A NSS module to provide parental controls to DNS queries via malcontent (https://gitlab.freedesktop.org/pwithnall/malcontent).
Matteo Settenvini
6582c27a43
Apparently the return of getaddrinfo for the canary domain has changed in the latest versions of either glibc or the corresponding crate. The error returned is Eai::NoData rather than Eai::NoName. |
||
---|---|---|
.vscode | ||
LICENSES | ||
src | ||
tests | ||
.gitignore | ||
.gitlab-ci.yml | ||
.rusty-hook.toml | ||
CMakeLists.txt | ||
Cargo.toml | ||
Dockerfile | ||
README.md | ||
README.md.license | ||
build.rs | ||
deny.toml | ||
wrapper.hpp |
README.md
Malcontent NSS Module
Disclaimer: this is a proof-of-concept and a work in progress. As such, the code is still rather ugly, especially when handling C structures.
This is a proof of concept for a NSS module allowing to perform parental controls when querying the system interfaces for hostname resolution (DNS). It is designed to be integrated with Malcontent.
When the code will be ready, a system administrator would install the module after compiling it through CMake. Then they would add it to the hosts
entry in /etc/nsswitch.conf
. For instance:
hosts: files myhostname malcontent resolve [!UNAVAIL=return] dns
Note how malcontent
precedes both systemd's resolve
and the libc dns
modules.
Parental control configuration would happen through the Malcontent client or GUI.