For a long time, I've been receiving, almost daily, useless security reports from my NetBSD boxes. With "useless", I mean notifications of changes that I know are perfectly legitimate. That is, all they contained was:

======
/etc/resolv.conf diffs (OLD < > NEW)
======
--- /var/backups//etc/resolv.conf.current 2005-05-21 [...]
+++ /etc/resolv.conf 2005-05-22 [...]
@@ -1,3 +1,3 @@
-# Created by dhclient at: Sat May 21 15:08:21 CEST 2005
+# Created by dhclient at: Sun May 22 13:41:19 CEST 2005
search home.network
nameserver 127.0.0.1

As I said, I know that the resolv.conf file changes daily due to every run of the dhclient utility, so don't bother me telling that! What I wanted was to remove the date from resolv.conf's header, in order to avoid differences between runs unless something else really changed. After a bit of research I found a way to fix.

The thing is that dhclient runs a special script, called dhclient-script, which does some pre/post processing over network configuration. This script is not meant to be edited, but it allows to place functional hooks under /etc/dhclient-enter-hooks and /etc/dhclient-exit-hooks. And this is what I did: I created the /etc/dhclient-exit-hooks file on my machine to remove the date from the generated file:

if [ -f /etc/resolv.conf ]; then
sed -e 's|^# Created by dhclient at:.*$|# Created by dhclient|' </etc/resolv.conf >/etc/resolv.conf.save
cp /etc/resolv.conf.save /etc/resolv.conf
rm /etc/resolv.conf.save
fi

I'm not sure if this is the best way to solve this little problem, but at least it works.

What did you think about this article? (Experimental)

Want more posts like this one? Take a moment to subscribe.

RSS feed