resolved: suppress writing DNS server info into /etc/resolv.conf for non-standard...

author Lennart Poettering <lennart@poettering.net>

Mon, 27 Sep 2021 12:28:16 +0000 (14:28 +0200)

committer Yu Watanabe <watanabe.yu+github@gmail.com>

Tue, 28 Sep 2021 02:27:36 +0000 (11:27 +0900)
author Lennart Poettering <lennart@poettering.net>
Mon, 27 Sep 2021 12:28:16 +0000 (14:28 +0200)
committer Yu Watanabe <watanabe.yu+github@gmail.com>
Tue, 28 Sep 2021 02:27:36 +0000 (11:27 +0900)
diff --git a/src/resolve/resolved-resolv-conf.c b/src/resolve/resolved-resolv-conf.c

index dd02d368e92accd936033f9b6fdb73086a98dde0..d5a77605a8806405062632431c1c45f974aa689c 100644 (file)
--- a/src/resolve/resolved-resolv-conf.c
+++ b/src/resolve/resolved-resolv-conf.c
@@ -216,6 +216,13 @@ static void write_resolv_conf_server(DnsServer *s, FILE *f, unsigned *count) {
                  return;
          }
  
+        /* resolv.conf simply doesn't support any other ports than 53, hence there's nothing much we can
+         * do — we have to suppress these entries */
+        if (dns_server_port(s) != 53) {
+                log_debug("DNS server %s with non-standard UDP port number, suppressing from generated resolv.conf.", dns_server_string(s));
+                return;
+        }
+
          /* Check if the scope this DNS server belongs to is suitable as 'default' route for lookups; resolv.conf does
           * not have a syntax to express that, so it must not appear as a global name server to avoid routing unrelated
           * domains to it (which is a privacy violation, will most probably fail anyway, and adds unnecessary load) */
author	Lennart Poettering <lennart@poettering.net>
	Mon, 27 Sep 2021 12:28:16 +0000 (14:28 +0200)
committer	Yu Watanabe <watanabe.yu+github@gmail.com>
	Tue, 28 Sep 2021 02:27:36 +0000 (11:27 +0900)