jaunty /etc/resolv.conf in chroot has permission-rights 000

(server) sudo chroot /opt/ltsp/i386
ls -al /etc/resolv.conf

-> permission rights rw- r - r

(ltspclient) xterm (<-localapp pc11@ltsp)
ls -al /etc/resolv.conf

-> permission rights --- --- ---

comment: Something changes the permission rights after starting the client (ltsp-update-image was made!)

I can confirm this. After using these lines in lts.conf file, root can ping with names in chroot, but user can't use Konqueror with names. After changing mode to 644 user can use Konqueror with names. Here are my notes in mailing list:

https://lists.ubuntu.com/archives/edubuntu-users/2009-April/005283.html

admin-ltsp5@ubuntu-ltsp5:~$ cat /var/lib/tftpboot/ltsp/i386/lts.conf
[default]
SEARCH_DOMAIN=ubuntu-ltsp5
DNS_SERVER=192.168.1.1
admin-ltsp5@ubuntu-ltsp5:~$

root@ltsp200:~# ls -al /etc/resolv.conf
---------- 1 root root 43 2002-01-08 23:47 /etc/resolv.conf

root@ltsp200:~# cat /etc/resolv.conf
search ubuntu-ltsp5
nameserver 192.168.1.1

root@ltsp200:~# chmod 644 /etc/resolv.conf
root@ltsp200:~# ls -al /etc/resolv.conf
-rw-r--r-- 1 root root 43 2002-01-08 23:47 /etc/resolv.conf
root@ltsp200:~#

Best Regards Asmo Koskinen.

Here is a fix.

This one is for server with one nic. This works also with two nics
(forward & nat). I tested it, too.

1.

admin-ltsp5@ubuntu-ltsp5:~$ cat /opt/ltsp/i386/etc/init.d/chmod-resolv.sh
#! /bin/sh
chmod 644 /etc/resolv.conf

admin-ltsp5@ubuntu-ltsp5:~$

2.

admin-ltsp5@ubuntu-ltsp5:~$ cat /var/lib/tftpboot/ltsp/i386/lts.conf
#
SEARCH_DOMAIN = ubuntu-ltsp5
DNS_SERVER = 192.168.1.1
#
RCFILE_01=/etc/init.d/chmod-resolv.sh

admin-ltsp5@ubuntu-ltsp5:~$

3.

admin-ltsp5@ubuntu-ltsp5:~$ sudo ltsp-update-image

4.

admin-ltsp5@ubuntu-ltsp5:~$ ssh root@192.168.1.200
root@192.168.1.200's password:
root@ltsp200:~# ls -al /etc/resolv.conf
-rw-r--r-- 1 root root 43 2002-01-13 17:13 /etc/resolv.conf
root@ltsp200:~#

5.

ltsp-localapps works with Internet.

Best Regards Asmo Koskinen.

while this is a working workaround, the cause why the file is created with 000 permissions at all still isnt clear, it would be helpful to dig deeper here to find the actual bug and fix.

afaik the initscript only creates a resolv.conf if DNS_SERVER and SEARCH_DOMAIN are set in lts.conf, the creation code is a simple here document and there is no reason why it shouldnt at least be rw for root.

the file shouldnt be touched at all if the two variables above are not set (so should keep its credentials you set initially in the chroot) and should have the default umask credentials.

in the ltsp-setup initscript i see:
        if [ -z "$root_write_method" ]; then
            touch / 2> /dev/null || root_write_method="bind_mounts"
        fi
        [ "$root_write_method" = "bind_mounts" ] && bind_mounts

...
can somebody seeing the issue attach the output if "cat /proc/mounts" from a booted thin client ?
it looks like the logic above has a flaw (which causes a) significant slowness on boot and b) could cause the bug you are seeing)
bind_mounts should never be set on nbd booted systems and adds about 30sec to the boot for no benefit.

the touch command should probably try to touch a file from the bindfiles variable instead of trying to touch /

Fresh RC i386 install with one nic.

admin-ltsp5@ubuntu-ltsp5:~$ ssh root@192.168.1.200
root@192.168.1.200's password:
root@ltsp200:~# cat /etc/resolv.conf
search ubuntu-ltsp5
nameserver 192.168.1.1
root@ltsp200:~# ls -al /etc/resolv.conf
---------- 1 root root 43 2009-04-18 22:00 /etc/resolv.conf
root@ltsp200:~#

After fix above I got it right.

admin-ltsp5@ubuntu-ltsp5:~$ ssh root@192.168.1.200
root@192.168.1.200's password:
root@ltsp200:~# ls -al /etc/resolv.conf
-rw-r--r-- 1 root root 43 2009-04-18 22:03 /etc/resolv.conf
root@ltsp200:~# cat /etc/resolv.conf
search ubuntu-ltsp5
nameserver 192.168.1.1
root@ltsp200:~#

Time/date for the /etc/resolv.conf file in chroot is right, too.

Best Regards Asmo Koskinen.

Sorry, here is /etc/resolv.conf file after installation.

admin-ltsp5@ubuntu-ltsp5:~$ ssh root@192.168.1.200
The authenticity of host '192.168.1.200 (192.168.1.200)' can't be established.
RSA key fingerprint is ce:2b:fb:ee:ee:b8:41:38:de:23:4e:46:f3:54:2c:7c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.200' (RSA) to the list of known hosts.
root@192.168.1.200's password:

root@ltsp200:~# ping ftp.funet.fi
ping: unknown host ftp.funet.fi

root@ltsp200:~# cat /etc/resolv.conf
cat: /etc/resolv.conf: Input/output error

root@ltsp200:~# ls -al /etc/resolv.conf
ls: cannot access cat: No such file or directory
---------- 1 root root 0 2009-04-18 20:48 /etc/resolv.conf
root@ltsp200:~#

Best Regards Asmo Koskinen.

This is the same bug as 347957 previously reported.

This bug was fixed in the package ltsp - 5.1.74-0ubuntu1

---------------
ltsp (5.1.74-0ubuntu1) karmic; urgency=low

  * new upstream version (5.1.74)
   * ltsp-localapps: Make it work correctly when the server's using LDAP
   * xinitrc: Various improvement to command handling (and memory usage)
   * Update translations
   * Update manpages
   * Drop OSS sound support and fix permissions in /dev/snd/
  * Re-order the boot process to fix broken resolv.conf (LP: #348305)

 -- Stephane Graber <email address hidden> Fri, 22 May 2009 17:16:57 +0200