To change the DNS settings on a Linux machine based on the user that logs in, you can create a script that runs at login and adjusts the DNS settings accordingly. This article will provide you a step-by-step guide on how to do this.
Technical Knowledge Requirements
Before following this guide, it’s recommended that you have a basic understanding of the following:
| Linux File System and Permissions | Familiarity with Linux file structures, understanding of file permissions, and how to modify them using chmod and chown. |
| Command-Line Basics | Comfort using the Linux command line, including editing files with text editors like nano or vi, and running basic shell commands. |
| Bash Scripting | Basic knowledge of writing and executing bash scripts, including the use of conditional statements, variables, and loops. |
| User and Group Management | Understanding of user roles, especially the difference between regular users and sudoers, and how to configure sudo privileges. |
| Network Configuration | Basic knowledge of how DNS works, how to configure DNS settings in Linux, and the implications of modifying /etc/resolv.conf. |
| System Services (systemd) | Familiarity with creating and managing systemd services to automate tasks with elevated privileges. |
This knowledge will help ensure you can effectively implement and troubleshoot the solutions described in the article.
Changing DNS Based on User
Step 1: Identify Users on System
First we want to know what users exist on the system. The easiest way is to use a tool like awk:
awk -F: '$3 >= 1000 {print $1}' /etc/passwdThis command will display only the users with a user ID (UID) of 1000 or greater, which typically corresponds to regular (human) user accounts.
Step 2: Create Script to Change DNS
Create a bash script that checks the logged-in user and changes the DNS settings based on the username.
Example script and location: /etc/dns_switch.sh
The following script will update IPv4 and IPv6 based on the user that logins:
#!/bin/bash
# Get the username of the logged-in user
USER=$(whoami)
# Define DNS servers for different users
if [ "$USER" == "user1" ]; then
DNS_IPV4_1="185.228.168.9"
DNS_IPV4_2="185.228.169.9"
DNS_IPV6_1="2a0d:2a00:0001:0000:0000:0000:0000:0002"
DNS_IPV6_2="2a0d:2a00:0002:0000:0000:0000:0000:0002"
elif [ "$USER" == "user2" ]; then
DNS_IPV4_1="185.228.168.168"
DNS_IPV4_2="185.228.169.168"
DNS_IPV6_1="2a0d:2a00:0001:0000:0000:0000:0000:0000"
DNS_IPV6_2="2a0d:2a00:0002:0000:0000:0000:0000:0000"
else
DNS_IPV4_1="185.228.168.10"
DNS_IPV4_2="185.228.169.11"
DNS_IPV6_1="2a0d:2a00:0001:0000:0000:0000:0000:0001"
DNS_IPV6_2="2a0d:2a00:0002:0000:0000:0000:0000:0001"
fi
# Backup existing resolv.conf
sudo cp /etc/resolv.conf /etc/resolv.conf.backup
# Update the resolv.conf file with the new DNS settings
echo "nameserver $DNS_IPV4_1" | sudo tee /etc/resolv.conf > /dev/null
echo "nameserver $DNS_IPV4_2" | sudo tee -a /etc/resolv.conf > /dev/null
echo "nameserver $DNS_IPV6_1" | sudo tee -a /etc/resolv.conf > /dev/null
echo "nameserver $DNS_IPV6_2" | sudo tee -a /etc/resolv.conf > /dev/null
echo "DNS settings updated for $USER"
Step 3: Execute Script based on User Login
The key to making this work is to dynamically make the change when the user logs in. To do this we will update the .bashrc file for each user who requires a unique DNS configuration.
If using the Free service, you will append the .bashrc file with the following code:
# Run the DNS switch script
if [ -f /etc/dns_switch.sh ]; then
/etc/dns_switch.sh
fiIf you’re using a paid account, you want to make a slight change to capture the public IP after the user logs in. You can do it using our Dynamic Device URL slug like this:
# Run the DNS switch script
if [ -f /etc/dns_switch.sh ]; then
/etc/dns_switch.sh
fi
# Notify CleanBrowsing DDNS service
curl -s "https://my.cleanbrowsing.org/dynip/172e84ea" > /dev/nullThis must be done for each user profile.
Step 4. Verify Permissions
Make sure the file is executable by running this:
sudo chmod +x /etc/dns_switch.shUpdate rules to run even if the user is not in the sudoers group. Do this by appending the sudoers file with the following for each user:
username ALL=(ALL) NOPASSWD: /etc/dns_switch.sh, /bin/tee, /bin/cpAfter making this change the DNS should be automatically updated based on the user that is logging in.You can use these instructions to use the Free or Paid CleanBrowsing service or any other DNS service.