Re: More on DNS issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/23/2010 09:32 PM, Joe Zeff wrote:
> On 10/23/2010 06:58 PM, Rick Sewill wrote:
> [snip]
>> Can you show your ifcfg-eth0, ifcfg-lo, and /etc/resolv.conf please?
> 
> My pleasure!
> 
> [root@khorlia network-scripts]# cat ifcfg-eth0
> # Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+
> DEVICE=eth0
> BOOTPROTO=none
> HWADDR=00:10:dc:3a:6b:74
> ONBOOT=yes
> SEARCH="zeff.us"
> USERCTL=no
> PEERDNS=yes
> IPV6INIT=no
> NM_CONTROLLED=no
> TYPE=Ethernet
> DHCP_HOSTNAME=khorlia.zeff.us
> IPADDR=192.168.0.30
> NETMASK=255.255.255.0
> GATEWAY=192.168.0.1
> PREFIX=24
> DNS1=207.217.77.82
> DNS2=207.217.120.83
> 
> [root@khorlia network-scripts]# cat ifcfg-lo
> DEVICE=lo
> IPADDR=127.0.0.1
> NETMASK=255.0.0.0
> NETWORK=127.0.0.0
> # If you're having problems with gated making 127.0.0.0/8 a martian,
> # you can change this to something else (255.255.255.255, for example)
> BROADCAST=127.255.255.255
> ONBOOT=yes
> NAME=loopback
> DNS1=207.217.77.82
> DNS2=207.217.120.83
> 
> [root@khorlia etc]# cat resolv.conf
> # Generated by NetworkManager
> search zeff.us
> 
> 
> # No nameservers found; try putting DNS servers into your
> # ifcfg files in /etc/sysconfig/network-scripts like so:
> #
> # DNS1=xxx.xxx.xxx.xxx
> # DNS2=xxx.xxx.xxx.xxx
> # DOMAIN=lab.foo.com bar.foo.com
> nameserver 207.217.77.82
> nameserver 207.217.120.83
> nameserver 71.242.0.12
> 
> Interesting.  I thought I'd disabled Network Manager several years ago, 
> but checking, system-config-services had it enabled.  I've tried 
> disabling it again, but don't have much faith in that anymore!

I can think of two possibilities:
1) the DNS information is first being written to /etc/resolv.conf
   when interface eth0 is brought up, and then overwritten later.

2) the DNS information is not successfully being written to
   /etc/resolv.conf when interface eth0 is brought up.

For the first possibility,
I notice /etc/sysconfig/network-scripts/ifup-post will call
/sbin/ifup-local if it exists and is executable.
Also, /etc/sysconfig/network-scripts/ifdown-post will call
/sbin/ifdown-local if it exists and is executable.
Could you create /sbin/ifup-local and /sbin/ifdown-local (or add some
lines to these files if they exist) for debugging purposes....

I'm thinking something along the lines of having a file in /root that
captures what /etc/resolv.conf is each time an interface is brought up
or down...would something like the following for both files seem reasonable:
#!/bin/bash
echo "##### $(date) ##### ${0} ${1}" >> /root/debug-resolv-conf
cat /etc/resolv.conf >> /root/debug-resolv-conf

The files, /sbin/ifup-local and /sbin/ifdown-local,
need to be executable to work.

I hope you get the idea.

For the second possibility,
I searched /etc/sysconfig/network-scripts to see what scripts have
DNS1 and found /etc/sysconfig/network-scripts/ifup-post

If I read ifup-post correctly, ... there are 2 if statements that both
need to execute for the section of code that writes /etc/resolv.conf

You have PEERDNS=yes so the first if statement,
if [ "$PEERDNS" != "no ] ... is satisfied correctly.

Could the second if statement be failing somehow:
if [ -n "$DNS1" ] && ! grep -q "nameserver $DNS1" /etc/resolv.conf &&
   tr=$(mktemp /tmp/XXXXXX) ; then

Assuming $DNS1 equals 207.217.77.82, and the entry is not already in
/etc/resolv.conf, the only way I can see this if statement failing is
if tr=$(mktemp /tmp/XXXXXX) fails.

It's only a guess...could selinux be causing tr=$(mktemp /tmp/XXXXXX) to
fail somehow?  When you get a repeatable failure condition, does
changing selinux to permissive mode cause things to work?
I am not sure which file(s) to examine in /var/log to find log messages
when selinux prevents an action...that might be a better way to check.

Final question, when you get a failure condition, does bringing the
eth0 interface down and up, manually, after the system is up and
running, cause /etc/resolv.conf to be written correctly?  I ask this
question because the conditions during boot might be different from the
conditions when one brings an interface up manually on a running system.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkzEBrcACgkQyc8Kn0p/AZSaHACgq8Dk/FG90y49SLoz1xB8NGhu
FRMAniGdWyPJ2Iqyc6jH2IFOqB/6ivGc
=UicA
-----END PGP SIGNATURE-----
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux