Bug#966095: please remove buggy NetworkManager dispatcher script

Wed, 22 Jul 2020 16:13:14 -0700 

Package: dnssec-trigger
Version: 0.17+repack-3+b1
Severity: normal

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello,

I was just trying out dnssec-trigger in a VM, but after setting
dns=unbound in my NetworkManager configuration according to its
man page, I found a nasty surprise in
/etc/NetworkManager/dispatcher.d/01-dnssec-trigger:

# Future versions of NetworkManager will have an active
# unbound/dnssec-trigger plugin. Don't intervene when the new
# plugin is being used.
if [ -e /etc/NetworkManager/NetworkManager.conf ]; then
        grep -q '^dns=unbound\>' /etc/NetworkManager/NetworkManager.conf && 
exit 0
fi

The problem here is that this script only checks the primary
NetworkManager.conf, and doesn't look in conf.d. The NetworkManager
documentation recommends putting local configuration changes in
conf.d so that package management systems don't overwrite changes,
although maybe dpkg handles this more gracefully than most:
$ dpkg -S /etc/NetworkManager/NetworkManager.conf
network-manager: /etc/NetworkManager/NetworkManager.conf

Perhaps dnssec-trigger should install a NetworkManager configuration
snippet in /usr/lib/NetworkManager/conf.d/, the normal location for
snippets installed by other packages?

- -- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing'), (2, 'unstable'), (1, 'testing-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.7.0-1-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_USER, TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dnssec-trigger depends on:
pn  gir1.2-nm-1.0       <none>
ii  libc6               2.31-1
ii  libgdk-pixbuf2.0-0  2.40.0+dfsg-5
ii  libglib2.0-0        2.64.4-1
ii  libgtk2.0-0         2.24.32-4
ii  libldns3            1.7.1-2
ii  libssl1.1           1.1.1g-1
ii  python3             3.8.2-3
ii  python3-gi          3.36.0-4
ii  python3-lockfile    1:0.12.2-2.2
ii  sensible-utils      0.0.12+nmu1
pn  unbound             <none>

dnssec-trigger recommends no packages.

dnssec-trigger suggests no packages.

-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQT287WtmxUhmhucNnhyvHFIwKstpwUCXxjHRAAKCRByvHFIwKst
p6QnAPoDh69Zd3BNKtID94JGSadRhFJBWP7EeU+SWnYilIw0wwEA2E1VWbEF0RiT
9gBcfhoI2fcEPUeJLO5T10Nnrt7wQgY=
=szwF
-----END PGP SIGNATURE-----

Reply via email to