In certain situations it would be useful to have program access network with custom DNS servers, but everything else still be used from user session.
A good example for that would be a captive portal web page. If we are running local DNS cache, captive portal responses can be faked in order to point us to captive page. We do not want its responses spoil the cache.
If the user-spawned login web window could use just nameservers provided by the connection, without using local cache, it would work as expected.
On top, the local cache could use DNS over TLS forwarding, but let login page use classic queries needed to pass connectivity check. Because we need non-privileged user to have different than system configuration, bind-mounted chroot is not a good option.
As suggested by fweimer, secure_getenv("RESOLV_CONF_PATH") should be used to prevent malicious changes by system tools.
Reproducible: Always
Steps to Reproduce:
1. echo nameserver 127.0.0.3 > /tmp/resolv.conf
2. RESOLV_CONF=/tmp/resolv.conf getent ahosts example.org
3.
Actual Results:
It works fine, uses system /etc/resolv.conf
Expected Results:
Some environment could be used to choose different nameserver configuration, it would not be constant only.
There is also resolv_wrapper [1], which attempted to do similar thing by a more complicated method. But it stopped working since glibc >= 2.34. It would be nice to have simpler replacement.
1. https://cwrap.org/resolv_wrapper.html
We support RESOLV_HOST_CONF to override /etc/hosts.conf, so it makes sense to extend this to override /etc/resolv.conf and even /etc/hosts.
This has to get filed upstream too so we can track it there. We can do that for you when we review the Fedora bugs next week.
In certain situations it would be useful to have program access network with custom DNS servers, but everything else still be used from user session. A good example for that would be a captive portal web page. If we are running local DNS cache, captive portal responses can be faked in order to point us to captive page. We do not want its responses spoil the cache. If the user-spawned login web window could use just nameservers provided by the connection, without using local cache, it would work as expected. On top, the local cache could use DNS over TLS forwarding, but let login page use classic queries needed to pass connectivity check. Because we need non-privileged user to have different than system configuration, bind-mounted chroot is not a good option. As suggested by fweimer, secure_getenv("RESOLV_CONF_PATH") should be used to prevent malicious changes by system tools. Reproducible: Always Steps to Reproduce: 1. echo nameserver 127.0.0.3 > /tmp/resolv.conf 2. RESOLV_CONF=/tmp/resolv.conf getent ahosts example.org 3. Actual Results: It works fine, uses system /etc/resolv.conf Expected Results: Some environment could be used to choose different nameserver configuration, it would not be constant only. There is also resolv_wrapper [1], which attempted to do similar thing by a more complicated method. But it stopped working since glibc >= 2.34. It would be nice to have simpler replacement. 1. https://cwrap.org/resolv_wrapper.html