Resolve.conf / DNS

Briefly describe your issue below:
I just installed 4.6. No resolv.conf (including .head and tail), that has any information except

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

No resolv.conf.head in etc/at all. The only one with any servers on it are in the etc/anonsurf folder. I recently tried 4.6 KDE, before it was released, and had the same problem, so when I reinstalled 4.5.1 mate, I copied the resolv.conf.head file, and installed it into etc/ so I could use it for DNS changes. I also have had some problems with permissions. The above mentioned resolv.conf file, as well as etc/ sysctl.conf file open as a blank file, no warnings. So I tried one sudo geany and it had the top 2 lines, also mentioned above. Logs for Torbrowser below. Only changes to the system were adding resolve.conf.head to etc, And running sudo rm /etc/resolv.conf then sudo cp /etc/resolv.conf.head /etc/resolv.conf

# ParrotDNS/OpenNIC
nameserver 139.99.96.146
nameserver 37.59.40.15
nameserver 185.121.177.177

# Round Robin
options rotate

And altering sysctl.conf

#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#

#kernel.domainname = example.com

# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3

##############################################################3
# Functions previously found in netbase
#

# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1

# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
net.ipv4.tcp_syncookies=1

# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1

# Uncomment the next line to enable packet forwarding for IPv6
#  Enabling this option disables Stateless Address Autoconfiguration
#  based on Router Advertisements for this host
#net.ipv6.conf.all.forwarding=1


###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
net.ipv4.conf.all.accept_source_route = 0
net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#

###################################################################
# Magic system request Key
# 0=disable, 1=enable all, >1 bitmask of sysrq functions
# See https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html
# for what other values do
#kernel.sysrq=438
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

Any ideas would be great. Probably will reformat with GTK Installer, I have better luck with it.

What version of Parrot are you running? (i4.6 desktop mate AMD x64)

What method did you use to install Parrot? (Standard )

Configured to multiboot with other systems? ( no)

If there are any similar issues or solutions, link to them below:

If there are any error messages or relevant logs, post them below:

Downloaded TorBrowser for the first time (again). Set to safest settings
DNS leak test for TorBrowser:

IP	                        Hostname	            ISP	                                                          Country
46.246.46.46 	            indus.quintex.com 	GleSYS Internet Services AB 	           Sweden
199.249.223.8 	gaur.in-berlin.de 	Quintex Alliance Consulting 	                       United States
199.195.255.68 	this-is-a-tor-exit-node-hviv120.hviv.nl FranTech Solutions 	United States
104.244.76.13 	etna.switch.ch 	BuyVM 	                                               Luxembourg
74.125.73.74 	            tor-exit.hartvoorinternetvrijheid.nl 	Google 	                        Belgium
51.15.128.3 	            nscache10.fra1.de.leaseweb.net 	Scaleway 	                        France
217.197.80.4 	            gayal.in-berlin.de 	Individual Network Berlin e.V. 	            Germany
74.125.41.69 	            45.ip-51-68-214.eu 	Google 	                                               Taiwan
74.125.41.76 	            none 	Google 	                                                                       Taiwan
192.42.116.20 	none 	SURFnet 	                                                                        Netherlands
18.85.192.253 	none 	Massachusetts Institute of Technology 	                        United States
130.59.118.78 	none 	Switch 	                                                                        Switzerland
192.42.116.16 	mrkrabs.exit.tor4us.net 	SURFnet 	                                    Netherlands
37.58.58.137 	            none 	Leaseweb Deutschland GmbH 	                                   Germany
172.217.41.15 	wholesomeserver.media.mit.edu 	Google 	                        Netherlands
217.197.80.5 	            dns1.ipredator.se 	Individual Network Berlin e.V. 	            Germany
51.68.214.45 	            Thalassa.exit.torworld.org 	OVH SAS 	                                    France
141.101.70.9 	            none 	Cloudflare 	                                                                    United Kingdom
46.182.19.48 	            dns2.digitalcourage.de Martin Prager trading as NbIServ 	         Germany

Kern log for torbrowser:

Apr 28 00:04:57 parrot kernel: [ 9413.333893] kauditd_printk_skb: 5 callbacks suppressed
Apr 28 00:04:57 parrot kernel: [ 9413.333895] audit: type=1400 audit(1556427897.575:111): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=11508 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:04:57 parrot kernel: [ 9413.334263] audit: type=1400 audit(1556427897.575:112): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=11508 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:04:58 parrot kernel: [ 9414.123066] audit: type=1400 audit(1556427898.363:113): apparmor="DENIED" operation="link" profile="torbrowser_firefox" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/fonts/.uuid.LCK" pid=11504 comm="firefox.real" requested_mask="l" denied_mask="l" fsuid=1000 ouid=1000 target="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/fonts/.uuid.TMP-zTjQiB"
Apr 28 00:09:29 parrot kernel: [ 9685.062065] audit: type=1400 audit(1556428169.310:114): apparmor="DENIED" operation="open" profile="torbrowser_firefox" name="/usr/share/sounds/freedesktop/index.theme" pid=11504 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:09:30 parrot kernel: [ 9686.393251] audit: type=1400 audit(1556428170.642:115): apparmor="DENIED" operation="open" profile="torbrowser_firefox" name="/usr/share/sounds/freedesktop/index.theme" pid=11504 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:09:54 parrot kernel: [ 9710.085734] audit: type=1400 audit(1556428194.335:116): apparmor="DENIED" operation="file_receive" profile="torbrowser_plugin_container" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/.config/gtk-3.0/settings.ini" pid=11657 comm=57656220436F6E74656E74 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Apr 28 00:09:54 parrot kernel: [ 9710.684876] audit: type=1400 audit(1556428194.931:117): apparmor="DENIED" operation="open" profile="torbrowser_firefox" name="/usr/share/mate/applications/" pid=11504 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:11:30 parrot kernel: [ 9806.346284] audit: type=1400 audit(1556428290.598:118): apparmor="DENIED" operation="file_receive" profile="torbrowser_plugin_container" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/.config/gtk-3.0/settings.ini" pid=11700 comm=57656220436F6E74656E74 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Apr 28 00:14:46 parrot kernel: [10002.000989] audit: type=1400 audit(1556428486.259:119): apparmor="DENIED" operation="file_receive" profile="torbrowser_plugin_container" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/.config/gtk-3.0/settings.ini" pid=11772 comm=57656220436F6E74656E74 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Apr 28 00:26:45 parrot kernel: [10721.393699] audit: type=1400 audit(1556429205.667:120): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=12031 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:26:45 parrot kernel: [10721.394109] audit: type=1400 audit(1556429205.667:121): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=12031 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:26:51 parrot kernel: [10727.542471] audit: type=1400 audit(1556429211.815:122): apparmor="DENIED" operation="file_receive" profile="torbrowser_plugin_container" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/.config/gtk-3.0/settings.ini" pid=12207 comm=57656220436F6E74656E74 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Apr 28 00:26:52 parrot kernel: [10727.886732] audit: type=1400 audit(1556429212.159:123): apparmor="DENIED" operation="open" profile="torbrowser_firefox" name="/usr/share/mate/applications/" pid=12027 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:29:06 parrot kernel: [10861.804844] audit: type=1400 audit(1556429346.082:124): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=13091 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:29:06 parrot kernel: [10861.805248] audit: type=1400 audit(1556429346.082:125): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=13091 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:29:10 parrot kernel: [10866.679908] audit: type=1400 audit(1556429350.958:126): apparmor="DENIED" operation="file_receive" profile="torbrowser_plugin_container" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/.config/gtk-3.0/settings.ini" pid=13167 comm=57656220436F6E74656E74 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Apr 28 00:29:11 parrot kernel: [10866.948365] audit: type=1400 audit(1556429351.226:127): apparmor="DENIED" operation="open" profile="torbrowser_firefox" name="/usr/share/mate/applications/" pid=13087 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:44:02 parrot kernel: [11758.655559] audit: type=1400 audit(1556430242.952:128): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=14491 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:44:02 parrot kernel: [11758.656066] audit: type=1400 audit(1556430242.956:129): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=14491 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:44:07 parrot kernel: [11763.517900] audit: type=1400 audit(1556430247.817:130): apparmor="DENIED" operation="file_receive" profile="torbrowser_plugin_container" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/.config/gtk-3.0/settings.ini" pid=14569 comm=57656220436F6E74656E74 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Apr 28 00:44:08 parrot kernel: [11763.808249] audit: type=1400 audit(1556430248.109:131): apparmor="DENIED" operation="open" profile="torbrowser_firefox" name="/usr/share/mate/applications/" pid=14487 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:44:31 parrot kernel: [11786.980316] audit: type=1400 audit(1556430271.281:132): apparmor="DENIED" operation="file_receive" profile="torbrowser_plugin_container" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/.config/gtk-3.0/settings.ini" pid=14619 comm=57656220436F6E74656E74 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000

“Messages” for torbrowser

Apr 28 00:11:30 parrot kernel: [ 9806.346284] audit: type=1400 audit(1556428290.598:118): apparmor="DENIED" operation="file_receive" profile="torbrowser_plugin_container" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/.config/gtk-3.0/settings.ini" pid=11700 comm=57656220436F6E74656E74 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Apr 28 00:14:46 parrot kernel: [10002.000989] audit: type=1400 audit(1556428486.259:119): apparmor="DENIED" operation="file_receive" profile="torbrowser_plugin_container" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/.config/gtk-3.0/settings.ini" pid=11772 comm=57656220436F6E74656E74 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Apr 28 00:26:45 parrot kernel: [10721.393699] audit: type=1400 audit(1556429205.667:120): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=12031 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:26:45 parrot kernel: [10721.394109] audit: type=1400 audit(1556429205.667:121): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=12031 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:26:51 parrot kernel: [10727.542471] audit: type=1400 audit(1556429211.815:122): apparmor="DENIED" operation="file_receive" profile="torbrowser_plugin_container" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/.config/gtk-3.0/settings.ini" pid=12207 comm=57656220436F6E74656E74 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Apr 28 00:26:52 parrot kernel: [10727.886732] audit: type=1400 audit(1556429212.159:123): apparmor="DENIED" operation="open" profile="torbrowser_firefox" name="/usr/share/mate/applications/" pid=12027 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:29:06 parrot kernel: [10861.804844] audit: type=1400 audit(1556429346.082:124): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=13091 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:29:06 parrot kernel: [10861.805248] audit: type=1400 audit(1556429346.082:125): apparmor="DENIED" operation="getattr" info="Failed name lookup - disconnected path" error=-13 profile="torbrowser_firefox" name="dev/dri/card0" pid=13091 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:29:10 parrot kernel: [10866.679908] audit: type=1400 audit(1556429350.958:126): apparmor="DENIED" operation="file_receive" profile="torbrowser_plugin_container" name="/home/flq5879/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser/.config/gtk-3.0/settings.ini" pid=13167 comm=57656220436F6E74656E74 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Apr 28 00:29:11 parrot kernel: [10866.948365] audit: type=1400 audit(1556429351.226:127): apparmor="DENIED" operation="open" profile="torbrowser_firefox" name="/usr/share/mate/applications/" pid=13087 comm="firefox.real" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Apr 28 00:32:47 parrot mate-system-log[13873]: gtk_text_buffer_insert: assertion 'text != NULL' failed

Our Parrot 4.6 has a DNS setting in Applications -> Anonsurf -> Set/Unset OpenNIC DNS Service. You can enable by click on it. The reason is there were many users complain about “DNS leak” so we let users decide their DNS

1 Like

So the resolv.conf.opennic file in etc/anonsurf sets the dns for the system? and the resolv.conf in etc/ is not to be edited by us anymore?

Concernting Torbrowser, the 17 dns servers listed look good, and the logs normal. Or did I thrash the system by adding the etc/resolve.conf old server configuration. Thanks

Ok. Downloaded new ISO- 4.6 Mate Desktop. Gave my hard drive and installation usb a single wipe. Re-installed system. Seems to be working better now. I know a Torbrowser DNS leaktest is going to show servers, as long as they are not associated with my ip. The one above looks like it has 4 exit nodes, and the Google ones spooked me. It looks better now. Having some blacklist violations when saving libreoffice files, and some Deny operations in user/share from tor browser. I appreciate the Apparmor popus, they’ve really shown me where I need to focus. I need to spend some time with Apparmor / Firefail before I learn anything else. Thanks

@palinuro can you answer him about new DNS config please?

1 Like

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.