[LEDE-DEV] [PATCH v5] dnsmasq: manage resolv.conf iff when listening on 127.0.0.1#53

Paul Oranje por at xs4all.nl
Sat Jun 24 05:11:54 PDT 2017


With this patch the dnsmasq init script manages resolv.conf if and only if
when dnsmasq will listen on 127.0.0.1#53 (is main resolver instance).
Also adds ::1 to the resolver file.

For unbound a likewise patch exists (PR#4454).
Fixes (combined with the unbound PR) FS#785

Signed-off-by: Paul Oranje <por at xs4all.nl>
---
The intended invariant is that resolv.conf is managed whenever a resolver
listens on 127.0.0.1#53. Besides dnsmasq, unbound can take that role as well 
(but only when dnsmasq is not already listens on 127.0.0.1#53).
When no instance of dnsmasq has been configured to listen on 127.0.0.1#53 then
resolv.conf is not touched by dnsmasq.

Currently unbound handles resolv.conf also, but leaves it to dnsmasq whenever
that will run, even when no dnsmasq instance will listen on localhost:53. So
for unbound PR#4454  has been submitted to make sure it always manages
resov.conf when it owns localhost:domain.


Tests performed:

- with/without unbound, dhcp linkages none and dnsmasq
- dnsmasq listens on #53, not #53 (dnsmasq takes precedence when also on #53)
- listen on localhost, not localhost
- noresolv false and true
- one/multiple dnsmasq instances (useless combinations are omitted in testing)

single dnsmasq instance
    standard setup
==> dnsmasq manages resolv.conf

two dnsmasq instances, each serving another LAN
    both dnsmasq on #53
    dnsmasq-2 notinterface loopback
==> dnsmasq-1 manages resolv.conf

two dnsmasq unstances and unbound (dhcp_link: none, one dnsmasq behind ubound)
    both dnsmasq on #53
    dnsmasq-2 on #53, notinterface loopback
        noresolv true and server 127.0.0.1#1053
    unbound on #1053
==> dnsmasq-1 manages resolv.conf

two dnsmasq instances and unbound (dhcp_link: dnsmasq)
    dnsmasq-1 on #1053, noresolv true
    dnsmasq-2 on #2053, noresolv true
    unbound on #53
        forward LAN1 to 127.0.0.1#1053, forward LAN2 to 127.0.0.1#2053
==> unbound manages resolv.conf

on stops resolv.conf is reset to the auto
   if it was written by the instance resolvfile.


History:
v2	corrected synxtax error
	increased PKG_RELEASE
v2	was reverted with commit 8180bbac7c237a31bd6e06c63e342c72342b7303
v3	rewritten and thoroughly tested
v4	corrected test on existence of resolvfile
v5	replaces cat ... case with grep in _resolv_teardown()
	rebased on master

Paul
---

 package/network/services/dnsmasq/Makefile          |  2 +-
 .../network/services/dnsmasq/files/dnsmasq.init    | 77 +++++++++++++++-------
 2 files changed, 53 insertions(+), 26 deletions(-)

diff --git a/package/network/services/dnsmasq/Makefile b/package/network/services/dnsmasq/Makefile
index 35ac6b2891..11baff37e8 100644
--- a/package/network/services/dnsmasq/Makefile
+++ b/package/network/services/dnsmasq/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dnsmasq
 PKG_VERSION:=2.77
-PKG_RELEASE:=4
+PKG_RELEASE:=5
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq/
diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init
index 065d1fd8c2..c16079d73a 100644
--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -714,9 +714,49 @@ dhcp_relay_add() {
 	fi
 }
 
+_resolv_setup()
+{
+	local cfg="$1"
+	local port notinterfaces
+
+	config_get port "$cfg" port "53"
+	[ $port = "53" ] || return
+
+	config_get notinterfaces "$cfg" notinterface ""
+	[ -n "$notinterfaces" ] && list_contains notinterfaces "loopback" && return
+
+	# dnsmasq instance is designated to listen on 127.0.0.1#53.
+	# rewrite /tmp/resolv.conf
+	rm -f /tmp/resolv.conf
+	{
+		echo "# /tmp/resolv.conf generated by dnsmasq $cfg $( date )"
+		[ $ADD_LOCAL_DOMAIN -eq 1 ] && [ -n "$DOMAIN" ] && {
+			echo "search $DOMAIN"
+		}
+		DNS_SERVERS="$DNS_SERVERS 127.0.0.1 ::1"
+		for DNS_SERVER in $DNS_SERVERS ; do
+			echo "nameserver $DNS_SERVER"
+		done
+	} > /tmp/resolv.conf
+
+	return
+}
+
+_resolv_teardown()
+{
+	cfg="$1"
+
+	grep -q -e "generated by dnsmasq $cfg" /tmp/resolv.conf 2>/dev/null && {
+		# resolv.conf was written by this instance,
+		# reset /tmp/resolv.conf to default.
+		[ -f /tmp/resolv.conf ] && rm -f /tmp/resolv.conf
+		ln -s /tmp/resolv.conf.auto /tmp/resolv.conf
+	}
+}
+
 dnsmasq_start()
 {
-	local cfg="$1" disabled resolvfile user_dhcpscript
+	local cfg="$1" disabled noresolv resolvfile user_dhcpscript
 
 	config_get_bool disabled "$cfg" disabled 0
 	[ "$disabled" -gt 0 ] && return 0
@@ -792,7 +832,6 @@ dnsmasq_start()
 	append_bool "$cfg" nonegcache "--no-negcache"
 	append_bool "$cfg" strictorder "--strict-order"
 	append_bool "$cfg" logqueries "--log-queries=extra"
-	append_bool "$cfg" noresolv "--no-resolv"
 	append_bool "$cfg" localise_queries "--localise-queries"
 	append_bool "$cfg" readethers "--read-ethers"
 	append_bool "$cfg" dbus "--enable-dbus"
@@ -861,14 +900,15 @@ dnsmasq_start()
 	config_get_bool cachelocal "$cfg" cachelocal 1
 
 	config_get_bool noresolv "$cfg" noresolv 0
-	if [ "$noresolv" != "1" ]; then
+	if [ "$noresolv" = "1" ]; then
+		xappend "--no-resolv"
+	else
 		config_get resolvfile "$cfg" resolvfile "/tmp/resolv.conf.auto"
+		xappend "--resolv-file=$resolvfile"
 		# So jail doesn't complain if file missing
-		[ -n "$resolvfile" -a \! -e "$resolvfile" ] && touch "$resolvfile"
+		[ ! -e "$resolvfile" ] && touch "$resolvfile"
 	fi
 
-	[ -n "$resolvfile" ] && xappend "--resolv-file=$resolvfile"
-
 	config_get hostsfile "$cfg" dhcphostsfile
 	[ -e "$hostsfile" ] && xappend "--dhcp-hostsfile=$hostsfile"
 
@@ -980,16 +1020,6 @@ dnsmasq_start()
 	echo >> $CONFIGFILE_TMP
 	mv -f $CONFIGFILE_TMP $CONFIGFILE
 
-	[ "$resolvfile" = "/tmp/resolv.conf.auto" ] && {
-		rm -f /tmp/resolv.conf
-		[ $ADD_LOCAL_DOMAIN -eq 1 ] && [ -n "$DOMAIN" ] && {
-			echo "search $DOMAIN" >> /tmp/resolv.conf
-		}
-		DNS_SERVERS="$DNS_SERVERS 127.0.0.1"
-		for DNS_SERVER in $DNS_SERVERS ; do
-			echo "nameserver $DNS_SERVER" >> /tmp/resolv.conf
-		done
-	}
 
 	procd_open_instance $cfg
 	procd_set_param command $PROG -C $CONFIGFILE -k -x /var/run/dnsmasq/dnsmasq."${cfg}".pid
@@ -1007,21 +1037,18 @@ dnsmasq_start()
 	procd_add_jail_mount_rw /var/run/dnsmasq/ $leasefile
 
 	procd_close_instance
+
+
+	# rewrite /tmp/resolv.conf only for main instance
+	_resolv_setup $cfg
 }
 
 dnsmasq_stop()
 {
 	local cfg="$1"
 
-	config_get resolvfile "$cfg" "resolvfile"
-
-	#relink /tmp/resolve.conf only for main instance
-	[ "$resolvfile" = "/tmp/resolv.conf.auto" ] && {
-		[ -f /tmp/resolv.conf ] && {
-			rm -f /tmp/resolv.conf
-			ln -s "$resolvfile" /tmp/resolv.conf
-		}
-	}
+	#relink /tmp/resolv.conf only for main instance
+	_resolv_teardown $cfg
 
 	rm -f ${BASEDHCPSTAMPFILE}.${cfg}.*.dhcp
 }
-- 
2.13.1




More information about the Lede-dev mailing list