From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.olznet.de (mail.olznet.de [78.46.95.167]) by sourceware.org (Postfix) with ESMTPS id 6772F3858D3C for ; Tue, 12 Sep 2023 12:25:20 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 6772F3858D3C Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=olznet.de Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=olznet.de Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.olznet.de (Postfix) with ESMTP id BF70C814D3 for ; Tue, 12 Sep 2023 14:25:18 +0200 (CEST) X-Virus-Scanned: amavisd-new at olznet.de Received: from mail.olznet.de ([127.0.0.1]) by localhost (mail.olznet.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ODABeYIje37W for ; Tue, 12 Sep 2023 14:25:18 +0200 (CEST) Received: from [192.168.13.10] (unknown [45.89.95.254]) by mail.olznet.de (Postfix) with ESMTPSA id 7BC3380096 for ; Tue, 12 Sep 2023 14:25:17 +0200 (CEST) Content-Type: multipart/mixed; boundary="------------9Cnn4VtlEfKwz0UWIeWozbJ9" Message-ID: <2a1c4925-7ad4-4673-9954-72d556d0b8f1@olznet.de> Date: Tue, 12 Sep 2023 14:25:16 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird From: Matthias Fulz Subject: Idea / Patch to add very simple uid filtering to resolv.conf To: libc-help@sourceware.org Content-Language: en-US-large X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,HTML_MESSAGE,KAM_DMARC_STATUS,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: This is a multi-part message in MIME format. --------------9Cnn4VtlEfKwz0UWIeWozbJ9 Content-Type: multipart/alternative; boundary="------------dpUvRH4GkmqYvpcFlyax0zYd" --------------dpUvRH4GkmqYvpcFlyax0zYd Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Hi Guys, I have done some patch to be able to filter lines under /etc/resolv.conf by specific uids. I had the need for my system, as I've some users that are only accessing specific network devices by uid matching routing rules. Therefore I've to select different nameservers depending on the user and added following to resolv.conf: uid+int any existing resolv line ae: uid+1000 nameserver 1.1.1.1 uid-1001 nameserver 8.8.8.8 This will be interpreted the following way: uid+ -> that config line will only be added to resolv context if the uid matches the one after the + uid- -> that config line will NOT be added resolv context if the uid matches the one after the - Further if the uid is not added to the line the behavior would be the same as it was before the patch. Would be nice if this could be included, or at least please explain why not for my understanding as I can't see any reason that would be against it I was first thinking about doing this by implementing a nss service but came to the conclusion, that would be overkill for that little config extension. -- Thanks & BR, Matthias --------------dpUvRH4GkmqYvpcFlyax0zYd-- --------------9Cnn4VtlEfKwz0UWIeWozbJ9 Content-Type: text/x-patch; charset=UTF-8; name="uid_resolv.patch" Content-Disposition: attachment; filename="uid_resolv.patch" Content-Transfer-Encoding: base64 ZGlmZiAtLWNvbG9yIC1OdXIgZ2xpYmMvcmVzb2x2L3Jlc19pbml0LmMgZ2xp YmNfYi9yZXNvbHYvcmVzX2luaXQuYwotLS0gZ2xpYmMvcmVzb2x2L3Jlc19p bml0LmMJMjAyMy0wOS0xMSAyMzoxNTowMi4zNzc3MTgwMDggKzAyMDAKKysr IGdsaWJjX2IvcmVzb2x2L3Jlc19pbml0LmMJMjAyMy0wOS0xMiAxNDoxNTo1 My41MzI0NzkyMjcgKzAyMDAKQEAgLTI1OCw2ICsyNTgsOCBAQAogICBjaGFy ICpjcDsKICAgc2l6ZV90IGJ1ZmZlcl9zaXplID0gMDsKICAgYm9vbCBoYXZl ZW52ID0gZmFsc2U7CisgIGNoYXIgc3RydWlkWzI0XTsKKyAgdW5zaWduZWQg aW50IHVpZCA9IGdldHVpZCgpOwogCiAgIC8qIEFsbG93IHVzZXIgdG8gb3Zl cnJpZGUgdGhlIGxvY2FsIGRvbWFpbiBkZWZpbml0aW9uLiAgKi8KICAgaWYg KChjcCA9IGdldGVudiAoIkxPQ0FMRE9NQUlOIikpICE9IE5VTEwpCkBAIC0z MDMsNiArMzA1LDExIEBACiAgICAmJiAoKGxpbmUpW3NpemVvZiAobmFtZSkg LSAxXSA9PSAnICcgICAgICAgICAgIFwKICAgICAgICB8fCAobGluZSlbc2l6 ZW9mIChuYW1lKSAtIDFdID09ICdcdCcpKQogCisjZGVmaW5lIE1BVENIX1NU UihsaW5lLCBuYW1lKSAgICAgICAgICAgICAgICAgICAgICAgXAorICAoIXN0 cm5jbXAgKChsaW5lKSwgbmFtZSwgc3RybGVuIChuYW1lKSkgICAgIFwKKyAg ICYmICgobGluZSlbc3RybGVuIChuYW1lKV0gPT0gJyAnICAgICAgICAgICBc CisgICAgICAgfHwgKGxpbmUpW3N0cmxlbiAobmFtZSldID09ICdcdCcpKQor CiAgIGlmIChmcCAhPSBOVUxMKQogICAgIHsKICAgICAgIC8qIE5vIHRocmVh ZHMgdXNlIHRoaXMgc3RyZWFtLiAgKi8KQEAgLTMyNCw2ICszMzEsNTYgQEAK ICAgICAgICAgICAvKiBTa2lwIGNvbW1lbnRzLiAgKi8KICAgICAgICAgICBp ZiAoKnBhcnNlci0+YnVmZmVyID09ICc7JyB8fCAqcGFyc2VyLT5idWZmZXIg PT0gJyMnKQogICAgICAgICAgICAgY29udGludWU7CisgICAgICAgICAgLyog Y2hlY2sgZm9yIHVzZXIgc3BlY2lmaWMgY29uZmlnICovCisgICAgICAgICAg aWYgKCFzdHJuY21wKHBhcnNlci0+YnVmZmVyLCAidWlkIiwgc2l6ZW9mKCJ1 aWQiKSAtIDEpKQorICAgICAgICAgICAgeworICAgICAgICAgICAgICBjcCA9 IHBhcnNlci0+YnVmZmVyICsgc2l6ZW9mICgidWlkIikgLSAxOworICAgICAg ICAgICAgICBpZiAoKmNwID09ICcrJyB8fCAqY3AgPT0gJy0nKQorICAgICAg ICAgICAgICAgIHsKKyAgICAgICAgICAgICAgICAgIC8qIEdldCB1aWQgZm9y IGNvbXBhcmlzbSB3aXRoIHVzZXIgc3BlaWNpZmljIGNvbmZpZ3MgKi8KKyAg ICAgICAgICAgICAgICAgIHNucHJpbnRmKHN0cnVpZCwgMjQsICJ1aWQlYyV1 IiwgKmNwLCB1aWQpOyAKKyAgICAgICAgICAgICAgICB9CisgICAgICAgICAg ICAgIGVsc2UKKyAgICAgICAgICAgICAgICBjb250aW51ZTsKKworICAgICAg ICAgICAgICBpZiAoTUFUQ0hfU1RSIChwYXJzZXItPmJ1ZmZlciwgc3RydWlk KSkKKyAgICAgICAgICAgICAgICB7CisgICAgICAgICAgICAgICAgICBpZiAo KmNwID09ICctJykgLy8gUmVtb3ZlIGZvciB1c2VyCisgICAgICAgICAgICAg ICAgICAgIGNvbnRpbnVlOworCisgICAgICAgICAgICAgICAgICBjcCA9IHBh cnNlci0+YnVmZmVyICsgc3RybGVuKHN0cnVpZCk7CisgICAgICAgICAgICAg ICAgICB3aGlsZSAoKmNwID09ICcgJyB8fCAqY3AgPT0gJ1x0JykKKyAgICAg ICAgICAgICAgICAgICAgY3ArKzsKKyAgICAgICAgICAgICAgICAgIGlmICgo KmNwID09ICdcMCcpIHx8ICgqY3AgPT0gJ1xuJykpCisgICAgICAgICAgICAg ICAgICAgIGNvbnRpbnVlOworCisgICAgICAgICAgICAgICAgICBjcCA9IF9f c3RyZHVwIChjcCk7CisgICAgICAgICAgICAgICAgICBpZiAoY3AgPT0gTlVM TCkKKyAgICAgICAgICAgICAgICAgICAgcmV0dXJuIGZhbHNlOworICAgICAg ICAgICAgICAgICAgc25wcmludGYocGFyc2VyLT5idWZmZXIsIHN0cmxlbihj cCksICIlcyIsIGNwKTsKKyAgICAgICAgICAgICAgICAgIGZyZWUoY3ApOwor ICAgICAgICAgICAgICAgIH0KKyAgICAgICAgICAgICAgZWxzZQorICAgICAg ICAgICAgICAgIHsKKyAgICAgICAgICAgICAgICAgIGlmICgqY3AgPT0gJysn KSAvLyBSZW1vdmUgZm9yIHVzZXIKKyAgICAgICAgICAgICAgICAgICAgY29u dGludWU7CisKKyAgICAgICAgICAgICAgICAgIHdoaWxlICgqY3AgIT0gJyAn ICYmICpjcCAhPSAnXHQnKQorICAgICAgICAgICAgICAgICAgICB7CisgICAg ICAgICAgICAgICAgICAgICAgY3ArKzsKKyAgICAgICAgICAgICAgICAgICAg fQorICAgICAgICAgICAgICAgICAgd2hpbGUgKCpjcCA9PSAnICcgfHwgKmNw ID09ICdcdCcpCisgICAgICAgICAgICAgICAgICAgIGNwKys7CisgICAgICAg ICAgICAgICAgICBpZiAoKmNwID09ICdcMCcgfHwgKmNwID09ICdcbicpCisg ICAgICAgICAgICAgICAgICAgIGNvbnRpbnVlOworICAgICAgICAgICAgICAg ICAgCisgICAgICAgICAgICAgICAgICBjcCA9IF9fc3RyZHVwIChjcCsrKTsK KyAgICAgICAgICAgICAgICAgIGlmIChjcCA9PSBOVUxMKQorICAgICAgICAg ICAgICAgICAgICByZXR1cm4gZmFsc2U7CisgICAgICAgICAgICAgICAgICBz bnByaW50ZihwYXJzZXItPmJ1ZmZlciwgc3RybGVuKGNwKSwgIiVzIiwgY3Ap OworICAgICAgICAgICAgICAgICAgZnJlZShjcCk7CisgICAgICAgICAgICAg ICAgfQorICAgICAgICAgICAgfQogICAgICAgICAgIC8qIFJlYWQgZGVmYXVs dCBkb21haW4gbmFtZS4gICovCiAgICAgICAgICAgaWYgKE1BVENIIChwYXJz ZXItPmJ1ZmZlciwgImRvbWFpbiIpKQogICAgICAgICAgICAgewo= --------------9Cnn4VtlEfKwz0UWIeWozbJ9--