fix missing tailscale dns, because of RO filesystem

[konne]

Description

Because of the RO filesystem the normal mechanism for tailscale magicDNS does not work.

You can see it for example if you run the command
tailscale status

it shows some lines and than the error:

#     - dns-os: writing to "/etc/resolv.pre-tailscale-backup.conf" in rename of "/etc/resolv.conf": open /etc/resolv.pre-tailscale-backup.conf: read-only file system
#     - dns: writing to "/etc/resolv.pre-tailscale-backup.conf" in rename of "/etc/resolv.conf": open /etc/resolv.pre-tailscale-backup.conf: read-only file system

Types of changes

• Docs change / refactoring / dependency upgrade
• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Release Notes

add tailscale magicDNS support with the readonly filesystem

Contributing checklist

• My code follows the code style of this project.
• I have read the CONTRIBUTING and LICENSE document.
• I fully agree to distribute my changes under Apache 2.0 license.

[konne]

@jens-maus currently a draft, I need to further check it, but you can already comment on.

@jens-maus a side question I have an even more complex topic around automatic tailscale certs. What you think is the best why for you to discuss the potential way. (github issues, github discussion, direct chat, ... something else)

[konne]

fix lint errors

[konne]

@jens-maus is there any chance to get the lint errors in the message, so that I could just see it in the details

buildroot-external/package/tailscale/S46tailscaled:0: run 'shellcheck' and fix the warnings

[jens-maus]

@jens-maus currently a draft, I need to further check it, but you can already comment on.

ok, I converted this in a draft accordingly.

@jens-maus a side question I have an even more complex topic around automatic tailscale certs. What you think is the best why for you to discuss the potential way. (github issues, github discussion, direct chat, ... something else)

If you have something working or with code then create a PR and we can discuss there. Otherweise use the github discussion fora in which there is a "Development" sub-category for these type of topics.

@jens-maus is there any chance to get the lint errors in the message, so that I could just see it in the details

I already fixed the shellcheck error for you. So have a look if it works now.

However, regarding the general purpose of this PR: If tailscale dns / magicdns does not work because /etc/resolv.conf is the wrong location, then I would propose to potentially consider generating an upstream PR against tailscale to allow to define a different path for resolv.conf modifications. This seems to be a more reliable approach instead of trying to replicate what magicdns is doing.

[konne]

@jens-maus thanks for your feedback. I already create a issue in the tailscale, but I don't expect a change. They already had a discussion longer ago around readonly resolv.conf and they solved it in a different way.
We could for now just fully disable at least the set, so that the error message disappear. I would still like to have dynamically set the nameserver, that is not complex. I could not make the full set of the search stable and it was also like you have seen much to complex

[jens-maus]

I adapted your PR draft again by having simplified your change a bit. Should work IMHO. Please test however. In addition, please also check if adding --accept-dns=false to the TAILSCALE_UP_ARGS variable still provides the necessary magicDNS functionality. Because I tend to add that additional up argument so that the up command does not try to modify /etc/resolv.conf itself and ends up in an error...

[jens-maus]

Furthermore, please also test if simply symlinking /etc/resolv.pre-tailscale-backup.conf to /var/etc/resolv.pre-tailscale-backup.conf solves the initial error with tailscale not being able to modify /etc/resolv.conf contained in a read-only /etc path. Perhaps the issue can also be worked around by simply symlinking /etc/resolv.pre-tailscale-backup.conf to a place where the tailscale up command can then generated that tmp file.

[konne]

@jens-maus I tried you link way and it looks good. So I also linked the

[konne]

@jens-maus can you please help. I think it would be needed to be added to the tailscale.mk file, but I have no idea in which hook,...

		# relink resolv.pre-tailscale-backup.conf to /var/etc
                touch ../var/etc/resolv.pre-tailscale-backup.conf
		ln -snf ../var/etc/resolv.pre-tailscale-backup.conf $(TARGET_DIR)/etc/