Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

macOS: adjust DNS via both /etc/resolv.conf and system resolver #907

Closed
josharian opened this issue Nov 9, 2020 · 4 comments
Closed

macOS: adjust DNS via both /etc/resolv.conf and system resolver #907

josharian opened this issue Nov 9, 2020 · 4 comments
Labels
dns L3 Some users Likelihood OS-macos Issues involving Tailscale for macOS P3 Can't get started Priority level T6 Major usability Issue type

Comments

@josharian
Copy link
Contributor

Customer bug report, not yet reproduced.

MagicDNS on macOS teaches the system resolver about Tailscale DNS entries. It does not modify /etc/resolv.conf.

Some macOS applications read /etc/resolv.conf for DNS instead of consulting the system resolver. Perhaps most notably, this includes Go applications build with cgo disabled, which means it affects docker, kubernetes, etc.

MagicDNS should probably adjust /etc/resolv.conf too.

This should probably block MagicDNS coming out of beta on macOS.

@josharian josharian added OS-macos Issues involving Tailscale for macOS L3 Some users Likelihood P3 Can't get started Priority level T6 Major usability Issue type labels Nov 9, 2020
@bradfitz
Copy link
Member

Do we even have the ability to do that from within the Network Extension App Store sandbox?

Might be an argument in favor of going the System Extension route instead (#718)

/cc @crawshaw

@crawshaw
Copy link
Contributor

What macos apps read resolv.conf?

#
# macOS Notice
#
# This file is not consulted for DNS hostname resolution, address
# resolution, or the DNS query routing mechanism used by most
# processes on this system.
#
# To view the DNS configuration used by this system, use:
#   scutil --dns
#
# SEE ALSO
#   dns-sd(1), scutil(8)
#
# This file is automatically generated.
#
search localdomain
nameserver 192.168.1.1

We certainly cannot edit it from inside the sandbox.

@josharian
Copy link
Contributor Author

What macos apps read resolv.conf?

Go applications build with cgo disabled, which means it affects docker, kubernetes, etc.

Relevant upstream issues:

golang/go#12524
golang/go#16345

@crawshaw
Copy link
Contributor

This is fixed in Big Sur, our NetworkExtension automatically updates /etc/resolv.conf with no changes from us.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dns L3 Some users Likelihood OS-macos Issues involving Tailscale for macOS P3 Can't get started Priority level T6 Major usability Issue type
Projects
None yet
Development

No branches or pull requests

4 participants