Bug 1517794 - [NMCI] resolv.conf options are not removed properly
Summary: [NMCI] resolv.conf options are not removed properly
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: NetworkManager
Version: 7.5
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Beniamino Galvani
QA Contact: Desktop QE
Depends On:
TreeView+ depends on / blocked
Reported: 2017-11-27 13:32 UTC by Vladimir Benes
Modified: 2018-04-10 13:35 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2018-04-10 13:34:16 UTC
Target Upstream Version:

Attachments (Terms of Use)
[PATCH] ifcfg-rh: use separate variables for DNS searches (7.29 KB, patch)
2017-12-06 21:14 UTC, Beniamino Galvani
no flags Details | Diff
[PATCH v2] ifcfg-rh: use separate variables for DNS searches (7.85 KB, patch)
2017-12-07 08:30 UTC, Beniamino Galvani
no flags Details | Diff

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:0778 0 None None None 2018-04-10 13:35:11 UTC

Description Vladimir Benes 2017-11-27 13:32:57 UTC
Description of problem:
when I set dns option for ipv4, I have to remove it for both ipv4 and ipv6 to get it removed. This is wrong.

    Scenario: nmcli - ipv4 - dns-options - remove
    * Add a new connection of type "ethernet" and options "ifname eth10 con-name ethie autoconnect no"
    * Execute "nmcli con modify ethie ipv4.dns-options debug ipv4.may-fail no"
    * Bring "up" connection "ethie"
        * Execute "nmcli con modify ethie ipv4.dns-options ' '"
    * Bring "up" connection "ethie"
    Then "options debug" is not visible with command "cat /etc/resolv.conf" in "5" seconds

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. see above

Actual results:
dns option debug still there
nmcli con modify ethie ipv4.dns-options ' ' ipv6.dns-options ' '

Expected results:
dns option not thres

Additional info:
affects ipv4/ipv6 in nmcli and also nmtui in: ipv6_dns_search_remove_dns_search

Comment 1 Beniamino Galvani 2017-11-28 14:56:53 UTC
Branch bg/ifcfg-rh-dns-rh1517794.

Comment 2 Thomas Haller 2017-11-28 15:44:05 UTC
(In reply to Beniamino Galvani from comment #1)
> Branch bg/ifcfg-rh-dns-rh1517794.

     network_ifcfg = svOpenFile (network_file, NULL);
-         dns_options = svGetValue (network_ifcfg, "RES_OPTIONS", &dns_options_free);
+         dns_options = svGetValue (network_ifcfg, "IPV6_RES_OPTIONS", &dns_options_free);

network_ifcfg is /etc/sysconfig/network which we parse for backward compat.
In fact, merging settings from this file (that we don't write) results in
a difference at re-read. But for legacy, that is fine.

You just don't need to use the new IPV6_RES_OPTIONS for this file.

+    if (NM_IN_STRSET (nm_setting_ip_config_get_method (s_ip),
+                      NM_SETTING_IP6_CONFIG_METHOD_IGNORE))
+         return;

I don't think you should verify the connection. Either nm_connection_verify() should reject connections as invalid with method=ignore + dns-options, or the writer should just handle them. Same for the reader. Reader/writer should only add additional logic where really necessary (like, converting a string to an enum).

could you rewrite write_res_options() to not use @array?

+    if (!s_ip)
+         return;

also, write_res_option() should either set or unset the value. Just return is wrong.

Comment 3 Beniamino Galvani 2017-11-29 10:02:59 UTC
How about now?

Comment 4 Thomas Haller 2017-11-29 11:31:32 UTC

Comment 8 Beniamino Galvani 2017-12-06 21:14:56 UTC
Created attachment 1363919 [details]
[PATCH] ifcfg-rh: use separate variables for DNS searches

Comment 9 Thomas Haller 2017-12-07 06:07:10 UTC
          gs_free char *ip4_domains = NULL;
          nm_auto_free_gstring GString *searches = NULL;
-         searches = g_string_new (svGetValueStr (ifcfg, "DOMAIN", &ip4_domains));

ip4_domains is now unused.

     /* FIXME: currently DNS domains from IPv6 setting are stored in 'DOMAIN' key in ifcfg-file
      * However after re-reading they are dropped into IPv4 setting.
      * So, in order to comparison succeeded, move DNS domains back to IPv6 setting.
     reread_s_ip4 = nm_connection_get_setting_ip4_config (reread);
     reread_s_ip6 = nm_connection_get_setting_ip6_config (reread);
-    nm_setting_ip_config_add_dns_search (reread_s_ip6, nm_setting_ip_config_get_dns_search (reread_s_ip4, 2));

isn't this FIXME comment obsolete as well?

Comment 10 Beniamino Galvani 2017-12-07 08:30:24 UTC
Created attachment 1364096 [details]
[PATCH v2] ifcfg-rh: use separate variables for DNS searches

(In reply to Thomas Haller from comment #9)
> ip4_domains is now unused.
> isn't this FIXME comment obsolete as well?

Both fixed.

Comment 11 Thomas Haller 2017-12-07 08:47:02 UTC
(In reply to Beniamino Galvani from comment #10)
> Both fixed.


Comment 14 Vladimir Benes 2018-01-10 13:44:42 UTC
works well again

Comment 17 errata-xmlrpc 2018-04-10 13:34:16 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.