[Resolvconf-devel] openvpn update-resolv-conf script questions

Thomas Hood jdthood at gmail.com
Sun Aug 25 20:39:39 UTC 2013

Hi there and thanks for maintaining openvpn.

I am one of the resolvconf developers and I just noticed that the
openvpn package includes a script /etc/openvpn/update-resolv-conf.
Looking at this script I saw a few shortcomings so I started preparing
a patch when I became puzzled about something.

First a couple of observations.

1. The script adds nameserver addresses extracted from openvpn
dhcp-option strings to the variable IF_DNS_NAMESERVERS which is not
initialized earlier in the script. This same variable name is used by
ifup to pass information to its hook scripts in /etc/network/if-*.d/.

2. The script calls resolvconf as follows.

    echo -n "$R" | /sbin/resolvconf -a "${dev}.inet"

Now a couple of questions.

1. Does the script expect IF_DNS_NAMESERVERS and IF_DNS_SEARCH to
contain information when it starts? If so, is this information
supplied by ifup?

2. Note that the resolvconf record name suffix ".inet" identifies ifup
as the sender of the information to resolvconf. This is one of ifup's
address family names. If /etc/network/interfaces contains "iface DEV
inet ..." then ifup will create a resolvconf record named DEV.inet,
just as the openvpn script does. One will overwrite the other. Is this
intentional? Is this script meant to overwrite ifup's resolvconf

Obviously these questions are related.
Thomas Hood
resolvconf maintainers

More information about the Resolvconf-devel mailing list