Recently I upgraded my Ubuntu Karmic install to Lucid. Since I’ve long been frustrated with NetworkManager and replaced it with wicd. Since I also run a good and funky network setup to make things run smoothly between work, home and VPN I’m using dnsmasq. As part of that I was overriding the nameservers, which are pulled down via DHCP.
A problem arose when the default dhcp client dhcp3-client, was not actually adding 127.0.0.1 via the prepend statement. Basically, what should happen is that by adding
prepend domain-name-servers 127.0.0.1;
to the /etc/wicd/dhclient.conf.template file, it should add the nameserver as the first nameserver in /etc/resolv.conf.
That was not happening. Instead I found the following error in /var/log/daemon.log
[50286.649891] type=1503 audit(1275966966.436:22): operation="open" pid=16565 parent=16505 profile="/sbin/dhclient3" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/var/lib/wicd/dhclient.conf"
That line basically says that dhclient could not read the config file /var/lib/wicd/dhclient.conf, which is generated by wicd to be used by dhclient.
As it turns out the problem is app armor and I added the following two lines to /etc/apparmor.d/sbin.dhclient3, right below the NetworkManager lines
# wicd
/var/lib/wicd/* r,
Then I reloaded apparmor:
/etc/init.d/apparmor reload
and reconnected to the network.
The end result was a working network connection, with my local nameserver at the top in /etc/resolv.conf and no more error messages.