From f65fba7dd8fe401d9e40d89ccdc85bb3bf162c83 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Mon, 22 May 2017 13:28:02 +0200 Subject: [PATCH] man: update wg-quick(8) to show Debian resolvconf braindamage While OpenResolv supports explicit ordering directives such as `-m` and exclusivity directives such as `-x`, Debian's own resolvconf supports none of this, instead using a hard coded list of interface name templates for determining ordering. While trying to emulate `-x` is difficult [*], we can at least try to mostly emulate `-m 0` by masquerading as a `tun*` interface to resolvconf. Ugly, but it works. [*] One heavy handed way of emulating `-x` would be something like: # echo nameserver 8.8.8.8 > /etc/resolv.conf.wg0-exclusive # mount --bind -o ro /etc/resolv.conf.wg0-exclusive /etc/resolv.conf # rm -f /etc/resolv.conf.wg0-exclusive This in practice works quite well, but is a bit heavy to put in a man page. It also doesn't "stack" well. For example, if we simply run `umount /etc/resolv.conf`, how do we know which resolv.conf entry we're unmounting? Signed-off-by: Jason A. Donenfeld --- src/wg-quick.8 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/wg-quick.8 b/src/wg-quick.8 index fcc855c..ceee026 100644 --- a/src/wg-quick.8 +++ b/src/wg-quick.8 @@ -98,9 +98,9 @@ traffic: .br \fBAddress = 10.200.100.8/24\fP .br - \fBPostUp = echo nameserver 10.200.100.1 | resolvconf -a %i -m 0 -x\fP + \fBPostUp = echo nameserver 10.200.100.1 | resolvconf -a tun.%i -m 0 -x\fP .br - \fBPostDown = resolvconf -d %i\fP + \fBPostDown = resolvconf -d tun.%i\fP .br PrivateKey = oK56DE9Ue9zK76rAc8pBl6opph+1v36lm7cXXsQKrQM= .br