Index: stable/12/contrib/openresolv/README =================================================================== --- stable/12/contrib/openresolv/README (revision 355744) +++ stable/12/contrib/openresolv/README (nonexistent) @@ -1,11 +0,0 @@ -openresolv is a resolvconf implementation which manages resolv.conf -You can find the latest version at http://roy.marples.name/projects/openresolv -It is written and maintained by Roy Marples - -This resolvconf implementation, along with its subscribers, work with a -POSIX compliant shell and userland utilities. It is designed to work without -tools such as sed as it *has* to work without /usr being available. - -On systems where resolvconf is expected to be used before /var/run is available -for writing, you can configure openresolv to write somewhere else, like say a -ramdisk. Index: stable/12/contrib/openresolv/LICENSE =================================================================== --- stable/12/contrib/openresolv/LICENSE (nonexistent) +++ stable/12/contrib/openresolv/LICENSE (revision 355745) @@ -0,0 +1,23 @@ +Copyright (c) 2007-2019 Roy Marples +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. Index: stable/12/contrib/openresolv/Makefile =================================================================== --- stable/12/contrib/openresolv/Makefile (revision 355744) +++ stable/12/contrib/openresolv/Makefile (revision 355745) @@ -1,98 +1,118 @@ PKG= openresolv # Nasty hack so that make clean works without configure being run _CONFIG_MK!= test -e config.mk && echo config.mk || echo config-null.mk CONFIG_MK?= ${_CONFIG_MK} include ${CONFIG_MK} SBINDIR?= /sbin SYSCONFDIR?= /etc LIBEXECDIR?= /libexec/resolvconf VARDIR?= /var/run/resolvconf +ECHO?= echo INSTALL?= install SED?= sed VERSION!= ${SED} -n 's/OPENRESOLV_VERSION="\(.*\)".*/\1/p' resolvconf.in BINMODE?= 0755 DOCMODE?= 0644 MANMODE?= 0444 RESOLVCONF= resolvconf resolvconf.8 resolvconf.conf.5 -SUBSCRIBERS= libc dnsmasq named pdnsd unbound +SUBSCRIBERS= libc dnsmasq named pdnsd pdns_recursor unbound TARGET= ${RESOLVCONF} ${SUBSCRIBERS} SRCS= ${TARGET:C,$,.in,} # pmake SRCS:= ${TARGET:=.in} # gmake SED_SBINDIR= -e 's:@SBINDIR@:${SBINDIR}:g' SED_SYSCONFDIR= -e 's:@SYSCONFDIR@:${SYSCONFDIR}:g' SED_LIBEXECDIR= -e 's:@LIBEXECDIR@:${LIBEXECDIR}:g' SED_VARDIR= -e 's:@VARDIR@:${VARDIR}:g' SED_RCDIR= -e 's:@RCDIR@:${RCDIR}:g' SED_RESTARTCMD= -e 's:@RESTARTCMD@:${RESTARTCMD}:g' SED_RCDIR= -e 's:@RCDIR@:${RCDIR}:g' SED_STATUSARG= -e 's:@STATUSARG@:${STATUSARG}:g' DISTPREFIX?= ${PKG}-${VERSION} DISTFILEGZ?= ${DISTPREFIX}.tar.gz DISTFILE?= ${DISTPREFIX}.tar.xz DISTINFO= ${DISTFILE}.distinfo DISTINFOSIGN= ${DISTINFO}.asc CKSUM?= cksum -a SHA256 PGP?= netpgp -FOSSILID?= current +GITREF?= HEAD .SUFFIXES: .in all: ${TARGET} .in: Makefile ${CONFIG_MK} ${SED} ${SED_SBINDIR} ${SED_SYSCONFDIR} ${SED_LIBEXECDIR} \ ${SED_VARDIR} \ ${SED_RCDIR} ${SED_RESTARTCMD} ${SED_RCDIR} ${SED_STATUSARG} \ $< > $@ clean: rm -f ${TARGET} distclean: clean rm -f config.mk ${DISTFILE} ${DISTINFO} ${DISTINFOSIGN} installdirs: proginstall: ${TARGET} ${INSTALL} -d ${DESTDIR}${SBINDIR} ${INSTALL} -m ${BINMODE} resolvconf ${DESTDIR}${SBINDIR} ${INSTALL} -d ${DESTDIR}${SYSCONFDIR} test -e ${DESTDIR}${SYSCONFDIR}/resolvconf.conf || \ ${INSTALL} -m ${DOCMODE} resolvconf.conf ${DESTDIR}${SYSCONFDIR} ${INSTALL} -d ${DESTDIR}${LIBEXECDIR} ${INSTALL} -m ${DOCMODE} ${SUBSCRIBERS} ${DESTDIR}${LIBEXECDIR} maninstall: ${INSTALL} -d ${DESTDIR}${MANDIR}/man8 ${INSTALL} -m ${MANMODE} resolvconf.8 ${DESTDIR}${MANDIR}/man8 ${INSTALL} -d ${DESTDIR}${MANDIR}/man5 ${INSTALL} -m ${MANMODE} resolvconf.conf.5 ${DESTDIR}${MANDIR}/man5 install: proginstall maninstall -import: +dist-git: + git archive --prefix=${DISTPREFIX}/ ${GITREF} | xz >${DISTFILE} + +dist-inst: + mkdir /tmp/${DISTPREFIX} + cp -RPp * /tmp/${DISTPREFIX} + (cd /tmp/${DISTPREFIX}; make clean) + tar -cvjpf ${DISTFILE} -C /tmp ${DISTPREFIX} rm -rf /tmp/${DISTPREFIX} - ${INSTALL} -d /tmp/${DISTPREFIX} - cp README ${SRCS} /tmp/${DISTPREFIX} -dist: - fossil tarball --name ${DISTPREFIX} ${FOSSILID} ${DISTFILEGZ} - gunzip -c ${DISTFILEGZ} | xz >${DISTFILE} - rm ${DISTFILEGZ} +dist: dist-git distinfo: dist rm -f ${DISTINFO} ${DISTINFOSIGN} ${CKSUM} ${DISTFILE} >${DISTINFO} #printf "SIZE (${DISTFILE}) = %s\n" $$(wc -c <${DISTFILE}) >>${DISTINFO} ${PGP} --clearsign --output=${DISTINFOSIGN} ${DISTINFO} chmod 644 ${DISTINFOSIGN} ls -l ${DISTFILE} ${DISTINFO} ${DISTINFOSIGN} + +import: dist + rm -rf /tmp/${DISTPREFIX} + ${INSTALL} -d /tmp/${DISTPREFIX} + tar xvJpf ${DISTFILE} -C /tmp + +_import-src: + rm -rf ${DESTDIR}/* + ${INSTALL} -d ${DESTDIR} + cp LICENSE README.md ${SRCS} resolvconf.conf ${DESTDIR}; + cp resolvconf.8.in resolvconf.conf.5.in ${DESTDIR}; + @${ECHO} + @${ECHO} "=============================================================" + @${ECHO} "openresolv-${VERSION} imported to ${DESTDIR}" + +import-src: + ${MAKE} _import-src DESTDIR=`if [ -n "${DESTDIR}" ]; then echo "${DESTDIR}"; else echo /tmp/${DISTPREFIX}; fi` Index: stable/12/contrib/openresolv/README.md =================================================================== --- stable/12/contrib/openresolv/README.md (nonexistent) +++ stable/12/contrib/openresolv/README.md (revision 355745) @@ -0,0 +1,64 @@ +# openresolv + +openresolv is a [resolvconf](https://en.wikipedia.org/wiki/Resolvconf) +implementation which manages `/etc/resolv.conf`. + +`/etc/resolv.conf` is a file that holds the configuration for the local +resolution of domain names. +Normally this file is either static or maintained by a local daemon, +normally a DHCP daemon. But what happens if more than one thing wants to +control the file? +Say you have wired and wireless interfaces to different subnets and run a VPN +or two on top of that, how do you say which one controls the file? +It's also not as easy as just adding and removing the nameservers each client +knows about as different clients could add the same nameservers. + +Enter resolvconf, the middleman between the network configuration services and +`/etc/resolv.conf`. +resolvconf itself is just a script that stores, removes and lists a full +`resolv.conf` generated for the interface. It then calls all the helper scripts +it knows about so it can configure the real `/etc/resolv.conf` and optionally +any local nameservers other than libc. + +## Reasons for using openresolv + +Why openresolv over the +[Debian implementation](http://qref.sourceforge.net/Debian/reference/ch-gateway.en.html#s-dns-resolvconf)? +Here's some reasons: + * Works with + [POSIX shell and userland](http://www.opengroup.org/onlinepubs/009695399) + * Does not need awk, grep or sed which means we can work without `/usr` + mounted + * Works with other init systems than Debians' out of the box + * Available as a 2 clause + [BSD license](http://www.freebsd.org/copyright/freebsd-license.html) + * Prefer configs via IF_METRIC for dynamic ordering + * Configures zones for local resolvers other than libc + +The last point is quite important, especially when running VPN systems. +Take the following resolv.conf files which have been generated by a +[DHCP client](../dhcpcd) and sent to resolvconf: + +``` +# resolv.conf from bge0 +search foo.com +nameserver 1.2.3.4 + +# resolv.conf from tap0 +domain bar.org +nameserver 5.6.7.8 +``` + +In this instance, queries for foo.com will go to 1.2.3.4 and queries for +bar.org will go to 5.6.7.8. +This does require the resolvers to be configured to pickup the resolvconf +generated configuration for them though. +openresolv ships with helpers for: + * [unbound](http://www.unbound.net/) + * [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html) + * [ISC BIND](http://www.isc.org/software/bind) + * [PowerDNS Recursor](http://wiki.powerdns.com/trac) + +See the +[configuration section](https://roy.marples.name/projects/openresolv/config) +for more details. Index: stable/12/contrib/openresolv/configure =================================================================== --- stable/12/contrib/openresolv/configure (revision 355744) +++ stable/12/contrib/openresolv/configure (revision 355745) @@ -1,159 +1,167 @@ #!/bin/sh # Try and be like autotools configure, but without autotools # Ensure that we do not inherit these from env OS= BUILD= HOST= TARGET= RESTARTCMD= RCDIR= STATUSARG= for x do opt=${x%%=*} var=${x#*=} case "$opt" in --os|OS) OS=$var;; --with-cc|CC) CC=$var;; --debug) DEBUG=$var;; --disable-debug) DEBUG=no;; --enable-debug) DEBUG=yes;; --prefix) PREFIX=$var;; --sysconfdir) SYSCONFDIR=$var;; --bindir|--sbindir) SBINDIR=$var;; --libexecdir) LIBEXECDIR=$var;; --statedir|--localstatedir) STATEDIR=$var;; --dbdir) DBDIR=$var;; --rundir) RUNDIR=$var;; --mandir) MANDIR=$var;; --with-ccopts|CFLAGS) CFLAGS=$var;; CPPFLAGS) CPPFLAGS=$var;; --build) BUILD=$var;; --host) HOST=$var;; --target) TARGET=$var;; --libdir) LIBDIR=$var;; --restartcmd) RESTARTCMD=$var;; --rcdir) RCDIR=$var;; --statusarg) STATUSARG=$var;; --includedir) eval INCLUDEDIR="$INCLUDEDIR${INCLUDEDIR:+ }$var";; --datadir|--infodir) ;; # ignore autotools --disable-maintainer-mode|--disable-dependency-tracking) ;; --help) echo "See the README file for available options"; exit 0;; *) echo "$0: WARNING: unknown option $opt" >&2;; esac done -if [ -z "$LIBEXECDIR" ]; then - printf "Checking for directory /libexec ... " - if [ -d /libexec ]; then - echo "yes" - LIBEXECDIR=$PREFIX/libexec/resolvconf - else - echo "no" - LIBEXECDIR=$PREFIX/lib/resolvconf - fi -fi -if [ -z "$RUNDIR" ]; then - printf "Checking for directory /run ... " - if [ -d /run ]; then - echo "yes" - RUNDIR=/run - else - echo "no" - RUNDIR=/var/run - fi -fi - : ${SED:=sed} -: ${SYSCONFDIR:=$PREFIX/etc} -: ${SBINDIR:=$PREFIX/sbin} -: ${LIBEXECDIR:=$PREFIX/libexec/resolvconf} -: ${STATEDIR:=/var} -: ${RUNDIR:=$STATEDIR/run} -: ${MANDIR:=${PREFIX:-/usr}/share/man} - -eval SYSCONFDIR="$SYSCONFDIR" -eval SBINDIR="$SBINDIR" -eval LIBEXECDIR="$LIBEXECDIR" -eval VARDIR="$RUNDIR/resolvconf" -eval MANDIR="$MANDIR" - CONFIG_MK=config.mk if [ -z "$BUILD" ]; then # autoconf target triplet: cpu-vendor-os BUILD=$(uname -m)-unknown-$(uname -s | tr '[:upper:]' '[:lower:]') fi : ${HOST:=$BUILD} if [ -z "$OS" ]; then echo "Deriving operating system from ... $HOST" # Derive OS from cpu-vendor-[kernel-]os CPU=${HOST%%-*} REST=${HOST#*-} if [ "$CPU" != "$REST" ]; then VENDOR=${REST%%-*} REST=${REST#*-} if [ "$VENDOR" != "$REST" ]; then # Use kernel if given, otherwise os OS=${REST%%-*} else # 2 tupple OS=$VENDOR VENDOR= fi fi # Work with cpu-kernel-os, ie Debian case "$VENDOR" in linux*|kfreebsd*) OS=$VENDOR; VENDOR= ;; esac # Special case case "$OS" in gnu*) OS=hurd;; # No HURD support as yet esac fi echo "Configuring openresolv for ... $OS" rm -rf $CONFIG_MK echo "# $OS" >$CONFIG_MK case "$OS" in -freebsd*) +dragonfly*) + # This means /usr HAS to be mounted not via dhcpcd + : ${LIBEXECDIR:=${PREFIX:-/usr}/libexec/resolvconf} + ;; +linux*) + # cksum does't support -a and netpgp is rare + echo "CKSUM= sha256sum --tag" >>$CONFIG_MK + echo "PGP= gpg2" >>$CONFIG_MK + ;; +esac + +case "$OS" in +dragonfly*|freebsd*) # On FreeBSD, /etc/init.d/foo status returns 0 if foo is not enabled # regardless of if it's not running. # So we force onestatus to work around this silly bug. if [ -z "$STATUSARG" ]; then STATUSARG="onestatus" fi ;; -linux*) - # cksum does't support -a and netpgp is rare - echo "CKSUM= sha256sum --tag" >>$CONFIG_MK - echo "PGP= gpg2" >>$CONFIG_MK - ;; esac + + +if [ -z "$LIBEXECDIR" ]; then + printf "Checking for directory /libexec ... " + if [ -d /libexec ]; then + echo "yes" + LIBEXECDIR=$PREFIX/libexec/resolvconf + else + echo "no" + LIBEXECDIR=$PREFIX/lib/resolvconf + fi +fi +if [ -z "$RUNDIR" ]; then + printf "Checking for directory /run ... " + if [ -d /run ]; then + echo "yes" + RUNDIR=/run + else + echo "no" + RUNDIR=/var/run + fi +fi + +: ${SYSCONFDIR:=$PREFIX/etc} +: ${SBINDIR:=$PREFIX/sbin} +: ${LIBEXECDIR:=$PREFIX/libexec/resolvconf} +: ${STATEDIR:=/var} +: ${RUNDIR:=$STATEDIR/run} +: ${MANDIR:=${PREFIX:-/usr}/share/man} + +eval SYSCONFDIR="$SYSCONFDIR" +eval SBINDIR="$SBINDIR" +eval LIBEXECDIR="$LIBEXECDIR" +eval VARDIR="$RUNDIR/resolvconf" +eval MANDIR="$MANDIR" for x in SYSCONFDIR SBINDIR LIBEXECDIR VARDIR MANDIR RESTARTCMD RCDIR STATUSARG do eval v=\$$x # Make files look nice for import l=$((10 - ${#x})) unset t [ $l -gt 3 ] && t=" " echo "$x=$t $v" >>$CONFIG_MK done echo echo " SYSCONFDIR = $SYSCONFDIR" echo " SBINDIR = $SBINDIR" echo " LIBEXECDIR = $LIBEXECDIR" echo " VARDIR = $RUNDIR" echo " MANDIR = $MANDIR" echo echo " RESTARTCMD = $RESTARTCMD" echo " RCDIR = $RCDIR" echo " STATUSARG = $STATUSARG" echo Index: stable/12/contrib/openresolv/dnsmasq.in =================================================================== --- stable/12/contrib/openresolv/dnsmasq.in (revision 355744) +++ stable/12/contrib/openresolv/dnsmasq.in (revision 355745) @@ -1,209 +1,211 @@ #!/bin/sh -# Copyright (c) 2007-2016 Roy Marples +# Copyright (c) 2007-2019 Roy Marples # All rights reserved # dnsmasq subscriber for resolvconf # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 . "@SYSCONFDIR@/resolvconf.conf" || exit 1 -[ -z "$dnsmasq_conf" -a -z "$dnsmasq_resolv" ] && exit 0 +[ -z "${dnsmasq_conf}${dnsmasq_resolv}" ] && exit 0 [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" NL=" " : ${dnsmasq_pid:=/var/run/dnsmasq.pid} [ -s "$dnsmasq_pid" ] || dnsmasq_pid=/var/run/dnsmasq/dnsmasq.pid [ -s "$dnsmasq_pid" ] || unset dnsmasq_pid : ${dnsmasq_service:=dnsmasq} newconf="# Generated by resolvconf$NL" newresolv="$newconf" # Using dbus means that we never have to restart the daemon # This is important as it means we should not drop DNS queries # whilst changing DNS options around. However, dbus support is optional # so we need to validate a few things first. # Check for DBus support in the binary dbus=false dbus_ex=false dbus_introspect=$(dbus-send --print-reply --system \ --dest=uk.org.thekelleys.dnsmasq \ /uk/org/thekelleys/dnsmasq \ org.freedesktop.DBus.Introspectable.Introspect \ 2>/dev/null) if [ $? = 0 ]; then dbus=true if printf %s "$dbus_introspect" | \ grep -q '' then dbus_ex=true fi fi for n in $NAMESERVERS; do newresolv="${newresolv}nameserver $n$NL" done dbusdest= dbusdest_ex= conf= for d in $DOMAINS; do dn="${d%%:*}" ns="${d#*:}" while [ -n "$ns" ]; do n="${ns%%,*}" if $dbus && ! $dbus_ex; then case "$n" in *.*.*.*) SIFS=${IFS-y} OIFS=$IFS IFS=. set -- $n num="0x$(printf %02x $1 $2 $3 $4)" if [ "$SIFS" = y ]; then unset IFS else IFS=$OIFS fi dbusdest="$dbusdest uint32:$(printf %u $num)" dbusdest="$dbusdest string:$dn" ;; *:*%*) # This version of dnsmasq won't accept # scoped IPv6 addresses dbus=false ;; *:*) SIFS=${IFS-y} OIFS=$IFS bytes= front= back= empty=false i=0 IFS=: set -- $n - while [ -n "$1" -o -n "$2" ]; do + while [ -n "$1" ] || [ -n "$2" ]; do addr="$1" shift if [ -z "$addr" ]; then empty=true continue fi i=$(($i + 1)) while [ ${#addr} -lt 4 ]; do addr="0${addr}" done byte1="$(printf %d 0x${addr%??})" byte2="$(printf %d 0x${addr#??})" if $empty; then back="$back byte:$byte1 byte:$byte2" else front="$front byte:$byte1 byte:$byte2" fi done while [ $i != 8 ]; do i=$(($i + 1)) front="$front byte:0 byte:0" done front="${front}$back" if [ "$SIFS" = y ]; then unset IFS else IFS=$OIFS fi dbusdest="${dbusdest}$front string:$dn" ;; *) if ! $dbus_ex; then dbus=false fi ;; esac fi dbusdest_ex="$dbusdest_ex${dbusdest_ex:+,}/$dn/$n" conf="${conf}server=/$dn/$n$NL" [ "$ns" = "${ns#*,}" ] && break ns="${ns#*,}" done done if $dbus; then newconf="$newconf$NL# Domain specific servers will" newconf="$newconf be sent over dbus${NL}" else newconf="$newconf$conf" fi # Try to ensure that config dirs exist if type config_mkdirs >/dev/null 2>&1; then config_mkdirs "$dnsmasq_conf" "$dnsmasq_resolv" else @SBINDIR@/resolvconf -D "$dnsmasq_conf" "$dnsmasq_resolv" fi changed=false if [ -n "$dnsmasq_conf" ]; then if [ ! -f "$dnsmasq_conf" ] || \ [ "$(cat "$dnsmasq_conf")" != "$(printf %s "$newconf")" ] then changed=true printf %s "$newconf" >"$dnsmasq_conf" fi fi if [ -n "$dnsmasq_resolv" ]; then # dnsmasq polls this file so no need to set changed=true if [ -f "$dnsmasq_resolv" ]; then if [ "$(cat "$dnsmasq_resolv")" != "$(printf %s "$newresolv")" ] then printf %s "$newresolv" >"$dnsmasq_resolv" fi else printf %s "$newresolv" >"$dnsmasq_resolv" fi fi if $changed; then # dnsmasq does not re-read the configuration file on SIGHUP if [ -n "$dnsmasq_restart" ]; then eval $dnsmasq_restart elif [ -n "$RESTARTCMD" ]; then set -- ${dnsmasq_service} - eval $RESTARTCMD + eval "$RESTARTCMD" else @SBINDIR@/resolvconf -r ${dnsmasq_service} fi fi if $dbus; then if [ -s "$dnsmasq_pid" ]; then $changed || kill -HUP $(cat "$dnsmasq_pid") fi # Send even if empty so old servers are cleared if $dbus_ex; then method=SetDomainServers if [ -n "$dbusdest_ex" ]; then dbusdest_ex="array:string:$dbusdest_ex" fi dbusdest="$dbusdest_ex" else method=SetServers fi dbus-send --system --dest=uk.org.thekelleys.dnsmasq \ /uk/org/thekelleys/dnsmasq uk.org.thekelleys.$method \ $dbusdest + dbus-send --system --dest=uk.org.thekelleys.dnsmasq \ + /uk/org/thekelleys/dnsmasq uk.org.thekelleys.ClearCache fi Index: stable/12/contrib/openresolv/libc.in =================================================================== --- stable/12/contrib/openresolv/libc.in (revision 355744) +++ stable/12/contrib/openresolv/libc.in (revision 355745) @@ -1,252 +1,252 @@ #!/bin/sh -# Copyright (c) 2007-2016 Roy Marples +# Copyright (c) 2007-2019 Roy Marples # All rights reserved # libc subscriber for resolvconf # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. SYSCONFDIR=@SYSCONFDIR@ LIBEXECDIR=@LIBEXECDIR@ VARDIR=@VARDIR@ IFACEDIR="$VARDIR/interfaces" NL=" " # sed may not be available, and this is faster on small files key_get_value() { - local key="$1" x= line= - + key="$1" shift + if [ $# -eq 0 ]; then while read -r line; do case "$line" in "$key"*) echo "${line##$key}";; esac done else for x do while read -r line; do case "$line" in "$key"*) echo "${line##$key}";; esac done < "$x" done fi } keys_remove() { - local key x line found - while read -r line; do found=false for key do case "$line" in "$key"*|"#"*|" "*|" "*|"") found=true;; esac $found && break done $found || echo "$line" done } local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1" # Support original resolvconf configuration layout # as well as the openresolv config file if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then . "$SYSCONFDIR"/resolvconf.conf elif [ -d "$SYSCONFDIR"/resolvconf ]; then - SYSCONFDIR="$SYSCONFDIR/resolvconf/resolv.conf.d" + SYSCONFDIR="$SYSCONFDIR/resolvconf" base="$SYSCONFDIR/resolv.conf.d/base" if [ -f "$base" ]; then prepend_nameservers="$(key_get_value "nameserver " "$base")" domain="$(key_get_value "domain " "$base")" prepend_search="$(key_get_value "search " "$base")" resolv_conf_options="$(key_get_value "options " "$base")" resolv_conf_sortlist="$(key_get_value "sortlist " "$base")" fi if [ -f "$SYSCONFDIR"/resolv.conf.d/head ]; then resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.d/head)" fi if [ -f "$SYSCONFDIR"/resolv.conf.d/tail ]; then resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.d/tail)" fi fi : ${resolv_conf:=/etc/resolv.conf} : ${libc_service:=nscd} : ${list_resolv:=@SBINDIR@/resolvconf -l} -if [ "${resolv_conf_head-x}" = x -a -f "$SYSCONFDIR"/resolv.conf.head ]; then +if [ "${resolv_conf_head-x}" = x ] && [ -f "$SYSCONFDIR"/resolv.conf.head ] +then resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.head)" fi -if [ "${resolv_conf_tail-x}" = x -a -f "$SYSCONFDIR"/resolv.conf.tail ]; then +if [ "${resolv_conf_tail-x}" = x ] && [ -f "$SYSCONFDIR"/resolv.conf.tail ] +then resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.tail)" fi backup=true signature="# Generated by resolvconf" uniqify() { - local result= + result= while [ -n "$1" ]; do case " $result " in *" $1 "*);; *) result="$result $1";; esac shift done echo "${result# *}" } case "${resolv_conf_passthrough:-NO}" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) backup=false newest= for conf in "$IFACEDIR"/*; do - if [ -z "$newest" -o "$conf" -nt "$newest" ]; then + if [ -z "$newest" ] || [ "$conf" -nt "$newest" ]; then newest="$conf" fi done [ -z "$newest" ] && exit 0 newconf="$(cat "$newest")$NL" ;; /dev/null|[Nn][Uu][Ll][Ll]) : ${resolv_conf_local_only:=NO} if [ "$local_nameservers" = "127.* 0.0.0.0 255.255.255.255 ::1" ]; then local_nameservers= fi # Need to overwrite our variables. eval "$(@SBINDIR@/resolvconf -V)" ;; *) [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" ;; esac case "${resolv_conf_passthrough:-NO}" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;; *) : ${domain:=$DOMAIN} newsearch="$(uniqify $prepend_search $SEARCH $append_search)" NS="$LOCALNAMESERVERS $NAMESERVERS" newns= gotlocal=false for n in $(uniqify $prepend_nameservers $NS $append_nameservers); do add=true islocal=false for l in $local_nameservers; do case "$n" in $l) islocal=true; gotlocal=true; break;; esac done if ! $islocal; then case "${resolv_conf_local_only:-YES}" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) $gotlocal && add=false;; esac fi $add && newns="$newns $n" done # Hold our new resolv.conf in a variable to save on temporary files newconf="$signature$NL" if [ -n "$resolv_conf_head" ]; then newconf="$newconf$resolv_conf_head$NL" fi [ -n "$domain" ] && newconf="${newconf}domain $domain$NL" - if [ -n "$newsearch" -a "$newsearch" != "$domain" ]; then + if [ -n "$newsearch" ] && [ "$newsearch" != "$domain" ]; then newconf="${newconf}search $newsearch$NL" fi for n in $newns; do newconf="${newconf}nameserver $n$NL" done # Now add anything we don't care about such as sortlist and options stuff="$($list_resolv | keys_remove nameserver domain search)" if [ -n "$stuff" ]; then newconf="$newconf$stuff$NL" fi # Append any user defined ones if [ -n "$resolv_conf_options" ]; then newconf="${newconf}options $resolv_conf_options$NL" fi if [ -n "$resolv_conf_sortlist" ]; then newconf="${newconf}sortlist $resolv_conf_sortlist$NL" fi if [ -n "$resolv_conf_tail" ]; then newconf="$newconf$resolv_conf_tail$NL" fi ;; esac # Check if the file has actually changed or not if [ -e "$resolv_conf" ]; then [ "$(cat "$resolv_conf")" = "$(printf %s "$newconf")" ] && exit 0 fi # Change is good. # If the old file does not have our signature, back it up. # If the new file just has our signature, restore the backup. if $backup; then if [ "$newconf" = "$signature$NL" ]; then if [ -e "$resolv_conf.bak" ]; then newconf="$(cat "$resolv_conf.bak")$NL" fi elif [ -e "$resolv_conf" ]; then read line <"$resolv_conf" if [ "$line" != "$signature" ]; then cp "$resolv_conf" "$resolv_conf.bak" fi fi fi # Create our resolv.conf now (umask 022; echo "$newconf" >"$resolv_conf") if [ -n "$libc_restart" ]; then eval $libc_restart elif [ -n "$RESTARTCMD" ]; then set -- ${libc_service} - eval $RESTARTCMD + eval "$RESTARTCMD" else @SBINDIR@/resolvconf -r ${libc_service} fi retval=0 # Notify users of the resolver for script in "$LIBEXECDIR"/libc.d/*; do if [ -f "$script" ]; then if [ -x "$script" ]; then "$script" "$@" else (. "$script") fi retval=$(($retval + $?)) fi done exit $retval Index: stable/12/contrib/openresolv/named.in =================================================================== --- stable/12/contrib/openresolv/named.in (revision 355744) +++ stable/12/contrib/openresolv/named.in (revision 355745) @@ -1,118 +1,118 @@ #!/bin/sh # Copyright (c) 2007-2016 Roy Marples # All rights reserved # named subscriber for resolvconf # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 . "@SYSCONFDIR@/resolvconf.conf" || exit 1 -[ -z "$named_zones" -a -z "$named_options" ] && exit 0 +[ -z "${named_zones}${named_options}" ] && exit 0 [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" NL=" " # Platform specific kludges -if [ -z "$named_service" -a -z "$named_restart" -a \ - -d "$RCDIR" -a ! -x "$RCDIR"/named ] +if [ -z "${named_service}${named_restart}" ] && + [ -d "$RCDIR" ] && ! [ -x "$RCDIR"/named ] then if [ -x "$RCDIR"/bind9 ]; then # Debian and derivatives named_service=bind9 elif [ -x "$RCDIR"/rc.bind ]; then # Slackware named_service=rc.bind fi fi : ${named_service:=named} : ${named_pid:=/var/run/$named_service.pid} [ -s "$named_pid" ] || named_pid=/var/run/$named_service/$named_service.pid [ -s "$named_pid" ] || unset named_pid newoptions="# Generated by resolvconf$NL" newzones="$newoptions" forward= for n in $NAMESERVERS; do case "$forward" in *"$NL $n;"*);; *) forward="$forward$NL $n;";; esac done if [ -n "$forward" ]; then newoptions="${newoptions}forward first;${NL}forwarders {$forward${NL}};$NL" fi for d in $DOMAINS; do newzones="${newzones}zone \"${d%%:*}\" {$NL" newzones="$newzones type forward;$NL" newzones="$newzones forward first;$NL forwarders {$NL" ns="${d#*:}" while [ -n "$ns" ]; do newzones="$newzones ${ns%%,*};$NL" [ "$ns" = "${ns#*,}" ] && break ns="${ns#*,}" done newzones="$newzones };$NL};$NL" done # Try to ensure that config dirs exist if type config_mkdirs >/dev/null 2>&1; then config_mkdirs "$named_options" "$named_zones" else @SBINDIR@/resolvconf -D "$named_options" "$named_zones" fi # No point in changing files or reloading bind if the end result has not # changed changed=false if [ -n "$named_options" ]; then if [ ! -f "$named_options" ] || \ [ "$(cat "$named_options")" != "$(printf %s "$newoptions")" ] then printf %s "$newoptions" >"$named_options" changed=true fi fi if [ -n "$named_zones" ]; then if [ ! -f "$named_zones" ] || \ [ "$(cat "$named_zones")" != "$(printf %s "$newzones")" ] then printf %s "$newzones" >"$named_zones" changed=true fi fi # named does not seem to work with SIGHUP which is a same if $changed; then if [ -n "$named_restart" ]; then eval $named_restart elif [ -n "$RESTARTCMD" ]; then set -- ${named_service} - eval $RESTARTCMD + eval "$RESTARTCMD" else @SBINDIR@/resolvconf -r ${named_service} fi fi Index: stable/12/contrib/openresolv/pdns_recursor.in =================================================================== --- stable/12/contrib/openresolv/pdns_recursor.in (revision 355744) +++ stable/12/contrib/openresolv/pdns_recursor.in (revision 355745) @@ -1,78 +1,75 @@ #!/bin/sh -# Copyright (c) 2009-2011 Roy Marples +# Copyright (c) 2009-2019 Roy Marples # All rights reserved # PowerDNS Recursor subscriber for resolvconf # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 . "@SYSCONFDIR@/resolvconf.conf" || exit 1 [ -z "$pdns_zones" ] && exit 0 [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" NL=" " -: ${pdns_service:=pdns_recursor} +: ${pdns_service:=pdns-recursor} newzones= -# pds_recursor does not present support global forward servers, which -# does limit it's usefulness somewhat. -# If it did, the below code can be enabled, or something like it. -#for n in $NAMESERVERS; do -# newzones="$newzones${newzones:+,}$n" -#done -#[ -n "$newzones" ] && newzones=".=$newzones$NL" +for n in $NAMESERVERS; do + newzones="$newzones${newzones:+,}$n" +done +[ -n "$newzones" ] && newzones="+.=$newzones$NL" for d in $DOMAINS; do newns= ns="${d#*:}" while [ -n "$ns" ]; do newns="$newns${newns:+,}${ns%%,*}" [ "$ns" = "${ns#*,}" ] && break ns="${ns#*,}" done [ -n "$newns" ] && newzones="$newzones${d%%:*}=$newns$NL" done # Try to ensure that config dirs exist if type config_mkdirs >/dev/null 2>&1; then config_mkdirs "$pdnsd_zones" else @SBINDIR@/resolvconf -D "$pdnsd_zones" fi if [ ! -f "$pdns_zones" ] || \ [ "$(cat "$pdns_zones")" != "$(printf %s "$newzones")" ] then printf %s "$newzones" >"$pdns_zones" if [ -n "$pdns_restart" ]; then eval $pdns_restart elif [ -n "$RESTARTCMD" ]; then set -- ${pdns_service} - eval $RESTARTCMD + eval "$RESTARTCMD" else @SBINDIR@/resolvconf -r ${pdns_service} fi fi Index: stable/12/contrib/openresolv/pdnsd.in =================================================================== --- stable/12/contrib/openresolv/pdnsd.in (revision 355744) +++ stable/12/contrib/openresolv/pdnsd.in (revision 355745) @@ -1,163 +1,165 @@ #!/bin/sh -# Copyright (c) 2010-2013 Roy Marples +# Copyright (c) 2010-2018 Roy Marples # All rights reserved # pdnsd subscriber for resolvconf # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 . "@SYSCONFDIR@/resolvconf.conf" || exit 1 -[ -z "$pdnsd_conf" -a -z "$pdnsd_resolv" ] && exit 0 +[ -z "${pdnsd_conf}${pdnsd_resolv}" ] && exit 0 [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" NL=" " : ${pdnsd_restart:=pdnsd-ctl config $pdnsd_conf} signature="# Generated by resolvconf" signature_end="# End of resolvconf" # We normally use sed to remove markers from a configuration file # but sed may not always be available at the time. remove_markers() { - local m1="$1" m2="$2" x= line= in_marker=0 + m1="$1" + m2="$2" + in_marker=0 shift; shift if type sed >/dev/null 2>&1; then sed "/^$m1/,/^$m2/d" $@ else - for x; do - while read -r line; do + for x do + while read line; do case "$line" in "$m1"*) in_marker=1;; "$m2"*) in_marker=0;; *) [ $in_marker = 0 ] && echo "$line";; esac done < "$x" done fi } # Compare two files # If different, replace first with second otherwise remove second change_file() { if [ -e "$1" ]; then if type cmp >/dev/null 2>&1; then cmp -s "$1" "$2" elif type diff >/dev/null 2>&1; then diff -q "$1" "$2" >/dev/null else # Hopefully we're only working on small text files ... [ "$(cat "$1")" = "$(cat "$2")" ] fi if [ $? -eq 0 ]; then rm -f "$2" return 1 fi fi cat "$2" > "$1" rm -f "$2" return 0 } newresolv="# Generated by resolvconf$NL" changed=false # Try to ensure that config dirs exist if type config_mkdirs >/dev/null 2>&1; then config_mkdirs "$pdnsd_resolv" "$pdnsd_conf" else @SBINDIR@/resolvconf -D "$pdnsd_resolv" "$pdnsd_conf" fi if [ -n "$pdnsd_resolv" ]; then for n in $NAMESERVERS; do newresolv="${newresolv}nameserver $n$NL" done fi # Only modify the configuration if it exists and we can write to it if [ -w "$pdnsd_conf" ]; then cf="$pdnsd_conf.new" newconf= if [ -z "$pdnsd_resolv" ]; then newconf="${newconf}server {$NL" newconf="${newconf} label=resolvconf;$NL" if [ -n "$NAMESERVERS" ]; then newconf="${newconf} ip=" first=true for n in $NAMESERVERS; do if $first; then first=false else newconf="${newconf}," fi newconf="$newconf$n" done newconf="${newconf};$NL" fi newconf="${newconf}}$NL" fi for d in $DOMAINS; do newconf="${newconf}server {$NL" newconf="${newconf} include=.${d%%:*}.;$NL" newconf="${newconf} policy=excluded;$NL" newconf="${newconf} ip=" ns="${d#*:}" while [ -n "$ns" ]; do newconf="${newconf}${ns%%,*}" [ "$ns" = "${ns#*,}" ] && break ns="${ns#*,}" newconf="${newconf}," done newconf="${newconf};$NL}$NL" done rm -f "$cf" remove_markers "$signature" "$signature_end" "$pdnsd_conf" > "$cf" if [ -n "$newconf" ]; then echo "$signature" >> "$cf" printf %s "$newconf" >> "$cf" echo "$signature_end" >> "$cf" fi if change_file "$pdnsd_conf" "$cf"; then changed=true fi fi if [ -n "$pdnsd_resolv" ]; then if [ ! -f "$pdnsd_resolv" ] || \ [ "$(cat "$pdnsd_resolv")" != "$(printf %s "$newresolv")" ] then changed=true printf %s "$newresolv" >"$pdnsd_resolv" fi fi if $changed; then eval $pdnsd_restart fi Index: stable/12/contrib/openresolv/resolvconf.conf =================================================================== --- stable/12/contrib/openresolv/resolvconf.conf (revision 355744) +++ stable/12/contrib/openresolv/resolvconf.conf (revision 355745) @@ -1,7 +1,7 @@ # Configuration for resolvconf(8) # See resolvconf.conf(5) for details resolv_conf=/etc/resolv.conf # If you run a local name server, you should uncomment the below line and # configure your subscribers configuration files below. -#name_servers=127.0.0.1 \ No newline at end of file +#name_servers=127.0.0.1 Index: stable/12/contrib/openresolv/resolvconf.conf.5.in =================================================================== --- stable/12/contrib/openresolv/resolvconf.conf.5.in (revision 355744) +++ stable/12/contrib/openresolv/resolvconf.conf.5.in (revision 355745) @@ -1,331 +1,384 @@ .\" Copyright (c) 2009-2016 Roy Marples .\" All rights reserved .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd December 29, 2016 +.Dd September 8, 2019 .Dt RESOLVCONF.CONF 5 .Os .Sh NAME .Nm resolvconf.conf .Nd resolvconf configuration file .Sh DESCRIPTION .Nm is the configuration file for .Xr resolvconf 8 . The .Nm file is a shell script that is sourced by .Xr resolvconf 8 , meaning that .Nm must contain valid shell commands. Listed below are the standard .Nm variables that may be set. If the values contain whitespace, wildcards or other special shell characters, ensure they are quoted and escaped correctly. See the .Sy replace variable for an example on quoting. .Pp After updating this file, you may wish to run .Nm resolvconf -u to apply the new configuration. .Pp When a dynamically generated list is appended or prepended to, the whole is made unique where left-most wins. .Sh RESOLVCONF OPTIONS .Bl -tag -width indent .It Sy resolvconf Set to NO to disable .Nm resolvconf from running any subscribers. Defaults to YES. .It Sy interface_order These interfaces will always be processed first. If unset, defaults to the following:- -.D1 lo lo[0-9]* +.Bd -compact -literal -offset indent +lo lo[0-9]* +.Ed .It Sy dynamic_order These interfaces will be processed next, unless they have a metric. If unset, defaults to the following:- -.D1 tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]* +.Bd -compact -literal -offset indent +tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]* +.Ed .It Sy inclusive_interfaces -Ignore any exlcusive marking for these interfaces. +Ignore any exclusive marking for these interfaces. This is handy when 3rd party integrations force the .Nm resolvconf -x option and you want to disable it easily. .It Sy local_nameservers If unset, defaults to the following:- -.D1 127.* 0.0.0.0 255.255.255.255 ::1 +.Bd -compact -literal -offset indent +127.* 0.0.0.0 255.255.255.255 ::1 +.Ed .It Sy search_domains Prepend search domains to the dynamically generated list. .It Sy search_domains_append Append search domains to the dynamically generated list. .It Sy domain_blacklist A list of domains to be removed from consideration. To remove a domain, you can use foo.* To remove a sub domain, you can use *.bar .It Sy name_servers Prepend name servers to the dynamically generated list. You should set this to 127.0.0.1 if you use a local name server other than libc. .It Sy name_servers_append Append name servers to the dynamically generated list. .It Sy name_server_blacklist A list of name servers to be removed from consideration. The default is 0.0.0.0 as some faulty routers send it via DHCP. To remove a block, you can use 192.168.* .It Sy private_interfaces These interfaces name servers will only be queried for the domains listed in their resolv.conf. Useful for VPN domains. Setting .Sy private_interfaces Ns ="*" will stop the forwarding of the root zone and allows the local resolver to recursively query the root servers directly. Requires a local nameserver other than libc. This is equivalent to the .Nm resolvconf -p option. .It Sy public_interfaces Force these interface to be public, overriding the private marking. This is handy when 3rd party integrations force the .Nm resolvconf -p option and you want to disable it easily. .It Sy replace Is a space separated list of replacement keywords. The syntax is this: .Va $keyword Ns / Ns Va $match Ns / Ns Va $replacement .Pp Example, given this resolv.conf: -.D1 domain foo.org -.D1 search foo.org dead.beef -.D1 nameserver 1.2.3.4 -.D1 nameserver 2.3.4.5 +.Bd -compact -literal -offset indent +domain foo.org +search foo.org dead.beef +nameserver 1.2.3.4 +nameserver 2.3.4.5 +.Ed and this configuaration: -.D1 replace="search/foo*/bar.com nameserver/1.2.3.4/5.6.7.8 nameserver/2.3.4.5/" +.Bd -compact -literal -offset indent +replace="search/foo*/bar.com" +replace="$replace nameserver/1.2.3.4/5.6.7.8" +replace="$replace nameserver/2.3.4.5/" +.Ed you would get this resolv.conf instead: -.D1 domain foo.org -.D1 search bar.com -.D1 nameserver 5.6.7.8 +.Bd -compact -literal -offset indent +domain foo.org +search bar.com +nameserver 5.6.7.8 +.Ed .It Sy replace_sub Works the same way as .Sy replace except it works on each space separated value rather than the whole line, so it's useful for the replacing a single domain within the search directive. Using the same example resolv.conf and changing .Sy replace to .Sy replace_sub , you would get this resolv.conf instead: -.D1 domain foo.org -.D1 search bar.com dead.beef -.D1 nameserver 5.6.7.8 +.Bd -compact -literal -offset indent +domain foo.org +search bar.com dead.beef +nameserver 5.6.7.8 +.Ed .It Sy state_dir Override the default state directory of .Pa @VARDIR@ . This should not be changed once .Nm resolvconf is in use unless the old directory is copied to the new one. .El .Sh LIBC OPTIONS The following variables affect .Xr resolv.conf 5 directly:- .Bl -tag -width indent .It Sy resolv_conf Defaults to .Pa /etc/resolv.conf if not set. .It Sy resolv_conf_options A list of libc resolver options, as specified in .Xr resolv.conf 5 . .It Sy resolv_conf_passthrough When set to YES the latest resolv.conf is written to .Sy resolv_conf without any alteration. When set to /dev/null or NULL, .Sy resolv_conf_local_only is defaulted to NO, .Sy local_nameservers is unset unless overridden and only the information set in .Nm is written to .Sy resolv_conf . .It Sy resolv_conf_sortlist A libc resolver sortlist, as specified in .Xr resolv.conf 5 . .It Sy resolv_conf_local_only If a local name server is configured then the default is just to specify that and ignore all other entries as they will be configured for the local name server. Set this to NO to also list non-local nameservers. This will give you working DNS even if the local nameserver stops functioning at the expense of duplicated server queries. .It Sy append_nameservers Append name servers to the dynamically generated list. .It Sy prepend_nameservers Prepend name servers to the dynamically generated list. .It Sy append_search Append search domains to the dynamically generated list. .It Sy prepend_search Prepend search domains to the dynamically generated list. .El .Sh SUBSCRIBER OPTIONS openresolv ships with subscribers for the name servers .Xr dnsmasq 8 , .Xr named 8 , -.Xr pdnsd 8 +.Xr pdnsd 8 , +.Xr pdns_recursor 8 , and .Xr unbound 8 . Each subscriber can create configuration files which should be included in in the subscribers main configuration file. .Pp To disable a subscriber, simply set it's name to NO. For example, to disable the libc subscriber you would set: -.D1 libc=NO +.Bd -compact -literal -offset indent +libc=NO +.Ed .Bl -tag -width indent .It Sy dnsmasq_conf This file tells dnsmasq which name servers to use for specific domains. .It Sy dnsmasq_resolv This file tells dnsmasq which name servers to use for global lookups. .Pp Example resolvconf.conf for dnsmasq: -.D1 name_servers=127.0.0.1 -.D1 dnsmasq_conf=/etc/dnsmasq-conf.conf -.D1 dnsmasq_resolv=/etc/dnsmasq-resolv.conf +.Bd -compact -literal -offset indent +name_servers=127.0.0.1 +dnsmasq_conf=/etc/dnsmasq-conf.conf +dnsmasq_resolv=/etc/dnsmasq-resolv.conf +.Ed .Pp Example dnsmasq.conf: -.D1 listen-address=127.0.0.1 -.D1 # If dnsmasq is compiled for DBus then we can take -.D1 # advantage of not having to restart dnsmasq. -.D1 enable-dbus -.D1 conf-file=/etc/dnsmasq-conf.conf -.D1 resolv-file=/etc/dnsmasq-resolv.conf +.Bd -compact -literal -offset indent +listen-address=127.0.0.1 +# If dnsmasq is compiled for DBus then we can take +# advantage of not having to restart dnsmasq. +enable-dbus +conf-file=/etc/dnsmasq-conf.conf +resolv-file=/etc/dnsmasq-resolv.conf +.Ed .It Sy named_options Include this file in the named options block. This file tells named which name servers to use for global lookups. .It Sy named_zones Include this file in the named global scope, after the options block. This file tells named which name servers to use for specific domains. .Pp Example resolvconf.conf for named: -.D1 name_servers=127.0.0.1 -.D1 named_options=/etc/named-options.conf -.D1 named_zones=/etc/named-zones.conf +.Bd -compact -literal -offset indent +name_servers=127.0.0.1 +named_options=/etc/named-options.conf +named_zones=/etc/named-zones.conf +.Ed .Pp Example named.conf: -.D1 options { -.D1 listen-on { 127.0.0.1; }; -.D1 include "/etc/named-options.conf"; -.D1 }; -.D1 include "/etc/named-zones.conf"; +.Bd -compact -literal -offset indent +options { + listen-on { 127.0.0.1; }; + include "/etc/named-options.conf"; +}; + +include "/etc/named-zones.conf"; +.Ed .It Sy pdnsd_conf This is the main pdnsd configuration file which we modify to add our forward domains to. If this variable is not set then we rely on the pdnsd configuration file setup to read .Pa pdnsd_resolv as documented below. .It Sy pdnsd_resolv This file tells pdnsd about global name servers. If this variable is not set then it's written to .Pa pdnsd_conf . .Pp Example resolvconf.conf for pdnsd: -.D1 name_servers=127.0.0.1 -.D1 pdnsd_conf=/etc/pdnsd.conf -.D1 # pdnsd_resolv=/etc/pdnsd-resolv.conf +.Bd -compact -literal -offset indent +name_servers=127.0.0.1 +pdnsd_conf=/etc/pdnsd.conf +# pdnsd_resolv=/etc/pdnsd-resolv.conf +.Ed .Pp Example pdnsd.conf: -.D1 global { -.D1 server_ip = 127.0.0.1; -.D1 status_ctl = on; -.D1 } -.D1 server { -.D1 # A server definition is required, even if emtpy. -.D1 label="empty"; -.D1 proxy_only=on; -.D1 # file="/etc/pdnsd-resolv.conf"; -.D1 } +.Bd -compact -literal -offset indent +global { + server_ip = 127.0.0.1; + status_ctl = on; +} +server { + # A server definition is required, even if empty. + label="empty"; + proxy_only=on; + # file="/etc/pdnsd-resolv.conf"; +} +.Ed +.It Sy pdns_zones +This file tells pdns_recursor about specific and global name servers. +.Pp +Example resolvconf.conf for pdns_recursor: +.Bd -compact -literal -offset indent +name_servers=127.0.0.1 +pdns_zones=/etc/pdns/recursor-zones.conf +.Ed +.Pp +Example recursor.conf: +.Bd -compact -literal -offset indent +allow-from=127.0.0.0/8, ::1/128 +forward-zones-file=/etc/pdns/recursor-zones.conf +.Ed .It Sy unbound_conf This file tells unbound about specific and global name servers. .It Sy unbound_insecure When set to YES, unbound marks the domains as insecure, thus ignoring DNSSEC. .Pp Example resolvconf.conf for unbound: -.D1 name_servers=127.0.0.1 -.D1 unbound_conf=/etc/unbound-resolvconf.conf +.Bd -compact -literal -offset indent +name_servers=127.0.0.1 +unbound_conf=/etc/unbound-resolvconf.conf +.Ed .Pp Example unbound.conf: -.D1 include: /etc/unbound-resolvconf.conf +.Bd -compact -literal -offset indent +include: /etc/unbound-resolvconf.conf +.Ed .El .Sh SUBSCRIBER INTEGRATION Not all distributions store the files the subscribers need in the same locations. For example, named service scripts have been called named, bind and rc.bind and they could be located in a directory called /etc/rc.d, /etc/init.d or similar. Each subscriber attempts to automatically configure itself, but not every distribution has been catered for. Also, users could equally want to use a different version from the one installed by default, such as bind8 and bind9. To accommodate this, the subscribers have these files in configurable variables, documented below. -.Pp .Bl -tag -width indent .It Sy dnsmasq_service Name of the dnsmasq service. .It Sy dnsmasq_restart Command to restart the dnsmasq service. .It Sy dnsmasq_pid Location of the dnsmasq pidfile. .It Sy libc_service Name of the libc service. .It Sy libc_restart Command to restart the libc service. .It Sy named_service Name of the named service. .It Sy named_restart Command to restart the named service. .It Sy pdnsd_restart Command to restart the pdnsd service. +.It Sy pdns_service +Command to restart the pdns_recursor service. +.It Sy pdns_restart +Command to restart the pdns_recursor service. .It Sy unbound_service Name of the unbound service. .It Sy unbound_restart Command to restart the unbound service. .It Sy unbound_pid Location of the unbound pidfile. .El .Sh SEE ALSO .Xr sh 1 , .Xr resolv.conf 5 , .Xr resolvconf 8 .Sh AUTHORS .An Roy Marples Aq Mt roy@marples.name .Sh BUGS Each distribution is a special snowflake and likes to name the same thing differently, namely the named service script. .Pp Please report them to .Lk http://roy.marples.name/projects/openresolv Index: stable/12/contrib/openresolv/resolvconf.in =================================================================== --- stable/12/contrib/openresolv/resolvconf.in (revision 355744) +++ stable/12/contrib/openresolv/resolvconf.in (revision 355745) @@ -1,938 +1,971 @@ #!/bin/sh -# Copyright (c) 2007-2016 Roy Marples +# Copyright (c) 2007-2019 Roy Marples # All rights reserved # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. RESOLVCONF="$0" -OPENRESOLV_VERSION="3.9.0" +OPENRESOLV_VERSION="3.9.2" SYSCONFDIR=@SYSCONFDIR@ LIBEXECDIR=@LIBEXECDIR@ VARDIR=@VARDIR@ RCDIR=@RCDIR@ RESTARTCMD=@RESTARTCMD@ if [ "$1" = "--version" ]; then echo "openresolv $OPENRESOLV_VERSION" echo "Copyright (c) 2007-2016 Roy Marples" exit 0 fi # Disregard dhcpcd setting unset interface_order state_dir # If you change this, change the test in VFLAG and libc.in as well local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1" dynamic_order="tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]*" interface_order="lo lo[0-9]*" name_server_blacklist="0.0.0.0" # Support original resolvconf configuration layout # as well as the openresolv config file if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then . "$SYSCONFDIR"/resolvconf.conf [ -n "$state_dir" ] && VARDIR="$state_dir" elif [ -d "$SYSCONFDIR/resolvconf" ]; then SYSCONFDIR="$SYSCONFDIR/resolvconf" if [ -f "$SYSCONFDIR"/interface-order ]; then interface_order="$(cat "$SYSCONFDIR"/interface-order)" fi fi IFACEDIR="$VARDIR/interfaces" METRICDIR="$VARDIR/metrics" PRIVATEDIR="$VARDIR/private" EXCLUSIVEDIR="$VARDIR/exclusive" LOCKDIR="$VARDIR/lock" _PWD="$PWD" warn() { echo "$*" >&2 } error_exit() { echo "$*" >&2 exit 1 } usage() { cat <<-EOF Usage: ${RESOLVCONF##*/} [options] command [argument] Inform the system about any DNS updates. Commands: -a \$INTERFACE Add DNS information to the specified interface (DNS supplied via stdin in resolv.conf format) -d \$INTERFACE Delete DNS information from the specified interface -h Show this help cruft -i [\$PATTERN] Show interfaces that have supplied DNS information optionally from interfaces that match the specified pattern -l [\$PATTERN] Show DNS information, optionally from interfaces that match the specified pattern -u Run updates from our current DNS information --version Echo the ${RESOLVCONF##*/} version Options: -f Ignore non existent interfaces -m metric Give the added DNS information a metric -p Mark the interface as private -x Mark the interface as exclusive Subscriber and System Init Commands: -I Init the state dir -r \$SERVICE Restart the system service (restarting a non-existent or non-running service should have no output and return 0) -R Show the system service restart command -v [\$PATTERN] echo NEWDOMAIN, NEWSEARCH and NEWNS variables to the console -V [\$PATTERN] Same as -v, but only uses configuration in $SYSCONFDIR/resolvconf.conf EOF [ -z "$1" ] && exit 0 echo error_exit "$*" } # Strip any trailing dot from each name as a FQDN does not belong # in resolv.conf(5) # If you think otherwise, capture a DNS trace and you'll see libc # will strip it regardless. # This also solves setting up duplicate zones in our subscribers. -strip_trailing_dots() +# Also strip any comments denoted by #. +resolv_strip() { - local n= d= - - for n; do - printf "$d%s" "${n%.}" - d=" " + space= + for word; do + case "$word" in + \#*) break;; + esac + printf "%s%s" "$space${word%.}" + space=" " done printf "\n" } private_iface() { - local p - # Allow expansion cd "$IFACEDIR" # Public interfaces override private ones. for p in $public_interfaces; do case "$iface" in "$p"|"$p":*) return 1;; esac done if [ -e "$PRIVATEDIR/$iface" ]; then return 0 fi for p in $private_interfaces; do case "$iface" in "$p"|"$p":*) return 0;; esac done # Not a private interface return 1 } # Parse resolv.conf's and make variables # for domain name servers, search name servers and global nameservers parse_resolv() { - local line= ns= ds= search= d= n= newns= - local new=true iface= private=false p= domain= l= islocal= - + domain= + new=true newns= + ns= + private=false + search= while read -r line; do + stripped_line="$(resolv_strip ${line#* })" case "$line" in "# resolv.conf from "*) if ${new}; then iface="${line#\# resolv.conf from *}" new=false if private_iface "$iface"; then private=true else private=false fi fi ;; "nameserver "*) islocal=false for l in $local_nameservers; do - case "${line#* }" in + case "$stripped_line" in $l) islocal=true - echo "LOCALNAMESERVERS=\"\$LOCALNAMESERVERS ${line#* }\"" break ;; esac done - $islocal || ns="$ns${line#* } " + if $islocal; then + echo "LOCALNAMESERVERS=\"\$LOCALNAMESERVERS $stripped_line\"" + else + ns="$ns$stripped_line " + fi ;; "domain "*) - search="$(strip_trailing_dots ${line#* })" + search="$stripped_line" if [ -z "$domain" ]; then domain="$search" echo "DOMAIN=\"$domain\"" fi ;; "search "*) - search="$(strip_trailing_dots ${line#* })" + search="$stripped_line" ;; *) [ -n "$line" ] && continue - if [ -n "$ns" -a -n "$search" ]; then + if [ -n "$ns" ] && [ -n "$search" ]; then newns= for n in $ns; do newns="$newns${newns:+,}$n" done ds= for d in $search; do ds="$ds${ds:+ }$d:$newns" done echo "DOMAINS=\"\$DOMAINS $ds\"" fi echo "SEARCH=\"\$SEARCH $search\"" if ! $private; then echo "NAMESERVERS=\"\$NAMESERVERS $ns\"" fi ns= search= new=true ;; esac done } uniqify() { - local result= + result= while [ -n "$1" ]; do case " $result " in *" $1 "*);; *) result="$result $1";; esac shift done echo "${result# *}" } dirname() { - local dir= OIFS="$IFS" - local IFS=/ + OIFS="$IFS" + IFS=/ set -- $@ IFS="$OIFS" if [ -n "$1" ]; then printf %s . else shift fi while [ -n "$2" ]; do printf "/%s" "$1" shift done printf "\n" } config_mkdirs() { - local e=0 f d + e=0 for f; do [ -n "$f" ] || continue d="$(dirname "$f")" if [ ! -d "$d" ]; then if type install >/dev/null 2>&1; then install -d "$d" || e=$? else mkdir "$d" || e=$? fi fi done return $e } # With the advent of alternative init systems, it's possible to have # more than one installed. So we need to try and guess what one we're # using unless overriden by configure. # Note that restarting a service is a last resort - the subscribers # should make a reasonable attempt to reconfigre the service via some # method, normally SIGHUP. detect_init() { [ -n "$RESTARTCMD" ] && return 0 # Detect the running init system. # As systemd and OpenRC can be installed on top of legacy init # systems we try to detect them first. - local status="@STATUSARG@" + status="@STATUSARG@" : ${status:=status} - if [ -x /bin/systemctl -a -S /run/systemd/private ]; then - RESTARTCMD="if /bin/systemctl --quiet is-active \$1.service; then - /bin/systemctl restart \$1.service; -fi" - elif [ -x /usr/bin/systemctl -a -S /run/systemd/private ]; then - RESTARTCMD="if /usr/bin/systemctl --quiet is-active \$1.service; then - /usr/bin/systemctl restart \$1.service; -fi" - elif [ -x /sbin/rc-service -a \ - -s /libexec/rc/init.d/softlevel -o -s /run/openrc/softlevel ] + if [ -x /bin/systemctl ] && [ -S /run/systemd/private ]; then + RESTARTCMD=' + if /bin/systemctl --quiet is-active $1.service + then + /bin/systemctl restart $1.service + fi' + elif [ -x /usr/bin/systemctl ] && [ -S /run/systemd/private ]; then + RESTARTCMD=' + if /usr/bin/systemctl --quiet is-active $1.service + then + /usr/bin/systemctl restart $1.service + fi' + elif [ -x /sbin/rc-service ] && + { [ -s /libexec/rc/init.d/softlevel ] || + [ -s /run/openrc/softlevel ]; } then - RESTARTCMD="/sbin/rc-service -i \$1 -- -Ds restart" + RESTARTCMD='/sbin/rc-service -i $1 -- -Ds restart' elif [ -x /usr/sbin/invoke-rc.d ]; then RCDIR=/etc/init.d - RESTARTCMD="if /usr/sbin/invoke-rc.d --quiet \$1 status 1>/dev/null 2>&1; then - /usr/sbin/invoke-rc.d \$1 restart; -fi" + RESTARTCMD=' + if /usr/sbin/invoke-rc.d --quiet $1 status >/dev/null 2>&1 + then + /usr/sbin/invoke-rc.d $1 restart + fi' elif [ -x /sbin/service ]; then # Old RedHat RCDIR=/etc/init.d - RESTARTCMD="if /sbin/service \$1; then - /sbin/service \$1 restart; -fi" + RESTARTCMD=' + if /sbin/service $1; then + /sbin/service $1 restart + fi' elif [ -x /usr/sbin/service ]; then # Could be FreeBSD - RESTARTCMD="if /usr/sbin/service \$1 $status 1>/dev/null 2>&1; then - /usr/sbin/service \$1 restart; -fi" + RESTARTCMD=" + if /usr/sbin/service \$1 $status >/dev/null 2>&1 + then + /usr/sbin/service \$1 restart + fi" elif [ -x /bin/sv ]; then - RESTARTCMD="/bin/sv status \$1 >/dev/null 2>&1 && /bin/sv try-restart \$1" + RESTARTCMD='/bin/sv status $1 >/dev/null 2>&1 && + /bin/sv try-restart $1' elif [ -x /usr/bin/sv ]; then - RESTARTCMD="/usr/bin/sv status \$1 >/dev/null 2>&1 && /usr/bin/sv try-restart \$1" - elif [ -e /etc/arch-release -a -d /etc/rc.d ]; then + RESTARTCMD='/usr/bin/sv status $1 >/dev/null 2>&1 && + /usr/bin/sv try-restart $1' + elif [ -e /etc/arch-release ] && [ -d /etc/rc.d ]; then RCDIR=/etc/rc.d - RESTARTCMD="if [ -e /var/run/daemons/\$1 ]; then - /etc/rc.d/\$1 restart; -fi" - elif [ -e /etc/slackware-version -a -d /etc/rc.d ]; then - RESTARTCMD="if /etc/rc.d/rc.\$1 status 1>/dev/null 2>&1; then - /etc/rc.d/rc.\$1 restart; -fi" - elif [ -e /etc/rc.d/rc.subr -a -d /etc/rc.d ]; then + RESTARTCMD=' + if [ -e /var/run/daemons/$1 ] + then + /etc/rc.d/$1 restart + fi' + elif [ -e /etc/slackware-version ] && [ -d /etc/rc.d ]; then + RESTARTCMD=' + if /etc/rc.d/rc.$1 status >/dev/null 2>&1 + then + /etc/rc.d/rc.$1 restart + fi' + elif [ -e /etc/rc.d/rc.subr ] && [ -d /etc/rc.d ]; then # OpenBSD - RESTARTCMD="if /etc/rc.d/\$1 check 1>/dev/null 2>&1; then - /etc/rc.d/\$1 restart; -fi" + RESTARTCMD=' + if /etc/rc.d/$1 check >/dev/null 2>&1 + then + /etc/rc.d/$1 restart + fi' else for x in /etc/init.d/rc.d /etc/rc.d /etc/init.d; do [ -d $x ] || continue - RESTARTCMD="if $x/\$1 $status 1>/dev/null 2>&1; then - $x/\$1 restart; -fi" + RESTARTCMD=" + if $x/\$1 $status >/dev/null 2>&1 + then + $x/\$1 restart + fi" break done fi if [ -z "$RESTARTCMD" ]; then - if [ "$NOINIT_WARNED" != true ]; then + if [ "$_NOINIT_WARNED" != true ]; then warn "could not detect a useable init system" _NOINIT_WARNED=true fi return 1 fi _NOINIT_WARNED= return 0 } echo_resolv() { - local line= OIFS="$IFS" + OIFS="$IFS" - [ -n "$1" -a -f "$IFACEDIR/$1" ] || return 1 + [ -n "$1" ] && [ -f "$IFACEDIR/$1" ] || return 1 echo "# resolv.conf from $1" # Our variable maker works of the fact each resolv.conf per interface # is separated by blank lines. # So we remove them when echoing them. while read -r line; do IFS="$OIFS" if [ -n "$line" ]; then # We need to set IFS here to preserve any whitespace IFS='' printf "%s\n" "$line" fi done < "$IFACEDIR/$1" IFS="$OIFS" } list_resolv() { [ -d "$IFACEDIR" ] || return 0 - local report=false list= retval=0 cmd="$1" excl= + cmd="$1" shift + excl=false + list= + report=false + retval=0 case "$IF_EXCLUSIVE" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) + excl=true if [ -d "$EXCLUSIVEDIR" ]; then cd "$EXCLUSIVEDIR" for i in *; do if [ -f "$i" ]; then list="${i#* }" break fi done fi - excl=true cd "$IFACEDIR" for i in $inclusive_interfaces; do - if [ -f "$i" -a "$list" = "$i" ]; then + if [ -f "$i" ] && [ "$list" = "$i" ]; then list= excl=false break fi done ;; - *) - excl=false - ;; esac # If we have an interface ordering list, then use that. # It works by just using pathname expansion in the interface directory. if [ -n "$1" ]; then list="$*" $force || report=true elif ! $excl; then cd "$IFACEDIR" for i in $interface_order; do [ -f "$i" ] && list="$list $i" for ii in "$i":* "$i".*; do [ -f "$ii" ] && list="$list $ii" done done for i in $dynamic_order; do - if [ -e "$i" -a ! -e "$METRICDIR/"*" $i" ]; then + if [ -e "$i" ] && ! [ -e "$METRICDIR/"*" $i" ]; then list="$list $i" fi for ii in "$i":* "$i".*; do - if [ -f "$ii" -a ! -e "$METRICDIR/"*" $ii" ]; then + if [ -f "$ii" ] && ! [ -e "$METRICDIR/"*" $ii" ] + then list="$list $ii" fi done done + # Interfaces have an implicit metric of 0 if not specified. + for i in *; do + if [ -f "$i" ] && ! [ -e "$METRICDIR/"*" $i" ]; then + list="$list $i" + fi + done if [ -d "$METRICDIR" ]; then cd "$METRICDIR" for i in *; do [ -f "$i" ] && list="$list ${i#* }" done fi - list="$list *" fi cd "$IFACEDIR" retval=1 for i in $(uniqify $list); do # Only list interfaces which we really have if ! [ -f "$i" ]; then if $report; then echo "No resolv.conf for interface $i" >&2 retval=2 fi continue fi - if [ "$cmd" = i -o "$cmd" = "-i" ]; then + if [ "$cmd" = i ] || [ "$cmd" = "-i" ]; then printf %s "$i " else echo_resolv "$i" && echo fi - [ $? = 0 -a "$retval" = 1 ] && retval=0 + [ $? = 0 ] && [ "$retval" = 1 ] && retval=0 done - [ "$cmd" = i -o "$cmd" = "-i" ] && echo + [ "$cmd" = i ] || [ "$cmd" = "-i" ] && echo return $retval } -list_remove() { - local list= e= l= result= found= retval=0 - +list_remove() +{ [ -z "$2" ] && return 0 eval list=\"\$$1\" shift + result= + retval=0 set -f for e; do found=false for l in $list; do case "$e" in $l) found=true;; esac $found && break done if $found; then retval=$(($retval + 1)) else result="$result $e" fi done set +f echo "${result# *}" return $retval } echo_prepend() { echo "# Generated by resolvconf" if [ -n "$search_domains" ]; then echo "search $search_domains" fi for n in $name_servers; do echo "nameserver $n" done echo } echo_append() { echo "# Generated by resolvconf" if [ -n "$search_domains_append" ]; then echo "search $search_domains_append" fi for n in $name_servers_append; do echo "nameserver $n" done echo } replace() { - local r= k= f= v= val= sub= - while read -r keyword value; do for r in $replace; do k="${r%%/*}" r="${r#*/}" f="${r%%/*}" r="${r#*/}" v="${r%%/*}" case "$keyword" in $k) case "$value" in $f) value="$v";; esac ;; esac done val= for sub in $value; do for r in $replace_sub; do k="${r%%/*}" r="${r#*/}" f="${r%%/*}" r="${r#*/}" v="${r%%/*}" case "$keyword" in $k) case "$sub" in $f) sub="$v";; esac ;; esac done val="$val${val:+ }$sub" done printf "%s %s\n" "$keyword" "$val" done } make_vars() { - local newdomains= d= dn= newns= ns= - # Clear variables DOMAIN= DOMAINS= SEARCH= NAMESERVERS= LOCALNAMESERVERS= - if [ -n "$name_servers" -o -n "$search_domains" ]; then + if [ -n "${name_servers}${search_domains}" ]; then eval "$(echo_prepend | parse_resolv)" fi if [ -z "$VFLAG" ]; then IF_EXCLUSIVE=1 list_resolv -i "$@" >/dev/null || IF_EXCLUSIVE=0 eval "$(list_resolv -l "$@" | replace | parse_resolv)" fi - if [ -n "$name_servers_append" -o -n "$search_domains_append" ]; then + if [ -n "${name_servers_append}${search_domains_append}" ]; then eval "$(echo_append | parse_resolv)" fi # Ensure that we only list each domain once + newdomains= for d in $DOMAINS; do dn="${d%%:*}" list_remove domain_blacklist "$dn" >/dev/null || continue case " $newdomains" in *" ${dn}:"*) continue;; esac newns= for nd in $DOMAINS; do if [ "$dn" = "${nd%%:*}" ]; then ns="${nd#*:}" while [ -n "$ns" ]; do case ",$newns," in *,${ns%%,*},*) ;; *) list_remove name_server_blacklist \ "${ns%%,*}" >/dev/null \ && newns="$newns${newns:+,}${ns%%,*}";; esac [ "$ns" = "${ns#*,}" ] && break ns="${ns#*,}" done fi done if [ -n "$newns" ]; then newdomains="$newdomains${newdomains:+ }$dn:$newns" fi done DOMAIN="$(list_remove domain_blacklist $DOMAIN)" SEARCH="$(uniqify $SEARCH)" SEARCH="$(list_remove domain_blacklist $SEARCH)" NAMESERVERS="$(uniqify $NAMESERVERS)" NAMESERVERS="$(list_remove name_server_blacklist $NAMESERVERS)" LOCALNAMESERVERS="$(uniqify $LOCALNAMESERVERS)" LOCALNAMESERVERS="$(list_remove name_server_blacklist $LOCALNAMESERVERS)" echo "DOMAIN='$DOMAIN'" echo "SEARCH='$SEARCH'" echo "NAMESERVERS='$NAMESERVERS'" echo "LOCALNAMESERVERS='$LOCALNAMESERVERS'" echo "DOMAINS='$newdomains'" } force=false VFLAG= while getopts a:Dd:fhIilm:pRruvVx OPT; do case "$OPT" in f) force=true;; h) usage;; m) IF_METRIC="$OPTARG";; p) IF_PRIVATE=1;; V) VFLAG=1 if [ "$local_nameservers" = \ "127.* 0.0.0.0 255.255.255.255 ::1" ] then local_nameservers= fi ;; x) IF_EXCLUSIVE=1;; '?') ;; *) cmd="$OPT"; iface="$OPTARG";; esac done shift $(($OPTIND - 1)) args="$iface${iface:+ }$*" # -I inits the state dir if [ "$cmd" = I ]; then if [ -d "$VARDIR" ]; then rm -rf "$VARDIR"/* fi exit $? fi # -D ensures that the listed config file base dirs exist if [ "$cmd" = D ]; then config_mkdirs "$@" exit $? fi # -l lists our resolv files, optionally for a specific interface -if [ "$cmd" = l -o "$cmd" = i ]; then +if [ "$cmd" = l ] || [ "$cmd" = i ]; then list_resolv "$cmd" "$args" exit $? fi # Restart a service or echo the command to restart a service -if [ "$cmd" = r -o "$cmd" = R ]; then +if [ "$cmd" = r ] || [ "$cmd" = R ]; then detect_init || exit 1 if [ "$cmd" = r ]; then set -- $args - eval $RESTARTCMD + eval "$RESTARTCMD" else - echo "$RESTARTCMD" + echo "$RESTARTCMD" | + sed -e '/^$/d' -e 's/^ //g' fi exit $? fi # Not normally needed, but subscribers should be able to run independently -if [ "$cmd" = v -o -n "$VFLAG" ]; then +if [ "$cmd" = v ] || [ -n "$VFLAG" ]; then make_vars "$iface" exit $? fi # Test that we have valid options -if [ "$cmd" = a -o "$cmd" = d ]; then +if [ "$cmd" = a ] || [ "$cmd" = d ]; then if [ -z "$iface" ]; then usage "Interface not specified" fi elif [ "$cmd" != u ]; then - [ -n "$cmd" -a "$cmd" != h ] && usage "Unknown option $cmd" + [ -n "$cmd" ] && [ "$cmd" != h ] && usage "Unknown option $cmd" usage fi if [ "$cmd" = a ]; then for x in '/' \\ ' ' '*'; do case "$iface" in *[$x]*) error_exit "$x not allowed in interface name";; esac done for x in '.' '-' '~'; do case "$iface" in [$x]*) error_exit \ "$x not allowed at start of interface name";; esac done - [ "$cmd" = a -a -t 0 ] && error_exit "No file given via stdin" + [ "$cmd" = a ] && [ -t 0 ] && error_exit "No file given via stdin" fi if [ ! -d "$VARDIR" ]; then if [ -L "$VARDIR" ]; then dir="$(readlink "$VARDIR")" # link maybe relative cd "${VARDIR%/*}" if ! mkdir -m 0755 -p "$dir"; then error_exit "Failed to create needed" \ "directory $dir" fi else if ! mkdir -m 0755 -p "$VARDIR"; then error_exit "Failed to create needed" \ "directory $VARDIR" fi fi fi if [ ! -d "$IFACEDIR" ]; then mkdir -m 0755 -p "$IFACEDIR" || \ error_exit "Failed to create needed directory $IFACEDIR" if [ "$cmd" = d ]; then # Provide the same error messages as below if ! ${force}; then cd "$IFACEDIR" for i in $args; do warn "No resolv.conf for interface $i" done fi ${force} exit $? fi fi # An interface was added, changed, deleted or a general update was called. # Due to exclusivity we need to ensure that this is an atomic operation. # Our subscribers *may* need this as well if the init system is sub par. # As such we spinlock at this point as best we can. # We don't use flock(1) because it's not widely available and normally resides # in /usr which we do our very best to operate without. [ -w "$VARDIR" ] || error_exit "Cannot write to $LOCKDIR" : ${lock_timeout:=10} while true; do if mkdir "$LOCKDIR" 2>/dev/null; then trap 'rm -rf "$LOCKDIR";' EXIT trap 'rm -rf "$LOCKDIR"; exit 1' INT QUIT ABRT SEGV ALRM TERM echo $$ >"$LOCKDIR/pid" break fi pid=$(cat "$LOCKDIR/pid") if ! kill -0 "$pid"; then warn "clearing stale lock pid $pid" rm -rf "$LOCKDIR" continue fi lock_timeout=$(($lock_timeout - 1)) if [ "$lock_timeout" -le 0 ]; then error_exit "timed out waiting for lock from pid $pid" fi sleep 1 done case "$cmd" in a) # Read resolv.conf from stdin resolv="$(cat)" changed=false changedfile=false # If what we are given matches what we have, then do nothing if [ -e "$IFACEDIR/$iface" ]; then if [ "$(echo "$resolv")" != \ "$(cat "$IFACEDIR/$iface")" ] then changed=true changedfile=true fi else changed=true changedfile=true fi # Set metric and private before creating the interface resolv.conf file # to ensure that it will have the correct flags [ ! -d "$METRICDIR" ] && mkdir "$METRICDIR" oldmetric="$METRICDIR/"*" $iface" newmetric= if [ -n "$IF_METRIC" ]; then # Pad metric to 6 characters, so 5 is less than 10 while [ ${#IF_METRIC} -le 6 ]; do IF_METRIC="0$IF_METRIC" done newmetric="$METRICDIR/$IF_METRIC $iface" fi rm -f "$METRICDIR/"*" $iface" - [ "$oldmetric" != "$newmetric" -a \ - "$oldmetric" != "$METRICDIR/* $iface" ] && + [ "$oldmetric" != "$newmetric" ] && + [ "$oldmetric" != "$METRICDIR/* $iface" ] && changed=true [ -n "$newmetric" ] && echo " " >"$newmetric" case "$IF_PRIVATE" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) if [ ! -d "$PRIVATEDIR" ]; then [ -e "$PRIVATEDIR" ] && rm "$PRIVATEDIR" mkdir "$PRIVATEDIR" fi [ -e "$PRIVATEDIR/$iface" ] || changed=true [ -d "$PRIVATEDIR" ] && echo " " >"$PRIVATEDIR/$iface" ;; *) if [ -e "$PRIVATEDIR/$iface" ]; then rm -f "$PRIVATEDIR/$iface" changed=true fi ;; esac oldexcl= for x in "$EXCLUSIVEDIR/"*" $iface"; do if [ -f "$x" ]; then oldexcl="$x" break fi done case "$IF_EXCLUSIVE" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) if [ ! -d "$EXCLUSIVEDIR" ]; then [ -e "$EXCLUSIVEDIR" ] && rm "$EXCLUSIVEDIR" mkdir "$EXCLUSIVEDIR" fi cd "$EXCLUSIVEDIR" for x in *; do [ -f "$x" ] && break done if [ "${x#* }" != "$iface" ]; then if [ "$x" = "${x% *}" ]; then x=10000000 else x="${x% *}" fi if [ "$x" = "0000000" ]; then warn "exclusive underflow" else x=$(($x - 1)) fi if [ -d "$EXCLUSIVEDIR" ]; then echo " " >"$EXCLUSIVEDIR/$x $iface" fi changed=true fi ;; *) if [ -f "$oldexcl" ]; then rm -f "$oldexcl" changed=true fi ;; esac if $changedfile; then printf "%s\n" "$resolv" >"$IFACEDIR/$iface" || exit $? elif ! $changed; then exit 0 fi unset changed changedfile oldmetric newmetric x oldexcl ;; d) # Delete any existing information about the interface cd "$IFACEDIR" changed=false for i in $args; do if [ -e "$i" ]; then changed=true elif ! ${force}; then warn "No resolv.conf for interface $i" fi rm -f "$i" "$METRICDIR/"*" $i" \ "$PRIVATEDIR/$i" \ "$EXCLUSIVEDIR/"*" $i" || exit $? done if ! ${changed}; then # Set the return code based on the forced flag ${force} exit $? fi unset changed i ;; esac case "${resolvconf:-YES}" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;; *) exit 0;; esac # Try and detect a suitable init system for our scripts detect_init export RESTARTCMD RCDIR _NOINIT_WARNED eval "$(make_vars)" export RESOLVCONF DOMAINS SEARCH NAMESERVERS LOCALNAMESERVERS : ${list_resolv:=list_resolv -l} retval=0 # Run scripts in the same directory resolvconf is run from # in case any scripts accidentally dump files in the wrong place. cd "$_PWD" for script in "$LIBEXECDIR"/*; do if [ -f "$script" ]; then eval script_enabled="\$${script##*/}" case "${script_enabled:-YES}" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;; *) continue;; esac if [ -x "$script" ]; then "$script" "$cmd" "$iface" else (set -- "$cmd" "$iface"; . "$script") fi retval=$(($retval + $?)) fi done exit $retval Index: stable/12/contrib/openresolv/unbound.in =================================================================== --- stable/12/contrib/openresolv/unbound.in (revision 355744) +++ stable/12/contrib/openresolv/unbound.in (revision 355745) @@ -1,97 +1,97 @@ #!/bin/sh # Copyright (c) 2009-2016 Roy Marples # All rights reserved # unbound subscriber for resolvconf # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. unbound_insecure= [ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 . "@SYSCONFDIR@/resolvconf.conf" || exit 1 [ -z "$unbound_conf" ] && exit 0 [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" NL=" " : ${unbound_pid:=/var/run/unbound.pid} : ${unbound_service:=unbound} newconf="# Generated by resolvconf$NL" for d in $DOMAINS; do dn="${d%%:*}" ns="${d#*:}" case "$unbound_insecure" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) newconf="$newconf${NL}server:$NL" newconf="$newconf domain-insecure: \"$dn\"$NL" ;; esac newconf="$newconf${NL}forward-zone:$NL name: \"$dn\"$NL" while [ -n "$ns" ]; do newconf="$newconf forward-addr: ${ns%%,*}$NL" [ "$ns" = "${ns#*,}" ] && break ns="${ns#*,}" done done if [ -n "$NAMESERVERS" ]; then newconf="$newconf${NL}forward-zone:$NL name: \".\"$NL" for n in $NAMESERVERS; do newconf="$newconf forward-addr: $n$NL" done fi # Try to ensure that config dirs exist if type config_mkdirs >/dev/null 2>&1; then config_mkdirs "$unbound_conf" else @SBINDIR@/resolvconf -D "$unbound_conf" fi restart_unbound() { if [ -n "$unbound_restart" ]; then eval $unbound_restart elif [ -n "$RESTARTCMD" ]; then set -- ${unbound_service} - eval $RESTARTCMD + eval "$RESTARTCMD" else @SBINDIR@/resolvconf -r ${unbound_service} fi } if [ ! -f "$unbound_conf" ] || \ [ "$(cat "$unbound_conf")" != "$(printf %s "$newconf")" ] then printf %s "$newconf" >"$unbound_conf" # If we can't sent a HUP then force a restart if [ -s "$unbound_pid" ]; then if ! kill -HUP $(cat "$unbound_pid") 2>/dev/null; then restart_unbound fi else restart_unbound fi fi