net/dns: add health check for particular broken-ish Linux DNS config

Updates #3937 (need to write docs before closing)

Change-Id: I1df7244cfbb0303481e2621ee750d21358bd67c6
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2022-02-15 06:59:15 -08:00 committed by Brad Fitzpatrick
parent 57115e923e
commit 2ff481ff10
2 changed files with 10 additions and 1 deletions

View File

@ -64,6 +64,9 @@
// SysDNSOS is the name of the net/dns OSConfigurator subsystem.
SysDNSOS = Subsystem("dns-os")
// SysDNSManager is the name of the net/dns manager subsystem.
SysDNSManager = Subsystem("dns-manager")
// SysNetworkCategory is the name of the subsystem that sets
// the Windows network adapter's "category" (public, private, domain).
// If it's unhealthy, the Windows firewall rules won't match.
@ -110,6 +113,10 @@ func DNSHealth() error { return get(SysDNS) }
// SetDNSOSHealth sets the state of the net/dns.OSConfigurator
func SetDNSOSHealth(err error) { set(SysDNSOS, err) }
// SetDNSManagerHealth sets the state of the Linux net/dns manager's
// discovery of the /etc/resolv.conf situation.
func SetDNSManagerHealth(err error) { set(SysDNSManager, err) }
// DNSOSHealth returns the net/dns.OSConfigurator error state.
func DNSOSHealth() error { return get(SysDNSOS) }

View File

@ -14,6 +14,7 @@
"github.com/godbus/dbus/v5"
"inet.af/netaddr"
"tailscale.com/health"
"tailscale.com/types/logger"
"tailscale.com/util/cmpver"
)
@ -216,7 +217,7 @@ func dnsMode(logf logger.Logf, env newOSConfigEnv) (ret string, err error) {
}
dbg("nm-resolved", "yes")
if err := env.dbusPing("org.freedesktop.resolve1", "/org/freedesktop/resolve1"); err != nil {
if !resolvedUp {
dbg("resolved", "no")
return "direct", nil
}
@ -241,6 +242,7 @@ func dnsMode(logf logger.Logf, env newOSConfigEnv) (ret string, err error) {
dbg("nm-safe", "yes")
return "network-manager", nil
}
health.SetDNSManagerHealth(errors.New("systemd-resolved and NetworkManager are wired together incorrectly; MagicDNS will probably not work. For more info, see https://tailscale.com/s/resolved-nm"))
dbg("nm-safe", "no")
return "systemd-resolved", nil
default: