A NSS module to provide parental controls to DNS queries via malcontent (https://gitlab.freedesktop.org/pwithnall/malcontent).
Matteo Settenvini
6582c27a43
Apparently the return of getaddrinfo for the canary domain has changed in the latest versions of either glibc or the corresponding crate. The error returned is Eai::NoData rather than Eai::NoName. |
||
|---|---|---|
| .vscode | ||
| LICENSES | ||
| src | ||
| tests | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .rusty-hook.toml | ||
| build.rs | ||
| Cargo.toml | ||
| CMakeLists.txt | ||
| deny.toml | ||
| Dockerfile | ||
| README.md | ||
| README.md.license | ||
| wrapper.hpp | ||
Malcontent NSS Module
Disclaimer: this is a proof-of-concept and a work in progress. As such, the code is still rather ugly, especially when handling C structures.
This is a proof of concept for a NSS module allowing to perform parental controls when querying the system interfaces for hostname resolution (DNS). It is designed to be integrated with Malcontent.
When the code will be ready, a system administrator would install the module after compiling it through CMake. Then they would add it to the hosts entry in /etc/nsswitch.conf. For instance:
hosts: files myhostname malcontent resolve [!UNAVAIL=return] dns
Note how malcontent precedes both systemd's resolve and the libc dns modules.
Parental control configuration would happen through the Malcontent client or GUI.