Re: Editing the DNS with Network Manager Non Root

To: debian-user@lists.debian.org
Subject: Re: Editing the DNS with Network Manager Non Root
From: Richmond <richmond@criptext.com>
Date: Fri, 13 May 2022 17:02:26 +0100
Message-id: <[🔎] 84r14x8lpp.fsf@example.com>
References: <[🔎] 84mtfo5g2j.fsf@example.com> <[🔎] 7e8911f5-9841-790a-8bd7-46b816177eb7@holgerdanske.com> <[🔎] 84ilqaomwf.fsf@example.com> <[🔎] 8be059d6-e05c-1db3-8b15-ae38f8102825@holgerdanske.com>

David Christensen <dpchrist@holgerdanske.com> writes:

> On 5/12/22 07:17, Richmond wrote:
>> David Christensen <dpchrist@holgerdanske.com> writes:
>> 
>>> On 5/11/22 06:55, Richmond wrote:
>>>> I have a network manager applet on my xfce4 desktop. I am logged in as a
>>>> non root user, and I can select edit connections and change the IPv4
>>>> settings to DHCP address only and then put in a DNS, then save. If I
>>>> look at /etc/resolv.conf though nothing has changed. Restarting
>>>> networking or rebooting makes no difference. Perhaps this menu option
>>>> should only appear for root, or should cause an error message for non
>>>> root users?
>>>
>>>
>>> I typically need to enter the root password whenever I make changes
>>> via the Xfce NetworkManager Applet.
>>>
>>>
>>> Please run and post:
>>>
>>> $ cat /etc/debian_version ; uname -a
>>>
>>> $ ls -l /etc/resolv.conf
>>>
>>> $ cat /etc/resolv.conf
>>>
>>>
>>> David
>> 11.3
>> Linux marvin 5.16.0-0.bpo.3-amd64 #1 SMP PREEMPT Debian
>> 5.16.11-1~bpo11+1 (2022-03-02) x86_64 GNU/Linux
>> -rw-r--r-- 1 root root 79 May 12 15:15 /etc/resolv.conf
>> # Generated by NetworkManager
>> nameserver 192.168.1.1
>> nameserver fe80::1%enp2s0
>> That address 192.168.1.1 is not what I usually have, I was
>> experimenting, trying to find out if my router is vulnerable to the DNS
>> spoofing reported recently.
>
>
> The date and time on resolve.conf show that it is current.

Yes, it is very odd. I have just gone through this process again, and it
does update the timestamp, but does not apply changes...

>
>
> "nameserver 192.168.1.1" looks plausible.

I put it in there, it is the address of my router, the gateway, which
responds to DNS queries but merely passes them to the address it has
obtained through DHCP. The only way I found to get an address into
resolv (other than editing it obviously) was by logging into the desktop
as root, which I rarely do.

>
>
> I am using a Debian 11 desktop with Xfce:
>
> 2022-05-12 15:58:09 dpchrist@laalaa ~
> $ echo "'$PS1'"
> '\n\D{%Y-%m-%d %H:%M:%S} \u@\h \w\n\$ '
>
> 2022-05-12 15:58:19 dpchrist@laalaa ~
> $ cat /etc/debian_version ; uname -a
> 11.3
> Linux laalaa 5.10.0-14-amd64 #1 SMP Debian 5.10.113-1 (2022-04-29)
> x86_64 GNU/Linux
>
> 2022-05-12 15:58:27 dpchrist@laalaa ~
> $ ls -l /etc/resolv.conf
> -rw-r--r-- 1 root root 83 May 12 11:06 /etc/resolv.conf
>
> 2022-05-12 15:58:33 dpchrist@laalaa ~
> $ cat /etc/resolv.conf
> # Generated by NetworkManager
> search tracy.holgerdanske.com
> nameserver 192.168.5.1
>
>
> If I right-click the Xfce NetworkManager Applet and choose Edit
> Connections, I get a window "Network Connections":
>
>     Ethernet
>        Wired connection 1
>
> If I double-click "Wired connection 1", I get a windows "Editing Wired
> connection 1".  If I select the tab IPv4 Settings, there is a
> drop-down list labeled "Methods".
>
> - It is currently set to "Automatic (DHCP)".  The remaining settings are:
>
>     Additional static addresses -> empty
>
>     Additional DNS servers -> empty
>
>     Additional Search domains -> empty
>
>     DHCP client ID -> empty
>
>     Require IPv4 addressing for this connection to complete -> unchecked
>
>
> If I choose "Automatic (DHCP) addresses only", the labels for the
> second and third settings change.  Putting in some test data:
>
>     Additional static addresses -> Add:
> 	Address -> 192.168.123.45
> 	Netmask -> 255.255.255.0
> 	Gateway -> 192.168.5.1
>
>     DNS servers -> 192.168.123.45,192.168.123.67
>
>     Search domains -> frunobulax.org
>
>     DHCP client ID -> empty
>
>     Require IPv4 addressing for this connection to complete -> unchecked
>
>
> I then click "Save".
>
>
> I then enter the root password in the pop-up that opens.
>
>
> I then close the "Network Connections" window and reboot.
>
> 2022-05-12 16:10:25 dpchrist@laalaa ~
> $ ls -l /etc/resolv.conf
> -rw-r--r-- 1 root root 104 May 12 16:09 /etc/resolv.conf
>
> 2022-05-12 16:10:34 dpchrist@laalaa ~
> $ cat /etc/resolv.conf
> # Generated by NetworkManager
> search frunobulax.org
> nameserver 192.168.123.45
> nameserver 192.168.123.67
>
>
> Is this the results you expect?
>
>
> David

I didn't put in a search domain, netmask, or gateway.

I didn't get prompted for root access. Perhaps that is the problem?

stat /etc/resolv.conf shows that the file has been updated but its
content doesn't change.

Reply to:

Follow-Ups:
- Re: Editing the DNS with Network Manager Non Root
  - From: David Christensen <dpchrist@holgerdanske.com>

References:
- Editing the DNS with Network Manager Non Root
  - From: Richmond <richmond@criptext.com>
- Re: Editing the DNS with Network Manager Non Root
  - From: David Christensen <dpchrist@holgerdanske.com>
- Re: Editing the DNS with Network Manager Non Root
  - From: Richmond <richmond@criptext.com>
- Re: Editing the DNS with Network Manager Non Root
  - From: David Christensen <dpchrist@holgerdanske.com>

Prev by Date: Re: google account say it will no longer deliver email
Next by Date: test
Previous by thread: Re: Editing the DNS with Network Manager Non Root
Next by thread: Re: Editing the DNS with Network Manager Non Root
Index(es):
- Date
- Thread