[Dnsmasq-discuss] dnsmasq can't read some of the config files
fred at damen.org
fred at damen.org
Mon Feb 4 16:24:49 GMT 2013
On Mon, February 4, 2013 9:21 am, Simon Kelley wrote:
> On 04/02/13 15:16, Richard Crane wrote:
>>
>> On Jan 31, 2013, at 4:39 PM, Richard Crane wrote:
>>
>>> I am setting up a test environment with an instance of dnsmasq 2.59
>>> running. I copied over my config files from my production server.
>>> The dnsmasq.conf file is read, but my customized resolver and hosts
>>> files are not:
>>>
>>>> Jan 31 14:09:32 scully dnsmasq[3543]: started, version 2.59 cachesize 500
>>>> Jan 31 14:09:32 scully dnsmasq[3543]: compile time options: IPv6
>>>> GNU-getopt DBus i18n DHCP TFTP no-conntrack IDN
>>>> Jan 31 14:09:32 scully dnsmasq-dhcp[3543]: DHCP, IP range 172.20.2.1
>>>> -- 172.20.2.254, lease time 7d
>>>> Jan 31 14:09:32 scully dnsmasq[3543]: using local addresses only for
>>>> domain 20.172.in-arpa.addr
>>>> Jan 31 14:09:32 scully dnsmasq[3543]: using local addresses only for
>>>> domain haskins.lab
>>>> Jan 31 14:09:32 scully dnsmasq[3543]: failed to read
>>>> /etc/dnsmasq_resolv: Permission denied
>>>> Jan 31 14:09:32 scully dnsmasq[3543]: no servers found in
>>>> /etc/dnsmasq_resolv, will retry
>>>> Jan 31 14:09:32 scully dnsmasq[3543]: failed to load names from
>>>> /etc/dnsmasq_hosts: Permission denied
>>>
>>> I am using the default dnsmasq userid, but have tried using root,
>>> using another userid (modifying "root=" and "group="
>>> appropriately in the .conf file) -- nothing helps. System is opensuse
>>> 12.1, no ACLs; ls -l
>>>
>>>
>>>> # ls -ld /etc/dnsmasq*
>>>> -rw-r--r-- 1 root root 842 Jan 17 10:00
>>>> /etc/dnsmasq-dhcp-static-hosts.conf
>>>> -rw-r--r-- 1 root root 98 Jan 31 12:02 /etc/dnsmasq-foo
>>>> -rw-r--r-- 1 root users 14832 Jan 31 14:06 /etc/dnsmasq.conf
>>>> -rw-r--r-- 1 root root 3701 Jan 9 10:00 /etc/dnsmasq_hosts
>>>> -rw-r--r-- 1 root root 98 Sep 13 2006 /etc/dnsmasq_resolv
>>>
>>> shows 644 for all the files. Running strace shows file open RO but a
>>> Permissed denied error.
>>>
>>
>>
>> I solved my problem by upgrading dnsmasq, but I still don't understand
>> how it could happen. Has anyone ever run into something like this?
>>
>>
>
> I'm not aware of any fixed bugs post 2.59 that could explain things.
>
> Simon.
This smells of SELinux. I suspect that you copied the files in a way that
eliminated the SELinux tags on the files. When the package handler
reinstalled dsnmasq it probably reset the proper SELinux tags on these files.
Just a guess, but these type of things are why I generally wind up putting
SELinux into permissive mode. (security too complex for the average idiot,
e.g., me, generally back fires and makes the system even less secure.)
Fred
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
More information about the Dnsmasq-discuss
mailing list