[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: LXD packages - feedback and suggestion related to lxd-agent and dnsmasq



Hi Mathias,

Am 20.12.22 um 02:10 schrieb Mathias Gibbens:
   I spent some time looking into this over the weekend, and in reading
the dnsmasq documentation realized that just dnsmasq-base would be
sufficient for LXD's use, very much like libvirt's packaging. That will
pull in the dnsmasq binary for LXD's use, but not setup a system-wide
service. I've done some testing this afternoon, and things seem to work
properly, so the change of Recommending dnsmasq -> dnsmasq-base will be
included in the next LXD upload.

Great, thank you!

I just checked my setup by removing dnsmasq and keeping dnsmasq-base, all seems to work fine. LXD is running its own instance of dnsmasq on the lxdbr0 interface. The dnsmasq service installed by the dnsmasq pacakge is not needed :-)

   More generally, if you're concerned about the default configuration
of dnsmasq, please open a bug against that package. I would hope end-
users will have some sort of firewall between their systems and the
wider Internet to block unintended access to a DNS resolver. It would
be inappropriate for another package (lxd) to try to directly modify
dnsmasq's configuration.

Fully agree that we should not try to change dnsmasq config. The default of creating a public service makes sense when I install dnsmasq directly.

best regards,

Carsten

--
cebe.cloud - Carsten Brandt

cb@cebe.cloud
https://cebe.cloud/

cebe Internet GmbH
Leinstr. 3
31061 Alfeld (Leine)
Germany

Geschäftsführer: Carsten Brandt
Registriergericht: Amtsgericht Hildesheim
Registernummer: HRB 20 59 19


Reply to: