Replace resolv.conf usage with android default nameserver(s)?

[fornwall]

From @rugk on August 5, 2016 9:25

Currently termux always uses the servers listed in /usr/etc/resolv.conf.
However I'd like it to use the default android dns server. At least when there is no entry in the resolv file it should be used.
Otherwise a special entry such as nameserver default would be useful to indicate that the default android name server should be used.

I mean in a mobile network it might of course be the same as configured in the file (google name server), but when connected to a wi-fi network this is different.

Copied from original issue: termux/termux-app#130

[fornwall]

Hm, I thought most apps use the android system dns server - only nmap and dnsutils uses $PREFIX/etc/resolv.conf. Does that seem to be correct?

[fornwall]

From @rugk on August 5, 2016 11:48

nslookup does also use the custom resolv.conf. (I only tested it with this utility)

However when some tools do it differently this is much more confusing. There should be a consistent behaviour, otherwise this complicates debugging and such things.
So either should all Termux programs honour the users resolv.conf or they should not.

My initial request is still valid through: Apps honouring the custom resolv.conf should be able to use the built-in Android dns server. At least thee should be a consistent behaviour.

[fornwall]

Normally the libc implementation of the resolver uses /etc/resolv.conf, but that is not the case for the libc on Android. So having most program using resolv.conf is not possible without overriding the libc resolver, which is outside the scope here.

As for nmap and dnsutils (the latter which contains nslookup), perhaps they can be patched to use the system one either by default or as an option?

I guess the system name server can be obtained with getprop net.dns1 (and getprop net.dns2), could you try to temporarily write that to resolv.conf and see if it works as expected for you?

[fornwall]

From @rugk on August 5, 2016 13:46

As for nmap and dnsutils (the latter which contains nslookup), perhaps they can be patched to use the system one either by default or as an option?

Yeah, I am 👍 of "as an option". 😃

I guess the system name server can be obtained with getprop net.dns1 (and getprop net.dns2), could you try to temporarily write that to resolv.conf and see if it works as expected for you?

Nice, did not knew about "getprop". Is this Android-specific or is this something Termux adds as a console command?

So I can use "getprop net.dns1" to get the dns server and write it into the resolv.conf file. And of course this works. I mean I also do know the dns server Android currently uses so I can "hardcode" it into the resolv.conf file, but this is only a workaround and no generic solution for this issue.
Unfortunately something like setting the nameserver to "nameserver net.dns1" or similar does not work...

[fornwall]

From @glitchphan on September 14, 2016 15:37

What about
nameserver getprop net.dns1
?

[fornwall]

From @rugk on September 14, 2016 17:59

No, this does not work either. In this case it shows a parsing error.

[fornwall]

From @jsainzvela on April 19, 2017 14:23

Just found out about Termux and I think it is awesome already! :)

I have the same problem as depicted in this topic, has anybody found a solution to overwrite the resolv.conf file with the getprop net.dns1 output? (not "hackish", an official one :) )

Thanks!

Jorge

[dredmorbius]

Some thoughts / questions.

1. What is the Android standard resolver? Because neither /etc/resolv.conf nor /system/etc/resolv.conf exist on my system.

2. I just discovered whilst poking around that there's a dnsmasq at the system level on my device (Samsung Tab A). Though it doesn't appear to be running.

3. A start-up check (or on-network connect hook) to enter the appropriate values into $PREFIX/etc/resolv.conf would seem to be a good approach.

[phcoder]

getprop net.dns1 is not compatible with VPNs, it still shows system DNS. The right solution is to use getDnsServers though jni but it was introduced very recently. So in all it seems that using 8.8.8.8 for few packages that need DNS server name rather than just resolving through system libc is the best solution available

[Hax4us]

$ getprop net.dns1
49.45.0.1
$ getprop net.dns2
2405:200:800::1

I am using this for making resolv.conf in Alpine

[phcoder]

@Hax4us: it doesn't work with VPN. Right way it's to get it from Android network apis

[ghost]

@Hax4us getprop net.dns1 and getprop net.dns2 returns empty fields on my device.

So I prefer to use one/two of the following DNS servers:

## Cloudflare
1.0.0.1
1.1.1.1
2606:4700:4700::1111
2606:4700:4700::1001

## Level 3
4.2.2.1
4.2.2.2

## Google
8.8.4.4
8.8.8.8
2001:4860:4860::8888
2001:4860:4860::8844

## OpenDNS
208.67.220.220
208.67.222.222

[fornwall]

getprop net.dns1 and getprop net.dns2 returns empty fields on my device

This was a behaviour change in Android 8.0 which hides/drop these:

The system properties net.dns1, net.dns2, net.dns3, and net.dns4 are no longer available, a change that improves privacy on the platform.

[ghost]

@SDRausty No. This can be queried from Android application only.

[y0umu]

Too much nuisance. I would just forge a Magisk module to get a /etc/resolv.conf.

[ghost]

I would just forge a Magisk module

@y0umu Not all users have root/Magisk installed.

[y0umu]

just forge a Magisk module to get a /etc/resolv.conf.

@y0umu do you really believe that https://github.com/topjohnwu/magisk-module-template can fulfill this request easily? How? Beginner steps requested.

No it is not going to fulfill this request easily since not everyone would like to void the gurantee to have Magisk installed. As for the issue itself, the module I cooked myself merely satifies my needs in that Go applications now have smooth network connections with the presence of /etc/resolv.conf. But I have not tested others applications that faced with DNS lookup problems. I guess my module will work, but with no gurantee.

Too much nuisance

@y0umu it is just two api calls:

ACCESS_NETWORK_STATE 
 NetworkRequest
 NetworkCallback

Sorry for my zero knowledge on Android devloping...

[vinniejames]

This confused me for a while, as I was using nslookup to confirm my DNS changes via Termux

[stale]

This issue/PR has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[xtkoba]

This is still worth discussing.

[johanbcn]

With all being said, I guess the only solution would be for termux to provide a local resolver a la systemd-resolved, proxying requests through Android's DNS system, and injecting it's own private ip address on resolved.conf.

But seeing that there are only a few packages relying on resolved.conf, it may not really be worth it to implement such thing.

[diyism]

No, the issue here is that resolv.conf is used by very few packages doing DNS resolution on their own. Others use libc resolver which on Android doesn't rely on resolv.conf.

So resolv.conf is mostly useless.

All packages using resolv.conf in Termux:

* `dnsutils`

* `gnupg`

* `nmap`

* `polipo`

* `qemu-system-x86-64-headless` and its subpackages

* `squid`

Few examples of networking packages which do not use resolv.conf:

* `curl`

* `irssi`

* `lynx`

* `openssh`

* `rsync`

* `wget`

I also should note that there no way to reliably extract the current DNS servers on Android, at least not on recent versions like 9, 10, 11+.

For curl/wget, I can use proxychains-ng:

pkg install proxychains-ng
while true; do nohup /data/data/com.termux/files/usr/bin/ipfs daemon >/dev/null 2>&1; sleep 1; done &
while true; do nohup /data/data/com.termux/files/usr/bin/ipfs p2p forward /x/my-p2p/1 /ip4/127.0.0.1/tcp/8092 /p2p/<remote ipfs peer id> >/dev/null 2>&1; sleep 10; done &
proxychains4 curl https://www.google.com/ncr

[onitake]

Since Termux doesn't have proper DNS resolution, the program won't work. To fix it you have to edit /usr/etc/resolv.conf and enter nameserver 1.1.1.1 and then use: proot -b $PREFIX/etc/resolv.conf:/etc/resolv.conf ./chisel client ...

If you're happy with sending all your DNS requests to Cloudflare...
It doesn't really fix the issue, which is using the same resolvers as the system.

[xtkoba]

@MasterKia /etc/resolv.conf (not $PREFIX/etc/resolv.conf) being hardcoded is another issue, though not entirely unrelated. Please open a new issue for that. Thanks.

[EDIT] Deleted an unrelated mention.

[MasterKia]

#9721 (comment)

[lucidnx]

Any update on this? I am using dnsutils a lot and this is causing issues to me. need to use DNS servers that are offered from DHCP or VPN...

[sylirre]

There will be an update once someone will suggest a reliable way of retrieving current DNS servers from the OS which works on all Android versions. Until that, issue has lowest priority.

No, the already suggested getprop net.dns1 is not suitable. It doesn't work on Android 13, and I guess on versions 11 and 12 too.

[mortee]

+1

[Mynacol]

Using POSIX methods is unfortunately not enough, as the getaddrinfo function only resolves A and AAAA records. If you want to resolve any other DNS resource record, the respective programs would eventually have to use other Android-specific methods.

Alternatively, we have to find the DNS server IPs and write them into resolv.conf. I found a StackOverflow answer that has Java code to get the DNS IPs on the latest Android versions.
A proper solution would let Termux listen on network change broadcasts and then quickly swap out the resolv.conf file, updating it almost live.

I don't know how this interacts with DNS over TLS enabled in Android's settings.

[sylirre]

@Mynacol The actual issue is: We have very few packages that do DNS resolution on their own instead of using methods provided by libc. Such packages use resolv.conf with hardcoded name servers. The proposal is to eliminate need of hardcoding name servers, whether by dynamically updating resolv.conf file (poor solution to the problem) or completely getting rid of it (good).

Here I would like to note that majority of packages do not need resolv.conf file.

The issue is not properly described in ticket comment #1174 (comment) which lead to misunderstanding.

---

Due to lack of productive discussion, solution proofs of concept, pull requests and maintainers interest in general, I'm closing this issue.

Personally I would like to keep resolv.conf as is. The file provides sufficient defaults and fully manageable by user when required. Reminding that only few packages actually need resolv.conf and most of them are golang-based.

[IngwiePhoenix]

I want to +1 this - this just sent me into utter confusion for a long while.
Currently I am experimenting with Termux to see what I can do with it, outside as being a very neat SSH server and client - so I tried to see if it can contact and interact with my local network...well, it can not. Since I have configured my network's DNS server to resolve *.birb.it domains to the local maschine while I am at home, it will resolve to my remote VPS that selectively allows certain services to be accessed by using a Caddy configuration and reverse_proxying the allowed ones through a VPN. So while I am at home, I want to have my local DNS resolver, instead of the standard Google resolvers as found in resolv.conf.

Is there some command I can use to query the OS' DNS settings and use Termux:Boot to possibly set them up? My idea was to run a cron and see if my IP on wlan0 has changed, pull the new DNS servers and use them. If it is not connected, revert to the default.

Thanks!

[cemysce]

This is by no means a completely generalized solution, but I wrote this .bashrc to replace my resolv.conf with DHCP DNS info whenever I open Termux while connected to Wi-Fi. Perhaps some of you will find it useful as-is, or could extend it to support your use case. Or comment on that Gist to tell me why something I did is a horribly bad idea 😄