[stunnel-users] Problem with name resolving on Centos 7

Peter Pentchev roam at ringlet.net
Wed Feb 13 13:22:58 CET 2019


On Wed, Feb 13, 2019 at 01:12:54PM +0100, Flo Rance wrote:
> Regards,
> Flo
> 
> On Wed, Feb 13, 2019 at 1:00 PM tom <posturne at gmail.com> wrote:
> 
> > Hello,
> >
> > > Are you sure 'foobar.remote.site' should resolve?
> > > Does "ping foobar.remote.site" work?
> >
> > yes, the host is resolved on commandline and other services on this
> > system can reach this host.
> >
> >
> > > Do you have a /var/run/stunnel/etc/resolv.conf file?
> >
> > No at this time I dont have this file, but it doesnt change anything
> > if I copy the original from /etc to this lokation. But this brings me
> > to the point try to dissable chroot and in this case stunnel is
> > working as expected. So far so good - there is something wrong in the
> > chroot jail.
> >
> > I try to put it to /var/run/stunnel - no luck, but maybe there are
> > other files missing as well?
> 
> If you want to resolv hostnames using resolv.conf file, you need the
> appropriate library libresolv which is part of libc.
> So you'll need to copy the libc librairies in your chroot environment.

Mmm, I don't think that the resolver libraries are loaded dynamically;
they are usually loaded in the stunnel binary at startup.

However, tom, can you also try copying the /etc/nsswitch.conf file to
the chroot?

G'luck,
Peter

-- 
Peter Pentchev  roam@{ringlet.net,debian.org,FreeBSD.org} pp at storpool.com
PGP key:        http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115  C354 651E EFB0 2527 DF13
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20190213/594a8329/attachment.sig>


More information about the stunnel-users mailing list