Fixing wg-quick's DNS= directive with a hatchet
Jason A. Donenfeld
Jason at zx2c4.com
Thu Oct 26 23:22:42 CEST 2017
Hi Joe & Martin,
The latest proposal for what we're discussing lives here:
https://git.zx2c4.com/WireGuard/commit/?h=jd/dns-hatchet
> The hatchet proposal sounds fine for a short term solution,
The Debian maintainer of WireGuard has been talking me out of doing
this. If I don't ship the hatchet, the solution will be:
- Things work fine on
arch/gentoo/nix/slackware/void/alpine/exherbo/freebsd/netbsd/normallinuxdistros.
- DNS entries aren't exclusive but otherwise work on debian/ubuntu, if
the debian resolvconf is installed rather than openresolv.
- Everything is broken on Fedora (and OpenSUSE?), where there's no
openresolv or resolvconf of any kind.
In other words, the situation is split down the traditional lines of
the linux distro political landscape. Most distros do the sensible
thing. Debian does something bizarre and different but that is vaguely
compatible though not entirely. Redhat holds out in favor of
systemdnetworkmanagerblabla rather than going with the established
standard.
So, if I don't ship the hatchet, then I'll leave it to you to handle
making things not totally fail in Fedora, as they do now. Is this
okay? You could choose to fix this by just shipping the hatchet patch
yourself. Or you could try to integrate things a bit deeper with
whatever networkmanagersystemdresolveddhclientscript situation is
being used there. (Probably the hatchet is a bit easier though.) What
would you think of doing that?
Regards,
Jason
More information about the WireGuard
mailing list