When I upgraded from Ubuntu 8.04 (Hardy) to Ubuntu 8.10 (Intrepid), a dhclient-exit-hook script I wrote no longer functioned.
dhclient-script was previously used by dhclient so that whenever the dhcp changed, it would reconfigure the interfaces, generate the /etc/resolv.conf, and run scripts who’s intention is to modify the /etc/resolv.conf file based on the dhcp settings. These scripts are located in the folders /etc/dhcp3/dhclient-enter-hooks.d/ and /etc/dhcp3/dhclient-exit-hooks.d/.
Reading up on the problem, thanks to perlhead on the Ubuntu Forums, it appears that since NetworkManager did the same function as dhclient-script, which got in the way of NetworkManager’s plugins, so dhclient-script was disabled.
Sadly NetworkManager fails to call any hooks on dhcp renew, which is what my script needed. It only calls its hooks, which are located in /etc/NetworkManager/dispatcher.d/, when the interface is brought up or down.
I’ve made a modified dhclient-script, which when set as the dhclient script, will call the enter hooks, then call NetworkManager’s dhclient script, then call the exit hooks. This effectively gives the intended effect of allowing NetworkManager to run with the old dhcp hooks available.
To use it, modify your /etc/dhcp3/dhclient.conf and add/modify the line:
script /sbin/dhclient-script-networkmanager
And save this file /sbin/dhclient-script-networkmanager
Make sure its executable:
chmod +x /sbin/dhclient-script-networkmanager
Apparmor is included in Ubuntu 9.04, which will block execution of this script, what you can do is update the apparmor dhclient profile to allow the new script location, edit “/etc/apparmor.d/sbin.dhclient3″ and replace all occurances of /sbin/dhclient-script with /sbin/dhclient-script-networkmanager, and it should now work.
Now restart NetworkManager to see if it has worked:
sudo /etc/init.d/NetworkManager restart
Wait for the network to reconnect again, if it hangs then it probably didn’t work. Check out your resolv.conf:
cat /etc/resolv.conf
Please let me know how it goes when running this script. I have only tested it on Ubuntu 8.10 and 9.04.
Hi,
first I want thank you for your great articles about dhclient.
I want to implement the same as you with your DNS forwarding to DHCP DNS. Therefore i configured the dhclient-script as you wrote in your article. All works great if i start dhclient iface.
But there is a problem with Network-Manager: in /etc/dhcp3/dhclient.conf i added the line
script “/sbin/dhclient-script-networkmanager”;
If i start dhclient there is the following error:
execve (/sbin/dhclient-script-networkmanager, …): Permission denied
The script is executable, of course.
Have you an idea what the problem can be?
Thank you.
It’s apparmor, which was added in Ubuntu 9.04, blocking execution of the script. I’ve updated the article to say how to sort that out.
Glad someone else is keen on using the DHCP bind forwarder idea.
Oh very nice
Thank you very much. Excellent!
All works great, but there is a little problem: If I connect to a wireless lan via networkmanager, all DNS entries are correct (127.0.0.1 in resolv.conf, and real dns in forwardersfile of bind).
If I connect to a VPN-Server with OpenVPN or vpnc the resolv.conf contains the vpn-dns-server and my real dhcp-dns-server but not 127.0.0.1. Have you any solution for this problem, too?
Looks like OpenVPN rewrites resolv.conf directly. I’m not exactly sure what it does with the loopback ip, but overwrites it with the VPN’s name server.
I’ve found an Ubuntu bug report on it. It has several ideas for workarounds but I’d need to work out a solution.
Here it is if you have any luck:
https://bugs.launchpad.net/ubuntu/+source/dhcp3/+bug/90681
I’ll try and have a look into it soon.
At first thoughts, the solution I think would be to, rather than openvpn edit the resolv.conf, it should replace the ip address in the named.forwarders file.
It looks like /etc/openvpn/update-resolv-conf is the script with the issue, deleting that and adding a new script that does the above should work, but might lead to another contention with DHCP renews overwriting the forwarders.
This website suggests using resolvconf, a framework for hooking up various network subsystems:
http://www.phocean.net/2006/12/07/openvpn-and-dns-on-a-linux-client.html
Just stumbled across this problem myself. This is what I use now:
- Run the NetworkManager script from dhclient-hooks:
echo /usr/lib/NetworkManager/nm-dhcp-client.action >/etc/dhcp3/dhclient-exit-hooks.d/networkmanager
- Then just enable the default hook script in dhclient.conf:
script “/sbin/dhclient-script”;
resolv.conf was a different problem. resolvconf nearly got it right (I use a local resolver and need “options edns0″ in resolv.conf) but NetworkManager sometimes overwrites it.
I ended up making resolv.conf immutable with “chattr +i /etc/resolv.conf”
Just wanted to say thanks. I’ve been trying to get my system to accept the “smtp-server” option via DHCP (to update the Postfix “relayhost” on a “roaming” laptop) .. and this was the last piece of the puzzle.
I just wanted to point out a more properly “integrated” way of achieving this goal that I just posted to a bug I opened with the NM folks at https://bugzilla.gnome.org/show_bug.cgi?id=615073
As I allude to in the bug, the real solution is to migrate the (only needed ones) dhclient script to NM’s dispatcher, in an even less lazy way than my NTP example in that bug.