Re: Is possible to postpone changes made to /var/run/resolv.conf ?
Re: Is possible to postpone changes made to /var/run/resolv.conf ?
- Subject: Re: Is possible to postpone changes made to /var/run/resolv.conf ?
- From: Allan Nathanson <email@hidden>
- Date: Fri, 18 Apr 2008 11:32:53 -0400
On Apr 18, 2008, at 11:18 AM, Ondrej Slanina wrote:
First, thanks for your reply, Allan...
If you want your VPN's configuration to be used than you'll need
to have your service at the top of the service order (or use the
OverridePrimary key).
We prefer first solution ("service at the top of the service order")
because we want to update resolf.conf file with our domain name.
I created my test service, set it's kSCPropNetIPv4Addresses,
kSCPropNetIPv4DestAddresses, kSCPropNetIPv4Router,
kSCPropInterfaceName and one kSCPropNetDNSServerAddresses.
Then I make my service primary by setting
kSCDynamicStorePropNetPrimaryService. All works fine, under State:/
Network/Global/IPv4 I can see my service as PrimaryService, but
resolv.conf is not updated and scutil --dns still shows that
resolver #0 is not DNS domain name provided by my service. Don't you
have any idea why, please ?
Your plugin should not be changing the contents of State:/Network/
Global/IPv4 (it's maintained by the IPMonitor.bundle). If you want
your service to become primary than you'll want to add the following
to YOUR services IPv4 dict.
<key>OverridePrimary</key> <-- kSCPropNetOverridePrimary
<integer>1</integer>
... and configd's IPMonitor.bundle should take care of everything else
(marking your service as primary, updating the default route, updating
the DNS configuration, ...).
- Allan
----- Original Message ----- From: "Allan Nathanson" <email@hidden>
To: "Ondrej Slanina" <email@hidden>
Cc: <email@hidden>
Sent: Thursday, April 17, 2008 4:55 PM
Subject: Re: Is possible to postpone changes made to /var/run/
resolv.conf ?
On Apr 17, 2008, at 10:44 AM, Ondrej Slanina wrote:
Hello,
we are developing VPN service on Leopard and we want to create
the same behaviour like PPPoE has. When we are establishing our
vpn tunnel, we inform dynamic store about our IP and DNS server,
but resolv.conf is not modified by the system.
The resolv.conf file, which only get used by a small handful of DNS
command line tools (e.g. nslookup), reflects the DNS configuration
of the "primary" network service. The real configuration can be
viewed with the "scutil --dns" command.
If you want your VPN's configuration to be used than you'll need
to have your service at the top of the service order (or use the
OverridePrimary key).
My first question is: Should we modify this file manually (via
file functions) ?
No.
And my last question is: I modify resolv.conf manually but when I
tried to change DNS via System Preferences, configuartion daemon
will revert all my changes back. :-( Can I block this action
until my vpn tunnel is active ? How ? By hooking something ?
You cannot block SC's updating of the resolv.conf file and, as I
noted above, the file is only used by a small handful of command
line tools.
- Allan
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden