[Pkg-utopia-maintainers] Bug#813803: Bug#813803: Bug#813803: network-manager: Network-manager update to 1.1.90-4 in unstable broken if resolvconf enabled
Giacomo Mulas
gmulas at oa-cagliari.inaf.it
Fri Feb 5 18:47:40 UTC 2016
On Fri, 5 Feb 2016, Michael Biebl wrote:
> Well, as I wrote, the scripts are indeed called by NetworkManager (via
> /etc/NetworkManager/dispatcher.d/01ifupdown), *but* the
> IF_DNS_* variables are not set if the interface is managed by NM, so,
> the hook scripts becomes basically a nop.
yes, sorry, our emails crossed, I saw your reply only after sending mine...
> You could just try to move it away (temporarily) and see what happens
> when you activate/deactivate a NM managed interface.
I just tried, and indeed /etc/resolv.conf gets updated by resolvconf anyway.
So you are right, the update of /etc/resolv.conf is triggered by something
else.
>> NetworkManager[26333]: <warn> dns-mgr: could not commit DNS changes:
>> resolvconf failed with status 3072
>
> This one is the interesting error case. Does the openresolvconf man page
> document, what return code 3072 means?
the man page does not document it. However, the resolvconf in openresolv is
just a shell script, which I attach to this email. I suspect the exit code
is the result of merging several pieces of information. I could set the -x
flag in the script, so that it echoes to stderr what it does, but I don't
know what NetworkManager does with the stderr or resolvconf when it calls
it...
> I suspect there might be incompatibilities between openresolv and
> resolvconf. Could you try installing resolvconf instead of openresolv
> and see if that exhibits the same problem?
I would rather avoid it: I remember at some point in the past I was forced
to update to openresolv (resolvconf was removed from debian unstable for
some time), and this required quite some fiddling with various exim and
bind9 configuration bits to get them to work properly, I'd rather avoid to
go through that again if not really necessary...
>> In any case, this appears to be harmless, since the interface is activated
>> and resolvconf does its job via the hooks.
>
> I don't think the hooks are respsonsible for updating /etc/resolv.conf
> (see above). But it would still be interesting to know, why
> /sbin/resolvconf returns a non-zero exit status.
if I can get resolvconf to echo what it does to stdout or stderr, where
would NetworkManager put these?
Bye
Giacomo
--
_________________________________________________________________
Giacomo Mulas <gmulas at oa-cagliari.inaf.it>
_________________________________________________________________
INAF - Osservatorio Astronomico di Cagliari
via della scienza 5 - 09047 Selargius (CA)
tel. +39 070 71180244
mob. : +39 329 6603810
_________________________________________________________________
"When the storms are raging around you, stay right where you are"
(Freddy Mercury)
_________________________________________________________________
-------------- next part --------------
#!/bin/sh
# Copyright (c) 2007-2015 Roy Marples
# All rights reserved
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
RESOLVCONF="$0"
SYSCONFDIR=/etc
LIBEXECDIR=/lib/resolvconf
VARDIR=/run/resolvconf
# Disregard dhcpcd setting
unset interface_order state_dir
# If you change this, change the test in VFLAG and libc.in as well
local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1"
dynamic_order="tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]*"
interface_order="lo lo[0-9]*"
name_server_blacklist="0.0.0.0"
# Support original resolvconf configuration layout
# as well as the openresolv config file
if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then
. "$SYSCONFDIR"/resolvconf.conf
[ -n "$state_dir" ] && VARDIR="$state_dir"
elif [ -d "$SYSCONFDIR/resolvconf" ]; then
SYSCONFDIR="$SYSCONFDIR/resolvconf"
if [ -f "$SYSCONFDIR"/interface-order ]; then
interface_order="$(cat "$SYSCONFDIR"/interface-order)"
fi
fi
IFACEDIR="$VARDIR/interfaces"
METRICDIR="$VARDIR/metrics"
PRIVATEDIR="$VARDIR/private"
EXCLUSIVEDIR="$VARDIR/exclusive"
LOCKDIR="$VARDIR/lock"
warn()
{
echo "$*" >&2
}
error_exit()
{
echo "$*" >&2
exit 1
}
usage()
{
cat <<-EOF
Usage: ${RESOLVCONF##*/} [options]
Inform the system about any DNS updates.
Options:
-a \$INTERFACE Add DNS information to the specified interface
(DNS supplied via stdin in resolv.conf format)
-m metric Give the added DNS information a metric
-p Mark the interface as private
-x Mark the interface as exclusive
-d \$INTERFACE Delete DNS information from the specified interface
-f Ignore non existant interfaces
-I Init the state dir
-u Run updates from our current DNS information
-l [\$PATTERN] Show DNS information, optionally from interfaces
that match the specified pattern
-i [\$PATTERN] Show interfaces that have supplied DNS information
optionally from interfaces that match the specified
pattern
-v [\$PATTERN] echo NEWDOMAIN, NEWSEARCH and NEWNS variables to
the console
-h Show this help cruft
EOF
[ -z "$1" ] && exit 0
echo
error_exit "$*"
}
echo_resolv()
{
local line= OIFS="$IFS"
[ -n "$1" -a -f "$IFACEDIR/$1" ] || return 1
echo "# resolv.conf from $1"
# Our variable maker works of the fact each resolv.conf per interface
# is separated by blank lines.
# So we remove them when echoing them.
while read -r line; do
IFS="$OIFS"
if [ -n "$line" ]; then
# We need to set IFS here to preserve any whitespace
IFS=''
printf "%s\n" "$line"
fi
done < "$IFACEDIR/$1"
echo
IFS="$OIFS"
}
# Parse resolv.conf's and make variables
# for domain name servers, search name servers and global nameservers
parse_resolv()
{
local line= ns= ds= search= d= n= newns=
local new=true iface= private=false p= domain= l= islocal=
newns=
while read -r line; do
case "$line" in
"# resolv.conf from "*)
if ${new}; then
iface="${line#\# resolv.conf from *}"
new=false
if [ -e "$PRIVATEDIR/$iface" ]; then
private=true
else
# Allow expansion
cd "$IFACEDIR"
private=false
for p in $private_interfaces; do
case "$iface" in
"$p"|"$p":*) private=true; break;;
esac
done
fi
fi
;;
"nameserver "*)
islocal=false
for l in $local_nameservers; do
case "${line#* }" in
$l)
islocal=true
echo "LOCALNAMESERVERS=\"\$LOCALNAMESERVERS ${line#* }\""
break
;;
esac
done
$islocal || ns="$ns${line#* } "
;;
"domain "*)
if [ -z "$domain" ]; then
domain="${line#* }"
echo "DOMAIN=\"$domain\""
fi
search="${line#* }"
;;
"search "*)
search="${line#* }"
;;
*)
[ -n "$line" ] && continue
if [ -n "$ns" -a -n "$search" ]; then
newns=
for n in $ns; do
newns="$newns${newns:+,}$n"
done
ds=
for d in $search; do
ds="$ds${ds:+ }$d:$newns"
done
echo "DOMAINS=\"\$DOMAINS $ds\""
fi
echo "SEARCH=\"\$SEARCH $search\""
if ! $private; then
echo "NAMESERVERS=\"\$NAMESERVERS $ns\""
fi
ns=
search=
new=true
;;
esac
done
}
uniqify()
{
local result=
while [ -n "$1" ]; do
case " $result " in
*" $1 "*);;
*) result="$result $1";;
esac
shift
done
echo "${result# *}"
}
dirname()
{
local dir= OIFS="$IFS"
local IFS=/
set -- $@
IFS="$OIFS"
if [ -n "$1" ]; then
printf %s .
else
shift
fi
while [ -n "$2" ]; do
printf "/%s" "$1"
shift
done
printf "\n"
}
config_mkdirs()
{
local e=0 f d
for f; do
[ -n "$f" ] || continue
d="$(dirname "$f")"
if [ ! -d "$d" ]; then
if type install >/dev/null 2>&1; then
install -d "$d" || e=$?
else
mkdir "$d" || e=$?
fi
fi
done
return $e
}
list_resolv()
{
[ -d "$IFACEDIR" ] || return 0
local report=false list= retval=0 cmd="$1" excl=
shift
case "$IF_EXCLUSIVE" in
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
if [ -d "$EXCLUSIVEDIR" ]; then
cd "$EXCLUSIVEDIR"
for i in *; do
if [ -f "$i" ]; then
list="${i#* }"
break
fi
done
fi
excl=true
;;
*)
excl=false
;;
esac
# If we have an interface ordering list, then use that.
# It works by just using pathname expansion in the interface directory.
if [ -n "$1" ]; then
list="$*"
$force || report=true
elif ! $excl; then
cd "$IFACEDIR"
for i in $interface_order; do
[ -f "$i" ] && list="$list $i"
for ii in "$i":* "$i".*; do
[ -f "$ii" ] && list="$list $ii"
done
done
for i in $dynamic_order; do
if [ -e "$i" -a ! -e "$METRICDIR/"*" $i" ]; then
list="$list $i"
fi
for ii in "$i":* "$i".*; do
if [ -f "$ii" -a ! -e "$METRICDIR/"*" $ii" ]; then
list="$list $ii"
fi
done
done
if [ -d "$METRICDIR" ]; then
cd "$METRICDIR"
for i in *; do
[ -f "$i" ] && list="$list ${i#* }"
done
fi
list="$list *"
fi
cd "$IFACEDIR"
retval=1
for i in $(uniqify $list); do
# Only list interfaces which we really have
if ! [ -f "$i" ]; then
if $report; then
echo "No resolv.conf for interface $i" >&2
retval=2
fi
continue
fi
if [ "$cmd" = i -o "$cmd" = "-i" ]; then
printf %s "$i "
else
echo_resolv "$i"
fi
[ $? = 0 -a "$retval" = 1 ] && retval=0
done
[ "$cmd" = i -o "$cmd" = "-i" ] && echo
return $retval
}
list_remove() {
local list= e= l= result= found= retval=0
[ -z "$2" ] && return 0
eval list=\"\$$1\"
shift
set -f
for e; do
found=false
for l in $list; do
case "$e" in
$l) found=true;;
esac
$found && break
done
if $found; then
retval=$(($retval + 1))
else
result="$result $e"
fi
done
set +f
echo "${result# *}"
return $retval
}
echo_prepend()
{
echo "# Generated by resolvconf"
if [ -n "$search_domains" ]; then
echo "search $search_domains"
fi
for n in $name_servers; do
echo "nameserver $n"
done
echo
}
echo_append()
{
echo "# Generated by resolvconf"
if [ -n "$search_domains_append" ]; then
echo "search $search_domains_append"
fi
for n in $name_servers_append; do
echo "nameserver $n"
done
echo
}
replace()
{
local r= k= f= v= val= sub=
while read -r keyword value; do
for r in $replace; do
k="${r%%/*}"
r="${r#*/}"
f="${r%%/*}"
r="${r#*/}"
v="${r%%/*}"
case "$keyword" in
$k)
case "$value" in
$f) value="$v";;
esac
;;
esac
done
val=
for sub in $value; do
for r in $replace_sub; do
k="${r%%/*}"
r="${r#*/}"
f="${r%%/*}"
r="${r#*/}"
v="${r%%/*}"
case "$keyword" in
$k)
case "$sub" in
$f) sub="$v";;
esac
;;
esac
done
val="$val${val:+ }$sub"
done
printf "%s %s\n" "$keyword" "$val"
done
}
make_vars()
{
local newdomains= d= dn= newns= ns=
# Clear variables
DOMAIN=
DOMAINS=
SEARCH=
NAMESERVERS=
LOCALNAMESERVERS=
if [ -n "$name_servers" -o -n "$search_domains" ]; then
eval "$(echo_prepend | parse_resolv)"
fi
if [ -z "$VFLAG" ]; then
IF_EXCLUSIVE=1
list_resolv -i "$@" >/dev/null || IF_EXCLUSIVE=0
eval "$(list_resolv -l "$@" | replace | parse_resolv)"
fi
if [ -n "$name_servers_append" -o -n "$search_domains_append" ]; then
eval "$(echo_append | parse_resolv)"
fi
# Ensure that we only list each domain once
for d in $DOMAINS; do
dn="${d%%:*}"
list_remove domain_blacklist "$dn" >/dev/null || continue
case " $newdomains" in
*" ${dn}:"*) continue;;
esac
newns=
for nd in $DOMAINS; do
if [ "$dn" = "${nd%%:*}" ]; then
ns="${nd#*:}"
while [ -n "$ns" ]; do
case ",$newns," in
*,${ns%%,*},*) ;;
*) list_remove name_server_blacklist \
"${ns%%,*}" >/dev/null \
&& newns="$newns${newns:+,}${ns%%,*}";;
esac
[ "$ns" = "${ns#*,}" ] && break
ns="${ns#*,}"
done
fi
done
if [ -n "$newns" ]; then
newdomains="$newdomains${newdomains:+ }$dn:$newns"
fi
done
DOMAIN="$(list_remove domain_blacklist $DOMAIN)"
SEARCH="$(uniqify $SEARCH)"
SEARCH="$(list_remove domain_blacklist $SEARCH)"
NAMESERVERS="$(uniqify $NAMESERVERS)"
NAMESERVERS="$(list_remove name_server_blacklist $NAMESERVERS)"
LOCALNAMESERVERS="$(uniqify $LOCALNAMESERVERS)"
LOCALNAMESERVERS="$(list_remove name_server_blacklist $LOCALNAMESERVERS)"
echo "DOMAIN='$DOMAIN'"
echo "SEARCH='$SEARCH'"
echo "NAMESERVERS='$NAMESERVERS'"
echo "LOCALNAMESERVERS='$LOCALNAMESERVERS'"
echo "DOMAINS='$newdomains'"
}
force=false
VFLAG=
while getopts a:Dd:fhIilm:puvVx OPT; do
case "$OPT" in
f) force=true;;
h) usage;;
m) IF_METRIC="$OPTARG";;
p) IF_PRIVATE=1;;
V)
VFLAG=1
if [ "$local_nameservers" = \
"127.* 0.0.0.0 255.255.255.255 ::1" ]
then
local_nameservers=
fi
;;
x) IF_EXCLUSIVE=1;;
'?') ;;
*) cmd="$OPT"; iface="$OPTARG";;
esac
done
shift $(($OPTIND - 1))
args="$iface${iface:+ }$*"
# -I inits the state dir
if [ "$cmd" = I ]; then
if [ -d "$VARDIR" ]; then
rm -rf "$VARDIR"/*
fi
exit $?
fi
# -D ensures that the listed config file base dirs exist
if [ "$cmd" = D ]; then
config_mkdirs "$@"
exit $?
fi
# -l lists our resolv files, optionally for a specific interface
if [ "$cmd" = l -o "$cmd" = i ]; then
list_resolv "$cmd" "$args"
exit $?
fi
# Not normally needed, but subscribers should be able to run independently
if [ "$cmd" = v -o -n "$VFLAG" ]; then
make_vars "$iface"
exit $?
fi
# Test that we have valid options
if [ "$cmd" = a -o "$cmd" = d ]; then
if [ -z "$iface" ]; then
usage "Interface not specified"
fi
elif [ "$cmd" != u ]; then
[ -n "$cmd" -a "$cmd" != h ] && usage "Unknown option $cmd"
usage
fi
if [ "$cmd" = a ]; then
for x in '/' \\ ' ' '*'; do
case "$iface" in
*[$x]*) error_exit "$x not allowed in interface name";;
esac
done
for x in '.' '-' '~'; do
case "$iface" in
[$x]*) error_exit \
"$x not allowed at start of interface name";;
esac
done
[ "$cmd" = a -a -t 0 ] && error_exit "No file given via stdin"
fi
if [ ! -d "$VARDIR" ]; then
if [ -L "$VARDIR" ]; then
dir="$(readlink "$VARDIR")"
# link maybe relative
cd "${VARDIR%/*}"
if ! mkdir -m 0755 -p "$dir"; then
error_exit "Failed to create needed" \
"directory $dir"
fi
else
if ! mkdir -m 0755 -p "$VARDIR"; then
error_exit "Failed to create needed" \
"directory $VARDIR"
fi
fi
fi
if [ ! -d "$IFACEDIR" ]; then
mkdir -m 0755 -p "$IFACEDIR" || \
error_exit "Failed to create needed directory $IFACEDIR"
if [ "$cmd" = d ]; then
# Provide the same error messages as below
if ! ${force}; then
cd "$IFACEDIR"
for i in $args; do
warn "No resolv.conf for interface $i"
done
fi
${force}
exit $?
fi
fi
# An interface was added, changed, deleted or a general update was called.
# Due to exclusivity we need to ensure that this is an atomic operation.
# Our subscribers *may* need this as well if the init system is sub par.
# As such we spinlock at this point as best we can.
# We don't use flock(1) because it's not widely available and normally resides
# in /usr which we do our very best to operate without.
[ -w "$VARDIR" ] || error_exit "Cannot write to $LOCKDIR"
: ${lock_timeout:=10}
while true; do
if mkdir "$LOCKDIR" 2>/dev/null; then
trap 'rm -rf "$LOCKDIR";' EXIT
trap 'rm -rf "$LOCKDIR"; exit 1' INT QUIT ABRT SEGV ALRM TERM
echo $$ >"$LOCKDIR/pid"
break
fi
pid=$(cat "$LOCKDIR/pid")
if ! kill -0 "$pid"; then
warn "clearing stale lock pid $pid"
rm -rf "$LOCKDIR"
continue
fi
lock_timeout=$(($lock_timeout - 1))
if [ "$lock_timeout" -le 0 ]; then
error_exit "timed out waiting for lock from pid $pid"
fi
sleep 1
done
case "$cmd" in
a)
# Read resolv.conf from stdin
resolv="$(cat)"
changed=false
changedfile=false
# If what we are given matches what we have, then do nothing
if [ -e "$IFACEDIR/$iface" ]; then
if [ "$(echo "$resolv")" != \
"$(cat "$IFACEDIR/$iface")" ]
then
changed=true
changedfile=true
fi
else
changed=true
changedfile=true
fi
# Set metric and private before creating the interface resolv.conf file
# to ensure that it will have the correct flags
[ ! -d "$METRICDIR" ] && mkdir "$METRICDIR"
oldmetric="$METRICDIR/"*" $iface"
newmetric=
if [ -n "$IF_METRIC" ]; then
# Pad metric to 6 characters, so 5 is less than 10
while [ ${#IF_METRIC} -le 6 ]; do
IF_METRIC="0$IF_METRIC"
done
newmetric="$METRICDIR/$IF_METRIC $iface"
fi
rm -f "$METRICDIR/"*" $iface"
[ "$oldmetric" != "$newmetric" -a \
"$oldmetric" != "$METRICDIR/* $iface" ] &&
changed=true
[ -n "$newmetric" ] && echo " " >"$newmetric"
case "$IF_PRIVATE" in
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
if [ ! -d "$PRIVATEDIR" ]; then
[ -e "$PRIVATEDIR" ] && rm "$PRIVATEDIR"
mkdir "$PRIVATEDIR"
fi
[ -e "$PRIVATEDIR/$iface" ] || changed=true
[ -d "$PRIVATEDIR" ] && echo " " >"$PRIVATEDIR/$iface"
;;
*)
if [ -e "$PRIVATEDIR/$iface" ]; then
rm -f "$PRIVATEDIR/$iface"
changed=true
fi
;;
esac
oldexcl=
for x in "$EXCLUSIVEDIR/"*" $iface"; do
if [ -f "$x" ]; then
oldexcl="$x"
break
fi
done
case "$IF_EXCLUSIVE" in
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
if [ ! -d "$EXCLUSIVEDIR" ]; then
[ -e "$EXCLUSIVEDIR" ] && rm "$EXCLUSIVEDIR"
mkdir "$EXCLUSIVEDIR"
fi
cd "$EXCLUSIVEDIR"
for x in *; do
[ -f "$x" ] && break
done
if [ "${x#* }" != "$iface" ]; then
if [ "$x" = "${x% *}" ]; then
x=10000000
else
x="${x% *}"
fi
if [ "$x" = "0000000" ]; then
warn "exclusive underflow"
else
x=$(($x - 1))
fi
if [ -d "$EXCLUSIVEDIR" ]; then
echo " " >"$EXCLUSIVEDIR/$x $iface"
fi
changed=true
fi
;;
*)
if [ -f "$oldexcl" ]; then
rm -f "$oldexcl"
changed=true
fi
;;
esac
if $changedfile; then
printf "%s\n" "$resolv" >"$IFACEDIR/$iface" || exit $?
elif ! $changed; then
exit 0
fi
unset changed changedfile oldmetric newmetric x oldexcl
;;
d)
# Delete any existing information about the interface
cd "$IFACEDIR"
changed=false
for i in $args; do
if [ -e "$i" ]; then
changed=true
elif ! ${force}; then
warn "No resolv.conf for interface $i"
fi
rm -f "$i" "$METRICDIR/"*" $i" \
"$PRIVATEDIR/$i" \
"$EXCLUSIVEDIR/"*" $i" || exit $?
done
if ! ${changed}; then
# Set the return code based on the forced flag
${force}
exit $?
fi
unset changed i
;;
esac
case "${resolvconf:-YES}" in
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;;
*) exit 0;;
esac
eval "$(make_vars)"
export RESOLVCONF DOMAINS SEARCH NAMESERVERS LOCALNAMESERVERS
: ${list_resolv:=list_resolv -l}
retval=0
for script in "$LIBEXECDIR"/*; do
if [ -f "$script" ]; then
eval script_enabled="\$${script##*/}"
case "${script_enabled:-YES}" in
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;;
*) continue;;
esac
if [ -x "$script" ]; then
"$script" "$cmd" "$iface"
else
(set -- "$cmd" "$iface"; . "$script")
fi
retval=$(($retval + $?))
fi
done
exit $retval
More information about the Pkg-utopia-maintainers
mailing list