The dhcpclient and resolv.conf relationships in Linux
Abstract: a description of how the /etc/resolv.conf file is updated under the conditions of a working dhcp client, the specifics of various operating systems and implementation options.
Coverage: Debian, Ubuntu, Centos / Fedora / RHEL; dhclient with resolvconf and without. NetworkManager is not counted.
Lyrics: I just spent a few days (details in English [ 1 ], [ 2 ]) figuring out how to properly save the 'options rotate' in /etc/resolv.conf in different distributions with DHCP running. It turned out that there was no intelligible documentation on this issue, and the information had to be collected from various sources, source texts and experimental data. Then it will be dry and in the case.
')
What are we talking about?
At the computer, the network interface can be configured in principle by three types: manually / specialized software, statically set settings and through a DHCP client. (There are still some exotic things, but these three are the main methods). The first method is not interesting to us, with a static configuration everything is simple - as written, it will be so. DHCP is interesting because the computer requests settings over the network "from someone". DCHP has many options (settings) that can change completely unexpected computer settings — the time zone, the exact time server address, the routing table, the server name or domain, etc. From all this we are interested in the ability to set the DNS settings.
Traditionally, the DNS-resolver settings are stored in the /etc/resolv.conf file, and after updating the dhcp-lease this file is updated. This article explains exactly how the file "-sya" is.
There are several implementations of dhcp-client, we are interested in ISC DHCP, as the most common.
The client itself is called / sbin / dhclient, however, it’s standard to update the settings, it’s not called, but / sbin / dhclient-script. dhclient-script calls dhclient and uses its response to change different parts of the system. In dhclient-script itself there is a function make_resolv_conf, which, in fact, creates the file resolv.conf.
For the convenience of modifying (and obfuscating system administrators) dhclient-script has hooks. Their position varies (in Ubuntu Xenial and Debian Stretch this is /etc/dhcp/dhclient-exit-hooks.d, for some version of Centos - / etc / dhclient-enter-hooks / etc.). Hooks are of two types - entry and exit. Entry are called before the main one when dhclient-script, exit at the end. You can write your own version of the function make_resolv_conf () in the hooks, and then the dhclient-script will call it, not the built-in one. What exactly happens with rent is determined by the reason variable (examples of values: PREINIT, BOUND, RENEW, REBIND, REBOOT, EXPIRE, FAIL, RELEASE, etc). Thanks maxzhurkin for pointing out the (corrected) inaccuracies in this section.
This is actively used by the authors of the resolvconf package, which allows you to generate the /etc/resolv.conf file using a specified pattern (and not fixedly, as in the case of the native dhclient-script implementation). They put a file (in Debian / Ubuntu) /etc/dhcp/dhclient-enter-hooks.d/resolvconf, which calls resolvconf -u (update) to create a new version of resolvconf.
In order not to interfere with dhcpclient-script live, resolvconf manages the /run/resolvconf/resolv.conf file, and the resolvconf package (not to be confused with the program it provides) replaces / etc / resolvconf with a symlink for the installation /.run/resolvconf/resolv .conf.
A typical problem when using resolvconf is the lack of a symlink. If not, then dhclient-script will simply overwrite /etc/resolv.conf with the settings from the DHCP server, and resolvconf will update its file in the corner, only giving a warning that /etc/resolv.conf is not a symlink.
The resolvconf templates are pretty simple:
head and tail are simply written where it should be, but base allows all sorts of strange things that are described in man resolvconf in the section "CONSUMERS OF NAMESERVER INFORMATION").
Red Hat uses its own version of the dhclient-script script, which is very extensive and complex, taking into account many settings from ifcfg-ethXXX, in particular, the RES_OPTIONS option that interested me. Debian and Ubuntu use mostly upstream version, in which such delights are absent. In Centos 7, one time in this script there was a bug that caused the presence of the 'options' line in /etc/resolv.conf upon rebooting, all other lines were removed from it, except the options line, and the new DNS servers in The file was not added.
Coverage: Debian, Ubuntu, Centos / Fedora / RHEL; dhclient with resolvconf and without. NetworkManager is not counted.
Lyrics: I just spent a few days (details in English [ 1 ], [ 2 ]) figuring out how to properly save the 'options rotate' in /etc/resolv.conf in different distributions with DHCP running. It turned out that there was no intelligible documentation on this issue, and the information had to be collected from various sources, source texts and experimental data. Then it will be dry and in the case.
')
What are we talking about?
At the computer, the network interface can be configured in principle by three types: manually / specialized software, statically set settings and through a DHCP client. (There are still some exotic things, but these three are the main methods). The first method is not interesting to us, with a static configuration everything is simple - as written, it will be so. DHCP is interesting because the computer requests settings over the network "from someone". DCHP has many options (settings) that can change completely unexpected computer settings — the time zone, the exact time server address, the routing table, the server name or domain, etc. From all this we are interested in the ability to set the DNS settings.
Traditionally, the DNS-resolver settings are stored in the /etc/resolv.conf file, and after updating the dhcp-lease this file is updated. This article explains exactly how the file "-sya" is.
DHCP client device
There are several implementations of dhcp-client, we are interested in ISC DHCP, as the most common.
The client itself is called / sbin / dhclient, however, it’s standard to update the settings, it’s not called, but / sbin / dhclient-script. dhclient-script calls dhclient and uses its response to change different parts of the system. In dhclient-script itself there is a function make_resolv_conf, which, in fact, creates the file resolv.conf.
For the convenience of modifying (and obfuscating system administrators) dhclient-script has hooks. Their position varies (in Ubuntu Xenial and Debian Stretch this is /etc/dhcp/dhclient-exit-hooks.d, for some version of Centos - / etc / dhclient-enter-hooks / etc.). Hooks are of two types - entry and exit. Entry are called before the main one when dhclient-script, exit at the end. You can write your own version of the function make_resolv_conf () in the hooks, and then the dhclient-script will call it, not the built-in one. What exactly happens with rent is determined by the reason variable (examples of values: PREINIT, BOUND, RENEW, REBIND, REBOOT, EXPIRE, FAIL, RELEASE, etc). Thanks maxzhurkin for pointing out the (corrected) inaccuracies in this section.
resolvconf
This is actively used by the authors of the resolvconf package, which allows you to generate the /etc/resolv.conf file using a specified pattern (and not fixedly, as in the case of the native dhclient-script implementation). They put a file (in Debian / Ubuntu) /etc/dhcp/dhclient-enter-hooks.d/resolvconf, which calls resolvconf -u (update) to create a new version of resolvconf.
In order not to interfere with dhcpclient-script live, resolvconf manages the /run/resolvconf/resolv.conf file, and the resolvconf package (not to be confused with the program it provides) replaces / etc / resolvconf with a symlink for the installation /.run/resolvconf/resolv .conf.
A typical problem when using resolvconf is the lack of a symlink. If not, then dhclient-script will simply overwrite /etc/resolv.conf with the settings from the DHCP server, and resolvconf will update its file in the corner, only giving a warning that /etc/resolv.conf is not a symlink.
The resolvconf templates are pretty simple:
- /etc/resolvconf/resolv.conf.d/head
- /etc/resolvconf/resolv.conf.d/base
- /etc/resolvconf/resolv.conf.d/tail
head and tail are simply written where it should be, but base allows all sorts of strange things that are described in man resolvconf in the section "CONSUMERS OF NAMESERVER INFORMATION").
Specificity of RHEL / Centos / Fedora
Red Hat uses its own version of the dhclient-script script, which is very extensive and complex, taking into account many settings from ifcfg-ethXXX, in particular, the RES_OPTIONS option that interested me. Debian and Ubuntu use mostly upstream version, in which such delights are absent. In Centos 7, one time in this script there was a bug that caused the presence of the 'options' line in /etc/resolv.conf upon rebooting, all other lines were removed from it, except the options line, and the new DNS servers in The file was not added.
Source: https://habr.com/ru/post/280037/
All Articles