| 1 |
On Wed, Dec 14, 2016 at 1:19 AM, Mike Gilbert <floppym@g.o> wrote: |
| 2 |
> On Tue, Dec 13, 2016 at 6:05 AM, Alexander Kapshuk |
| 3 |
> <alexander.kapshuk@×××××.com> wrote: |
| 4 |
>> Been using openconnect for a few years now. |
| 5 |
>> I currently have net-misc/openconnect-7.06-r1 installed. |
| 6 |
>> This morning, when logged in at a remote site, I noticed that when |
| 7 |
>> clicking, or typing, nothing would happen. Which somehow seemed to |
| 8 |
>> result in a similar behavior back on the local system, i.e. attempting |
| 9 |
>> to type commands in terminal had stopped working. |
| 10 |
>> |
| 11 |
>> Having rebooted my system and poked around system log and config |
| 12 |
>> files, I noticed that my /etc/resolv.conf got overwritten by |
| 13 |
>> openconnect. Further investigation indicated that it is done by design |
| 14 |
>> via this script: /etc/openconnect/openconnect.sh. |
| 15 |
>> I do not know if this is a recent change in openconnect's behaviour, I |
| 16 |
>> had no trouble of this sort doing remote work on the same system |
| 17 |
>> yesterday. |
| 18 |
>> |
| 19 |
>> An ad-hoc solution I have found online and applied to my environment is this: |
| 20 |
>> http://serverfault.com/questions/331299/how-can-i-stop-openconnect-from-changing-etc-resolv-conf |
| 21 |
>> chattr +i /etc/resolv.conf |
| 22 |
>> |
| 23 |
>> This seems to have helped. I can click and type both on remote systems |
| 24 |
>> and the local one with no trouble at all. |
| 25 |
>> |
| 26 |
>> Anyone else experienced this? |
| 27 |
>> What are your thoughts and suggestions on the matter? |
| 28 |
> |
| 29 |
> You could install net-dns/openresolv, and set resolvconf=NO in |
| 30 |
> /etc/resolvconf.conf. openconnect.sh will automatically utilize |
| 31 |
> openresolv if it is installed, and that config setting prevents |
| 32 |
> openresolve from making any updates. |
| 33 |
> |
| 34 |
> An uglier solution is to edit /etc/openconnect/openconnect.sh, and |
| 35 |
> comment out the following lines: |
| 36 |
> |
| 37 |
> In do_connect(): |
| 38 |
> |
| 39 |
> if [ -n "$INTERNAL_IP4_DNS" ]; then |
| 40 |
> $MODIFYRESOLVCONF |
| 41 |
> fi |
| 42 |
> |
| 43 |
> In do_disconnect(): |
| 44 |
> |
| 45 |
> if [ -n "$INTERNAL_IP4_DNS" ]; then |
| 46 |
> $RESTORERESOLVCONF |
| 47 |
> fi |
| 48 |
> |
| 49 |
|
| 50 |
I went ahead with the former suggestion, which worked as advertised for me. |
| 51 |
|
| 52 |
Thanks very much. |
Archives