Ok, but in that case you should remove "delay = yes" and the hostname will be resolved at startup, before chroot
On Wed, Feb 13, 2019 at 1:23 PM Peter Pentchev roam@ringlet.net wrote:
On Wed, Feb 13, 2019 at 01:12:54PM +0100, Flo Rance wrote:
Regards, Flo
On Wed, Feb 13, 2019 at 1:00 PM tom posturne@gmail.com wrote:
Hello,
Are you sure 'foobar.remote.site' should resolve? Does "ping foobar.remote.site" work?
yes, the host is resolved on commandline and other services on this system can reach this host.
Do you have a /var/run/stunnel/etc/resolv.conf file?
No at this time I dont have this file, but it doesnt change anything if I copy the original from /etc to this lokation. But this brings me to the point try to dissable chroot and in this case stunnel is working as expected. So far so good - there is something wrong in the chroot jail.
I try to put it to /var/run/stunnel - no luck, but maybe there are other files missing as well?
If you want to resolv hostnames using resolv.conf file, you need the appropriate library libresolv which is part of libc. So you'll need to copy the libc librairies in your chroot environment.
Mmm, I don't think that the resolver libraries are loaded dynamically; they are usually loaded in the stunnel binary at startup.
However, tom, can you also try copying the /etc/nsswitch.conf file to the chroot?
G'luck, Peter
-- Peter Pentchev roam@{ringlet.net,debian.org,FreeBSD.org} pp@storpool.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users