[Dnssec-trigger] more bugs :P
wouter at NLnetLabs.nl
Wed Sep 21 07:06:52 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
On 09/20/2011 08:35 PM, Paul Wouters wrote:
> When I got home, my laptop did not unsuspend, so i had to reboot it.
Ok, so a Linux, Networkmanager trigger hooks.
> After it was back, it came up before network manager had the connection
> on the wifi (init script for dnssec-triggerd stats after nm, but apparently
> nm was slow) and so it seemed to remain in "network disconnected" mode.
But your rc.d init script has the line where it starts the
networkmanager/dispatcher.d/01-dnssec-trigger.sh script, right? Or did
you update the rpm but not your laptop?
> bug #1: It should more often probe when in network disconnected mode, or
> better pick up NM changes.
Yex exponential backoff probes when disconnected are probably useful.
But it should also pickup the NM changes well.
> Then the results of my manual probe said:
> results from probe at 2011-09-20 14:29:44
> authority 188.8.131.52: OK DNSSEC results fetched direct from authorities
> I was confused why it didn't say anything about the cache.
Because there is no NM change, and it has 0 DNS servers from NM.
> bug #2: always display a line about the local cache even if just to say
> "status unknown".
Yes, it means ' There are no DNS servers from DHCP '
> Meanwhile, I had no working DNS. Running unbound-control forward, I
> found out that unbound wasn't autostarted on boot on my laptop :)
> bug #3: Do not rewrite resolv.conf when unbound is not running, OR
> present a popup saying "I broke your dns please start unbound" OR
> start unbound for me :)
That should be the system's work to bootup unbound, or the unbound-rpm's
work to set that up? I guess we could sortof check: it does tell you if
unbound-control fails, that goes into the syslog I think. I think it
already logs to syslog if unbound-control fails.
You also forwarded Dan's NM mail to here, not sure where to reply now,
to dnssec-trigger, the networkmanager-list or devel at fedora list? I just
want the NM plugin to call: /usr/bin/dnssec-trigger-control submit <ip4
and ip6 DNS from DHCP separated by spaces> ; the dnssec-triggerd has
hooks where it wants to overwrite the resolv.conf - not sure how to feed
that data into NM (there may be a delay for probes too) ?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the dnssec-trigger