mirror of
https://github.com/pi-hole/dnsmasq.git
synced 2025-12-19 10:18:25 +00:00
bc87e609c2
Dnsmasq's startup script seems to assume users always want to use dnsmasq as local DNS resolver, and tells resolvconf to put "nameserver 127.0.0.1" in /etc/resolv.conf The problem with this is that if users just want to use dnsmasq as DHCP server, and put port=0 in /etc/dnsmasq.conf to disable the DNS functionality, they end up with broken name resolving. Put a basic check in the startup script that skips resolvconf configuration if a line starting with port=0 is in /etc/dnsmasq.conf This doesn't cover all cases (e.g. configuration could also be in different file in /etc/dnsmasq.d), but is better than current situation.
321 lines
8.1 KiB
Bash
321 lines
8.1 KiB
Bash
#!/bin/sh
|
|
### BEGIN INIT INFO
|
|
# Provides: dnsmasq
|
|
# Required-Start: $network $remote_fs $syslog
|
|
# Required-Stop: $network $remote_fs $syslog
|
|
# Default-Start: 2 3 4 5
|
|
# Default-Stop: 0 1 6
|
|
# Description: DHCP and DNS server
|
|
### END INIT INFO
|
|
|
|
# Don't exit on error status
|
|
set +e
|
|
|
|
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
|
DAEMON=/usr/sbin/dnsmasq
|
|
NAME=dnsmasq
|
|
DESC="DNS forwarder and DHCP server"
|
|
|
|
# Most configuration options in /etc/default/dnsmasq are deprecated
|
|
# but still honoured.
|
|
ENABLED=1
|
|
if [ -r /etc/default/$NAME ]; then
|
|
. /etc/default/$NAME
|
|
fi
|
|
|
|
# Get the system locale, so that messages are in the correct language, and the
|
|
# charset for IDN is correct
|
|
if [ -r /etc/default/locale ]; then
|
|
. /etc/default/locale
|
|
export LANG
|
|
fi
|
|
|
|
# The following test ensures the dnsmasq service is not started, when the
|
|
# package 'dnsmasq' is removed but not purged, even if the dnsmasq-base
|
|
# package is still in place.
|
|
test -e /usr/share/dnsmasq/installed-marker || exit 0
|
|
|
|
test -x $DAEMON || exit 0
|
|
|
|
# Provide skeleton LSB log functions for backports which don't have LSB functions.
|
|
if [ -f /lib/lsb/init-functions ]; then
|
|
. /lib/lsb/init-functions
|
|
else
|
|
log_warning_msg () {
|
|
echo "${@}."
|
|
}
|
|
|
|
log_success_msg () {
|
|
echo "${@}."
|
|
}
|
|
|
|
log_daemon_msg () {
|
|
echo -n "${1}: $2"
|
|
}
|
|
|
|
log_end_msg () {
|
|
if [ $1 -eq 0 ]; then
|
|
echo "."
|
|
elif [ $1 -eq 255 ]; then
|
|
/bin/echo -e " (warning)."
|
|
else
|
|
/bin/echo -e " failed!"
|
|
fi
|
|
}
|
|
fi
|
|
|
|
# RESOLV_CONF:
|
|
# If the resolvconf package is installed then use the resolv conf file
|
|
# that it provides as the default. Otherwise use /etc/resolv.conf as
|
|
# the default.
|
|
#
|
|
# If IGNORE_RESOLVCONF is set in /etc/default/dnsmasq or an explicit
|
|
# filename is set there then this inhibits the use of the resolvconf-provided
|
|
# information.
|
|
#
|
|
# Note that if the resolvconf package is installed it is not possible to
|
|
# override it just by configuration in /etc/dnsmasq.conf, it is necessary
|
|
# to set IGNORE_RESOLVCONF=yes in /etc/default/dnsmasq.
|
|
|
|
if [ ! "$RESOLV_CONF" ] &&
|
|
[ "$IGNORE_RESOLVCONF" != "yes" ] &&
|
|
[ -x /sbin/resolvconf ]
|
|
then
|
|
RESOLV_CONF=/run/dnsmasq/resolv.conf
|
|
fi
|
|
|
|
for INTERFACE in $DNSMASQ_INTERFACE; do
|
|
DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -i $INTERFACE"
|
|
done
|
|
|
|
for INTERFACE in $DNSMASQ_EXCEPT; do
|
|
DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -I $INTERFACE"
|
|
done
|
|
|
|
if [ ! "$DNSMASQ_USER" ]; then
|
|
DNSMASQ_USER="dnsmasq"
|
|
fi
|
|
|
|
# This tells dnsmasq to ignore DNS requests that don't come from a local network.
|
|
# It's automatically ignored if --interface --except-interface, --listen-address
|
|
# or --auth-server exist in the configuration, so for most installations, it will
|
|
# have no effect, but for otherwise-unconfigured installations, it stops dnsmasq
|
|
# from being vulnerable to DNS-reflection attacks.
|
|
|
|
DNSMASQ_OPTS="$DNSMASQ_OPTS --local-service"
|
|
|
|
# If the dns-root-data package is installed, then the trust anchors will be
|
|
# available in $ROOT_DS, in BIND zone-file format. Reformat as dnsmasq
|
|
# --trust-anchor options.
|
|
|
|
ROOT_DS="/usr/share/dns/root.ds"
|
|
|
|
if [ -f $ROOT_DS ]; then
|
|
DNSMASQ_OPTS="$DNSMASQ_OPTS `sed -e s/". IN DS "/--trust-anchor=.,/ -e s/" "/,/g $ROOT_DS | tr '\n' ' '`"
|
|
fi
|
|
|
|
start()
|
|
{
|
|
# Return
|
|
# 0 if daemon has been started
|
|
# 1 if daemon was already running
|
|
# 2 if daemon could not be started
|
|
|
|
# /run may be volatile, so we need to ensure that
|
|
# /run/dnsmasq exists here as well as in postinst
|
|
if [ ! -d /run/dnsmasq ]; then
|
|
mkdir /run/dnsmasq || return 2
|
|
chown dnsmasq:nogroup /run/dnsmasq || return 2
|
|
fi
|
|
|
|
start-stop-daemon --start --quiet --pidfile /run/dnsmasq/$NAME.pid --exec $DAEMON --test > /dev/null || return 1
|
|
start-stop-daemon --start --quiet --pidfile /run/dnsmasq/$NAME.pid --exec $DAEMON -- \
|
|
-x /run/dnsmasq/$NAME.pid \
|
|
${MAILHOSTNAME:+ -m $MAILHOSTNAME} \
|
|
${MAILTARGET:+ -t $MAILTARGET} \
|
|
${DNSMASQ_USER:+ -u $DNSMASQ_USER} \
|
|
${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \
|
|
${DHCP_LEASE:+ -l $DHCP_LEASE} \
|
|
${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \
|
|
${RESOLV_CONF:+ -r $RESOLV_CONF} \
|
|
${CACHESIZE:+ -c $CACHESIZE} \
|
|
${CONFIG_DIR:+ -7 $CONFIG_DIR} \
|
|
${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} \
|
|
|| return 2
|
|
}
|
|
|
|
start_resolvconf()
|
|
{
|
|
# If interface "lo" is explicitly disabled in /etc/default/dnsmasq
|
|
# Then dnsmasq won't be providing local DNS, so don't add it to
|
|
# the resolvconf server set.
|
|
for interface in $DNSMASQ_EXCEPT
|
|
do
|
|
[ $interface = lo ] && return
|
|
done
|
|
|
|
# Also skip this if DNS functionality is disabled in /etc/dnsmasq.conf
|
|
if grep -qs '^port=0' /etc/dnsmasq.conf; then
|
|
return
|
|
fi
|
|
|
|
if [ -x /sbin/resolvconf ] ; then
|
|
echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.$NAME
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
stop()
|
|
{
|
|
# Return
|
|
# 0 if daemon has been stopped
|
|
# 1 if daemon was already stopped
|
|
# 2 if daemon could not be stopped
|
|
# other if a failure occurred
|
|
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile /run/dnsmasq/$NAME.pid --name $NAME
|
|
}
|
|
|
|
stop_resolvconf()
|
|
{
|
|
if [ -x /sbin/resolvconf ] ; then
|
|
/sbin/resolvconf -d lo.$NAME
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
status()
|
|
{
|
|
# Return
|
|
# 0 if daemon is running
|
|
# 1 if daemon is dead and pid file exists
|
|
# 3 if daemon is not running
|
|
# 4 if daemon status is unknown
|
|
start-stop-daemon --start --quiet --pidfile /run/dnsmasq/$NAME.pid --exec $DAEMON --test > /dev/null
|
|
case "$?" in
|
|
0) [ -e "/run/dnsmasq/$NAME.pid" ] && return 1 ; return 3 ;;
|
|
1) return 0 ;;
|
|
*) return 4 ;;
|
|
esac
|
|
}
|
|
|
|
case "$1" in
|
|
start)
|
|
test "$ENABLED" != "0" || exit 0
|
|
log_daemon_msg "Starting $DESC" "$NAME"
|
|
start
|
|
case "$?" in
|
|
0)
|
|
log_end_msg 0
|
|
start_resolvconf
|
|
exit 0
|
|
;;
|
|
1)
|
|
log_success_msg "(already running)"
|
|
exit 0
|
|
;;
|
|
*)
|
|
log_end_msg 1
|
|
exit 1
|
|
;;
|
|
esac
|
|
;;
|
|
stop)
|
|
stop_resolvconf
|
|
if [ "$ENABLED" != "0" ]; then
|
|
log_daemon_msg "Stopping $DESC" "$NAME"
|
|
fi
|
|
stop
|
|
RETVAL="$?"
|
|
if [ "$ENABLED" = "0" ]; then
|
|
case "$RETVAL" in
|
|
0) log_daemon_msg "Stopping $DESC" "$NAME"; log_end_msg 0 ;;
|
|
esac
|
|
exit 0
|
|
fi
|
|
case "$RETVAL" in
|
|
0) log_end_msg 0 ; exit 0 ;;
|
|
1) log_warning_msg "(not running)" ; exit 0 ;;
|
|
*) log_end_msg 1; exit 1 ;;
|
|
esac
|
|
;;
|
|
restart|force-reload)
|
|
test "$ENABLED" != "0" || exit 1
|
|
$DAEMON --test ${CONFIG_DIR:+ -7 $CONFIG_DIR} ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} >/dev/null 2>&1
|
|
if [ $? -ne 0 ]; then
|
|
NAME="configuration syntax check"
|
|
RETVAL="2"
|
|
else
|
|
stop_resolvconf
|
|
stop
|
|
RETVAL="$?"
|
|
fi
|
|
log_daemon_msg "Restarting $DESC" "$NAME"
|
|
case "$RETVAL" in
|
|
0|1)
|
|
sleep 2
|
|
start
|
|
case "$?" in
|
|
0)
|
|
log_end_msg 0
|
|
start_resolvconf
|
|
exit 0
|
|
;;
|
|
*)
|
|
log_end_msg 1
|
|
exit 1
|
|
;;
|
|
esac
|
|
;;
|
|
*)
|
|
log_end_msg 1
|
|
exit 1
|
|
;;
|
|
esac
|
|
;;
|
|
status)
|
|
log_daemon_msg "Checking $DESC" "$NAME"
|
|
status
|
|
case "$?" in
|
|
0) log_success_msg "(running)" ; exit 0 ;;
|
|
1) log_success_msg "(dead, pid file exists)" ; exit 1 ;;
|
|
3) log_success_msg "(not running)" ; exit 3 ;;
|
|
*) log_success_msg "(unknown)" ; exit 4 ;;
|
|
esac
|
|
;;
|
|
dump-stats)
|
|
kill -s USR1 `cat /run/dnsmasq/$NAME.pid`
|
|
;;
|
|
systemd-start-resolvconf)
|
|
start_resolvconf
|
|
;;
|
|
systemd-stop-resolvconf)
|
|
stop_resolvconf
|
|
;;
|
|
systemd-exec)
|
|
# /run may be volatile, so we need to ensure that
|
|
# /run/dnsmasq exists here as well as in postinst
|
|
if [ ! -d /run/dnsmasq ]; then
|
|
mkdir /run/dnsmasq || return 2
|
|
chown dnsmasq:nogroup /run/dnsmasq || return 2
|
|
fi
|
|
exec $DAEMON -x /run/dnsmasq/$NAME.pid \
|
|
${MAILHOSTNAME:+ -m $MAILHOSTNAME} \
|
|
${MAILTARGET:+ -t $MAILTARGET} \
|
|
${DNSMASQ_USER:+ -u $DNSMASQ_USER} \
|
|
${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \
|
|
${DHCP_LEASE:+ -l $DHCP_LEASE} \
|
|
${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \
|
|
${RESOLV_CONF:+ -r $RESOLV_CONF} \
|
|
${CACHESIZE:+ -c $CACHESIZE} \
|
|
${CONFIG_DIR:+ -7 $CONFIG_DIR} \
|
|
${DNSMASQ_OPTS:+ $DNSMASQ_OPTS}
|
|
;;
|
|
*)
|
|
echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|dump-stats|status}" >&2
|
|
exit 3
|
|
;;
|
|
esac
|
|
|
|
exit 0
|
|
|