How to change DNS settings?

I have a vodafone cable router on which the end user cannot alter the dns-setting, leading to the router distributing an ipv6-dns as first entry. SfOS doesn’t seem able to handle this probably, which leads to lagging and connection issues.
I tried the manual ip-config option using all the settings distributed by the router except for the DNS ipv6 entry, which I replaced with the google DNS (1.2.3.4). With this setting, the wifi would not connect at all.
I have then tried the dnscrypt-proxy package from storeman, but that seems broken on 4.3 (no dnscrypt-proxy.service installed in the systemd dir, nor is it part of thr package, according to rpm -ql).
I could eventually speed up the firefox browser by activating and configuring doh/trr in about:config, but I consider this rather as a workaround.
So, finally: How can I manually configure the DNS while still retrieving ip and gateway through dhcp? Thank you! :relaxed:

Edit: Screenshot of the IP-settings as distributed by the router.

Pinging 1.2.3.4 doesn’t work for me, try 1.1.1.1 for cloudflare or 8.8.8.8 for google, you could also try to add those in /etc/resolv.conf but not sure if that isn’t skipped for gui apps

Sure I could edit resolv.conf manually after every reboot (or even everytime I connect/change a network), but that’s not what I’ve ment. I really cannot find where connman and/or wpa_supplicant (or dhclient) stores the connection data since neither of the usual suspects contains any data.
In brief: I want to alter the connection settings for a single wifi connection, from “retrieve everything through dhcp” to “retrieve everything except for dns through dhcp and user a certain dns-server”.
I’m absolutely fine editing config files (or database entries) by hand if someone could just point me to the right location.
Thanks☺

/etc/resolv.conf is a symlink to a file on a tempfs. Hence changes get lost during reboots. I just tried to make it an ordinary file and use chattr +i /etc/resolv.conf to make it immutable. After that I spent half an hour fixing my phone in recovery mode.

On my phone I use an ad-blocking DNS server hosted at home behind an IP that changes every couple of days. I solved that by listening on DBUS events for connection changes and query some DNS server (9.9.9.9) for my current home IP and use connman’s DBUS api to overwrite the nameserver.

Maybe that script contains some ideas for you.

2 Likes

There is no dnscrypt-proxy.service file in rpm because it is created during install using /usr/bin/dnscrypt-proxy binary.
You can create dnscrypt-proxy.service file

usr/bin/dnscrypt-proxy -service install -config /etc/dnscrypt-proxy/dnscrypt-proxy.toml
1 Like

Thank you, manually installing the service did the trick!

@martinhh
Thanks for your comment and sorry for the recovery thing:-)
I will have a look into your script but I feel like it’s a bit overdone. Usally connman/dhclient should be able to request the network setup through dhcp but overwrite/ignore the dns entry.
While I do understand Jolla didn’t integrate this feature in the standard gui (it is present in e.g. the KDE network configuartion tool, though), it should still be possible to configure this setting “by hand”/manually. It’s just that I quite don’t understand where the wifi/network settings are stored on SfOS.

On SailfishOS config is split into /etc/connman, /home/.system/var/lib/connman/, and /home/nemo/.local/share/system/privileged/connman.

    lsof -p `pidof connmand`

Great, thank you. I eventually found the wifi configuration file.
It at:
/home/defaultuser/.local/share/system/privileged
However, I could not yet figure out how to configure connman for dhcp-addresses only.
Googleling doesn’t really take me further - only options for ipv4.method i can find is to choice between “auto” and “dhcp”.
Leaving the option as auto plus adding an ipv4 dns server in the file has no affect - in fact, the file is overwritten and the server provided by dhcp is set. Sad.

Small workaround:
I disabled ipv6 in the settings file:
ipv6.method=off
It’s working for now in terms that there is no ipv6-dns address is not retrieved anymore, and the connection seems more stable.
It would of course still be cooler to configure the dns server manually. I’ll keep you updated once I get further:-)

1 Like

You can remove the symlink and place a real file there and chattr. I’ve done it to use Keweon, and works fine…

That is already described in details:
Mobile VPN usage, ipv6 not routed and DNS leaks
and
Dnscrypt on Sailfish
[bug] Connman main settings

Thank you. I just realised that the dnscryp-proxy 64bit package is obviously not properly installed. Even though I can start/stop the service now, after issuing the install service command you mentioned above, dns queries are still not diverted to through dns crypt but are still directed to the dns server supplied through dhcp.
While I don’t have the lagging issues any more, since I disabled ipv6, I would still prefer dnscrypt (thus, not so urgent, I can use the wifi now, it’s just not DOH).
How do I install the dnscryp package properly?
I’m a bit afraid of touching resolv.conf after the recovery mode thing was reported:-)

You have to recreate resolv.conf file with local dns after EVERY phone or conmand service restart. At the moment there is no other solution. As dns is crucial for system I try to avoid using scripts that change resolv.conf file permanently. So less advanced users are not forced to use a recovery mode :).
To recreate resolv.conf for using dnscrypt:

rm -f /etc/resolv.conf
touch /etc/resolv.conf
echo "nameserver 127.0.0.1" > /etc/resolv.conf

or reinstall dnscrypt-proxy package. You can create a script and run it from GUI using qCommand as well.

There is a file /usr/lib/tmpfiles.d/connman_resolvconf.conf that needs to be removed or renamed before reboot to avoid recovery mode.

Common question: why Android apps do not honor /etc/resolv.conf anymore? Where do they take their DNS with the latest versions?

No, it doesn’t.
Regards the question, since 4.2 directly from DHCP. Hence internet access issues after mobile network<->wifi switching.
I don’t know why, most likely to upstream changes in AOSP.