dhcpcd-discuss

On 24/09/2018 16:39, Klemens Nanni wrote:
> On Mon, Sep 24, 2018 at 02:20:30PM +0100, Roy Marples wrote:
> > It's not currently that granular.
> > See a recent discussion on this here:
> > https://roy.marples.name/archives/dhcpcd-discuss/0001932.html
> Thanks for the pointer.
>
> > I also find it rather odd that you even need to run dhcpcd for DNS as the
> > slaacd man page states it supports RFC 8106 which is all about DNS in the RA
> > and nothing else.
> While slaacd parses RDNSS and DNSSL, it does not touch /etc/resolv.conf to avoid
> inteference with dhclient as of now.

Then it's man page should at least be updated to reflect this.

And maybe prod OpenBSD into solving it - a solution to this would be to 
implement resolvconf. NetBSD and FreeBSD use openresolv for this 
(disclaimer, I maintain it alongside dhcpcd so there is some bias).
https://roy.marples.name/projects/openresolv

CCing Stuart as he might know who to prod for this.

> > Is there a compelling reason why you need to run both? Either dhcpcd or
> > slaacd should be fine.
> Because slaacd comes with base, is enabled by default and runs with privilege
> separation.
>
> dhcpcd running as root should only do what's necessary.

There was also a discussion about doing priv-sep in dhcpcd here:
https://roy.marples.name/archives/dhcpcd-discuss/0002137.html

But it come to nothing as no-one said if my idea was good or bad. One 
commentor offered to at least do a small related patch, but that didn't 
materialise, thus it has stalled as I personally have little interest in 
the feature.

Anyway, my OpenBSD vm is currently down so I can't test the attached 
diff, but it should fix your problem. Please test it and let me know.

Roy

diff --git a/src/if-bsd.c b/src/if-bsd.c
index cdd959a6..c1a6be86 100644
--- a/src/if-bsd.c
+++ b/src/if-bsd.c
@@ -1393,8 +1393,20 @@ set_ifxflags(int s, const struct interface *ifp)
 	/*
 	 * If not doing autoconf, don't disable the kernel from doing it.
 	 * If we need to, we should have another option actively disable it.
+	 *
+	 * OpenBSD moved from kernel based SLAAC to userland via slaacd(8).
+	 * It has a similar featureset to dhcpcd such as stable private
+	 * addresses, but lacks the ability to handle DNS inside the RA
+	 * which is a serious shortfall in this day and age.
+	 * Appease their user base by working alongside slaacd(8) if
+	 * dhcpcd is instructed not to do auto configuration of addresses.
 	 */
-	if (ifp->options->options & DHCPCD_IPV6RS)
+#if defined(ND6_IFF_ACCEPT_RTADV)
+#define	BSD_AUTOCONF	DHCPCD_IPV6RS
+#else
+#define	BSD_AUTOCONF	DHCPCD_IPV6RA_AUTOCONF
+#endif
+	if (ifp->options->options & BSD_AUTOCONF)
 		flags &= ~IFXF_AUTOCONF6;
 	if (ifr.ifr_flags == flags)
 		return 0;