[Dnssec-trigger] current status?

Chuck Anderson cra at WPI.EDU
Thu Mar 12 14:06:01 UTC 2015


On Thu, Mar 12, 2015 at 10:03:42AM -0400, Paul Wouters wrote:
> On Thu, 12 Mar 2015, Chuck Anderson wrote:
> 
> >My experience is also mostly seamless, at least until this
> >disappearing /etc/resolv.conf
> 
> There is a long standing bug that triggers in certain situations with
> hotspots where somehow dnssec-triggerd rewrites resolv.conf but actually
> has no (DHCP obtained) DNS server to put in, it then writes a file
> without any nameserver entry and expects the user to successfully browse
> through the captive portal. I haven't managed to reproduce it at will
> though. But I do wish that dnssec-triggerd would first check if it has
> any DNS server before it overwrites resolv.conf.

This particular "disappearing /etc/resolv.conf" APPEARS to be
SELinux-related.  When I "setenforce 0" and restart dnssec-triggerd,
resolv.conf gets generated properly.  It may be a new SELinux thing
since I just took a new version of selinux-policy-targeted.



More information about the dnssec-trigger mailing list