#1030821 /usr/bin/wg-quick: Saves unrelated nameservers when used with resolvconf and SaveConfig=true

Package:
wireguard-tools
Source:
wireguard-tools
Description:
fast, modern, secure kernel VPN tunnel (userland utilities)
Submitter:
arnold metselaar
Date:
2023-02-07 19:03:07 UTC
Severity:
normal
#1030821#5
Date:
2023-02-07 19:00:26 UTC
From:
To:
Dear Maintainer,

I have been using wg-quick in combination with resolvconf and the option
SaveConfig=true to make a tunnel between two hosts.
After some time the connection was no longer established; there were too
many DNS-lines /etc/wireguard/wg0.conf.

When wg-quick saves the configuration for a tunnel it uses "resolvconf -l
<interface>" to list the DNS configuration for a
specific interface, however the version of the resolvconf program in the
package resolvconf does noet support this.
Consequently wg-quick saves the nameservers supplied with the tunnel as
well as all the other ones and the configuration
file grows every time the tunnel is brought down e.g. when powering off the
system.

Using openresolv rather than resolvconf solves the issue, so arguably this
is a bug in resolvconf rather than in wg-quick.
I have not tried it with systemd-resolved.

As long as this has not been fixed, I think wireguard-tools should document
this behaviour somewhere and stop suggesting
resolvconf.

Kind regards,
Arnold Metselaar