diff options
| author | Pedro F. Giffuni <pfg@FreeBSD.org> | 2019-11-20 22:20:11 +0000 |
|---|---|---|
| committer | Pedro F. Giffuni <pfg@FreeBSD.org> | 2019-11-20 22:20:11 +0000 |
| commit | d7fde65d0ed7c3a3d6b23959d8a7de22feb83032 (patch) | |
| tree | 13c2fbf1df210863d6573f33ba027a1302e70def | |
| parent | 2d823aa1c78fa588688b3d0ad06e678cd94304d4 (diff) | |
Notes
| -rw-r--r-- | LICENSE | 23 | ||||
| -rw-r--r-- | Makefile | 38 | ||||
| -rw-r--r-- | README | 11 | ||||
| -rw-r--r-- | README.md | 64 | ||||
| -rw-r--r-- | configure | 88 | ||||
| -rw-r--r-- | dnsmasq.in | 10 | ||||
| -rw-r--r-- | libc.in | 24 | ||||
| -rw-r--r-- | named.in | 8 | ||||
| -rw-r--r-- | pdns_recursor.in | 17 | ||||
| -rw-r--r-- | pdnsd.in | 12 | ||||
| -rw-r--r-- | resolvconf.conf | 2 | ||||
| -rw-r--r-- | resolvconf.conf.5.in | 157 | ||||
| -rw-r--r-- | resolvconf.in | 223 | ||||
| -rw-r--r-- | unbound.in | 2 |
14 files changed, 244 insertions, 435 deletions
diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 758aec338057..000000000000 --- a/LICENSE +++ /dev/null @@ -1,23 +0,0 @@ -Copyright (c) 2007-2019 Roy Marples <roy@marples.name> -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. @@ -10,7 +10,6 @@ SYSCONFDIR?= /etc LIBEXECDIR?= /libexec/resolvconf VARDIR?= /var/run/resolvconf -ECHO?= echo INSTALL?= install SED?= sed @@ -21,7 +20,7 @@ DOCMODE?= 0644 MANMODE?= 0444 RESOLVCONF= resolvconf resolvconf.8 resolvconf.conf.5 -SUBSCRIBERS= libc dnsmasq named pdnsd pdns_recursor unbound +SUBSCRIBERS= libc dnsmasq named pdnsd unbound TARGET= ${RESOLVCONF} ${SUBSCRIBERS} SRCS= ${TARGET:C,$,.in,} # pmake SRCS:= ${TARGET:=.in} # gmake @@ -43,7 +42,7 @@ DISTINFOSIGN= ${DISTINFO}.asc CKSUM?= cksum -a SHA256 PGP?= netpgp -GITREF?= HEAD +FOSSILID?= current .SUFFIXES: .in @@ -80,17 +79,15 @@ maninstall: install: proginstall maninstall -dist-git: - git archive --prefix=${DISTPREFIX}/ ${GITREF} | xz >${DISTFILE} - -dist-inst: - mkdir /tmp/${DISTPREFIX} - cp -RPp * /tmp/${DISTPREFIX} - (cd /tmp/${DISTPREFIX}; make clean) - tar -cvjpf ${DISTFILE} -C /tmp ${DISTPREFIX} +import: rm -rf /tmp/${DISTPREFIX} + ${INSTALL} -d /tmp/${DISTPREFIX} + cp README ${SRCS} /tmp/${DISTPREFIX} -dist: dist-git +dist: + fossil tarball --name ${DISTPREFIX} ${FOSSILID} ${DISTFILEGZ} + gunzip -c ${DISTFILEGZ} | xz >${DISTFILE} + rm ${DISTFILEGZ} distinfo: dist rm -f ${DISTINFO} ${DISTINFOSIGN} @@ -99,20 +96,3 @@ distinfo: dist ${PGP} --clearsign --output=${DISTINFOSIGN} ${DISTINFO} chmod 644 ${DISTINFOSIGN} ls -l ${DISTFILE} ${DISTINFO} ${DISTINFOSIGN} - -import: dist - rm -rf /tmp/${DISTPREFIX} - ${INSTALL} -d /tmp/${DISTPREFIX} - tar xvJpf ${DISTFILE} -C /tmp - -_import-src: - rm -rf ${DESTDIR}/* - ${INSTALL} -d ${DESTDIR} - cp LICENSE README.md ${SRCS} resolvconf.conf ${DESTDIR}; - cp resolvconf.8.in resolvconf.conf.5.in ${DESTDIR}; - @${ECHO} - @${ECHO} "=============================================================" - @${ECHO} "openresolv-${VERSION} imported to ${DESTDIR}" - -import-src: - ${MAKE} _import-src DESTDIR=`if [ -n "${DESTDIR}" ]; then echo "${DESTDIR}"; else echo /tmp/${DISTPREFIX}; fi` diff --git a/README b/README new file mode 100644 index 000000000000..b4042b0e81a5 --- /dev/null +++ b/README @@ -0,0 +1,11 @@ +openresolv is a resolvconf implementation which manages resolv.conf +You can find the latest version at http://roy.marples.name/projects/openresolv +It is written and maintained by Roy Marples <roy@marples.name> + +This resolvconf implementation, along with its subscribers, work with a +POSIX compliant shell and userland utilities. It is designed to work without +tools such as sed as it *has* to work without /usr being available. + +On systems where resolvconf is expected to be used before /var/run is available +for writing, you can configure openresolv to write somewhere else, like say a +ramdisk. diff --git a/README.md b/README.md deleted file mode 100644 index 739cc73356cb..000000000000 --- a/README.md +++ /dev/null @@ -1,64 +0,0 @@ -# openresolv - -openresolv is a [resolvconf](https://en.wikipedia.org/wiki/Resolvconf) -implementation which manages `/etc/resolv.conf`. - -`/etc/resolv.conf` is a file that holds the configuration for the local -resolution of domain names. -Normally this file is either static or maintained by a local daemon, -normally a DHCP daemon. But what happens if more than one thing wants to -control the file? -Say you have wired and wireless interfaces to different subnets and run a VPN -or two on top of that, how do you say which one controls the file? -It's also not as easy as just adding and removing the nameservers each client -knows about as different clients could add the same nameservers. - -Enter resolvconf, the middleman between the network configuration services and -`/etc/resolv.conf`. -resolvconf itself is just a script that stores, removes and lists a full -`resolv.conf` generated for the interface. It then calls all the helper scripts -it knows about so it can configure the real `/etc/resolv.conf` and optionally -any local nameservers other than libc. - -## Reasons for using openresolv - -Why openresolv over the -[Debian implementation](http://qref.sourceforge.net/Debian/reference/ch-gateway.en.html#s-dns-resolvconf)? -Here's some reasons: - * Works with - [POSIX shell and userland](http://www.opengroup.org/onlinepubs/009695399) - * Does not need awk, grep or sed which means we can work without `/usr` - mounted - * Works with other init systems than Debians' out of the box - * Available as a 2 clause - [BSD license](http://www.freebsd.org/copyright/freebsd-license.html) - * Prefer configs via IF_METRIC for dynamic ordering - * Configures zones for local resolvers other than libc - -The last point is quite important, especially when running VPN systems. -Take the following resolv.conf files which have been generated by a -[DHCP client](../dhcpcd) and sent to resolvconf: - -``` -# resolv.conf from bge0 -search foo.com -nameserver 1.2.3.4 - -# resolv.conf from tap0 -domain bar.org -nameserver 5.6.7.8 -``` - -In this instance, queries for foo.com will go to 1.2.3.4 and queries for -bar.org will go to 5.6.7.8. -This does require the resolvers to be configured to pickup the resolvconf -generated configuration for them though. -openresolv ships with helpers for: - * [unbound](http://www.unbound.net/) - * [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html) - * [ISC BIND](http://www.isc.org/software/bind) - * [PowerDNS Recursor](http://wiki.powerdns.com/trac) - -See the -[configuration section](https://roy.marples.name/projects/openresolv/config) -for more details. diff --git a/configure b/configure index c9422b74b69c..a890cf0dc634 100644 --- a/configure +++ b/configure @@ -44,8 +44,42 @@ for x do esac done +if [ -z "$LIBEXECDIR" ]; then + printf "Checking for directory /libexec ... " + if [ -d /libexec ]; then + echo "yes" + LIBEXECDIR=$PREFIX/libexec/resolvconf + else + echo "no" + LIBEXECDIR=$PREFIX/lib/resolvconf + fi +fi +if [ -z "$RUNDIR" ]; then + printf "Checking for directory /run ... " + if [ -d /run ]; then + echo "yes" + RUNDIR=/run + else + echo "no" + RUNDIR=/var/run + fi +fi + : ${SED:=sed} +: ${SYSCONFDIR:=$PREFIX/etc} +: ${SBINDIR:=$PREFIX/sbin} +: ${LIBEXECDIR:=$PREFIX/libexec/resolvconf} +: ${STATEDIR:=/var} +: ${RUNDIR:=$STATEDIR/run} +: ${MANDIR:=${PREFIX:-/usr}/share/man} + +eval SYSCONFDIR="$SYSCONFDIR" +eval SBINDIR="$SBINDIR" +eval LIBEXECDIR="$LIBEXECDIR" +eval VARDIR="$RUNDIR/resolvconf" +eval MANDIR="$MANDIR" + CONFIG_MK=config.mk if [ -z "$BUILD" ]; then @@ -87,19 +121,7 @@ rm -rf $CONFIG_MK echo "# $OS" >$CONFIG_MK case "$OS" in -dragonfly*) - # This means /usr HAS to be mounted not via dhcpcd - : ${LIBEXECDIR:=${PREFIX:-/usr}/libexec/resolvconf} - ;; -linux*) - # cksum does't support -a and netpgp is rare - echo "CKSUM= sha256sum --tag" >>$CONFIG_MK - echo "PGP= gpg2" >>$CONFIG_MK - ;; -esac - -case "$OS" in -dragonfly*|freebsd*) +freebsd*) # On FreeBSD, /etc/init.d/foo status returns 0 if foo is not enabled # regardless of if it's not running. # So we force onestatus to work around this silly bug. @@ -107,43 +129,13 @@ dragonfly*|freebsd*) STATUSARG="onestatus" fi ;; +linux*) + # cksum does't support -a and netpgp is rare + echo "CKSUM= sha256sum --tag" >>$CONFIG_MK + echo "PGP= gpg2" >>$CONFIG_MK + ;; esac - -if [ -z "$LIBEXECDIR" ]; then - printf "Checking for directory /libexec ... " - if [ -d /libexec ]; then - echo "yes" - LIBEXECDIR=$PREFIX/libexec/resolvconf - else - echo "no" - LIBEXECDIR=$PREFIX/lib/resolvconf - fi -fi -if [ -z "$RUNDIR" ]; then - printf "Checking for directory /run ... " - if [ -d /run ]; then - echo "yes" - RUNDIR=/run - else - echo "no" - RUNDIR=/var/run - fi -fi - -: ${SYSCONFDIR:=$PREFIX/etc} -: ${SBINDIR:=$PREFIX/sbin} -: ${LIBEXECDIR:=$PREFIX/libexec/resolvconf} -: ${STATEDIR:=/var} -: ${RUNDIR:=$STATEDIR/run} -: ${MANDIR:=${PREFIX:-/usr}/share/man} - -eval SYSCONFDIR="$SYSCONFDIR" -eval SBINDIR="$SBINDIR" -eval LIBEXECDIR="$LIBEXECDIR" -eval VARDIR="$RUNDIR/resolvconf" -eval MANDIR="$MANDIR" - for x in SYSCONFDIR SBINDIR LIBEXECDIR VARDIR MANDIR RESTARTCMD RCDIR STATUSARG do eval v=\$$x diff --git a/dnsmasq.in b/dnsmasq.in index 8b51866dca25..b1a2c7408d9c 100644 --- a/dnsmasq.in +++ b/dnsmasq.in @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright (c) 2007-2019 Roy Marples +# Copyright (c) 2007-2016 Roy Marples # All rights reserved # dnsmasq subscriber for resolvconf @@ -28,7 +28,7 @@ [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 . "@SYSCONFDIR@/resolvconf.conf" || exit 1 -[ -z "${dnsmasq_conf}${dnsmasq_resolv}" ] && exit 0 +[ -z "$dnsmasq_conf" -a -z "$dnsmasq_resolv" ] && exit 0 [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" NL=" " @@ -98,7 +98,7 @@ for d in $DOMAINS; do empty=false i=0 IFS=: set -- $n - while [ -n "$1" ] || [ -n "$2" ]; do + while [ -n "$1" -o -n "$2" ]; do addr="$1" shift if [ -z "$addr" ]; then @@ -184,7 +184,7 @@ if $changed; then eval $dnsmasq_restart elif [ -n "$RESTARTCMD" ]; then set -- ${dnsmasq_service} - eval "$RESTARTCMD" + eval $RESTARTCMD else @SBINDIR@/resolvconf -r ${dnsmasq_service} fi @@ -206,6 +206,4 @@ if $dbus; then dbus-send --system --dest=uk.org.thekelleys.dnsmasq \ /uk/org/thekelleys/dnsmasq uk.org.thekelleys.$method \ $dbusdest - dbus-send --system --dest=uk.org.thekelleys.dnsmasq \ - /uk/org/thekelleys/dnsmasq uk.org.thekelleys.ClearCache fi @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright (c) 2007-2019 Roy Marples +# Copyright (c) 2007-2016 Roy Marples # All rights reserved # libc subscriber for resolvconf @@ -36,9 +36,9 @@ NL=" # sed may not be available, and this is faster on small files key_get_value() { - key="$1" - shift + local key="$1" x= line= + shift if [ $# -eq 0 ]; then while read -r line; do case "$line" in @@ -58,6 +58,8 @@ key_get_value() keys_remove() { + local key x line found + while read -r line; do found=false for key do @@ -77,7 +79,7 @@ local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1" if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then . "$SYSCONFDIR"/resolvconf.conf elif [ -d "$SYSCONFDIR"/resolvconf ]; then - SYSCONFDIR="$SYSCONFDIR/resolvconf" + SYSCONFDIR="$SYSCONFDIR/resolvconf/resolv.conf.d" base="$SYSCONFDIR/resolv.conf.d/base" if [ -f "$base" ]; then prepend_nameservers="$(key_get_value "nameserver " "$base")" @@ -96,12 +98,10 @@ fi : ${resolv_conf:=/etc/resolv.conf} : ${libc_service:=nscd} : ${list_resolv:=@SBINDIR@/resolvconf -l} -if [ "${resolv_conf_head-x}" = x ] && [ -f "$SYSCONFDIR"/resolv.conf.head ] -then +if [ "${resolv_conf_head-x}" = x -a -f "$SYSCONFDIR"/resolv.conf.head ]; then resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.head)" fi -if [ "${resolv_conf_tail-x}" = x ] && [ -f "$SYSCONFDIR"/resolv.conf.tail ] -then +if [ "${resolv_conf_tail-x}" = x -a -f "$SYSCONFDIR"/resolv.conf.tail ]; then resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.tail)" fi @@ -110,7 +110,7 @@ signature="# Generated by resolvconf" uniqify() { - result= + local result= while [ -n "$1" ]; do case " $result " in *" $1 "*);; @@ -126,7 +126,7 @@ case "${resolv_conf_passthrough:-NO}" in backup=false newest= for conf in "$IFACEDIR"/*; do - if [ -z "$newest" ] || [ "$conf" -nt "$newest" ]; then + if [ -z "$newest" -o "$conf" -nt "$newest" ]; then newest="$conf" fi done @@ -178,7 +178,7 @@ case "${resolv_conf_passthrough:-NO}" in fi [ -n "$domain" ] && newconf="${newconf}domain $domain$NL" - if [ -n "$newsearch" ] && [ "$newsearch" != "$domain" ]; then + if [ -n "$newsearch" -a "$newsearch" != "$domain" ]; then newconf="${newconf}search $newsearch$NL" fi for n in $newns; do @@ -232,7 +232,7 @@ if [ -n "$libc_restart" ]; then eval $libc_restart elif [ -n "$RESTARTCMD" ]; then set -- ${libc_service} - eval "$RESTARTCMD" + eval $RESTARTCMD else @SBINDIR@/resolvconf -r ${libc_service} fi @@ -28,14 +28,14 @@ [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 . "@SYSCONFDIR@/resolvconf.conf" || exit 1 -[ -z "${named_zones}${named_options}" ] && exit 0 +[ -z "$named_zones" -a -z "$named_options" ] && exit 0 [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" NL=" " # Platform specific kludges -if [ -z "${named_service}${named_restart}" ] && - [ -d "$RCDIR" ] && ! [ -x "$RCDIR"/named ] +if [ -z "$named_service" -a -z "$named_restart" -a \ + -d "$RCDIR" -a ! -x "$RCDIR"/named ] then if [ -x "$RCDIR"/bind9 ]; then # Debian and derivatives @@ -111,7 +111,7 @@ if $changed; then eval $named_restart elif [ -n "$RESTARTCMD" ]; then set -- ${named_service} - eval "$RESTARTCMD" + eval $RESTARTCMD else @SBINDIR@/resolvconf -r ${named_service} fi diff --git a/pdns_recursor.in b/pdns_recursor.in index f3632e000385..ad2d922dc4de 100644 --- a/pdns_recursor.in +++ b/pdns_recursor.in @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright (c) 2009-2019 Roy Marples +# Copyright (c) 2009-2011 Roy Marples # All rights reserved # PowerDNS Recursor subscriber for resolvconf @@ -33,14 +33,17 @@ NL=" " -: ${pdns_service:=pdns-recursor} +: ${pdns_service:=pdns_recursor} newzones= -for n in $NAMESERVERS; do - newzones="$newzones${newzones:+,}$n" -done -[ -n "$newzones" ] && newzones="+.=$newzones$NL" +# pds_recursor does not present support global forward servers, which +# does limit it's usefulness somewhat. +# If it did, the below code can be enabled, or something like it. +#for n in $NAMESERVERS; do +# newzones="$newzones${newzones:+,}$n" +#done +#[ -n "$newzones" ] && newzones=".=$newzones$NL" for d in $DOMAINS; do newns= @@ -68,7 +71,7 @@ then eval $pdns_restart elif [ -n "$RESTARTCMD" ]; then set -- ${pdns_service} - eval "$RESTARTCMD" + eval $RESTARTCMD else @SBINDIR@/resolvconf -r ${pdns_service} fi @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright (c) 2010-2018 Roy Marples +# Copyright (c) 2010-2013 Roy Marples # All rights reserved # pdnsd subscriber for resolvconf @@ -28,7 +28,7 @@ [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 . "@SYSCONFDIR@/resolvconf.conf" || exit 1 -[ -z "${pdnsd_conf}${pdnsd_resolv}" ] && exit 0 +[ -z "$pdnsd_conf" -a -z "$pdnsd_resolv" ] && exit 0 [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" NL=" " @@ -41,16 +41,14 @@ signature_end="# End of resolvconf" # but sed may not always be available at the time. remove_markers() { - m1="$1" - m2="$2" - in_marker=0 + local m1="$1" m2="$2" x= line= in_marker=0 shift; shift if type sed >/dev/null 2>&1; then sed "/^$m1/,/^$m2/d" $@ else - for x do - while read line; do + for x; do + while read -r line; do case "$line" in "$m1"*) in_marker=1;; "$m2"*) in_marker=0;; diff --git a/resolvconf.conf b/resolvconf.conf index 4f5f2e6f42ef..607f6af4d919 100644 --- a/resolvconf.conf +++ b/resolvconf.conf @@ -4,4 +4,4 @@ resolv_conf=/etc/resolv.conf # If you run a local name server, you should uncomment the below line and # configure your subscribers configuration files below. -#name_servers=127.0.0.1 +#name_servers=127.0.0.1
\ No newline at end of file diff --git a/resolvconf.conf.5.in b/resolvconf.conf.5.in index 1b0c47160845..fcebd864e367 100644 --- a/resolvconf.conf.5.in +++ b/resolvconf.conf.5.in @@ -22,7 +22,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd September 8, 2019 +.Dd December 29, 2016 .Dt RESOLVCONF.CONF 5 .Os .Sh NAME @@ -64,25 +64,19 @@ Defaults to YES. .It Sy interface_order These interfaces will always be processed first. If unset, defaults to the following:- -.Bd -compact -literal -offset indent -lo lo[0-9]* -.Ed +.D1 lo lo[0-9]* .It Sy dynamic_order These interfaces will be processed next, unless they have a metric. If unset, defaults to the following:- -.Bd -compact -literal -offset indent -tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]* -.Ed +.D1 tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]* .It Sy inclusive_interfaces -Ignore any exclusive marking for these interfaces. +Ignore any exlcusive marking for these interfaces. This is handy when 3rd party integrations force the .Nm resolvconf -x option and you want to disable it easily. .It Sy local_nameservers If unset, defaults to the following:- -.Bd -compact -literal -offset indent -127.* 0.0.0.0 255.255.255.255 ::1 -.Ed +.D1 127.* 0.0.0.0 255.255.255.255 ::1 .It Sy search_domains Prepend search domains to the dynamically generated list. .It Sy search_domains_append @@ -124,24 +118,16 @@ The syntax is this: .Va $keyword Ns / Ns Va $match Ns / Ns Va $replacement .Pp Example, given this resolv.conf: -.Bd -compact -literal -offset indent -domain foo.org -search foo.org dead.beef -nameserver 1.2.3.4 -nameserver 2.3.4.5 -.Ed +.D1 domain foo.org +.D1 search foo.org dead.beef +.D1 nameserver 1.2.3.4 +.D1 nameserver 2.3.4.5 and this configuaration: -.Bd -compact -literal -offset indent -replace="search/foo*/bar.com" -replace="$replace nameserver/1.2.3.4/5.6.7.8" -replace="$replace nameserver/2.3.4.5/" -.Ed +.D1 replace="search/foo*/bar.com nameserver/1.2.3.4/5.6.7.8 nameserver/2.3.4.5/" you would get this resolv.conf instead: -.Bd -compact -literal -offset indent -domain foo.org -search bar.com -nameserver 5.6.7.8 -.Ed +.D1 domain foo.org +.D1 search bar.com +.D1 nameserver 5.6.7.8 .It Sy replace_sub Works the same way as .Sy replace @@ -152,11 +138,9 @@ Using the same example resolv.conf and changing to .Sy replace_sub , you would get this resolv.conf instead: -.Bd -compact -literal -offset indent -domain foo.org -search bar.com dead.beef -nameserver 5.6.7.8 -.Ed +.D1 domain foo.org +.D1 search bar.com dead.beef +.D1 nameserver 5.6.7.8 .It Sy state_dir Override the default state directory of .Pa @VARDIR@ . @@ -211,8 +195,7 @@ Prepend search domains to the dynamically generated list. openresolv ships with subscribers for the name servers .Xr dnsmasq 8 , .Xr named 8 , -.Xr pdnsd 8 , -.Xr pdns_recursor 8 , +.Xr pdnsd 8 and .Xr unbound 8 . Each subscriber can create configuration files which should be included in @@ -220,9 +203,7 @@ in the subscribers main configuration file. .Pp To disable a subscriber, simply set it's name to NO. For example, to disable the libc subscriber you would set: -.Bd -compact -literal -offset indent -libc=NO -.Ed +.D1 libc=NO .Bl -tag -width indent .It Sy dnsmasq_conf This file tells dnsmasq which name servers to use for specific domains. @@ -230,21 +211,17 @@ This file tells dnsmasq which name servers to use for specific domains. This file tells dnsmasq which name servers to use for global lookups. .Pp Example resolvconf.conf for dnsmasq: -.Bd -compact -literal -offset indent -name_servers=127.0.0.1 -dnsmasq_conf=/etc/dnsmasq-conf.conf -dnsmasq_resolv=/etc/dnsmasq-resolv.conf -.Ed +.D1 name_servers=127.0.0.1 +.D1 dnsmasq_conf=/etc/dnsmasq-conf.conf +.D1 dnsmasq_resolv=/etc/dnsmasq-resolv.conf .Pp Example dnsmasq.conf: -.Bd -compact -literal -offset indent -listen-address=127.0.0.1 -# If dnsmasq is compiled for DBus then we can take -# advantage of not having to restart dnsmasq. -enable-dbus -conf-file=/etc/dnsmasq-conf.conf -resolv-file=/etc/dnsmasq-resolv.conf -.Ed +.D1 listen-address=127.0.0.1 +.D1 # If dnsmasq is compiled for DBus then we can take +.D1 # advantage of not having to restart dnsmasq. +.D1 enable-dbus +.D1 conf-file=/etc/dnsmasq-conf.conf +.D1 resolv-file=/etc/dnsmasq-resolv.conf .It Sy named_options Include this file in the named options block. This file tells named which name servers to use for global lookups. @@ -253,21 +230,16 @@ Include this file in the named global scope, after the options block. This file tells named which name servers to use for specific domains. .Pp Example resolvconf.conf for named: -.Bd -compact -literal -offset indent -name_servers=127.0.0.1 -named_options=/etc/named-options.conf -named_zones=/etc/named-zones.conf -.Ed +.D1 name_servers=127.0.0.1 +.D1 named_options=/etc/named-options.conf +.D1 named_zones=/etc/named-zones.conf .Pp Example named.conf: -.Bd -compact -literal -offset indent -options { - listen-on { 127.0.0.1; }; - include "/etc/named-options.conf"; -}; - -include "/etc/named-zones.conf"; -.Ed +.D1 options { +.D1 listen-on { 127.0.0.1; }; +.D1 include "/etc/named-options.conf"; +.D1 }; +.D1 include "/etc/named-zones.conf"; .It Sy pdnsd_conf This is the main pdnsd configuration file which we modify to add our forward domains to. @@ -281,54 +253,32 @@ If this variable is not set then it's written to .Pa pdnsd_conf . .Pp Example resolvconf.conf for pdnsd: -.Bd -compact -literal -offset indent -name_servers=127.0.0.1 -pdnsd_conf=/etc/pdnsd.conf -# pdnsd_resolv=/etc/pdnsd-resolv.conf -.Ed +.D1 name_servers=127.0.0.1 +.D1 pdnsd_conf=/etc/pdnsd.conf +.D1 # pdnsd_resolv=/etc/pdnsd-resolv.conf .Pp Example pdnsd.conf: -.Bd -compact -literal -offset indent -global { - server_ip = 127.0.0.1; - status_ctl = on; -} -server { - # A server definition is required, even if empty. - label="empty"; - proxy_only=on; - # file="/etc/pdnsd-resolv.conf"; -} -.Ed -.It Sy pdns_zones -This file tells pdns_recursor about specific and global name servers. -.Pp -Example resolvconf.conf for pdns_recursor: -.Bd -compact -literal -offset indent -name_servers=127.0.0.1 -pdns_zones=/etc/pdns/recursor-zones.conf -.Ed -.Pp -Example recursor.conf: -.Bd -compact -literal -offset indent -allow-from=127.0.0.0/8, ::1/128 -forward-zones-file=/etc/pdns/recursor-zones.conf -.Ed +.D1 global { +.D1 server_ip = 127.0.0.1; +.D1 status_ctl = on; +.D1 } +.D1 server { +.D1 # A server definition is required, even if emtpy. +.D1 label="empty"; +.D1 proxy_only=on; +.D1 # file="/etc/pdnsd-resolv.conf"; +.D1 } .It Sy unbound_conf This file tells unbound about specific and global name servers. .It Sy unbound_insecure When set to YES, unbound marks the domains as insecure, thus ignoring DNSSEC. .Pp Example resolvconf.conf for unbound: -.Bd -compact -literal -offset indent -name_servers=127.0.0.1 -unbound_conf=/etc/unbound-resolvconf.conf -.Ed +.D1 name_servers=127.0.0.1 +.D1 unbound_conf=/etc/unbound-resolvconf.conf .Pp Example unbound.conf: -.Bd -compact -literal -offset indent -include: /etc/unbound-resolvconf.conf -.Ed +.D1 include: /etc/unbound-resolvconf.conf .El .Sh SUBSCRIBER INTEGRATION Not all distributions store the files the subscribers need in the same @@ -342,6 +292,7 @@ Also, users could equally want to use a different version from the one installed by default, such as bind8 and bind9. To accommodate this, the subscribers have these files in configurable variables, documented below. +.Pp .Bl -tag -width indent .It Sy dnsmasq_service Name of the dnsmasq service. @@ -359,10 +310,6 @@ Name of the named service. Command to restart the named service. .It Sy pdnsd_restart Command to restart the pdnsd service. -.It Sy pdns_service -Command to restart the pdns_recursor service. -.It Sy pdns_restart -Command to restart the pdns_recursor service. .It Sy unbound_service Name of the unbound service. .It Sy unbound_restart diff --git a/resolvconf.in b/resolvconf.in index e7d382111813..7353cfc348d1 100644 --- a/resolvconf.in +++ b/resolvconf.in @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright (c) 2007-2019 Roy Marples +# Copyright (c) 2007-2016 Roy Marples # All rights reserved # Redistribution and use in source and binary forms, with or without @@ -25,7 +25,7 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. RESOLVCONF="$0" -OPENRESOLV_VERSION="3.9.2" +OPENRESOLV_VERSION="3.9.0" SYSCONFDIR=@SYSCONFDIR@ LIBEXECDIR=@LIBEXECDIR@ VARDIR=@VARDIR@ @@ -125,22 +125,21 @@ usage() # If you think otherwise, capture a DNS trace and you'll see libc # will strip it regardless. # This also solves setting up duplicate zones in our subscribers. -# Also strip any comments denoted by #. -resolv_strip() +strip_trailing_dots() { - space= - for word; do - case "$word" in - \#*) break;; - esac - printf "%s%s" "$space${word%.}" - space=" " + local n= d= + + for n; do + printf "$d%s" "${n%.}" + d=" " done printf "\n" } private_iface() { + local p + # Allow expansion cd "$IFACEDIR" @@ -169,15 +168,12 @@ private_iface() # for domain name servers, search name servers and global nameservers parse_resolv() { - domain= - new=true + local line= ns= ds= search= d= n= newns= + local new=true iface= private=false p= domain= l= islocal= + newns= - ns= - private=false - search= while read -r line; do - stripped_line="$(resolv_strip ${line#* })" case "$line" in "# resolv.conf from "*) if ${new}; then @@ -193,32 +189,29 @@ parse_resolv() "nameserver "*) islocal=false for l in $local_nameservers; do - case "$stripped_line" in + case "${line#* }" in $l) islocal=true + echo "LOCALNAMESERVERS=\"\$LOCALNAMESERVERS ${line#* }\"" break ;; esac done - if $islocal; then - echo "LOCALNAMESERVERS=\"\$LOCALNAMESERVERS $stripped_line\"" - else - ns="$ns$stripped_line " - fi + $islocal || ns="$ns${line#* } " ;; "domain "*) - search="$stripped_line" + search="$(strip_trailing_dots ${line#* })" if [ -z "$domain" ]; then domain="$search" echo "DOMAIN=\"$domain\"" fi ;; "search "*) - search="$stripped_line" + search="$(strip_trailing_dots ${line#* })" ;; *) [ -n "$line" ] && continue - if [ -n "$ns" ] && [ -n "$search" ]; then + if [ -n "$ns" -a -n "$search" ]; then newns= for n in $ns; do newns="$newns${newns:+,}$n" @@ -243,7 +236,7 @@ parse_resolv() uniqify() { - result= + local result= while [ -n "$1" ]; do case " $result " in *" $1 "*);; @@ -256,8 +249,8 @@ uniqify() dirname() { - OIFS="$IFS" - IFS=/ + local dir= OIFS="$IFS" + local IFS=/ set -- $@ IFS="$OIFS" if [ -n "$1" ]; then @@ -274,7 +267,7 @@ dirname() config_mkdirs() { - e=0 + local e=0 f d for f; do [ -n "$f" ] || continue d="$(dirname "$f")" @@ -302,86 +295,66 @@ detect_init() # Detect the running init system. # As systemd and OpenRC can be installed on top of legacy init # systems we try to detect them first. - status="@STATUSARG@" + local status="@STATUSARG@" : ${status:=status} - if [ -x /bin/systemctl ] && [ -S /run/systemd/private ]; then - RESTARTCMD=' - if /bin/systemctl --quiet is-active $1.service - then - /bin/systemctl restart $1.service - fi' - elif [ -x /usr/bin/systemctl ] && [ -S /run/systemd/private ]; then - RESTARTCMD=' - if /usr/bin/systemctl --quiet is-active $1.service - then - /usr/bin/systemctl restart $1.service - fi' - elif [ -x /sbin/rc-service ] && - { [ -s /libexec/rc/init.d/softlevel ] || - [ -s /run/openrc/softlevel ]; } + if [ -x /bin/systemctl -a -S /run/systemd/private ]; then + RESTARTCMD="if /bin/systemctl --quiet is-active \$1.service; then + /bin/systemctl restart \$1.service; +fi" + elif [ -x /usr/bin/systemctl -a -S /run/systemd/private ]; then + RESTARTCMD="if /usr/bin/systemctl --quiet is-active \$1.service; then + /usr/bin/systemctl restart \$1.service; +fi" + elif [ -x /sbin/rc-service -a \ + -s /libexec/rc/init.d/softlevel -o -s /run/openrc/softlevel ] then - RESTARTCMD='/sbin/rc-service -i $1 -- -Ds restart' + RESTARTCMD="/sbin/rc-service -i \$1 -- -Ds restart" elif [ -x /usr/sbin/invoke-rc.d ]; then RCDIR=/etc/init.d - RESTARTCMD=' - if /usr/sbin/invoke-rc.d --quiet $1 status >/dev/null 2>&1 - then - /usr/sbin/invoke-rc.d $1 restart - fi' + RESTARTCMD="if /usr/sbin/invoke-rc.d --quiet \$1 status 1>/dev/null 2>&1; then + /usr/sbin/invoke-rc.d \$1 restart; +fi" elif [ -x /sbin/service ]; then # Old RedHat RCDIR=/etc/init.d - RESTARTCMD=' - if /sbin/service $1; then - /sbin/service $1 restart - fi' + RESTARTCMD="if /sbin/service \$1; then + /sbin/service \$1 restart; +fi" elif [ -x /usr/sbin/service ]; then # Could be FreeBSD - RESTARTCMD=" - if /usr/sbin/service \$1 $status >/dev/null 2>&1 - then - /usr/sbin/service \$1 restart - fi" + RESTARTCMD="if /usr/sbin/service \$1 $status 1>/dev/null 2>&1; then + /usr/sbin/service \$1 restart; +fi" elif [ -x /bin/sv ]; then - RESTARTCMD='/bin/sv status $1 >/dev/null 2>&1 && - /bin/sv try-restart $1' + RESTARTCMD="/bin/sv status \$1 >/dev/null 2>&1 && /bin/sv try-restart \$1" elif [ -x /usr/bin/sv ]; then - RESTARTCMD='/usr/bin/sv status $1 >/dev/null 2>&1 && - /usr/bin/sv try-restart $1' - elif [ -e /etc/arch-release ] && [ -d /etc/rc.d ]; then + RESTARTCMD="/usr/bin/sv status \$1 >/dev/null 2>&1 && /usr/bin/sv try-restart \$1" + elif [ -e /etc/arch-release -a -d /etc/rc.d ]; then RCDIR=/etc/rc.d - RESTARTCMD=' - if [ -e /var/run/daemons/$1 ] - then - /etc/rc.d/$1 restart - fi' - elif [ -e /etc/slackware-version ] && [ -d /etc/rc.d ]; then - RESTARTCMD=' - if /etc/rc.d/rc.$1 status >/dev/null 2>&1 - then - /etc/rc.d/rc.$1 restart - fi' - elif [ -e /etc/rc.d/rc.subr ] && [ -d /etc/rc.d ]; then + RESTARTCMD="if [ -e /var/run/daemons/\$1 ]; then + /etc/rc.d/\$1 restart; +fi" + elif [ -e /etc/slackware-version -a -d /etc/rc.d ]; then + RESTARTCMD="if /etc/rc.d/rc.\$1 status 1>/dev/null 2>&1; then + /etc/rc.d/rc.\$1 restart; +fi" + elif [ -e /etc/rc.d/rc.subr -a -d /etc/rc.d ]; then # OpenBSD - RESTARTCMD=' - if /etc/rc.d/$1 check >/dev/null 2>&1 - then - /etc/rc.d/$1 restart - fi' + RESTARTCMD="if /etc/rc.d/\$1 check 1>/dev/null 2>&1; then + /etc/rc.d/\$1 restart; +fi" else for x in /etc/init.d/rc.d /etc/rc.d /etc/init.d; do [ -d $x ] || continue - RESTARTCMD=" - if $x/\$1 $status >/dev/null 2>&1 - then - $x/\$1 restart - fi" + RESTARTCMD="if $x/\$1 $status 1>/dev/null 2>&1; then + $x/\$1 restart; +fi" break done fi if [ -z "$RESTARTCMD" ]; then - if [ "$_NOINIT_WARNED" != true ]; then + if [ "$NOINIT_WARNED" != true ]; then warn "could not detect a useable init system" _NOINIT_WARNED=true fi @@ -393,9 +366,9 @@ detect_init() echo_resolv() { - OIFS="$IFS" + local line= OIFS="$IFS" - [ -n "$1" ] && [ -f "$IFACEDIR/$1" ] || return 1 + [ -n "$1" -a -f "$IFACEDIR/$1" ] || return 1 echo "# resolv.conf from $1" # Our variable maker works of the fact each resolv.conf per interface # is separated by blank lines. @@ -415,16 +388,11 @@ list_resolv() { [ -d "$IFACEDIR" ] || return 0 - cmd="$1" + local report=false list= retval=0 cmd="$1" excl= shift - excl=false - list= - report=false - retval=0 case "$IF_EXCLUSIVE" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) - excl=true if [ -d "$EXCLUSIVEDIR" ]; then cd "$EXCLUSIVEDIR" for i in *; do @@ -434,15 +402,19 @@ list_resolv() fi done fi + excl=true cd "$IFACEDIR" for i in $inclusive_interfaces; do - if [ -f "$i" ] && [ "$list" = "$i" ]; then + if [ -f "$i" -a "$list" = "$i" ]; then list= excl=false break fi done ;; + *) + excl=false + ;; esac # If we have an interface ordering list, then use that. @@ -459,28 +431,22 @@ list_resolv() done done for i in $dynamic_order; do - if [ -e "$i" ] && ! [ -e "$METRICDIR/"*" $i" ]; then + if [ -e "$i" -a ! -e "$METRICDIR/"*" $i" ]; then list="$list $i" fi for ii in "$i":* "$i".*; do - if [ -f "$ii" ] && ! [ -e "$METRICDIR/"*" $ii" ] - then + if [ -f "$ii" -a ! -e "$METRICDIR/"*" $ii" ]; then list="$list $ii" fi done done - # Interfaces have an implicit metric of 0 if not specified. - for i in *; do - if [ -f "$i" ] && ! [ -e "$METRICDIR/"*" $i" ]; then - list="$list $i" - fi - done if [ -d "$METRICDIR" ]; then cd "$METRICDIR" for i in *; do [ -f "$i" ] && list="$list ${i#* }" done fi + list="$list *" fi cd "$IFACEDIR" @@ -495,24 +461,23 @@ list_resolv() continue fi - if [ "$cmd" = i ] || [ "$cmd" = "-i" ]; then + if [ "$cmd" = i -o "$cmd" = "-i" ]; then printf %s "$i " else echo_resolv "$i" && echo fi - [ $? = 0 ] && [ "$retval" = 1 ] && retval=0 + [ $? = 0 -a "$retval" = 1 ] && retval=0 done - [ "$cmd" = i ] || [ "$cmd" = "-i" ] && echo + [ "$cmd" = i -o "$cmd" = "-i" ] && echo return $retval } -list_remove() -{ +list_remove() { + local list= e= l= result= found= retval=0 + [ -z "$2" ] && return 0 eval list=\"\$$1\" shift - result= - retval=0 set -f for e; do @@ -560,6 +525,8 @@ echo_append() replace() { + local r= k= f= v= val= sub= + while read -r keyword value; do for r in $replace; do k="${r%%/*}" @@ -599,6 +566,8 @@ replace() make_vars() { + local newdomains= d= dn= newns= ns= + # Clear variables DOMAIN= DOMAINS= @@ -606,7 +575,7 @@ make_vars() NAMESERVERS= LOCALNAMESERVERS= - if [ -n "${name_servers}${search_domains}" ]; then + if [ -n "$name_servers" -o -n "$search_domains" ]; then eval "$(echo_prepend | parse_resolv)" fi if [ -z "$VFLAG" ]; then @@ -614,12 +583,11 @@ make_vars() list_resolv -i "$@" >/dev/null || IF_EXCLUSIVE=0 eval "$(list_resolv -l "$@" | replace | parse_resolv)" fi - if [ -n "${name_servers_append}${search_domains_append}" ]; then + if [ -n "$name_servers_append" -o -n "$search_domains_append" ]; then eval "$(echo_append | parse_resolv)" fi # Ensure that we only list each domain once - newdomains= for d in $DOMAINS; do dn="${d%%:*}" list_remove domain_blacklist "$dn" >/dev/null || continue @@ -699,37 +667,36 @@ if [ "$cmd" = D ]; then fi # -l lists our resolv files, optionally for a specific interface -if [ "$cmd" = l ] || [ "$cmd" = i ]; then +if [ "$cmd" = l -o "$cmd" = i ]; then list_resolv "$cmd" "$args" exit $? fi # Restart a service or echo the command to restart a service -if [ "$cmd" = r ] || [ "$cmd" = R ]; then +if [ "$cmd" = r -o "$cmd" = R ]; then detect_init || exit 1 if [ "$cmd" = r ]; then set -- $args - eval "$RESTARTCMD" + eval $RESTARTCMD else - echo "$RESTARTCMD" | - sed -e '/^$/d' -e 's/^ //g' + echo "$RESTARTCMD" fi exit $? fi # Not normally needed, but subscribers should be able to run independently -if [ "$cmd" = v ] || [ -n "$VFLAG" ]; then +if [ "$cmd" = v -o -n "$VFLAG" ]; then make_vars "$iface" exit $? fi # Test that we have valid options -if [ "$cmd" = a ] || [ "$cmd" = d ]; then +if [ "$cmd" = a -o "$cmd" = d ]; then if [ -z "$iface" ]; then usage "Interface not specified" fi elif [ "$cmd" != u ]; then - [ -n "$cmd" ] && [ "$cmd" != h ] && usage "Unknown option $cmd" + [ -n "$cmd" -a "$cmd" != h ] && usage "Unknown option $cmd" usage fi @@ -745,7 +712,7 @@ if [ "$cmd" = a ]; then "$x not allowed at start of interface name";; esac done - [ "$cmd" = a ] && [ -t 0 ] && error_exit "No file given via stdin" + [ "$cmd" = a -a -t 0 ] && error_exit "No file given via stdin" fi if [ ! -d "$VARDIR" ]; then @@ -841,8 +808,8 @@ a) newmetric="$METRICDIR/$IF_METRIC $iface" fi rm -f "$METRICDIR/"*" $iface" - [ "$oldmetric" != "$newmetric" ] && - [ "$oldmetric" != "$METRICDIR/* $iface" ] && + [ "$oldmetric" != "$newmetric" -a \ + "$oldmetric" != "$METRICDIR/* $iface" ] && changed=true [ -n "$newmetric" ] && echo " " >"$newmetric" diff --git a/unbound.in b/unbound.in index 34cb401f57c1..46d45246ff2e 100644 --- a/unbound.in +++ b/unbound.in @@ -76,7 +76,7 @@ restart_unbound() eval $unbound_restart elif [ -n "$RESTARTCMD" ]; then set -- ${unbound_service} - eval "$RESTARTCMD" + eval $RESTARTCMD else @SBINDIR@/resolvconf -r ${unbound_service} fi |