Hide Forgot
Description of problem: Python resolver interface in acutil (acutil.res_send()) provided by authconfig does not refresh it's list of resolvers when /ect/resolv.conf is changed. This may cause unexpected resolution errors when using this library. Version-Release number of selected component (if applicable): authconfig-6.1.12-5.el6.x86_64 How reproducible: I simply used dnsclient.py bundled in authconfig to resolve a DNS name, then changed /etc/resolv.conf to point to a non-existent name server and tried the resolution again. # python Python 2.6.6 (r266:84292, Sep 12 2011, 14:03:14) [GCC 4.4.5 20110214 (Red Hat 4.4.5-6)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import dnsclient >>> dnsclient.query("www.example.com.", dnsclient.DNS_C_IN, dnsclient.DNS_T_A) [<dnsclient.DNSResult instance at 0x7f7d7b0172d8>, <dnsclient.DNSResult instance at 0x7f7d7b017368>, <dnsclient.DNSResult instance at 0x7f7d7b0173f8>] ======================= dnsclient.query returned correct answers from a resolver configured in resolv.conf Now, I changed the resolv.conf to point to a non-existent name server and tried again ======================= >>> dnsclient.query("www.example.com.", dnsclient.DNS_C_IN, dnsclient.DNS_T_A) [<dnsclient.DNSResult instance at 0x7f7d7b0172d8>, <dnsclient.DNSResult instance at 0x7f7d7b017368>, <dnsclient.DNSResult instance at 0x7f7d7b0173f8>] ======================= dnsclient.query still returned answer for example.com even though there was a bad resolver in /etc/resolv.conf because it queried the old name server which was configured there in an acutil import time. Other tools like `dig' or `host' behaved correctly in this case. Steps to Reproduce: 1. Start Python interactive mode 2. Import acutil 3. Try to send a DNS query via res_send (or use dnsclient.py bundled in authconfig to perform steps 2. and 3.) The query should return positive results from a nameserver configured in /etc/resolv.conf 4. Change the resolver in /etc/resolv.conf 5. Try to send the DNS query again Actual results: The query was sent to the old resolved which was in /etc/resolv.conf in the time acutil was imported Expected results: The query is sent to the resolver that is configured in /etc/resolv.conf in the time of the query and not the time of the acutil import. Additional info: I assume the solution of this bug would lead to some inotify hook on a change of /etc/resolv.conf and reloading the list of resolvers.
acutil is not supposed to be used outside of authconfig. And for the purpose that it is used in authconfig it is not really necessary to refresh the /etc/resolv.conf changes each time. However probably calling res_init() each time before calling res_send() would help.
Yes, this should help and solve our issue. Though, res_init() would have to be called in acutilmodule.c as it is not callable via Python binding module.
Since RHEL 6.3 External Beta has begun, and this bug remains unresolved, it has been rejected as it is not proposed as exception or blocker. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux.
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate, in the next release of Red Hat Enterprise Linux.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1558.html