diff --git a/NEWS b/NEWS index 502f2289c2..7b506ace69 100644 --- a/NEWS +++ b/NEWS @@ -4,6 +4,9 @@ Overview of changes since NetworkManager-1.48.2 =============================================== * Support matching a OVS system interface by MAC address. +* When looking up the system hostname from the reverse DNS lookup of + addresses configured on interfaces, NetworkManager now takes into + account the content of /etc/hosts. =============================================== NetworkManager-1.48.2 diff --git a/docs/internal/hostname.drawio b/docs/internal/hostname.drawio new file mode 100644 index 0000000000..e24a3eed65 --- /dev/null +++ b/docs/internal/hostname.drawio @@ -0,0 +1,252 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/docs/internal/hostname.md b/docs/internal/hostname.md new file mode 100644 index 0000000000..89cf8078b5 --- /dev/null +++ b/docs/internal/hostname.md @@ -0,0 +1,40 @@ +Hostname management +=================== + +NetworkManager can update the system hostname via different +mechanisms. The following diagram describes the workflow: + +![Hostname management workflow](hostname.png "Hostname management") + +A few notes on the diagram: + + - if there is a static hostname set in `/etc/hostname`, no action is + taken. NetworkManager only manages the transient hostname. See the + systemd-hostnamed + [documentation](https://www.freedesktop.org/software/systemd/man/latest/org.freedesktop.hostname1.html#Semantics) + about the distinction between static and transient hostname. + + - When there is no static hostname set, NetworkManager builds a + sorted list of active devices that are eligible for the hostname + evaluation. When doing so, the `hostname` setting of the connection + active on each device is taken into account. Properties `from-dhcp` + and `from-dns-lookup` determine if the two methods must be used for + the device; property `only-from-default` determines whether devices + without a default route should be considered, and `priority` is + used to sort the entries. In case of a tie of the priority, a + device with the default route comes first. + + - When evaluating a given device, first NM checks if the device + received an hostname via DHCP and then if the first IPv4 and IPv6 + addresses configured on the interface can be resolved to a name via + DNS. The mechanism used to perform the reverse DNS lookup of a + specific address is described in the diagram on the right. + + - In the "spawn helper" step, NM starts a separate process that + performs the reverse DNS lookup using the NSS services specified + (see `man nsswitch.conf`). Service `dns` does the lookup via a DNS + query, while `files` returns results from `/etc/hosts`. + + - In case there is no valid result from DHCP or DNS, from any device, + if there a valid transient hostname set outside of NetworkManager, + that hostname is honored. diff --git a/docs/internal/hostname.png b/docs/internal/hostname.png new file mode 100644 index 0000000000..e9d1b2d680 Binary files /dev/null and b/docs/internal/hostname.png differ diff --git a/src/core/devices/nm-device-utils.c b/src/core/devices/nm-device-utils.c index 80909805c7..4597ba85ee 100644 --- a/src/core/devices/nm-device-utils.c +++ b/src/core/devices/nm-device-utils.c @@ -245,14 +245,36 @@ resolve_addr_helper_cb(GObject *source, GAsyncResult *result, gpointer user_data resolve_addr_complete(info, g_steal_pointer(&output), g_steal_pointer(&error)); } +typedef enum { + RESOLVE_ADDR_SERVICE_NONE = 0x0, + RESOLVE_ADDR_SERVICE_DNS = 0x1, + RESOLVE_ADDR_SERVICE_FILES = 0x2, +} ResolveAddrService; + static void -resolve_addr_spawn_helper(ResolveAddrInfo *info) +resolve_addr_spawn_helper(ResolveAddrInfo *info, ResolveAddrService services) { - char addr_str[NM_INET_ADDRSTRLEN]; + char addr_str[NM_INET_ADDRSTRLEN]; + char str[256]; + char *s = str; + gsize len = sizeof(str); + gboolean comma = FALSE; + + nm_assert(services != RESOLVE_ADDR_SERVICE_NONE); + nm_assert((services & ~(RESOLVE_ADDR_SERVICE_DNS | RESOLVE_ADDR_SERVICE_FILES)) == 0); + + if (services & RESOLVE_ADDR_SERVICE_DNS) { + nm_strbuf_append(&s, &len, "%sdns", comma ? "," : ""); + comma = TRUE; + } + if (services & RESOLVE_ADDR_SERVICE_FILES) { + nm_strbuf_append(&s, &len, "%sfiles", comma ? "," : ""); + comma = TRUE; + } nm_inet_ntop(info->addr_family, &info->address, addr_str); - _LOG2D(info, "start lookup via nm-daemon-helper"); - nm_utils_spawn_helper(NM_MAKE_STRV("resolve-address", addr_str), + _LOG2D(info, "start lookup via nm-daemon-helper using services: %s", str); + nm_utils_spawn_helper(NM_MAKE_STRV("resolve-address", addr_str, str), g_task_get_cancellable(info->task), resolve_addr_helper_cb, info); @@ -282,27 +304,28 @@ resolve_addr_resolved_cb(NMDnsSystemdResolved *resolved, dbus_error = g_dbus_error_get_remote_error(error); if (NM_STR_HAS_PREFIX(dbus_error, "org.freedesktop.resolve1.")) { /* systemd-resolved is enabled but it couldn't resolve the - * address via DNS. Don't fall back to spawning the helper, - * because the helper will possibly ask again to + * address via DNS. Spawn again the helper to check if we + * can find a result in /etc/hosts. Don't enable the 'dns' + * service otherwise the helper will possibly ask again to * systemd-resolved (via /etc/resolv.conf), potentially using * other protocols than DNS or returning synthetic results. * - * Consider the error as the final indication that the address - * can't be resolved. - * * See: https://www.freedesktop.org/wiki/Software/systemd/resolved/#commonerrors */ - resolve_addr_complete(info, NULL, g_error_copy(error)); + resolve_addr_spawn_helper(info, RESOLVE_ADDR_SERVICE_FILES); return; } - resolve_addr_spawn_helper(info); + /* systemd-resolved couldn't be contacted, use the helper */ + resolve_addr_spawn_helper(info, RESOLVE_ADDR_SERVICE_DNS | RESOLVE_ADDR_SERVICE_FILES); return; } if (names_len == 0) { _LOG2D(info, "systemd-resolved returned no result"); - resolve_addr_complete(info, g_strdup(""), NULL); + /* We passed the NO_SYNTHESIZE flag and so systemd-resolved + * didn't look into /etc/hosts. Spawn the helper for that. */ + resolve_addr_spawn_helper(info, RESOLVE_ADDR_SERVICE_FILES); return; } @@ -366,7 +389,7 @@ nm_device_resolve_address(int addr_family, return; } - resolve_addr_spawn_helper(info); + resolve_addr_spawn_helper(info, RESOLVE_ADDR_SERVICE_DNS | RESOLVE_ADDR_SERVICE_FILES); } char * diff --git a/src/nm-daemon-helper/nm-daemon-helper.c b/src/nm-daemon-helper/nm-daemon-helper.c index 810ea5fa94..32be93a4ef 100644 --- a/src/nm-daemon-helper/nm-daemon-helper.c +++ b/src/nm-daemon-helper/nm-daemon-helper.c @@ -55,26 +55,31 @@ cmd_version(void) static int cmd_resolve_address(void) { - nm_auto_free char *address = NULL; + nm_auto_free char *address = NULL; + nm_auto_free char *services = NULL; union { struct sockaddr_in in; struct sockaddr_in6 in6; } sockaddr; socklen_t sockaddr_size; char name[NI_MAXHOST]; + char *saveptr = NULL; + char *service; + char *str; int ret; address = read_arg(); if (!address) return RETURN_INVALID_ARGS; - if (more_args()) - return RETURN_INVALID_ARGS; + services = read_arg(); + if (!services) { + /* Called by an old NM version which doesn't support the 'services' + * argument. Use both services. */ + services = strdup("dns,files"); + } memset(&sockaddr, 0, sizeof(sockaddr)); -#if defined(__GLIBC__) - __nss_configure_lookup("hosts", "dns"); -#endif if (inet_pton(AF_INET, address, &sockaddr.in.sin_addr) == 1) { sockaddr.in.sin_family = AF_INET; @@ -85,33 +90,51 @@ cmd_resolve_address(void) } else return RETURN_INVALID_ARGS; - ret = getnameinfo((struct sockaddr *) &sockaddr, - sockaddr_size, - name, - sizeof(name), - NULL, - 0, - NI_NAMEREQD); - if (ret != 0) { - if (ret == EAI_SYSTEM) { - int errsv = errno; + for (str = services; (service = strtok_r(str, ",", &saveptr)); str = NULL) { + if (!NM_IN_STRSET(service, "dns", "files")) { + fprintf(stderr, "Unsupported resolver service '%s'\n", service); + continue; + } + +#if defined(__GLIBC__) + __nss_configure_lookup("hosts", service); +#endif + + ret = getnameinfo((struct sockaddr *) &sockaddr, + sockaddr_size, + name, + sizeof(name), + NULL, + 0, + NI_NAMEREQD); + + if (ret == 0) { + printf("%s", name); + return RETURN_SUCCESS; + } else if (ret == EAI_SYSTEM) { char buf[1024]; + int errsv = errno; fprintf(stderr, - "getnameinfo() failed: %d (%s), system error: %d (%s)\n", + "getnameinfo() via service '%s' failed: %d (%s), system error: %d (%s)\n", + service, ret, gai_strerror(ret), errsv, _nm_strerror_r(errsv, buf, sizeof(buf))); } else { - fprintf(stderr, "getnameinfo() failed: %d (%s)\n", ret, gai_strerror(ret)); + fprintf(stderr, + "getnameinfo() via service '%s' failed: %d (%s)\n", + service, + ret, + gai_strerror(ret)); } - return RETURN_ERROR; +#if !defined(__GLIBC__) + break; +#endif } - printf("%s", name); - - return RETURN_SUCCESS; + return RETURN_ERROR; } int