# [solved] Resolving hosts only works for root

## Boccaccio

Hi everybody!

Today I updated vpnc, pulling in resolvconf-gentoo. Everything seems to work so far, at university I connect to WLAN, receive an IP via dhcp and then connect using vpnc. But then only root is able to resolve IPs, while ordinary users are not. Since it is quite uncomfortable to ping some address as root to find out the ip, then copy it over to opera, I'd like to know if there is some easier solution to my problem.

Here some output:

route

 *Quote:*   

> 
> 
> Kernel IP Routentabelle
> 
> Ziel            Router          Genmask         Flags Metric Ref    Use Iface
> ...

 

ifconfig -a

 *Quote:*   

> 
> 
> eth0      Protokoll:Ethernet  Hardware Adresse 00:1B:24:61:5C:A3  
> 
>           BROADCAST MULTICAST  MTU:1500  Metric:1
> ...

 

iwconfig

 *Quote:*   

> 
> 
> eth0      no wireless extensions.
> 
> lo        no wireless extensions.
> ...

 

cat /etc/resolv.conf

 *Quote:*   

> 
> 
> # Generated by resolvconf
> 
> search wlan.ruhr-uni-bochum.de
> ...

 

ls -l /etc/resolv*

 *Quote:*   

> 
> 
> lrwxrwxrwx 1 root root 26 18. Okt 13:29 /etc/resolv.conf -> resolvconf/run/resolv.conf
> 
> /etc/resolvconf:
> ...

 

Thx in advance.Last edited by Boccaccio on Sat Oct 20, 2007 4:23 pm; edited 1 time in total

----------

## Figaro

What are the permissions on /var/run/resolvconf?

----------

## Boccaccio

drwxr-xr-x 3 root      root        75 18. Okt 16:52 resolvconf

-rw-r--r-- 1 root root  11 18. Okt 16:52 added_order

-rw-r--r-- 1 root root   6 18. Okt 16:12 add_order

drwxr-xr-x 2 root root  41 18. Okt 16:52 interfaces

-rw-r--r-- 1 root root 130 18. Okt 16:51 resolv.conf

-rw-r--r-- 1 root root 95 18. Okt 16:12 dummy

-rw-r--r-- 1 root root 52 18. Okt 16:51 tun0

-rw-r--r-- 1 root root 96 18. Okt 16:52 wlan0

----------

## Hu

Run strace -o /tmp/resolv.strace dig localhost, then search the resulting file /tmp/resolv.strace for references to EACCES.  Alternately, just post the entire strace output here or in a paste bin.  You will need dev-util/strace and net-dns/bind-tools for strace and dig, respectively.

----------

## Boccaccio

Seems like there is no reference to EACCES in /tmp/resolv.strace:

 *Quote:*   

> 
> 
> execve("/usr/bin/dig", ["dig", "localhost"], [/* 60 vars */]) = 0
> 
> brk(0)                                  = 0x8177000
> ...

 

EDIT: This was when I executed the command as root. As normal user I find

 *Quote:*   

> 
> 
> open("/etc/resolv.conf", O_RDONLY)      = -1 EACCES (Permission denied)
> 
> 

 Last edited by Boccaccio on Fri Oct 19, 2007 11:44 am; edited 1 time in total

----------

## prox

What are the permissions on /etc/nsswitch.conf?  I believe that's read before /etc/resolv.conf or /etc/hosts ... 

- Mark

----------

## Boccaccio

-rw-r--r--  1 root root      513  7. Okt 21:39 nsswitch.conf

Seems like it has to do with the link /etc/resolv.conf->... since if I unmerge resolvconf-gentoo, delete the link and create a new resolv.conf, everything works again.

----------

## Hu

That strace output for a normal user definitely indicates a problem with permissions for resolv.conf somewhere.  You posted the output of ls -l /etc/resolv*, but that did not include the permissions of the directory /etc/resolvconf, only the files inside it.  Run ls -l -a /etc/resolv.conf /etc/resolvconf /var/run and post the results.  I think at least one of the files or directories listed in that output will be inaccessible to a normal user.  The -a will direct ls to include . and .. in the output, which will let us verify the directory permissions.

----------

## Boccaccio

ls -l -a /etc/resolv.conf /etc/resolvconf /var/run

 *Quote:*   

> 
> 
> lrwxrwxrwx  1 root root   26 20. Okt 08:52 /etc/resolv.conf -> resolvconf/run/resolv.conf
> 
> /etc/resolvconf:
> ...

 

----------

## Hu

 *Boccaccio wrote:*   

> ls -l -a /etc/resolv.conf /etc/resolvconf /var/run
> 
>  *Quote:*   drw-r--r-- 13 root      root      4096 19. Okt 18:55 .
> 
> drw-r--r--  2 root      root         6  9. Sep 18:09 console
> ...

 

All of those are wrong.  Non-root users need search permission (+x) to read files in the directory.  Run chmod -R +X /var/run and you should be fine.  The use of big X will apply the change only to directories.

----------

## Boccaccio

Thanks a lot, this indeed solved my problem!

So is this a bug in resolvconf-gentoo or was I just unlucky?

----------

## Hu

 *Boccaccio wrote:*   

> Thanks a lot, this indeed solved my problem!
> 
> So is this a bug in resolvconf-gentoo or was I just unlucky?

 

Since some directories not related to this package were also affected, I suspect something bad happened that was not related to this package.  However, if you are able to reproduce the failure by reinstalling the package, preferably on a clean machine, then go ahead and file a bug explaining the issue.  If you file a bug, please include all relevant information in the bug report.  The developers dislike bug reports that consist of instructions to read a URL for the actual problem description.

----------

## Boccaccio

Well, maybe the problems originate from some crashes I had for some time due to my WLAN driver - XFS isn't the best file system in that case   :Cool: 

----------

