luckyimnotanigger/tun2proxy
1
0
Fork 0
mirror of https://github.com/tun2proxy/tun2proxy.git synced 2025-06-11 08:59:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Resort to writing to /etc/resolv.conf directly if mount permissions are missing

Browse source
This commit is contained in:
B. Blechschmidt 2023-10-08 12:27:32 +02:00
parent 6169014564
commit cea0e0fa27
1 changed files with 29 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

30
src/setup.rs
View file

@ -155,12 +155,7 @@ impl Setup {
Ok(false) Ok(false)
} }
fn setup_resolv_conf() -> Result<(), Error> { fn write_nameserver(fd: RawFd) -> Result<(), Error> {
let fd = nix::fcntl::open(
"/tmp/tun2proxy-resolv.conf",
nix::fcntl::OFlag::O_RDWR | nix::fcntl::OFlag::O_CLOEXEC | nix::fcntl::OFlag::O_CREAT,
nix::sys::stat::Mode::from_bits(0o644).unwrap(),
)?;
let data = "nameserver 198.18.0.1\n".as_bytes(); let data = "nameserver 198.18.0.1\n".as_bytes();
let mut written = 0; let mut written = 0;
loop { loop {
@ -170,14 +165,35 @@ impl Setup {
written += nix::unistd::write(fd, &data[written..])?; written += nix::unistd::write(fd, &data[written..])?;
} }
nix::sys::stat::fchmod(fd, nix::sys::stat::Mode::from_bits(0o444).unwrap())?; nix::sys::stat::fchmod(fd, nix::sys::stat::Mode::from_bits(0o444).unwrap())?;
Ok(())
}
fn setup_resolv_conf() -> Result<(), Error> {
let mut fd = nix::fcntl::open(
"/tmp/tun2proxy-resolv.conf",
nix::fcntl::OFlag::O_RDWR | nix::fcntl::OFlag::O_CLOEXEC | nix::fcntl::OFlag::O_CREAT,
nix::sys::stat::Mode::from_bits(0o644).unwrap(),
)?;
Self::write_nameserver(fd)?;
let source = format!("/proc/self/fd/{}", fd); let source = format!("/proc/self/fd/{}", fd);
nix::mount::mount( if Ok(())
!= nix::mount::mount(
source.as_str().into(), source.as_str().into(),
"/etc/resolv.conf", "/etc/resolv.conf",
"".into(), "".into(),
nix::mount::MsFlags::MS_BIND, nix::mount::MsFlags::MS_BIND,
"".into(), "".into(),
)
{
log::warn!("failed to bind mount custom resolv.conf onto /etc/resolv.conf, resorting to direct write");
nix::unistd::close(fd)?;
fd = nix::fcntl::open(
"/etc/resolv.conf",
nix::fcntl::OFlag::O_WRONLY | nix::fcntl::OFlag::O_CLOEXEC | nix::fcntl::OFlag::O_TRUNC,
nix::sys::stat::Mode::from_bits(0o644).unwrap(),
)?; )?;
Self::write_nameserver(fd)?;
}
nix::unistd::close(fd)?; nix::unistd::close(fd)?;
Ok(()) Ok(())
} }