For a long time, I've been receiving, almost daily, useless security reports from my NetBSD boxes. With "useless", I mean notifications of changes that I know are perfectly legitimate. That is, all they contained was:

======
/etc/resolv.conf diffs (OLD < > NEW)
======
--- /var/backups//etc/resolv.conf.current 2005-05-21 [...]
+++ /etc/resolv.conf 2005-05-22 [...]
@@ -1,3 +1,3 @@
-# Created by dhclient at: Sat May 21 15:08:21 CEST 2005
+# Created by dhclient at: Sun May 22 13:41:19 CEST 2005
search home.network
nameserver 127.0.0.1

As I said, I know that the resolv.conf file changes daily due to every run of the dhclient utility, so don't bother me telling that! What I wanted was to remove the date from resolv.conf's header, in order to avoid differences between runs unless something else really changed. After a bit of research I found a way to fix.

The thing is that dhclient runs a special script, called dhclient-script, which does some pre/post processing over network configuration. This script is not meant to be edited, but it allows to place functional hooks under /etc/dhclient-enter-hooks and /etc/dhclient-exit-hooks. And this is what I did: I created the /etc/dhclient-exit-hooks file on my machine to remove the date from the generated file:

if [ -f /etc/resolv.conf ]; then
sed -e 's|^# Created by dhclient at:.*$|# Created by dhclient|' </etc/resolv.conf >/etc/resolv.conf.save
cp /etc/resolv.conf.save /etc/resolv.conf
rm /etc/resolv.conf.save
fi

I'm not sure if this is the best way to solve this little problem, but at least it works.

Go to posts index

Comments from the original Blogger-hosted post: