[Dnsmasq-discuss] failed to read symlink-files added by `list addnhosts '/etc/safe-search/enabled'`

Simon Kelley simon at thekelleys.org.uk
Sat Nov 26 21:53:03 UTC 2022 

Does the openwrt config use --hostsdir to read all the files in a 
directory automatically when they change? The inotify code has explicit 
handling for the case that an argument to --hostdir is a symlink, so 
there's a chance that's botched somewhere.

Note that's a symlink in the path to the directory. I just checked and 
symlinks to files contained in the directory 1) don't exercise that code 
and 2) work fine on my Ubuntu desktop.


Cheers,

Simon.


On 26/11/2022 20:45, Gordon Shawn wrote:
> it has something to do with openwrt's ujail (seccomp) I believe, 
> probably to avoid symlink attacks? i.e. file works, symlink does not work.
> 
> On Sat, Nov 26, 2022 at 2:19 PM Eric Fahlgren <ericfahlgren at gmail.com 
> <mailto:ericfahlgren at gmail.com>> wrote:
> 
>     I can't imagine that dnsmasq would even know that the file it was
>     opening was a symlink.  I'd suspect ownership or permissions.  The
>     dnsmasq process in OpenWrt is run as the 'dnsmasq' user, so maybe
>     'chown dnsmasq:dnsmasq /etc/safe-search/enabled/*' or some variant
>     would resolve your issue.
> 
>     On Fri, Nov 25, 2022 at 7:05 PM Gordon Shawn <capcoding at gmail.com
>     <mailto:capcoding at gmail.com>> wrote:
> 
>         On the newest openwrt I installed 'safe-search' which has a few
>         files under /etc/safe-search/available/ and they're symlinked to
>         /etc/safe-search/enable/ by choice.
> 
>         dnsmasq reports it failed to load those symlinks under enable/
> 
>         if I remove the symlinks, and copy the real files over from
>         available/, dnsmasq read them all and works fine.
> 
>         can dnsmasq read addn-hosts files when they're symbolic links?
> 
>         Thanks,
>         Gordon
>         _______________________________________________
>         Dnsmasq-discuss mailing list
>         Dnsmasq-discuss at lists.thekelleys.org.uk
>         <mailto:Dnsmasq-discuss at lists.thekelleys.org.uk>
>         https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss <https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss>
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

More information about the Dnsmasq-discuss mailing list