From owner-freebsd-net@FreeBSD.ORG  Mon Aug 28 22:43:48 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4DFD116A4DA
	for <freebsd-net@freebsd.org>; Mon, 28 Aug 2006 22:43:48 +0000 (UTC)
	(envelope-from prvs=julian=388a75976@elischer.org)
Received: from a50.ironport.com (a50.ironport.com [63.251.108.112])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 148BA43D46
	for <freebsd-net@freebsd.org>; Mon, 28 Aug 2006 22:43:48 +0000 (GMT)
	(envelope-from prvs=julian=388a75976@elischer.org)
Received: from unknown (HELO [10.251.18.229]) ([10.251.18.229])
	by a50.ironport.com with ESMTP; 28 Aug 2006 15:43:48 -0700
Message-ID: <44F371A4.6030801@elischer.org>
Date: Mon, 28 Aug 2006 15:43:48 -0700
From: Julian Elischer <julian@elischer.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US;
	rv:1.7.13) Gecko/20060414
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Jeremie Le Hen <jeremie@le-hen.org>
References: <44EF6E18.6090905@elischer.org>
	<20060828215048.GB15761@obiwan.tataz.chchile.org>
In-Reply-To: <20060828215048.GB15761@obiwan.tataz.chchile.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Cc: FreeBSD Net <freebsd-net@freebsd.org>
Subject: Re: [fbsd] possible patch for implementing split DNS
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Aug 2006 22:43:48 -0000

Jeremie Le Hen wrote:

>Julian,
>
>On Fri, Aug 25, 2006 at 02:39:36PM -0700, Julian Elischer wrote:
>  
>
>>I need some processes to look elsewhere for DNS information from where 
>>the rest
>>of the system looks.. This patch seems to me a simple solution.
>>We over-ride where the resolver looks for resolv.conf using an 
>>environment variable.
>>This would allow me to reset this to an application specific config file 
>>that
>>specifies a different server.
>>    
>>
>
>I like this idea, but don't you think the administrator might want
>to be able to disable this functionnality for his users ?
>Unless using a packet filter might suffice...
>  
>

my thought would be that we specify a filename (default resolv.conf) and 
we look for it in /etc.
if is not there or not the right format, it doesn't work. Nor does it 
work if you are SUID.
i.e the admin will have to have set it up.

>Regards,
>  
>