Bug 800368

Summary: acutil does not respect changes in resolv.conf
Product: Red Hat Enterprise Linux 6 Reporter: Martin Kosek <mkosek>
Component: authconfigAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: David Spurek <dspurek>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.3CC: dspurek, ebenes
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: authconfig-6.1.12-16.el6 Doc Type: Bug Fix
Doc Text:
No docs needed
 Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-14 07:44:24 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Martin Kosek 2012-03-06 12:07:18 UTC 
Description of problem:

Python resolver interface in acutil (acutil.res_send()) provided by authconfig does not refresh it's list of resolvers when /ect/resolv.conf is changed. This may cause unexpected resolution errors when using this library.

Version-Release number of selected component (if applicable):
authconfig-6.1.12-5.el6.x86_64

How reproducible:

I simply used dnsclient.py bundled in authconfig to resolve a DNS name, then changed /etc/resolv.conf to point to a non-existent name server and tried the resolution again.

# python
Python 2.6.6 (r266:84292, Sep 12 2011, 14:03:14) 
[GCC 4.4.5 20110214 (Red Hat 4.4.5-6)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import dnsclient
>>> dnsclient.query("www.example.com.", dnsclient.DNS_C_IN, dnsclient.DNS_T_A)
[<dnsclient.DNSResult instance at 0x7f7d7b0172d8>, <dnsclient.DNSResult instance at 0x7f7d7b017368>, <dnsclient.DNSResult instance at 0x7f7d7b0173f8>]
=======================
dnsclient.query returned correct answers from a resolver configured in resolv.conf 

Now, I changed the resolv.conf to point to a non-existent name server and tried again
=======================
>>> dnsclient.query("www.example.com.", dnsclient.DNS_C_IN, dnsclient.DNS_T_A)
[<dnsclient.DNSResult instance at 0x7f7d7b0172d8>, <dnsclient.DNSResult instance at 0x7f7d7b017368>, <dnsclient.DNSResult instance at 0x7f7d7b0173f8>]
=======================
dnsclient.query still returned answer for example.com even though there was a bad resolver in /etc/resolv.conf because it queried the old name server which was configured there in an acutil import time. Other tools like `dig' or `host' behaved correctly in this case.


Steps to Reproduce:
1. Start Python interactive mode
2. Import acutil
3. Try to send a DNS query via res_send (or use dnsclient.py bundled in authconfig to perform steps 2. and 3.)
The query should return positive results from a nameserver configured in /etc/resolv.conf
4. Change the resolver in /etc/resolv.conf
5. Try to send the DNS query again
  
Actual results:
The query was sent to the old resolved which was in /etc/resolv.conf in the time acutil was imported

Expected results:
The query is sent to the resolver that is configured in /etc/resolv.conf in the time of the query and not the time of the acutil import.

Additional info:
I assume the solution of this bug would lead to some inotify hook on a change of /etc/resolv.conf and reloading the list of resolvers.
Comment 2 Tomas Mraz 2012-03-07 08:24:06 UTC 
acutil is not supposed to be used outside of authconfig. And for the purpose that it is used in authconfig it is not really necessary to refresh the /etc/resolv.conf changes each time. However probably calling res_init() each time before calling res_send() would help.
Comment 3 Martin Kosek 2012-03-07 09:29:10 UTC 
Yes, this should help and solve our issue. Though, res_init() would have to be called in acutilmodule.c as it is not callable via Python binding module.
Comment 4 RHEL Program Management 2012-05-03 05:13:58 UTC 
Since RHEL 6.3 External Beta has begun, and this bug remains
unresolved, it has been rejected as it is not proposed as
exception or blocker.

Red Hat invites you to ask your support representative to
propose this request, if appropriate and relevant, in the
next release of Red Hat Enterprise Linux.
Comment 5 RHEL Program Management 2013-10-14 00:46:48 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unable to address this
request at this time.

Red Hat invites you to ask your support representative to
propose this request, if appropriate, in the next release of
Red Hat Enterprise Linux.
Comment 9 errata-xmlrpc 2014-10-14 07:44:24 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1558.html