netbsd-bugs: bin/9583: dhclient bashes /etc/resolv.conf with no documentation

Subject: bin/9583: dhclient bashes /etc/resolv.conf with no documentation
To: None <gnats-bugs@gnats.netbsd.org>
From: John Hawkinson <jhawk@mit.edu>
List: netbsd-bugs
Date: 03/08/2000 16:00:46

>Number:         9583
>Category:       bin
>Synopsis:       dhclient bashes /etc/resolv.conf with no documentation
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Mar  8 16:00:00 2000
>Last-Modified:
>Originator:     John Hawkinson
>Organization:
	MIT
>Release:        NetBSD 1.4.1
>Environment:
	
System: NetBSD zorkmid.mit.edu 1.4.1 NetBSD 1.4.1 (ZORKMID) #63: Wed Mar 8 04:52:39 EST 2000 jhawk@zorkmid.mit.edu:/usr/src/sys/arch/i386/compile/ZORKMID i386


>Description:
	resolv.conf(5) is well-known as a static configuration file
that users can feel free to edit and should expect that their edits will
be kept and not randomly trashed. INSTALL further implies that one should
be encouraged to edit it by hand.

	This is nominally incompatible with the current configuration
and implementation of DHCP (specifically dhclient), which, via
/etc/dhclient-script, bashes /etc/resolv.conf. Of course, INSTALL
also encourages you to enable dhclient in /etc/rc.conf (if you might
be using dhcp), so it would not be sane to argue that people using
dhclient are a different set than those reading the resolv.conf INSTALL
text.

	At a minimum, this behavior needs to documented better. It appears
to be vaguely mentioned in dhclient-script(8), but this is 4 documentation
hops away from INSTALL (1: INSTALL 2: rc.conf 3: dhclient(8)
4: dhclient-script(8)), and I think that is too far to expect a naive
user to dig around. It was certainly further than I dug around.

	In addition to said minimum, I think a number of steps of
mitigation might also be helpful. Ideas:

a)  Preserve /etc/resolv.conf in /etc/resolv.conf.old.
b)  Tag resolv.confs written by dhclient-script with a tag such that
    it can identify them, only preserve resolv.conf's that are not
    written by dhclient-script. An on-drugs implementation might use
    a checksum (md5?).
c)  Roll resolv.conf to resolv.conf.N with some maximum N ala newsyslog.
 
>How-To-Repeat:
	
>Fix:
	
>Audit-Trail:
>Unformatted: