[LEDE-DEV] [PATCH v3] dnsmasq: manage resolv.conf if when listening on 127.0.0.1#53
Ben Pfountz
netprince at vt.edu
Mon Jun 19 12:08:00 PDT 2017
I tested this patch with a standard install, as well as with noresolv=1
and 2 servers configured with opendns, and it worked fine.
/etc/resolv.conf still correctly listed 127.0.0.1 and ::1 as the local
nameserver.
Ben
On 6/19/2017 6:16 AM, Paul Oranje wrote:
> this patch has been resend with corrected title (not "if", but "iff")
> sorry for the spamming
>
>> Op 18 jun. 2017, om 09:46 heeft Paul Oranje <por at xs4all.nl> het volgende geschreven:
>>
>> With this patch the dnsmasq init script manages resolv.conf if and only if
>> when dnsmasq will listen on 127.0.0.1#53 (is main resolver instance).
>> Also adds ::1 to the resolver file.
>>
>> For unbound a likewise patch exists (PR#4454).
>> Fixes (combined with the unbound PR) FS#785
>>
>> Signed-off-by: Paul Oranje <por at xs4all.nl>
>> ---
>> The intended invariant is that resolv.conf is managed whenever a resolver
>> listens on 127.0.0.1#53. Besides dnsmasq, unbound can take that role as well
>> (but only when dnsmasq is not already listens on 127.0.0.1#53).
>> When no instance of dnsmasq has been configured to listen on 127.0.0.1#53 then
>> resolv.conf is not touched by dnsmasq.
>>
>> Currently unbound handles resolv.conf also, but leaves it to dnsmasq whenever
>> that will run, even when no dnsmasq instance will listen on localhost:53. So
>> for unbound PR#4454 has been submitted to make sure it always manages
>> resov.conf when it owns localhost:domain.
>>
>>
>> Tests performed:
>>
>> - with/without unbound, dhcp linkages none and dnsmasq
>> - dnsmasq listens on #53, not #53 (dnsmasq takes precedence when also on #53)
>> - listen on localhost, not localhost
>> - noresolv false and true
>> - one/multiple dnsmasq instances (useless combinations are omitted in testing)
>>
>> single dnsmasq instance
>> standard setup
>> ==> dnsmasq manages resolv.conf
>>
>> two dnsmasq instances, each serving another LAN
>> both dnsmasq on #53
>> dnsmasq-2 notinterface loopback
>> ==> dnsmasq-1 manages resolv.conf
>>
>> two dnsmasq unstances and unbound (dhcp_link: none, one dnsmasq behind ubound)
>> both dnsmasq on #53
>> dnsmasq-2 on #53, notinterface loopback
>> noresolv true and server 127.0.0.1#1053
>> unbound on #1053
>> ==> dnsmasq-1 manages resolv.conf
>>
>> two dnsmasq instances and unbound (dhcp_link: dnsmasq)
>> dnsmasq-1 on #1053, noresolv true
>> dnsmasq-2 on #2053, noresolv true
>> unbound on #53
>> forward LAN1 to 127.0.0.1#1053, forward LAN2 to 127.0.0.1#2053
>> ==> unbound manages resolv.conf
>>
>> on init stops resolv.conf is reset to the auto resolvfile.
>>
>>
>> History:
>> v1 -> v2 corrected synxtax error
>> increased PKG_RELEASE
>> v2 reverted with commit 8180bbac7c237a31bd6e06c63e342c72342b7303
>> v3 corected errors, setup/teardown routines and thoroughly tested
>>
>> Paul
>>
>>
>> package/network/services/dnsmasq/Makefile | 2 +-
>> .../network/services/dnsmasq/files/dnsmasq.init | 79 +++++++++++++++-------
>> 2 files changed, 55 insertions(+), 26 deletions(-)
>>
>> diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile
>> index f9ab13aef0..35ac6b2891 100644
>> --- a/package/network/services/dnsmasq/Makefile
>> +++ b/package/network/services/dnsmasq/Makefile
>> @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
>>
>> PKG_NAME:=dnsmasq
>> PKG_VERSION:=2.77
>> -PKG_RELEASE:=3
>> +PKG_RELEASE:=4
>>
>> PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
>> PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/
>> diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init
>> index d5177ecb0c..2a4d7b2239 100644
>> --- a/package/network/services/dnsmasq/files/dnsmasq.init
>> +++ b/package/network/services/dnsmasq/files/dnsmasq.init
>> @@ -707,9 +707,51 @@ dhcp_relay_add() {
>> fi
>> }
>>
>> +_resolv_setup()
>> +{
>> + local cfg="$1"
>> + local port notinterfaces
>> +
>> + config_get port "$cfg" port "53"
>> + [ $port = "53" ] || return
>> +
>> + config_get notinterfaces "$cfg" notinterface ""
>> + [ -n "$notinterfaces" ] && list_contains notinterfaces "loopback" && return
>> +
>> + # dnsmasq instance is designated to listen on 127.0.0.1#53.
>> + # rewrite /tmp/resolv.conf
>> + rm -f /tmp/resolv.conf
>> + {
>> + echo "# /tmp/resolv.conf generated by dnsmasq $cfg $( date )"
>> + [ $ADD_LOCAL_DOMAIN -eq 1 ] && [ -n "$DOMAIN" ] && {
>> + echo "search $DOMAIN"
>> + }
>> + DNS_SERVERS="$DNS_SERVERS 127.0.0.1 ::1"
>> + for DNS_SERVER in $DNS_SERVERS ; do
>> + echo "nameserver $DNS_SERVER"
>> + done
>> + } > /tmp/resolv.conf
>> +
>> + return
>> +}
>> +
>> +_resolv_teardown()
>> +{
>> + cfg="$1"
>> +
>> + case $( cat /tmp/resolv.conf ) in
>> + *"generated by dnsmasq $cfg"*)
>> + # resolv.conf was written by this instance,
>> + # reset /tmp/resolv.conf to default.
>> + [ -f /tmp/resolv.conf ] && rm -f /tmp/resolv.conf
>> + ln -s /tmp/resolv.conf.auto /tmp/resolv.conf
>> + ;;
>> + esac
>> +}
>> +
>> dnsmasq_start()
>> {
>> - local cfg="$1" disabled resolvfile user_dhcpscript
>> + local cfg="$1" disabled noresolv resolvfile user_dhcpscript
>>
>> config_get_bool disabled "$cfg" disabled 0
>> [ "$disabled" -gt 0 ] && return 0
>> @@ -785,7 +827,6 @@ dnsmasq_start()
>> append_bool "$cfg" nonegcache "--no-negcache"
>> append_bool "$cfg" strictorder "--strict-order"
>> append_bool "$cfg" logqueries "--log-queries=extra"
>> - append_bool "$cfg" noresolv "--no-resolv"
>> append_bool "$cfg" localise_queries "--localise-queries"
>> append_bool "$cfg" readethers "--read-ethers"
>> append_bool "$cfg" dbus "--enable-dbus"
>> @@ -854,14 +895,15 @@ dnsmasq_start()
>> config_get_bool cachelocal "$cfg" cachelocal 1
>>
>> config_get_bool noresolv "$cfg" noresolv 0
>> - if [ "$noresolv" != "1" ]; then
>> + if [ "$noresolv" = "1" ]; then
>> + xappend "--no-resolv"
>> + else
>> config_get resolvfile "$cfg" resolvfile "/tmp/resolv.conf.auto"
>> + xappend "--resolv-file=$resolvfile"
>> # So jail doesn't complain if file missing
>> - [ -n "$resolvfile" -a \! -e "$resolvfile" ] && touch "$resolvfile"
>> + [ -e "$resolvfile" ] && touch "$resolvfile"
>> fi
>>
>> - [ -n "$resolvfile" ] && xappend "--resolv-file=$resolvfile"
>> -
>> config_get hostsfile "$cfg" dhcphostsfile
>> [ -e "$hostsfile" ] && xappend "--dhcp-hostsfile=$hostsfile"
>>
>> @@ -973,16 +1015,6 @@ dnsmasq_start()
>> echo >> $CONFIGFILE_TMP
>> mv -f $CONFIGFILE_TMP $CONFIGFILE
>>
>> - [ "$resolvfile" = "/tmp/resolv.conf.auto" ] && {
>> - rm -f /tmp/resolv.conf
>> - [ $ADD_LOCAL_DOMAIN -eq 1 ] && [ -n "$DOMAIN" ] && {
>> - echo "search $DOMAIN" >> /tmp/resolv.conf
>> - }
>> - DNS_SERVERS="$DNS_SERVERS 127.0.0.1"
>> - for DNS_SERVER in $DNS_SERVERS ; do
>> - echo "nameserver $DNS_SERVER" >> /tmp/resolv.conf
>> - done
>> - }
>>
>> procd_open_instance $cfg
>> procd_set_param command $PROG -C $CONFIGFILE -k -x /var/run/dnsmasq/dnsmasq."${cfg}".pid
>> @@ -1000,21 +1032,18 @@ dnsmasq_start()
>> procd_add_jail_mount_rw /var/run/dnsmasq/ $leasefile
>>
>> procd_close_instance
>> +
>> +
>> + # rewrite /tmp/resolv.conf only for main instance
>> + _resolv_setup $cfg
>> }
>>
>> dnsmasq_stop()
>> {
>> local cfg="$1"
>>
>> - config_get resolvfile "$cfg" "resolvfile"
>> -
>> - #relink /tmp/resolve.conf only for main instance
>> - [ "$resolvfile" = "/tmp/resolv.conf.auto" ] && {
>> - [ -f /tmp/resolv.conf ] && {
>> - rm -f /tmp/resolv.conf
>> - ln -s "$resolvfile" /tmp/resolv.conf
>> - }
>> - }
>> + #relink /tmp/resolv.conf only for main instance
>> + _resolv_teardown $cfg
>>
>> rm -f ${BASEDHCPSTAMPFILE}.${cfg}.*.dhcp
>> }
>> --
>> 2.13.1
>>
>>
>> _______________________________________________
>> Lede-dev mailing list
>> Lede-dev at lists.infradead.org
>> http://lists.infradead.org/mailman/listinfo/lede-dev
>
>
> _______________________________________________
> Lede-dev mailing list
> Lede-dev at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/lede-dev
>
More information about the Lede-dev
mailing list