DNS using Name Service Switch module and Casper

[Vasily Postnicov]

That's what I found.

At first, ping calls cap_init() in capdns_setup(). cap_init() forks a
process, then the parent returns and the child calls casper_main_loop().
The child and the parent both have a socket to communicate.
casper_main_loop() calls zygote_init() and that one blocks on fork(). I do
not know how it could be. How can fork() block?

The parent process later calls cap_service_open() and that function calls
cap_xfer_nvlist(). Because the child process is stuck somewhere in
zygote_init() it never sends an nvlist back. So ping blocks.

All this is figured out by inserting printf()'s. LLDB refuses to run ping
with 'error: Child exec failed'.

вт, 5 янв. 2021 г. в 17:43, Mark Johnston <markj at freebsd.org>:

> On Tue, Jan 05, 2021 at 10:02:37AM +0300, Vasily Postnicov wrote:
> > Hello. I wrote a simple daemon called ZeroDNS which provides
> functionality
> > similar to multicast DNS, namely it discovers other participating
> machines
> > over the LAN and stores their hostname and IPv4 address pairs.
> >
> > Here is a NSS module which allows the system to use information from that
> > daemon:
> > https://github.com/shamazmazum/nss-zero-dns
> >
> > You need to modify /etc/nsswitch.conf, changing the line 'hosts: files
> dns'
> > to 'hosts: files dns zerodns'.
> >
> > It all works on FreeBSD 12.2-RELEASE, but sometimes not on 13.0-CURRENT.
> > For example, ping(8) just blocks when trying to ping a host whose name is
> > resolvable with ZeroDNS. Turns out that programs built with casper
> support
> > (like ping(8) and some others) stop working with my NSS module (they just
> > block trying to resolve the name).
>
> Presumably it's the casper process (i.e., cap_dns) that uses your
> module?  If the main ping process is blocked trying to resolve a name,
> it's waiting for the cap_dns process - where exactly is it getting
> stuck?
>
> > Is there some kind of manual on how to write casper-compatible NSS
> modules?
>