net/dns: detect when resolvconf points to systemd-resolved.

There are /etc/resolv.conf files out there where resolvconf wrote the file but pointed to systemd-resolved as the nameserver. We're better off handling those as systemd-resolved. > # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) > # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN > # 127.0.0.53 is the systemd-resolved stub resolver. > # run "systemd-resolve --status" to see details about the actual nameservers. Fixes https://github.com/tailscale/tailscale/issues/3026 Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago · 139a6c4c9c
parent a320d70614
commit 139a6c4c9c
2 changed files with 36 additions and 5 deletions
--- a/net/dns/direct.go
+++ b/net/dns/direct.go
@ -81,11 +81,12 @@ func readResolv(r io.Reader) (config OSConfig, err error) {
 // configuration in bs - one of "resolvconf", "systemd-resolved" or
 // "NetworkManager", or "" if no known owner was found.
 func resolvOwner(bs []byte) string {
 	likely := ""
 	b := bytes.NewBuffer(bs)
 	for {
 		line, err := b.ReadString('\n')
 		if err != nil {
-			return ""
+			return likely
 		}
 		line = strings.TrimSpace(line)
 		if line == "" {
@ -94,15 +95,15 @@ func resolvOwner(bs []byte) string {
 		if line[0] != '#' {
 			// First non-empty, non-comment line. Assume the owner
 			// isn't hiding further down.
-			return ""
+			return likely
 		}
 		if strings.Contains(line, "systemd-resolved") {
-			return "systemd-resolved"
+			likely = "systemd-resolved"
 		} else if strings.Contains(line, "NetworkManager") {
-			return "NetworkManager"
+			likely = "NetworkManager"
 		} else if strings.Contains(line, "resolvconf") {
-			return "resolvconf"
+			likely = "resolvconf"
 		}
 	}
 }
--- a/net/dns/manager_linux_test.go
+++ b/net/dns/manager_linux_test.go
@ -142,6 +142,36 @@ func TestLinuxDNSMode(t *testing.T) {
 			wantLog: "dns: [rc=resolved nm=no ret=systemd-resolved]",
 			want:    "systemd-resolved",
 		},
 		{
 			// More than one user has had resolvconf write a config that points to
 			// systemd-resolved. We're better off using systemd-resolved.
 			// regression test for https://github.com/tailscale/tailscale/issues/3026
 			name: "allegedly_resolvconf_but_actually_systemd-resolved",
 			env: env(resolvDotConf(
 				"# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)",
 				"#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN",
 				"# 127.0.0.53 is the systemd-resolved stub resolver.",
 				"# run \"systemd-resolve --status\" to see details about the actual nameservers.",
 				"nameserver 127.0.0.53"),
 				resolvedRunning()),
 			wantLog: "dns: [rc=resolved nm=no ret=systemd-resolved]",
 			want:    "systemd-resolved",
 		},
 		{
 			// More than one user has had resolvconf write a config that points to
 			// systemd-resolved. We're better off using systemd-resolved.
 			// ...but what if systemd-resolved isn't running?
 			// regression test for https://github.com/tailscale/tailscale/issues/3026
 			name: "allegedly_resolvconf_but_actually_systemd-resolved_but_not_really",
 			env: env(resolvDotConf(
 				"# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)",
 				"#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN",
 				"# 127.0.0.53 is the systemd-resolved stub resolver.",
 				"# run \"systemd-resolve --status\" to see details about the actual nameservers.",
 				"nameserver 127.0.0.53")),
 			wantLog: "dns: [rc=resolved resolved=no ret=direct]",
 			want:    "direct",
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {