On Wed, Feb 16, 2022 at 12:37 AM Suraj Krishnan <surajkr@xxxxxxxxxxxxx> wrote:
Hello,
I’m reaching out to the community to gather feedback about a feature to broadcast a d-bus signal notification from systemd-resolved when a DNS query is completed. The message would contain information about the query and IP addresses received from the DNS server.
IMO, broadcasts that are visible to everyone on the system bus are really not a good idea, especially for multi-user systems. (Not a fan of `ipconfig.exe /displaydns` being open to non-admins, either.) If such logging has to exist at all, it should only go to some specific destination.
I'm kinda guessing you want this for situations where resolved uses DNS-over-TLS? If audit logging is necessary, maybe it would be better to use the existing "audit framework" – systemd already links to libaudit for service start/stop operations (via audit_log_user_comm_message).
Not sure how or why domain resolution be integrated with the firewall, though.
Mantas Mikulėnas
