
||||
log_warning("In spite of DNSStubListner= is disabled, /etc/resolv.conf is a symlink to %s, "
|
||||
"which expects DNSStubListner= is enabled.", path);
|
||||
return -EOPNOTSUPP;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static bool file_is_our_own(const struct stat *st) {
|
||||
const char *path;
|
||||
|
||||
|
@ -4,5 +4,6 @@
|
||||
|
||||
#include "resolved-manager.h"
|
||||
|
||||
int manager_check_resolv_conf(const Manager *m);
|
||||
int manager_read_resolv_conf(Manager *m);
|
||||
int manager_write_resolv_conf(Manager *m);
|
||||
|
@ -80,6 +80,8 @@ int main(int argc, char *argv[]) {
|
||||
/* Write finish default resolv.conf to avoid a dangling symlink */
|
||||
(void) manager_write_resolv_conf(m);
|
||||
|
||||
(void) manager_check_resolv_conf(m);
|
||||
|
||||
/* Let's drop the remaining caps now */
|
||||
r = capability_bounding_set_drop(0, true);
|
||||
if (r < 0) {
|
||||
|
Loading…
Reference in New Issue
Block a user