Re: network manager dhcp ntp server issue

[Dan Williams <dcbw redhat com>]

On Wed, 2013-01-23 at 04:07 -0500, Pavel Simerda wrote:
> > From: "Dan Williams" <dcbw redhat com>
> > On Tue, 2013-01-22 at 08:32 +0100, Ralf Habacker wrote:
> > > Am 19.01.2013 00:52, schrieb Dan Williams:
> > > > So NetworkManager pushes out *every* DHCP option in the
> > > > environment of
> > > > dispatcher scripts. This should be happening both on
> > > > 'dhcp4-change'
> > > > and 'up' events. This would be the preferred mechanism to push
> > > > NTP
> > > > server and other random information to other tools like ntpd. Is
> > > > this
> > > > not working?
> > > Cannot say yet.
> > > I found out that adding an entry NTPSERVERS to
> > > /var/run/netconfig/NetworkManager.netconfig by hand let netconfig
> > > find
> > > and set ntp server.
> > > Because in NetworkManager there is already code to set DNSSERVERS,
> > > which
> > > is somehow transfered into
> > > /var/run/netconfig/NetworkManager.netconfig
> > > and I added similar code for NTPSERVERS, which works for me.
> > > 
> > > If your question is still relevant please let me know. In this case
> > > I
> > > need to dig more into the way opensuse deals with setting dhcp
> > > options.
> > 
> > Yeah, I'd still like to know if they do show up via dispatcher
> > scripts.
> 
> I was just talking with another person (in Cc), this time about Debian Unstable.
> 
> > This is not SUSE specific; the dispatcher scripts work this way for
> > NetworkManager in general.
> 
> And is ntp server and/or configuration tool agnostic. I was just looking at chronyd integration in Fedora and that might serve as an example.
> 
> /etc/NetworkManager/dispatcher.d/20-chrony:
> 
> #!/bin/sh
> 
> export LC_ALL=C
> 
> if [ "$2" = "up" ]; then
> 	/sbin/ip route list dev "$1" | grep -q '^default' &&
> 		/usr/libexec/chrony-helper command online > /dev/null 2>&1
> fi
> 
> if [ "$2" = "down" ]; then
> 	/sbin/ip route list | grep -q '^default' ||
> 		/usr/libexec/chrony-helper command offline > /dev/null 2>&1
> fi
> 
> exit 0
> 
> > Typically the dispatcher script would write
> > the NTP servers out to the ntpd config file and then send a signal to
> > ntpd to indicate that its config had changed.
> 
> I wonder why we don't use the same technique for the list of DNS servers. This would allow anyone to easily implement a DNS recursive server for use with networkmanager. But I didn't look at the code
> and examine the custom zone configuration.

Because we need something a bit more involved for DNS, as we'll actually
care about the result of what happens with DNS.  We may even need to
change things around (DNS-SEC) based on the responses to
connectivity/hotspot detection in the future.  This means we'll need to
block internally on the response from the DNS handling stuff and that's
not easily done internally right now.

Note that none of this will ever depend on "interface name" (eg
resolvconf or even netconfig) because there are much better ways for
determining DNS priority order, and interface name is not flexible
enough, including the fact it no longer means anything (eg, usb0 are
sometimes WWAN devices, ethX are sometimes wifi, etc).  Unfortunately
that's something netconfig and resolvconf want right now, and so
NetworkManager fakes it.

We've had many discussions about this stuff upstream (see bugzilla too)
and decided that we do need a more capable set of hooks for DNS
handling, above and beyond the existing dnsmasq local caching
namerserver integration (see man NetworkManager.conf and the [dns]
section).  So there's certainly movement around this issue, if not
actual code.  There shouldn't ever be a reason to set +i
on /etc/resolv.conf if we've done our job properly.

> That way we could move support for netconfig from NetworkManager code to the dispatcher scripts and let the SUSE folks maintain it in the same way for DNS, NTP and other stuff.
> 
> Btw, are dispatcher scripts for chrony, ntp and other programs upstreamed? 

No, they aren't; none have been submitted.  We'd certainly accept them
if they were.  I don't think they'd get installed by default, but I'm
happy to put them into an example dispatcher scripts directory.

Dan