[Dnssec-trigger] dnssec-trigger release 0.6

W.C.A. Wijngaards wouter at NLnetLabs.nl
Thu Oct 27 07:35:22 UTC 2011

Hash: SHA1

Hi Xavier,

On 10/26/2011 03:48 PM, Xavier Belanger wrote:
> Hi,
>> Fixed the -version stuff (it errors and prints version) in svn.
> Thanks you.
>>> It's not fully automatic because I have choose to use WiCd [1]
>>> to manage network connexions, but there is no problems.
>> I could not find on their webpage: if there is some way to 'trigger' on
>> DHCP events, and you can have a shellscript called, then you can
>> automate it.  How to register such a shellscript?  For networkmanager
>> its put in /etc/NetworkManager/dispatcher.d but for wicd it may be
>> different.
> There is a possibility to call scripts in WiCd for each network with
> pre- and post-connection scripts and pre- and post-disconnection.
>> Once you find out how to call a shellscript trigger after a DHCP event,
>> have that script call
>> $ dnssec-trigger-control submit $ips
>> (ip addresses separated by spaces, from the DNS option in the DHCP) from
>> your script (or you can use the networkmanager script as a base, it also
>> throttles the events to only deliver changes).
> I have tried to use dnssec-trigger-control as post-connection script
> but it doesn't work, I need to find why...
> Some other issue with DHCP client: since the resolv.conf file is
> immutable, there is a minor problem when dhcpcd try to write
> into ("Permission denied / Operation not permitted").
> So, for the Slackware network configuration script I have modify a
> value in the /etc/rc.d/rc.inet1.conf:
>   DHCP_KEEPRESOLV[0]="yes"
> As 0 is for the interface number.
> I have also add a directive in /etc/dhcpcd.conf to desactivate
> the hook who try to change the resolv.conf file:
>   nohook resolv.conf
> It's probably not necessary to make the first change since
> the second one is done, but just in case...

Ah it is dhcpd that manages resolv.conf with wicd?  Perhaps stop wasting
time with the wicd network hooks, but create a dhcpclient hook that
calls dnssec-trigger-control (to replace the resolv.conf hook).  I am
not sure if this is possible, but that could make things work.  (And
also work for people that use plain dhclient on FreeBSD).

Best regards,
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/


More information about the dnssec-trigger mailing list