Also known as "openresolv". Needed for dhcpcd(8).
Change-Id: Ibcb616837e9a5293377e451c6f6218a37260ed80
./home/bin/.exrc minix-base obsolete
./home/bin/.profile minix-base obsolete
./lib minix-base
+./libexec minix-base
+./libexec/resolvconf minix-base
+./libexec/resolvconf/dnsmasq minix-base
+./libexec/resolvconf/libc minix-base
+./libexec/resolvconf/named minix-base
+./libexec/resolvconf/unbound minix-base
./mnt minix-base
./proc minix-base
./root minix-base
./sbin/printconfig minix-base
./sbin/rcorder minix-base
./sbin/reboot minix-base
+./sbin/resolvconf minix-base
./sbin/route minix-base
./sbin/shutdown minix-base
./sbin/sysctl minix-base
./usr/man/man5/pkg_install.conf.5 minix-man
./usr/man/man5/pkg_summary.5 minix-man
./usr/man/man5/rc.conf.5 minix-man
-./usr/man/man5/resolv.conf.5 minix-man obsolete
-./usr/man/man5/resolver.5 minix-man obsolete
+./usr/man/man5/resolv.conf.5 minix-man
+./usr/man/man5/resolvconf.conf.5 minix-man
+./usr/man/man5/resolver.5 minix-man
./usr/man/man5/rhosts.5 minix-man obsolete
./usr/man/man5/serv.access.5 minix-man obsolete
./usr/man/man5/statvfs.5 minix-man
./usr/man/man8/reboot.8 minix-man
./usr/man/man8/renice.8 minix-man
./usr/man/man8/repartition.8 minix-man
+./usr/man/man8/resolvconf.8 minix-man
./usr/man/man8/rotate.8 minix-man
./usr/man/man8/route.8 minix-man
./usr/man/man8/rshd.8 minix-man
./etc/system.conf.d
./home
./lib
+./libexec
+./libexec/resolvconf
./mnt
./proc
./root
SUBDIR= byacc \
fetch file flex less \
libarchive libevent mdocml \
- tmux top
+ openresolv tmux top
.if (${MKATF} != "no")
SUBDIR+= atf
--- /dev/null
+# $NetBSD: Makefile,v 1.1 2009/11/21 03:24:30 roy Exp $
+
+SUBDIR= sbin
+
+.include <bsd.subdir.mk>
--- /dev/null
+openresolv is a resolvconf implementation which manages resolv.conf
+You can find the latest version at http://roy.marples.name/projects/openresolv
+It is written and maintained by Roy Marples <roy@marples.name>
+
+This resolvconf implementation, along with its subscribers, work with a
+POSIX compliant shell and userland utilities. It is designed to work without
+tools such as sed as it *has* to work without /usr being available.
+
+On systems where resolvconf is expected to be used before /var/run is available
+for writing, you can configure openresolv to write somewhere else, like say a
+ramdisk.
--- /dev/null
+#!/bin/sh
+# Copyright (c) 2007-2012 Roy Marples
+# All rights reserved
+
+# dnsmasq subscriber for resolvconf
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials provided
+# with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+[ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0
+. "@SYSCONFDIR@/resolvconf.conf" || exit 1
+[ -z "$dnsmasq_conf" -a -z "$dnsmasq_resolv" ] && exit 0
+[ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)"
+NL="
+"
+
+: ${dnsmasq_pid:=/var/run/dnsmasq.pid}
+[ -s "$dnsmasq_pid" ] || dnsmasq_pid=/var/run/dnsmasq/dnsmasq.pid
+[ -s "$dnsmasq_pid" ] || unset dnsmasq_pid
+: ${dnsmasq_service:=dnsmasq}
+: ${dnsmasq_restart:=@RESTARTCMD ${dnsmasq_service}@}
+newconf="# Generated by resolvconf$NL"
+newresolv="$newconf"
+
+# Using dbus means that we never have to restart the daemon
+# This is important as it means we should not drop DNS queries
+# whilst changing DNS options around. However, dbus support is optional
+# so we need to validate a few things first.
+# Check for DBus support in the binary
+dbus=false
+dbus_ex=false
+dbus_introspect=$(dbus-send --print-reply --system \
+ --dest=uk.org.thekelleys.dnsmasq \
+ /uk/org/thekelleys/dnsmasq \
+ org.freedesktop.DBus.Introspectable.Introspect \
+ 2>/dev/null)
+if [ $? = 0 ]; then
+ dbus=true
+ if printf %s "$dbus_introspect" | \
+ grep -q '<method name="SetDomainServers">'
+ then
+ dbus_ex=true
+ fi
+fi
+
+for n in $NAMESERVERS; do
+ newresolv="${newresolv}nameserver $n$NL"
+done
+
+dbusdest=
+dbusdest_ex=
+conf=
+for d in $DOMAINS; do
+ dn="${d%%:*}"
+ ns="${d#*:}"
+ while [ -n "$ns" ]; do
+ n="${ns%%,*}"
+ if $dbus && ! $dbus_ex; then
+ case "$n" in
+ *.*.*.*)
+ SIFS=${IFS-y} OIFS=$IFS
+ IFS=.
+ set -- $n
+ num="0x$(printf %02x $1 $2 $3 $4)"
+ if [ "$SIFS" = y ]; then
+ unset IFS
+ else
+ IFS=$OIFS
+ fi
+ dbusdest="$dbusdest uint32:$(printf %u $num)"
+ dbusdest="$dbusdest string:$dn"
+ ;;
+ *:*%*)
+ # This version of dnsmasq won't accept
+ # scoped IPv6 addresses
+ dbus=false
+ ;;
+ *:*)
+ SIFS=${IFS-y} OIFS=$IFS bytes= front= back=
+ empty=false i=0
+ IFS=:
+ set -- $n
+ while [ -n "$1" -o -n "$2" ]; do
+ addr="$1"
+ shift
+ if [ -z "$addr" ]; then
+ empty=true
+ continue
+ fi
+ i=$(($i + 1))
+ while [ ${#addr} -lt 4 ]; do
+ addr="0${addr}"
+ done
+ byte1="$(printf %d 0x${addr%??})"
+ byte2="$(printf %d 0x${addr#??})"
+ if $empty; then
+ back="$back byte:$byte1 byte:$byte2"
+ else
+ front="$front byte:$byte1 byte:$byte2"
+ fi
+ done
+ while [ $i != 8 ]; do
+ i=$(($i + 1))
+ front="$front byte:0 byte:0"
+ done
+ front="${front}$back"
+ if [ "$SIFS" = y ]; then
+ unset IFS
+ else
+ IFS=$OIFS
+ fi
+ dbusdest="${dbusdest}$front string:$dn"
+ ;;
+ *)
+ if ! $dbus_ex; then
+ dbus=false
+ fi
+ ;;
+ esac
+ fi
+ dbusdest_ex="$dbusdest_ex${dbusdest_ex:+,}/$dn/$n"
+ conf="${conf}server=/$dn/$n$NL"
+ [ "$ns" = "${ns#*,}" ] && break
+ ns="${ns#*,}"
+ done
+done
+
+if $dbus; then
+ newconf="$newconf$NL# Domain specific servers will"
+ newconf="$newconf be sent over dbus${NL}"
+else
+ newconf="$newconf$conf"
+fi
+
+# Try to ensure that config dirs exist
+if type config_mkdirs >/dev/null 2>&1; then
+ config_mkdirs "$dnsmasq_conf" "$dnsmasq_resolv"
+else
+ @SBINDIR@/resolvconf -D "$dnsmasq_conf" "$dnsmasq_resolv"
+fi
+
+changed=false
+if [ -n "$dnsmasq_conf" ]; then
+ if [ ! -f "$dnsmasq_conf" ] || \
+ [ "$(cat "$dnsmasq_conf")" != "$(printf %s "$newconf")" ]
+ then
+ changed=true
+ printf %s "$newconf" >"$dnsmasq_conf"
+ fi
+fi
+if [ -n "$dnsmasq_resolv" ]; then
+ # dnsmasq polls this file so no need to set changed=true
+ if [ -f "$dnsmasq_resolv" ]; then
+ if [ "$(cat "$dnsmasq_resolv")" != "$(printf %s "$newresolv")" ]
+ then
+ printf %s "$newresolv" >"$dnsmasq_resolv"
+ fi
+ else
+ printf %s "$newresolv" >"$dnsmasq_resolv"
+ fi
+fi
+
+if $changed; then
+ eval $dnsmasq_restart
+fi
+if $dbus; then
+ if [ -s "$dnsmasq_pid" ]; then
+ $changed || kill -HUP $(cat "$dnsmasq_pid")
+ fi
+ # Send even if empty so old servers are cleared
+ if $dbus_ex; then
+ method=SetDomainServers
+ if [ -n "$dbusdest_ex" ]; then
+ dbusdest_ex="array:string:$dbusdest_ex"
+ fi
+ dbusdest="$dbusdest_ex"
+ else
+ method=SetServers
+ fi
+ dbus-send --system --dest=uk.org.thekelleys.dnsmasq \
+ /uk/org/thekelleys/dnsmasq uk.org.thekelleys.$method \
+ $dbusdest
+fi
--- /dev/null
+#!/bin/sh
+# Copyright (c) 2007-2014 Roy Marples
+# All rights reserved
+
+# libc subscriber for resolvconf
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials provided
+# with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+SYSCONFDIR=@SYSCONFDIR@
+LIBEXECDIR=@LIBEXECDIR@
+VARDIR=@VARDIR@
+IFACEDIR="$VARDIR/interfaces"
+NL="
+"
+
+# sed may not be available, and this is faster on small files
+key_get_value()
+{
+ local key="$1" x= line=
+
+ shift
+ if [ $# -eq 0 ]; then
+ while read -r line; do
+ case "$line" in
+ "$key"*) echo "${line##$key}";;
+ esac
+ done
+ else
+ for x do
+ while read -r line; do
+ case "$line" in
+ "$key"*) echo "${line##$key}";;
+ esac
+ done < "$x"
+ done
+ fi
+}
+
+keys_remove()
+{
+ local key x line found
+
+ while read -r line; do
+ found=false
+ for key do
+ case "$line" in
+ "$key"*|"#"*|" "*|" "*|"") found=true;;
+ esac
+ $found && break
+ done
+ $found || echo "$line"
+ done
+}
+
+local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1"
+
+# Support original resolvconf configuration layout
+# as well as the openresolv config file
+if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then
+ . "$SYSCONFDIR"/resolvconf.conf
+elif [ -d "$SYSCONFDIR"/resolvconf ]; then
+ SYSCONFDIR="$SYSCONFDIR/resolvconf/resolv.conf.d"
+ base="$SYSCONFDIR/resolv.conf.d/base"
+ if [ -f "$base" ]; then
+ prepend_nameservers="$(key_get_value "nameserver " "$base")"
+ domain="$(key_get_value "domain " "$base")"
+ prepend_search="$(key_get_value "search " "$base")"
+ resolv_conf_options="$(key_get_value "options " "$base")"
+ resolv_conf_sortlist="$(key_get_value "sortlist " "$base")"
+ fi
+ if [ -f "$SYSCONFDIR"/resolv.conf.d/head ]; then
+ resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.d/head)"
+ fi
+ if [ -f "$SYSCONFDIR"/resolv.conf.d/tail ]; then
+ resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.d/tail)"
+ fi
+fi
+: ${resolv_conf:=/etc/resolv.conf}
+: ${libc_service:=nscd}
+: ${libc_restart:=@RESTARTCMD ${libc_service}@}
+: ${list_resolv:=@SBINDIR@/resolvconf -l}
+if [ "${resolv_conf_head-x}" = x -a -f "$SYSCONFDIR"/resolv.conf.head ]; then
+ resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.head)"
+fi
+if [ "${resolv_conf_tail-x}" = x -a -f "$SYSCONFDIR"/resolv.conf.tail ]; then
+ resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.tail)"
+fi
+
+backup=true
+signature="# Generated by resolvconf"
+
+uniqify()
+{
+ local result=
+ while [ -n "$1" ]; do
+ case " $result " in
+ *" $1 "*);;
+ *) result="$result $1";;
+ esac
+ shift
+ done
+ echo "${result# *}"
+}
+
+case "${resolv_conf_passthrough:-NO}" in
+[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+ backup=false
+ newest=
+ for conf in "$IFACEDIR"/*; do
+ if [ -z "$newest" -o "$conf" -nt "$newest" ]; then
+ newest="$conf"
+ fi
+ done
+ [ -z "$newest" ] && exit 0
+ newconf="$(cat "$newest")$NL"
+ ;;
+/dev/null|[Nn][Uu][Ll][Ll])
+ : ${resolv_conf_local_only:=NO}
+ if [ "$local_nameservers" = "127.* 0.0.0.0 255.255.255.255 ::1" ]; then
+ local_nameservers=
+ fi
+ # Need to overwrite our variables.
+ eval "$(@SBINDIR@/resolvconf -V)"
+ ;;
+
+*)
+ [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)"
+ ;;
+esac
+case "${resolv_conf_passthrough:-NO}" in
+[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;;
+*)
+ : ${domain:=$DOMAIN}
+ newsearch="$(uniqify $prepend_search $SEARCH $append_search)"
+ NS="$LOCALNAMESERVERS $NAMESERVERS"
+ newns=
+ gotlocal=false
+ for n in $(uniqify $prepend_nameservers $NS $append_nameservers); do
+ add=true
+ islocal=false
+ for l in $local_nameservers; do
+ case "$n" in
+ $l) islocal=true; gotlocal=true; break;;
+ esac
+ done
+ if ! $islocal; then
+ case "${resolv_conf_local_only:-YES}" in
+ [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+ $gotlocal && add=false;;
+ esac
+ fi
+ $add && newns="$newns $n"
+ done
+
+ # Hold our new resolv.conf in a variable to save on temporary files
+ newconf="$signature$NL"
+ if [ -n "$resolv_conf_head" ]; then
+ newconf="$newconf$resolv_conf_head$NL"
+ fi
+
+ [ -n "$domain" ] && newconf="${newconf}domain $domain$NL"
+ if [ -n "$newsearch" -a "$newsearch" != "$domain" ]; then
+ newconf="${newconf}search $newsearch$NL"
+ fi
+ for n in $newns; do
+ newconf="${newconf}nameserver $n$NL"
+ done
+
+ # Now add anything we don't care about such as sortlist and options
+ stuff="$($list_resolv | keys_remove nameserver domain search)"
+ if [ -n "$stuff" ]; then
+ newconf="$newconf$stuff$NL"
+ fi
+
+ # Append any user defined ones
+ if [ -n "$resolv_conf_options" ]; then
+ newconf="${newconf}options $resolv_conf_options$NL"
+ fi
+ if [ -n "$resolv_conf_sortlist" ]; then
+ newconf="${newconf}sortlist $resolv_conf_sortlist$NL"
+ fi
+
+ if [ -n "$resolv_conf_tail" ]; then
+ newconf="$newconf$resolv_conf_tail$NL"
+ fi
+ ;;
+esac
+
+# Check if the file has actually changed or not
+if [ -e "$resolv_conf" ]; then
+ [ "$(cat "$resolv_conf")" = "$(printf %s "$newconf")" ] && exit 0
+fi
+
+# Change is good.
+# If the old file does not have our signature, back it up.
+# If the new file just has our signature, restore the backup.
+if $backup; then
+ if [ "$newconf" = "$signature$NL" ]; then
+ if [ -e "$resolv_conf.bak" ]; then
+ newconf="$(cat "$resolv_conf.bak")"
+ fi
+ elif [ -e "$resolv_conf" ]; then
+ read line <"$resolv_conf"
+ if [ "$line" != "$signature" ]; then
+ cp "$resolv_conf" "$resolv_conf.bak"
+ fi
+ fi
+fi
+
+# Create our resolv.conf now
+(umask 022; printf %s "$newconf" >"$resolv_conf")
+eval $libc_restart
+
+retval=0
+# Notify users of the resolver
+for script in "$LIBEXECDIR"/libc.d/*; do
+ if [ -f "$script" ]; then
+ if [ -x "$script" ]; then
+ "$script" "$@"
+ else
+ (. "$script")
+ fi
+ retval=$(($retval + $?))
+ fi
+done
+exit $retval
--- /dev/null
+#!/bin/sh
+# Copyright (c) 2007-2012 Roy Marples
+# All rights reserved
+
+# named subscriber for resolvconf
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials provided
+# with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+[ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0
+. "@SYSCONFDIR@/resolvconf.conf" || exit 1
+[ -z "$named_zones" -a -z "$named_options" ] && exit 0
+[ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)"
+NL="
+"
+
+# Platform specific kludges
+if [ -z "$named_service" -a -z "$named_restart" -a \
+ -d "@RCDIR@" -a ! -x "@RCDIR@"/named ]
+then
+ if [ -x "@RCDIR@"/bind9 ]; then
+ # Debian and derivatives
+ named_service=bind9
+ elif [ -x "@RCDIR@"/rc.bind ]; then
+ # Slackware
+ named_service=rc.bind
+ fi
+fi
+: ${named_service:=named}
+: ${named_restart:=@RESTARTCMD ${named_service}@}
+newoptions="# Generated by resolvconf$NL"
+newzones="$newoptions"
+
+forward=
+for n in $NAMESERVERS; do
+ case "$forward" in
+ *"$NL $n;"*);;
+ *) forward="$forward$NL $n;";;
+ esac
+done
+if [ -n "$forward" ]; then
+ newoptions="${newoptions}forward first;${NL}forwarders {$forward${NL}};$NL"
+fi
+
+for d in $DOMAINS; do
+ newzones="${newzones}zone \"${d%%:*}\" {$NL"
+ newzones="$newzones type forward;$NL"
+ newzones="$newzones forward first;$NL forwarders {$NL"
+ ns="${d#*:}"
+ while [ -n "$ns" ]; do
+ newzones="$newzones ${ns%%,*};$NL"
+ [ "$ns" = "${ns#*,}" ] && break
+ ns="${ns#*,}"
+ done
+ newzones="$newzones };$NL};$NL"
+done
+
+# Try to ensure that config dirs exist
+if type config_mkdirs >/dev/null 2>&1; then
+ config_mkdirs "$named_options" "$named_zones"
+else
+ @SBINDIR@/resolvconf -D "$named_options" "$named_zones"
+fi
+
+# No point in changing files or reloading bind if the end result has not
+# changed
+changed=false
+if [ -n "$named_options" ]; then
+ if [ ! -f "$named_options" ] || \
+ [ "$(cat "$named_options")" != "$(printf %s "$newoptions")" ]
+ then
+ printf %s "$newoptions" >"$named_options"
+ changed=true
+ fi
+fi
+if [ -n "$named_zones" ]; then
+ if [ ! -f "$named_zones" ] || \
+ [ "$(cat "$named_zones")" != "$(printf %s "$newzones")" ]
+ then
+ printf %s "$newzones" >"$named_zones"
+ changed=true
+ fi
+fi
+
+if $changed; then
+ eval $named_restart
+fi
--- /dev/null
+#!/bin/sh
+# Copyright (c) 2010-2013 Roy Marples
+# All rights reserved
+
+# pdnsd subscriber for resolvconf
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials provided
+# with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+[ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0
+. "@SYSCONFDIR@/resolvconf.conf" || exit 1
+[ -z "$pdnsd_conf" -a -z "$pdnsd_resolv" ] && exit 0
+[ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)"
+NL="
+"
+
+: ${pdnsd_restart:=pdnsd-ctl config $pdnsd_conf}
+signature="# Generated by resolvconf"
+signature_end="# End of resolvconf"
+
+# We normally use sed to remove markers from a configuration file
+# but sed may not always be available at the time.
+remove_markers()
+{
+ local m1="$1" m2="$2" x= line= in_marker=0
+
+ shift; shift
+ if type sed >/dev/null 2>&1; then
+ sed "/^$m1/,/^$m2/d" $@
+ else
+ for x; do
+ while read -r line; do
+ case "$line" in
+ "$m1"*) in_marker=1;;
+ "$m2"*) in_marker=0;;
+ *) [ $in_marker = 0 ] && echo "$line";;
+ esac
+ done < "$x"
+ done
+ fi
+}
+
+# Compare two files
+# If different, replace first with second otherwise remove second
+change_file()
+{
+ if [ -e "$1" ]; then
+ if type cmp >/dev/null 2>&1; then
+ cmp -s "$1" "$2"
+ elif type diff >/dev/null 2>&1; then
+ diff -q "$1" "$2" >/dev/null
+ else
+ # Hopefully we're only working on small text files ...
+ [ "$(cat "$1")" = "$(cat "$2")" ]
+ fi
+ if [ $? -eq 0 ]; then
+ rm -f "$2"
+ return 1
+ fi
+ fi
+ cat "$2" > "$1"
+ rm -f "$2"
+ return 0
+}
+
+newresolv="# Generated by resolvconf$NL"
+changed=false
+
+# Try to ensure that config dirs exist
+if type config_mkdirs >/dev/null 2>&1; then
+ config_mkdirs "$pdnsd_resolv" "$pdnsd_conf"
+else
+ @SBINDIR@/resolvconf -D "$pdnsd_resolv" "$pdnsd_conf"
+fi
+
+if [ -n "$pdnsd_resolv" ]; then
+ for n in $NAMESERVERS; do
+ newresolv="${newresolv}nameserver $n$NL"
+ done
+fi
+
+# Only modify the configuration if it exists and we can write to it
+if [ -w "$pdnsd_conf" ]; then
+ cf="$pdnsd_conf.new"
+ newconf=
+
+ if [ -z "$pdnsd_resolv" ]; then
+ newconf="${newconf}server {$NL"
+ newconf="${newconf} label=resolvconf;$NL"
+ if [ -n "$NAMESERVERS" ]; then
+ newconf="${newconf} ip="
+ first=true
+ for n in $NAMESERVERS; do
+ if $first; then
+ first=false
+ else
+ newconf="${newconf},"
+ fi
+ newconf="$newconf$n"
+ done
+ newconf="${newconf};$NL"
+ fi
+ newconf="${newconf}}$NL"
+ fi
+
+ for d in $DOMAINS; do
+ newconf="${newconf}server {$NL"
+ newconf="${newconf} include=.${d%%:*}.;$NL"
+ newconf="${newconf} policy=excluded;$NL"
+ newconf="${newconf} ip="
+ ns="${d#*:}"
+ while [ -n "$ns" ]; do
+ newconf="${newconf}${ns%%,*}"
+ [ "$ns" = "${ns#*,}" ] && break
+ ns="${ns#*,}"
+ newconf="${newconf},"
+ done
+ newconf="${newconf};$NL}$NL"
+ done
+
+ rm -f "$cf"
+ remove_markers "$signature" "$signature_end" "$pdnsd_conf" > "$cf"
+ if [ -n "$newconf" ]; then
+ echo "$signature" >> "$cf"
+ printf %s "$newconf" >> "$cf"
+ echo "$signature_end" >> "$cf"
+ fi
+ if change_file "$pdnsd_conf" "$cf"; then
+ changed=true
+ fi
+fi
+
+if [ -n "$pdnsd_resolv" ]; then
+ if [ ! -f "$pdnsd_resolv" ] || \
+ [ "$(cat "$pdnsd_resolv")" != "$(printf %s "$newresolv")" ]
+ then
+ changed=true
+ printf %s "$newresolv" >"$pdnsd_resolv"
+ fi
+fi
+
+if $changed; then
+ eval $pdnsd_restart
+fi
--- /dev/null
+.\" Copyright (c) 2007-2015 Roy Marples
+.\" All rights reserved
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.Dd April 27, 2015
+.Dt RESOLVCONF 8
+.Os
+.Sh NAME
+.Nm resolvconf
+.Nd a framework for managing multiple DNS configurations
+.Sh SYNOPSIS
+.Nm
+.Fl I
+.Nm
+.Op Fl m Ar metric
+.Op Fl p
+.Op Fl x
+.Fl a Ar interface Ns Op Ar .protocol
+.No < Ns Pa file
+.Nm
+.Op Fl f
+.Fl d Ar interface Ns Op Ar .protocol
+.Nm
+.Op Fl x
+.Fl il Ar pattern
+.Nm
+.Fl u
+.Sh DESCRIPTION
+.Nm
+manages
+.Xr resolv.conf 5
+files from multiple sources, such as DHCP and VPN clients.
+Traditionally, the host runs just one client and that updates
+.Pa /etc/resolv.conf .
+More modern systems frequently have wired and wireless interfaces and there is
+no guarantee both are on the same network.
+With the advent of VPN and other
+types of networking daemons, many things now contend for the contents of
+.Pa /etc/resolv.conf .
+.Pp
+.Nm
+solves this by letting the daemon send their
+.Xr resolv.conf 5
+file to
+.Nm
+via
+.Xr stdin 3
+with the argument
+.Fl a Ar interface Ns Op Ar .protocol
+instead of the filesystem.
+.Nm
+then updates
+.Pa /etc/resolv.conf
+as it thinks best.
+When a local resolver other than libc is installed, such as
+.Xr dnsmasq 8
+or
+.Xr named 8 ,
+then
+.Nm
+will supply files that the resolver should be configured to include.
+.Pp
+.Nm
+assumes it has a job to do.
+In some situations
+.Nm
+needs to act as a deterrent to writing to
+.Pa /etc/resolv.conf .
+Where this file cannot be made immutable or you just need to toggle this
+behaviour,
+.Nm
+can be disabled by adding
+.Sy resolvconf Ns = Ns NO
+to
+.Xr resolvconf.conf 5 .
+.Pp
+.Nm
+can mark an interfaces
+.Pa resolv.conf
+as private.
+This means that the name servers listed in that
+.Pa resolv.conf
+are only used for queries against the domain/search listed in the same file.
+This only works when a local resolver other than libc is installed.
+See
+.Xr resolvconf.conf 5
+for how to configure
+.Nm
+to use a local name server.
+.Pp
+.Nm
+can mark an interfaces
+.Pa resolv.conf
+as exclusive.
+Only the latest exclusive interface is used for processing, otherwise all are.
+.Pp
+When an interface goes down, it should then call
+.Nm
+with
+.Fl d Ar interface.*
+arguments to delete the
+.Pa resolv.conf
+file(s) for all the
+.Ar protocols
+on the
+.Ar interface .
+.Pp
+Here are some more options that
+.Nm
+has:-
+.Bl -tag -width indent
+.It Fl I
+Initialise the state directory
+.Pa @VARDIR@ .
+This only needs to be called if the initial system boot sequence does not
+automatically clean it out; for example the state directory is moved
+somewhere other than
+.Pa /var/run .
+If used, it should only be called once as early in the system boot sequence
+as possible and before
+.Nm
+is used to add interfaces.
+.It Fl f
+Ignore non existant interfaces.
+Only really useful for deleting interfaces.
+.It Fl i Ar pattern
+List the interfaces and protocols, optionally matching
+.Ar pattern ,
+we have
+.Pa resolv.conf
+files for.
+.It Fl l Ar pattern
+List the
+.Pa resolv.conf
+files we have.
+If
+.Ar pattern
+is specified then we list the files for the interfaces and protocols
+that match it.
+.It Fl m Ar metric
+Set the metric of the interface when adding it, default of 0.
+Lower metrics take precedence.
+This affects the default order of interfaces when listed.
+.It Fl p
+Marks the interface
+.Pa resolv.conf
+as private.
+.It Fl u
+Force
+.Nm
+to update all its subscribers.
+.Nm
+does not update the subscribers when adding a resolv.conf that matches
+what it already has for that interface.
+.It Fl x
+Mark the interface
+.Pa resolv.conf
+as exclusive when adding, otherwise only use the latest exclusive interface.
+.El
+.Pp
+.Nm
+also has some options designed to be used by its subscribers:-
+.Bl -tag -width indent
+.It Fl v
+Echo variables DOMAINS, SEARCH and NAMESERVERS so that the subscriber can
+configure the resolver easily.
+.It Fl V
+Same as
+.Fl v
+except that only the information configured in
+.Xr resolvconf.conf 5
+is set.
+.El
+.Sh INTERFACE ORDERING
+For
+.Nm
+to work effectively, it has to process the resolv.confs for the interfaces
+in the correct order.
+.Nm
+first processes interfaces from the
+.Sy interface_order
+list, then interfaces without a metic and that match the
+.Sy dynamic_order
+list, then interfaces with a metric in order and finally the rest in
+the operating systems lexical order.
+See
+.Xr resolvconf.conf 5
+for details on these lists.
+.Sh PROTOCOLS
+Here are some suggested protocol tags to use for each
+.Pa resolv.conf
+file registered on an
+.Ar interface Ns No :-
+.Bl -tag -width indent
+.It dhcp
+Dynamic Host Configuration Protocol.
+Initial versions of
+.Nm
+did not recommend a
+.Ar protocol
+tag be appended to the
+.Ar interface
+name.
+When the protocol is absent, it is assumed to be the DHCP protocol.
+.It ppp
+Point-to-Point Protocol.
+.It ra
+IPv6 Router Advertisement.
+.It dhcp6
+Dynamic Host Configuration Protocol, version 6.
+.El
+.Sh IMPLEMENTATION NOTES
+If a subscriber has the executable bit then it is executed otherwise it is
+assumed to be a shell script and sourced into the current environment in a
+subshell.
+This is done so that subscribers can remain fast, but are also not limited
+to the shell language.
+.Pp
+Portable subscribers should not use anything outside of
+.Pa /bin
+and
+.Pa /sbin
+because
+.Pa /usr
+and others may not be available when booting.
+Also, it would be unwise to assume any shell specific features.
+.Sh ENVIRONMENT
+.Bl -ohang
+.It Va IF_METRIC
+If the
+.Fl m
+option is not present then we use
+.Va IF_METRIC
+for the metric.
+.It Va IF_PRIVATE
+Marks the interface
+.Pa resolv.conf
+as private.
+.It Va IF_EXCLUSIVE
+Marks the interface
+.Pa resolv.conf
+as exclusive.
+.El
+.Sh FILES
+.Bl -ohang
+.It Pa /etc/resolv.conf.bak
+Backup file of the original resolv.conf.
+.It Pa @SYSCONFDIR@/resolvconf.conf
+Configuration file for
+.Nm .
+.It Pa @LIBEXECDIR@
+Directory of subscribers which are run every time
+.Nm
+adds, deletes or updates.
+.It Pa @LIBEXECDIR@/libc.d
+Directory of subscribers which are run after the libc subscriber is run.
+.It Pa @VARDIR@
+State directory for
+.Nm .
+.El
+.Sh HISTORY
+This implementation of
+.Nm
+is called openresolv and is fully command line compatible with Debian's
+resolvconf, as written by Thomas Hood.
+.Sh SEE ALSO
+.Xr resolv.conf 5 ,
+.Xr resolvconf.conf 5 ,
+.Xr resolver 3 ,
+.Xr stdin 3
+.Sh AUTHORS
+.An Roy Marples Aq Mt roy@marples.name
+.Sh BUGS
+Please report them to
+.Lk http://roy.marples.name/projects/openresolv
+.Pp
+.Nm
+does not validate any of the files given to it.
+.Pp
+When running a local resolver other than libc, you will need to configure it
+to include files that
+.Nm
+will generate.
+You should consult
+.Xr resolvconf.conf 5
+for instructions on how to configure your resolver.
--- /dev/null
+.\" Copyright (c) 2009-2015 Roy Marples
+.\" All rights reserved
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.Dd May 14, 2015
+.Dt RESOLVCONF.CONF 5
+.Os
+.Sh NAME
+.Nm resolvconf.conf
+.Nd resolvconf configuration file
+.Sh DESCRIPTION
+.Nm
+is the configuration file for
+.Xr resolvconf 8 .
+The
+.Nm
+file is a shell script that is sourced by
+.Xr resolvconf 8 ,
+meaning that
+.Nm
+must contain valid shell commands.
+Listed below are the standard
+.Nm
+variables that may be set.
+If the values contain white space for special shell characters,
+ensure they are quoted and escaped correctly.
+.Pp
+After updating this file, you may wish to run
+.Nm resolvconf -u
+to apply the new configuration.
+.Pp
+When a dynamically generated list is appended or prepended to, the whole
+is made unique where left-most wins.
+.Sh RESOLVCONF OPTIONS
+.Bl -tag -width indent
+.It Sy resolvconf
+Set to NO to disable
+.Nm resolvconf
+from running any subscribers.
+Defaults to YES.
+.It Sy interface_order
+These interfaces will always be processed first.
+If unset, defaults to the following:-
+.D1 lo lo[0-9]*
+.It Sy dynamic_order
+These interfaces will be processed next, unless they have a metric.
+If unset, defaults to the following:-
+.D1 tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]*
+.It Sy local_nameservers
+If unset, defaults to the following:-
+.D1 127.* 0.0.0.0 255.255.255.255 ::1
+.It Sy search_domains
+Prepend search domains to the dynamically generated list.
+.It Sy search_domains_append
+Append search domains to the dynamically generated list.
+.It Sy domain_blacklist
+A list of domains to be removed from consideration.
+To remove a domain, you can use foo.*
+To remove a sub domain, you can use *.bar
+.It Sy name_servers
+Prepend name servers to the dynamically generated list.
+You should set this to 127.0.0.1 if you use a local name server other than
+libc.
+.It Sy name_servers_append
+Append name servers to the dynamically generated list.
+.It Sy name_server_blacklist
+A list of name servers to be removed from consideration.
+The default is 0.0.0.0 as some faulty routers send it via DHCP.
+To remove a block, you can use 192.168.*
+.It Sy private_interfaces
+These interfaces name servers will only be queried for the domains listed
+in their resolv.conf.
+Useful for VPN domains.
+Setting
+.Sy private_interfaces Ns ="*"
+will stop the forwarding of the root zone and allows the local resolver to
+recursively query the root servers directly.
+Requires a local nameserver other than libc.
+This is equivalent to the
+.Nm resolvconf -p
+option.
+.It Sy replace
+Is a space separated list of replacement keywords. The syntax is this:
+.Va $keyword Ns / Ns Va $match Ns / Ns Va $replacement
+.Pp
+Example, given this resolv.conf:
+.D1 domain foo.org
+.D1 search foo.org dead.beef
+.D1 nameserver 1.2.3.4
+.D1 nameserver 2.3.4.5
+and this configuaration:
+.D1 replace="search/foo*/bar.com nameserver/1.2.3.4/5.6.7.8 nameserver/2.3.4.5/"
+you would get this resolv.conf instead:
+.D1 domain foo.org
+.D1 search bar.com
+.D1 nameserver 5.6.7.8
+.It Sy replace_sub
+Works the same way as
+.Sy replace
+except it works on each space separated value rather than the whole line,
+so it's useful for the replacing a single domain within the search directive.
+Using the same example resolv.conf and changing
+.Sy replace
+to
+.Sy replace_sub ,
+you would get this resolv.conf instead:
+.D1 domain foo.org
+.D1 search bar.com dead.beef
+.D1 nameserver 5.6.7.8
+.It Sy state_dir
+Override the default state directory of
+.Pa @VARDIR@ .
+This should not be changed once
+.Nm resolvconf
+is in use unless the old directory is copied to the new one.
+.El
+.Sh LIBC OPTIONS
+The following variables affect
+.Xr resolv.conf 5
+directly:-
+.Bl -tag -width indent
+.It Sy resolv_conf
+Defaults to
+.Pa /etc/resolv.conf
+if not set.
+.It Sy resolv_conf_options
+A list of libc resolver options, as specified in
+.Xr resolv.conf 5 .
+.It Sy resolv_conf_passthrough
+When set to YES the latest resolv.conf is written to
+.Sy resolv_conf
+without any alteration.
+When set to /dev/null or NULL,
+.Sy resolv_conf_local_only
+is defaulted to NO,
+.Sy local_nameservers
+is unset unless overridden and only the information set in
+.Nm
+is written to
+.Sy resolv_conf .
+.It Sy resolv_conf_sortlist
+A libc resolver sortlist, as specified in
+.Xr resolv.conf 5 .
+.It Sy resolv_conf_local_only
+If a local name server is configured then the default is just to specify that
+and ignore all other entries as they will be configured for the local
+name server.
+Set this to NO to also list non-local nameservers.
+This will give you working DNS even if the local nameserver stops functioning
+at the expense of duplicated server queries.
+.It Sy append_nameservers
+Append name servers to the dynamically generated list.
+.It Sy prepend_nameservers
+Prepend name servers to the dynamically generated list.
+.It Sy append_search
+Append search domains to the dynamically generated list.
+.It Sy prepend_search
+Prepend search domains to the dynamically generated list.
+.El
+.Sh SUBSCRIBER OPTIONS
+openresolv ships with subscribers for the name servers
+.Xr dnsmasq 8 ,
+.Xr named 8 ,
+.Xr pdnsd 8
+and
+.Xr unbound 8 .
+Each subscriber can create configuration files which should be included in
+in the subscribers main configuration file.
+.Pp
+To disable a subscriber, simply set it's name to NO.
+For example, to disable the libc subscriber you would set:
+.D1 libc=NO
+.Bl -tag -width indent
+.It Sy dnsmasq_conf
+This file tells dnsmasq which name servers to use for specific domains.
+.It Sy dnsmasq_resolv
+This file tells dnsmasq which name servers to use for global lookups.
+.Pp
+Example resolvconf.conf for dnsmasq:
+.D1 name_servers=127.0.0.1
+.D1 dnsmasq_conf=/etc/dnsmasq-conf.conf
+.D1 dnsmasq_resolv=/etc/dnsmasq-resolv.conf
+.Pp
+Example dnsmasq.conf:
+.D1 listen-address=127.0.0.1
+.D1 # If dnsmasq is compiled for DBus then we can take
+.D1 # advantage of not having to restart dnsmasq.
+.D1 enable-dbus
+.D1 conf-file=/etc/dnsmasq-conf.conf
+.D1 resolv-file=/etc/dnsmasq-resolv.conf
+.It Sy named_options
+Include this file in the named options block.
+This file tells named which name servers to use for global lookups.
+.It Sy named_zones
+Include this file in the named global scope, after the options block.
+This file tells named which name servers to use for specific domains.
+.Pp
+Example resolvconf.conf for named:
+.D1 name_servers=127.0.0.1
+.D1 named_options=/etc/named-options.conf
+.D1 named_zones=/etc/named-zones.conf
+.Pp
+Example named.conf:
+.D1 options {
+.D1 listen-on { 127.0.0.1; };
+.D1 include "/etc/named-options.conf";
+.D1 };
+.D1 include "/etc/named-zones.conf";
+.It Sy pdnsd_conf
+This is the main pdnsd configuration file which we modify to add our
+forward domains to.
+If this variable is not set then we rely on the pdnsd configuration file
+setup to read
+.Pa pdnsd_resolv
+as documented below.
+.It Sy pdnsd_resolv
+This file tells pdnsd about global name servers.
+If this variable is not set then it's written to
+.Pa pdnsd_conf .
+.Pp
+Example resolvconf.conf for pdnsd:
+.D1 name_servers=127.0.0.1
+.D1 pdnsd_conf=/etc/pdnsd.conf
+.D1 # pdnsd_resolv=/etc/pdnsd-resolv.conf
+.Pp
+Example pdnsd.conf:
+.D1 global {
+.D1 server_ip = 127.0.0.1;
+.D1 status_ctl = on;
+.D1 }
+.D1 server {
+.D1 # A server definition is required, even if emtpy.
+.D1 label="empty";
+.D1 proxy_only=on;
+.D1 # file="/etc/pdnsd-resolv.conf";
+.D1 }
+.It Sy unbound_conf
+This file tells unbound about specific and global name servers.
+.It Sy unbound_insecure
+When set to YES, unbound marks the domains as insecure, thus ignoring DNSSEC.
+.Pp
+Example resolvconf.conf for unbound:
+.D1 name_servers=127.0.0.1
+.D1 unbound_conf=/etc/unbound-resolvconf.conf
+.Pp
+Example unbound.conf:
+.D1 include: /etc/unbound-resolvconf.conf
+.El
+.Sh SUBSCRIBER INTEGRATION
+Not all distributions store the files the subscribers need in the same
+locations.
+For example, named service scripts have been called named, bind and rc.bind
+and they could be located in a directory called /etc/rc.d, /etc/init.d or
+similar.
+Each subscriber attempts to automatically configure itself, but not every
+distribution has been catered for.
+Also, users could equally want to use a different version from the one
+installed by default, such as bind8 and bind9.
+To accommodate this, the subscribers have these files in configurable
+variables, documented below.
+.Pp
+.Bl -tag -width indent
+.It Sy dnsmasq_service
+Location of the dnsmasq service.
+.It Sy dnsmasq_restart
+Command to restart the dnsmasq service.
+.It Sy dnsmasq_pid
+Location of the dnsmasq pidfile.
+.It Sy libc_service
+Location of the libc service.
+.It Sy libc_restart
+Command to restart the libc service.
+.It Sy named_service
+Location of the named service.
+.It Sy named_restart
+Command to restart the named service.
+.It Sy pdnsd_restart
+Command to restart the pdnsd service.
+.It Sy unbound_service
+Location of the unbound service.
+.It Sy unbound_restart
+Command to restart the unbound service.
+.It Sy unbound_pid
+Location of the unbound pidfile.
+.El
+.Sh SEE ALSO
+.Xr resolv.conf 5 ,
+.Xr resolvconf 8
+and
+.Xr sh 1 .
+.Sh AUTHORS
+.An Roy Marples Aq Mt roy@marples.name
+.Sh BUGS
+Each distribution is a special snowflake and likes to name the same thing
+differently, namely the named service script.
+.Pp
+Please report them to
+.Lk http://roy.marples.name/projects/openresolv
--- /dev/null
+#!/bin/sh
+# Copyright (c) 2007-2015 Roy Marples
+# All rights reserved
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials provided
+# with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+RESOLVCONF="$0"
+SYSCONFDIR=@SYSCONFDIR@
+LIBEXECDIR=@LIBEXECDIR@
+VARDIR=@VARDIR@
+
+# Disregard dhcpcd setting
+unset interface_order state_dir
+
+# If you change this, change the test in VFLAG and libc.in as well
+local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1"
+
+dynamic_order="tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]*"
+interface_order="lo lo[0-9]*"
+name_server_blacklist="0.0.0.0"
+
+# Support original resolvconf configuration layout
+# as well as the openresolv config file
+if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then
+ . "$SYSCONFDIR"/resolvconf.conf
+ [ -n "$state_dir" ] && VARDIR="$state_dir"
+elif [ -d "$SYSCONFDIR/resolvconf" ]; then
+ SYSCONFDIR="$SYSCONFDIR/resolvconf"
+ if [ -f "$SYSCONFDIR"/interface-order ]; then
+ interface_order="$(cat "$SYSCONFDIR"/interface-order)"
+ fi
+fi
+TMPDIR="$VARDIR/tmp"
+IFACEDIR="$VARDIR/interfaces"
+METRICDIR="$VARDIR/metrics"
+PRIVATEDIR="$VARDIR/private"
+EXCLUSIVEDIR="$VARDIR/exclusive"
+LOCKDIR="$VARDIR/lock"
+
+warn()
+{
+ echo "$*" >&2
+}
+
+error_exit()
+{
+ echo "$*" >&2
+ exit 1
+}
+
+usage()
+{
+ cat <<-EOF
+ Usage: ${RESOLVCONF##*/} [options]
+
+ Inform the system about any DNS updates.
+
+ Options:
+ -a \$INTERFACE Add DNS information to the specified interface
+ (DNS supplied via stdin in resolv.conf format)
+ -m metric Give the added DNS information a metric
+ -p Mark the interface as private
+ -x Mark the interface as exclusive
+ -d \$INTERFACE Delete DNS information from the specified interface
+ -f Ignore non existant interfaces
+ -I Init the state dir
+ -u Run updates from our current DNS information
+ -l [\$PATTERN] Show DNS information, optionally from interfaces
+ that match the specified pattern
+ -i [\$PATTERN] Show interfaces that have supplied DNS information
+ optionally from interfaces that match the specified
+ pattern
+ -v [\$PATTERN] echo NEWDOMAIN, NEWSEARCH and NEWNS variables to
+ the console
+ -h Show this help cruft
+ EOF
+ [ -z "$1" ] && exit 0
+ echo
+ error_exit "$*"
+}
+
+echo_resolv()
+{
+ local line= OIFS="$IFS"
+
+ [ -n "$1" -a -f "$IFACEDIR/$1" ] || return 1
+ echo "# resolv.conf from $1"
+ # Our variable maker works of the fact each resolv.conf per interface
+ # is separated by blank lines.
+ # So we remove them when echoing them.
+ while read -r line; do
+ IFS="$OIFS"
+ if [ -n "$line" ]; then
+ # We need to set IFS here to preserve any whitespace
+ IFS=''
+ printf "%s\n" "$line"
+ fi
+ done < "$IFACEDIR/$1"
+ echo
+ IFS="$OIFS"
+}
+
+# Parse resolv.conf's and make variables
+# for domain name servers, search name servers and global nameservers
+parse_resolv()
+{
+ local line= ns= ds= search= d= n= newns=
+ local new=true iface= private=false p= domain= l= islocal=
+
+ newns=
+
+ while read -r line; do
+ case "$line" in
+ "# resolv.conf from "*)
+ if ${new}; then
+ iface="${line#\# resolv.conf from *}"
+ new=false
+ if [ -e "$PRIVATEDIR/$iface" ]; then
+ private=true
+ else
+ # Allow expansion
+ cd "$IFACEDIR"
+ private=false
+ for p in $private_interfaces; do
+ case "$iface" in
+ "$p"|"$p":*) private=true; break;;
+ esac
+ done
+ fi
+ fi
+ ;;
+ "nameserver "*)
+ islocal=false
+ for l in $local_nameservers; do
+ case "${line#* }" in
+ $l)
+ islocal=true
+ echo "LOCALNAMESERVERS=\"\$LOCALNAMESERVERS ${line#* }\""
+ break
+ ;;
+ esac
+ done
+ $islocal || ns="$ns${line#* } "
+ ;;
+ "domain "*)
+ if [ -z "$domain" ]; then
+ domain="${line#* }"
+ echo "DOMAIN=\"$domain\""
+ fi
+ search="${line#* }"
+ ;;
+ "search "*)
+ search="${line#* }"
+ ;;
+ *)
+ [ -n "$line" ] && continue
+ if [ -n "$ns" -a -n "$search" ]; then
+ newns=
+ for n in $ns; do
+ newns="$newns${newns:+,}$n"
+ done
+ ds=
+ for d in $search; do
+ ds="$ds${ds:+ }$d:$newns"
+ done
+ echo "DOMAINS=\"\$DOMAINS $ds\""
+ fi
+ echo "SEARCH=\"\$SEARCH $search\""
+ if ! $private; then
+ echo "NAMESERVERS=\"\$NAMESERVERS $ns\""
+ fi
+ ns=
+ search=
+ new=true
+ ;;
+ esac
+ done
+}
+
+uniqify()
+{
+ local result=
+ while [ -n "$1" ]; do
+ case " $result " in
+ *" $1 "*);;
+ *) result="$result $1";;
+ esac
+ shift
+ done
+ echo "${result# *}"
+}
+
+dirname()
+{
+ local dir= OIFS="$IFS"
+ local IFS=/
+ set -- $@
+ IFS="$OIFS"
+ if [ -n "$1" ]; then
+ printf %s .
+ else
+ shift
+ fi
+ while [ -n "$2" ]; do
+ printf "/%s" "$1"
+ shift
+ done
+ printf "\n"
+}
+
+config_mkdirs()
+{
+ local e=0 f d
+ for f; do
+ [ -n "$f" ] || continue
+ d="$(dirname "$f")"
+ if [ ! -d "$d" ]; then
+ if type install >/dev/null 2>&1; then
+ install -d "$d" || e=$?
+ else
+ mkdir "$d" || e=$?
+ fi
+ fi
+ done
+ return $e
+}
+
+list_resolv()
+{
+ [ -d "$IFACEDIR" ] || return 0
+
+ local report=false list= retval=0 cmd="$1" excl=
+ shift
+
+ case "$IF_EXCLUSIVE" in
+ [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+ if [ -d "$EXCLUSIVEDIR" ]; then
+ cd "$EXCLUSIVEDIR"
+ for i in *; do
+ if [ -f "$i" ]; then
+ list="${i#* }"
+ break
+ fi
+ done
+ fi
+ excl=true
+ ;;
+ *)
+ excl=false
+ ;;
+ esac
+
+ # If we have an interface ordering list, then use that.
+ # It works by just using pathname expansion in the interface directory.
+ if [ -n "$1" ]; then
+ list="$*"
+ $force || report=true
+ elif ! $excl; then
+ cd "$IFACEDIR"
+ for i in $interface_order; do
+ [ -f "$i" ] && list="$list $i"
+ for ii in "$i":* "$i".*; do
+ [ -f "$ii" ] && list="$list $ii"
+ done
+ done
+ for i in $dynamic_order; do
+ if [ -e "$i" -a ! -e "$METRICDIR/"*" $i" ]; then
+ list="$list $i"
+ fi
+ for ii in "$i":* "$i".*; do
+ if [ -f "$ii" -a ! -e "$METRICDIR/"*" $ii" ]; then
+ list="$list $ii"
+ fi
+ done
+ done
+ if [ -d "$METRICDIR" ]; then
+ cd "$METRICDIR"
+ for i in *; do
+ [ -f "$i" ] && list="$list ${i#* }"
+ done
+ fi
+ list="$list *"
+ fi
+
+ cd "$IFACEDIR"
+ retval=1
+ for i in $(uniqify $list); do
+ # Only list interfaces which we really have
+ if ! [ -f "$i" ]; then
+ if $report; then
+ echo "No resolv.conf for interface $i" >&2
+ retval=2
+ fi
+ continue
+ fi
+
+ if [ "$cmd" = i -o "$cmd" = "-i" ]; then
+ printf %s "$i "
+ else
+ echo_resolv "$i"
+ fi
+ [ $? = 0 -a "$retval" = 1 ] && retval=0
+ done
+ [ "$cmd" = i -o "$cmd" = "-i" ] && echo
+ return $retval
+}
+
+list_remove() {
+ local list= e= l= result= found= retval=0
+
+ [ -z "$2" ] && return 0
+ eval list=\"\$$1\"
+ shift
+
+ set -f
+ for e; do
+ found=false
+ for l in $list; do
+ case "$e" in
+ $l) found=true;;
+ esac
+ $found && break
+ done
+ if $found; then
+ retval=$(($retval + 1))
+ else
+ result="$result $e"
+ fi
+ done
+ set +f
+ echo "${result# *}"
+ return $retval
+}
+
+echo_prepend()
+{
+ echo "# Generated by resolvconf"
+ if [ -n "$search_domains" ]; then
+ echo "search $search_domains"
+ fi
+ for n in $name_servers; do
+ echo "nameserver $n"
+ done
+ echo
+}
+
+echo_append()
+{
+ echo "# Generated by resolvconf"
+ if [ -n "$search_domains_append" ]; then
+ echo "search $search_domains_append"
+ fi
+ for n in $name_servers_append; do
+ echo "nameserver $n"
+ done
+ echo
+}
+
+replace()
+{
+ local r= k= f= v= val= sub=
+
+ while read -r keyword value; do
+ for r in $replace; do
+ k="${r%%/*}"
+ r="${r#*/}"
+ f="${r%%/*}"
+ r="${r#*/}"
+ v="${r%%/*}"
+ case "$keyword" in
+ $k)
+ case "$value" in
+ $f) value="$v";;
+ esac
+ ;;
+ esac
+ done
+ val=
+ for sub in $value; do
+ for r in $replace_sub; do
+ k="${r%%/*}"
+ r="${r#*/}"
+ f="${r%%/*}"
+ r="${r#*/}"
+ v="${r%%/*}"
+ case "$keyword" in
+ $k)
+ case "$sub" in
+ $f) sub="$v";;
+ esac
+ ;;
+ esac
+ done
+ val="$val${val:+ }$sub"
+ done
+ printf "%s %s\n" "$keyword" "$val"
+ done
+}
+
+make_vars()
+{
+ local newdomains= d= dn= newns= ns=
+
+ # Clear variables
+ DOMAIN=
+ DOMAINS=
+ SEARCH=
+ NAMESERVERS=
+ LOCALNAMESERVERS=
+
+ if [ -n "$name_servers" -o -n "$search_domains" ]; then
+ eval "$(echo_prepend | parse_resolv)"
+ fi
+ if [ -z "$VFLAG" ]; then
+ IF_EXCLUSIVE=1
+ list_resolv -i "$@" >/dev/null || IF_EXCLUSIVE=0
+ eval "$(list_resolv -l "$@" | replace | parse_resolv)"
+ fi
+ if [ -n "$name_servers_append" -o -n "$search_domains_append" ]; then
+ eval "$(echo_append | parse_resolv)"
+ fi
+
+ # Ensure that we only list each domain once
+ for d in $DOMAINS; do
+ dn="${d%%:*}"
+ list_remove domain_blacklist "$dn" >/dev/null || continue
+ case " $newdomains" in
+ *" ${dn}:"*) continue;;
+ esac
+ newns=
+ for nd in $DOMAINS; do
+ if [ "$dn" = "${nd%%:*}" ]; then
+ ns="${nd#*:}"
+ while [ -n "$ns" ]; do
+ case ",$newns," in
+ *,${ns%%,*},*) ;;
+ *) list_remove name_server_blacklist \
+ "${ns%%,*}" >/dev/null \
+ && newns="$newns${newns:+,}${ns%%,*}";;
+ esac
+ [ "$ns" = "${ns#*,}" ] && break
+ ns="${ns#*,}"
+ done
+ fi
+ done
+ if [ -n "$newns" ]; then
+ newdomains="$newdomains${newdomains:+ }$dn:$newns"
+ fi
+ done
+ DOMAIN="$(list_remove domain_blacklist $DOMAIN)"
+ SEARCH="$(uniqify $SEARCH)"
+ SEARCH="$(list_remove domain_blacklist $SEARCH)"
+ NAMESERVERS="$(uniqify $NAMESERVERS)"
+ NAMESERVERS="$(list_remove name_server_blacklist $NAMESERVERS)"
+ LOCALNAMESERVERS="$(uniqify $LOCALNAMESERVERS)"
+ LOCALNAMESERVERS="$(list_remove name_server_blacklist $LOCALNAMESERVERS)"
+ echo "DOMAIN='$DOMAIN'"
+ echo "SEARCH='$SEARCH'"
+ echo "NAMESERVERS='$NAMESERVERS'"
+ echo "LOCALNAMESERVERS='$LOCALNAMESERVERS'"
+ echo "DOMAINS='$newdomains'"
+}
+
+force=false
+VFLAG=
+while getopts a:Dd:fhIilm:puvVx OPT; do
+ case "$OPT" in
+ f) force=true;;
+ h) usage;;
+ m) IF_METRIC="$OPTARG";;
+ p) IF_PRIVATE=1;;
+ V)
+ VFLAG=1
+ if [ "$local_nameservers" = \
+ "127.* 0.0.0.0 255.255.255.255 ::1" ]
+ then
+ local_nameservers=
+ fi
+ ;;
+ x) IF_EXCLUSIVE=1;;
+ '?') ;;
+ *) cmd="$OPT"; iface="$OPTARG";;
+ esac
+done
+shift $(($OPTIND - 1))
+args="$iface${iface:+ }$*"
+
+# -I inits the state dir
+if [ "$cmd" = I ]; then
+ if [ -d "$VARDIR" ]; then
+ rm -rf "$VARDIR"/*
+ fi
+ exit $?
+fi
+
+# -D ensures that the listed config file base dirs exist
+if [ "$cmd" = D ]; then
+ config_mkdirs "$@"
+ exit $?
+fi
+
+# -l lists our resolv files, optionally for a specific interface
+if [ "$cmd" = l -o "$cmd" = i ]; then
+ list_resolv "$cmd" "$args"
+ exit $?
+fi
+
+# Not normally needed, but subscribers should be able to run independently
+if [ "$cmd" = v -o -n "$VFLAG" ]; then
+ make_vars "$iface"
+ exit $?
+fi
+
+# Test that we have valid options
+if [ "$cmd" = a -o "$cmd" = d ]; then
+ if [ -z "$iface" ]; then
+ usage "Interface not specified"
+ fi
+elif [ "$cmd" != u ]; then
+ [ -n "$cmd" -a "$cmd" != h ] && usage "Unknown option $cmd"
+ usage
+fi
+
+if [ "$cmd" = a ]; then
+ for x in '/' \\ ' ' '*'; do
+ case "$iface" in
+ *[$x]*) error_exit "$x not allowed in interface name";;
+ esac
+ done
+ for x in '.' '-' '~'; do
+ case "$iface" in
+ [$x]*) error_exit \
+ "$x not allowed at start of interface name";;
+ esac
+ done
+ [ "$cmd" = a -a -t 0 ] && error_exit "No file given via stdin"
+fi
+
+if [ ! -d "$VARDIR" ]; then
+ if [ -L "$VARDIR" ]; then
+ dir="$(readlink "$VARDIR")"
+ # link maybe relative
+ cd "${VARDIR%/*}"
+ if ! mkdir -m 0755 -p "$dir"; then
+ error_exit "Failed to create needed" \
+ "directory $dir"
+ fi
+ else
+ if ! mkdir -m 0755 -p "$VARDIR"; then
+ error_exit "Failed to create needed" \
+ "directory $VARDIR"
+ fi
+ fi
+fi
+
+if [ ! -d "$IFACEDIR" ]; then
+ mkdir -m 0755 -p "$IFACEDIR" || \
+ error_exit "Failed to create needed directory $IFACEDIR"
+ if [ "$cmd" = d ]; then
+ # Provide the same error messages as below
+ if ! ${force}; then
+ cd "$IFACEDIR"
+ for i in $args; do
+ warn "No resolv.conf for interface $i"
+ done
+ fi
+ ${force}
+ exit $?
+ fi
+fi
+
+# An interface was added, changed, deleted or a general update was called.
+# Due to exclusivity we need to ensure that this is an atomic operation.
+# Our subscribers *may* need this as well if the init system is sub par.
+# As such we spinlock at this point as best we can.
+# We don't use flock(1) because it's not widely available and normally resides
+# in /usr which we do our very best to operate without.
+[ -w "$VARDIR" ] || error_exit "Cannot write to $LOCKDIR"
+: ${lock_timeout:=10}
+while true; do
+ if mkdir "$LOCKDIR" 2>/dev/null; then
+ trap 'rm -rf "$LOCKDIR";' EXIT
+ trap 'rm -rf "$LOCKDIR"; exit 1' INT QUIT ABRT SEGV ALRM TERM
+ echo $$ >"$LOCKDIR/pid"
+ break
+ fi
+ pid=$(cat "$LOCKDIR/pid")
+ if ! kill -0 "$pid"; then
+ warn "clearing stale lock pid $pid"
+ rm -rf "$LOCKDIR"
+ continue
+ fi
+ lock_timeout=$(($lock_timeout - 1))
+ if [ "$lock_timeout" -le 0 ]; then
+ error_exit "timed out waiting for lock from pid $pid"
+ fi
+ sleep 1
+done
+
+case "$cmd" in
+a)
+ # Read resolv.conf from stdin
+ resolv="$(cat)"
+ changed=false
+ changedfile=false
+ # If what we are given matches what we have, then do nothing
+ if [ -e "$IFACEDIR/$iface" ]; then
+ if [ "$(echo "$resolv")" != \
+ "$(cat "$IFACEDIR/$iface")" ]
+ then
+ changed=true
+ changedfile=true
+ fi
+ else
+ changed=true
+ changedfile=true
+ fi
+
+ # Set metric and private before creating the interface resolv.conf file
+ # to ensure that it will have the correct flags
+ [ ! -d "$METRICDIR" ] && mkdir "$METRICDIR"
+ oldmetric="$METRICDIR/"*" $iface"
+ newmetric=
+ if [ -n "$IF_METRIC" ]; then
+ # Pad metric to 6 characters, so 5 is less than 10
+ while [ ${#IF_METRIC} -le 6 ]; do
+ IF_METRIC="0$IF_METRIC"
+ done
+ newmetric="$METRICDIR/$IF_METRIC $iface"
+ fi
+ rm -f "$METRICDIR/"*" $iface"
+ [ "$oldmetric" != "$newmetric" -a \
+ "$oldmetric" != "$METRICDIR/* $iface" ] &&
+ changed=true
+ [ -n "$newmetric" ] && echo " " >"$newmetric"
+
+ case "$IF_PRIVATE" in
+ [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+ if [ ! -d "$PRIVATEDIR" ]; then
+ [ -e "$PRIVATEDIR" ] && rm "$PRIVATEDIR"
+ mkdir "$PRIVATEDIR"
+ fi
+ [ -e "$PRIVATEDIR/$iface" ] || changed=true
+ [ -d "$PRIVATEDIR" ] && echo " " >"$PRIVATEDIR/$iface"
+ ;;
+ *)
+ if [ -e "$PRIVATEDIR/$iface" ]; then
+ rm -f "$PRIVATEDIR/$iface"
+ changed=true
+ fi
+ ;;
+ esac
+
+ oldexcl=
+ for x in "$EXCLUSIVEDIR/"*" $iface"; do
+ if [ -f "$x" ]; then
+ oldexcl="$x"
+ break
+ fi
+ done
+ case "$IF_EXCLUSIVE" in
+ [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+ if [ ! -d "$EXCLUSIVEDIR" ]; then
+ [ -e "$EXCLUSIVEDIR" ] && rm "$EXCLUSIVEDIR"
+ mkdir "$EXCLUSIVEDIR"
+ fi
+ cd "$EXCLUSIVEDIR"
+ for x in *; do
+ [ -f "$x" ] && break
+ done
+ if [ "${x#* }" != "$iface" ]; then
+ if [ "$x" = "${x% *}" ]; then
+ x=10000000
+ else
+ x="${x% *}"
+ fi
+ if [ "$x" = "0000000" ]; then
+ warn "exclusive underflow"
+ else
+ x=$(($x - 1))
+ fi
+ if [ -d "$EXCLUSIVEDIR" ]; then
+ echo " " >"$EXCLUSIVEDIR/$x $iface"
+ fi
+ changed=true
+ fi
+ ;;
+ *)
+ if [ -f "$oldexcl" ]; then
+ rm -f "$oldexcl"
+ changed=true
+ fi
+ ;;
+ esac
+
+ if $changedfile; then
+ printf "%s\n" "$resolv" >"$IFACEDIR/$iface" || exit $?
+ elif ! $changed; then
+ exit 0
+ fi
+ unset changed changedfile oldmetric newmetric x oldexcl
+ ;;
+
+d)
+ # Delete any existing information about the interface
+ cd "$IFACEDIR"
+ changed=false
+ for i in $args; do
+ if [ -e "$i" ]; then
+ changed=true
+ elif ! ${force}; then
+ warn "No resolv.conf for interface $i"
+ fi
+ rm -f "$i" "$METRICDIR/"*" $i" \
+ "$PRIVATEDIR/$i" \
+ "$EXCLUSIVEDIR/"*" $i" || exit $?
+ done
+ if ! ${changed}; then
+ # Set the return code based on the forced flag
+ ${force}
+ exit $?
+ fi
+ unset changed i
+ ;;
+esac
+
+case "${resolvconf:-YES}" in
+[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;;
+*) exit 0;;
+esac
+
+eval "$(make_vars)"
+export RESOLVCONF DOMAINS SEARCH NAMESERVERS LOCALNAMESERVERS
+: ${list_resolv:=list_resolv -l}
+retval=0
+for script in "$LIBEXECDIR"/*; do
+ if [ -f "$script" ]; then
+ eval script_enabled="\$${script##*/}"
+ case "${script_enabled:-YES}" in
+ [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;;
+ *) continue;;
+ esac
+ if [ -x "$script" ]; then
+ "$script" "$cmd" "$iface"
+ else
+ (set -- "$cmd" "$iface"; . "$script")
+ fi
+ retval=$(($retval + $?))
+ fi
+done
+exit $retval
--- /dev/null
+#!/bin/sh
+# Copyright (c) 2009-2014 Roy Marples
+# All rights reserved
+
+# unbound subscriber for resolvconf
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials provided
+# with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+unbound_insecure=
+
+[ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0
+. "@SYSCONFDIR@/resolvconf.conf" || exit 1
+[ -z "$unbound_conf" ] && exit 0
+[ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)"
+NL="
+"
+
+: ${unbound_pid:=/var/run/unbound.pid}
+: ${unbound_service:=unbound}
+: ${unbound_restart:=@RESTARTCMD ${unbound_service}@}
+newconf="# Generated by resolvconf$NL"
+
+for d in $DOMAINS; do
+ dn="${d%%:*}"
+ ns="${d#*:}"
+ case "$unbound_insecure" in
+ [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+ newconf="$newconf${NL}server:$NL"
+ newconf="$newconf domain-insecure: \"$dn\"$NL"
+ ;;
+ esac
+ newconf="$newconf${NL}forward-zone:$NL name: \"$dn\"$NL"
+ while [ -n "$ns" ]; do
+ newconf="$newconf forward-addr: ${ns%%,*}$NL"
+ [ "$ns" = "${ns#*,}" ] && break
+ ns="${ns#*,}"
+ done
+done
+
+if [ -n "$NAMESERVERS" ]; then
+ newconf="$newconf${NL}forward-zone:$NL name: \".\"$NL"
+ for n in $NAMESERVERS; do
+ newconf="$newconf forward-addr: $n$NL"
+ done
+fi
+
+# Try to ensure that config dirs exist
+if type config_mkdirs >/dev/null 2>&1; then
+ config_mkdirs "$unbound_conf"
+else
+ @SBINDIR@/resolvconf -D "$unbound_conf"
+fi
+
+if [ ! -f "$unbound_conf" ] || \
+ [ "$(cat "$unbound_conf")" != "$(printf %s "$newconf")" ]
+then
+ printf %s "$newconf" >"$unbound_conf"
+ # If we can't sent a HUP then force a restart
+ if [ -s "$unbound_pid" ]; then
+ if ! kill -HUP $(cat "$unbound_pid") 2>/dev/null; then
+ eval $unbound_restart
+ fi
+ else
+ eval $unbound_restart
+ fi
+fi
--- /dev/null
+# $NetBSD: Makefile,v 1.1 2009/11/21 03:24:31 roy Exp $
+
+SUBDIR= resolvconf
+
+.include <bsd.subdir.mk>
--- /dev/null
+# $NetBSD: Makefile.inc,v 1.1 2009/11/21 03:24:31 roy Exp $
+
+.include <bsd.own.mk>
+
+BINDIR= /sbin
--- /dev/null
+# $NetBSD: Makefile,v 1.6 2013/07/12 17:32:47 roy Exp $
+#
+
+.include <bsd.own.mk>
+
+DIST= ${NETBSDSRCDIR}/external/bsd/openresolv/dist
+.PATH: ${DIST}
+
+SCRIPTS= resolvconf
+SCRIPTSDIR= /sbin
+
+FILES= libc dnsmasq named unbound
+FILESDIR= /libexec/resolvconf
+# We should not have to do this ...
+.for f in ${FILES}
+FILESBUILD_$f= yes
+.endfor
+
+MAN= resolvconf.conf.5 resolvconf.8
+
+CLEANFILES= ${SCRIPTS} ${FILES} ${MAN}
+
+CMD1= \1 status >/dev/null 2>\&1
+CMD2= \1 restart
+RESTARTCMD= if /etc/rc.d/${CMD1}; then /etc/rc.d/${CMD2}; fi
+.for f in ${SCRIPTS} ${FILES} ${MAN}
+${f}: Makefile ${f}.in
+ ${TOOL_SED} -e 's:@PREFIX@::g' \
+ -e 's:@SBINDIR@:/sbin:g' \
+ -e 's:@RCDIR@:/etc/rc.d:g' \
+ -e 's:@SYSCONFDIR@:/etc:g' \
+ -e 's:@LIBEXECDIR@:/libexec/resolvconf:g' \
+ -e 's:@VARDIR@:/var/run/resolvconf:g' \
+ -e 's:@RESTARTCMD \(.*\)@:${RESTARTCMD}:g' \
+ ${DIST}/${f}.in > $@
+.endfor
+
+.include <bsd.prog.mk>
\
nsswitch.conf.5 \
rc.conf.5 \
- \
+ resolv.conf.5 \
\
\
#MLINKS+=fs.5 inode.5
#MLINKS+=hosts.equiv.5 rhosts.5
#MLINKS+=monthly.5 monthly.conf.5
-#MLINKS+=resolv.conf.5 resolver.5
+MLINKS+=resolv.conf.5 resolver.5
#MLINKS+=utmp.5 wtmp.5 utmp.5 lastlog.5 passwd.5 master.passwd.5
#MLINKS+=utmpx.5 wtmpx.5 utmpx.5 lastlogx.5
#MLINKS+=weekly.5 weekly.conf.5
--- /dev/null
+.\" $NetBSD: resolv.conf.5,v 1.30 2012/09/09 18:09:24 christos Exp $
+.\"
+.\" Copyright (c) 1986, 1991 The Regents of the University of California.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of the University nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" @(#)resolver.5 5.12 (Berkeley) 5/10/91
+.\"
+.Dd September 9, 2012
+.Dt RESOLV.CONF 5
+.Os
+.Sh NAME
+.Nm resolv.conf
+.Nd resolver configuration file
+.Sh DESCRIPTION
+The
+.Nm resolv.conf
+file specifies how the
+.Xr resolver 3
+routines in the C library
+(which provide access to the Internet Domain Name System) should operate.
+The resolver configuration file contains information that is read
+by the resolver routines the first time they are invoked by a process.
+The file is designed to be human readable and contains a list of
+keywords with values that provide various types of resolver information.
+.Pp
+On a normally configured system this file should not be necessary.
+The only name server to be queried will be on the local machine,
+the domain name is determined from the host name,
+and the domain search path is constructed from the domain name.
+.Pp
+The different configuration options are:
+.Bl -tag -width nameserver
+.It Sy nameserver
+IPv4 address
+.Pq in dot notation
+or IPv6 address
+.Pq in hex-and-colon notation
+of a name server that the resolver should query.
+Scoped IPv6 address notation is accepted as well
+.Po
+see
+.Xr inet6 4
+for details
+.Pc .
+Up to
+.Dv MAXNS
+(currently 3) name servers may be listed,
+one per keyword.
+If there are multiple servers,
+the resolver library queries them in the order listed.
+If no
+.Sy nameserver
+entries are present,
+the default is to use the name server on the local machine.
+(The algorithm used is to try a name server, and if the query times out,
+try the next, until out of name servers,
+then repeat trying all the name servers
+until a maximum number of retries are made).
+.It Sy domain
+Local domain name.
+Most queries for names within this domain can use short names
+relative to the local domain.
+If no
+.Sy domain
+entry is present, the domain is determined
+from the local host name returned by
+.Xr gethostname 3 ;
+the domain part is taken to be everything after the first
+.Sq \&. .
+Finally, if the host name does not contain a domain part, the root
+domain is assumed.
+.It Sy lookup
+This keyword is now ignored: its function has been superseded by
+features of
+.Xr nsswitch.conf 5 .
+.Pp
+.It Sy search
+Search list for host-name lookup.
+The search list is normally determined from the local domain name;
+by default, it begins with the local domain name, then successive
+parent domains that have at least two components in their names.
+This may be changed by listing the desired domain search path
+following the
+.Sy search
+keyword with spaces or tabs separating
+the names.
+Most resolver queries will be attempted using each component
+of the search path in turn until a match is found.
+Note that this process may be slow and will generate a lot of network
+traffic if the servers for the listed domains are not local,
+and that queries will time out if no server is available
+for one of the domains.
+.Pp
+The search list is currently limited to six domains
+with a total of 1024 characters.
+.It Sy sortlist
+Sortlist allows addresses returned by gethostbyname to
+be sorted.
+A sortlist is specified by IP address netmask pairs.
+The netmask is optional and defaults to the natural
+netmask of the net.
+The IP address and optional network pairs are separated by
+slashes.
+Up to 10 pairs may be specified, ie.
+.Pp
+.Sy sortlist 130.155.160.0/255.255.240.0 130.155.0.0
+.It Sy options
+Options allows certain internal resolver variables to be modified.
+The syntax is:
+.Pp
+.Sy options option ...
+.Pp
+where option is one of the following:
+.Bl -tag -width no-check-names
+.It Sy debug
+enable debugging information, by setting RES_DEBUG in _res.options
+(see
+.Xr resolver 3 ) .
+.It Sy ndots:n
+sets a threshold for the number of dots which
+must appear in a name given to res_query (see
+.Xr resolver 3 )
+before an initial absolute query will be made.
+The default for n is 1, meaning that if there are any
+dots in a name, the name will be tried first as an absolute
+name before any search list elements are appended to it.
+.It Sy timeout:n
+sets the amount of time the resolver will wait for a response from a remote
+name server before retrying the query via a different name server.
+Measured in seconds, the default is
+.Dv RES_TIMEOUT
+(see
+.Aq Pa resolv.h ) .
+.It Sy attempts:n
+sets the number of times the resolver will send a query to its name servers
+before giving up and returning an error to the calling application.
+The default is
+.Dv RES_DFLRETRY
+(see
+.Aq Pa resolv.h ) .
+.It Sy rotate
+sets
+.Dv RES_ROTATE
+in
+.Ft _res.options ,
+which causes round robin selection of nameservers from among those listed.
+This has the effect of spreading the query load among all listed servers,
+rather than having all clients try the first listed server first every time.
+.It Sy no-check-names
+sets
+.Dv RES_NOCHECKNAME
+in
+.Ft _res.options ,
+which disables the modern BIND checking of incoming host names and mail names
+for invalid characters such as underscore
+.Pq Sq _ ,
+non-ASCII, or control characters.
+This is the default.
+.It Sy check-names
+clears
+.Dv RES_NOCHECKNAME
+in
+.Ft _res.options ,
+which enables the modern BIND checking of incoming host names and mail names
+as described above.
+.It Sy edns0
+attach OPT pseudo-RR for ENDS0 extension specified in RFC 2671,
+to inform DNS server of our receive buffer size.
+The option will allow DNS servers to take advantage of non-default receive
+buffer size, and to send larger replies.
+DNS query packets with EDNS0 extension is not compatible with
+non-EDNS0 DNS servers.
+The option must be used only when all the DNS servers listed in
+.Sy nameserver
+lines are able to handle EDNS0 extension.
+.It Sy inet6
+enable support for IPv6-only applications, by setting RES_USE_INET6 in
+_res.options (see
+.Xr resolver 3 ) .
+The option is meaningful with certain kernel configuration only and
+use of this option is discouraged.
+.It Sy insecure1
+Do not require IP source address on the reply packet to be equal to the
+servers' address.
+.It Sy insecure2
+Do not check if the query section of the reply packet is equal
+to that of the query packet.
+For testing purposes only.
+.It Sy no-tld-query
+sets
+.Dv RES_NOTLDQUERY
+in
+.Ft _res.options .
+This option causes
+.Fn res_nsearch
+to not attempt to resolve a unqualified name as if it were a top level
+domain (TLD).
+This option can cause problems if the site has
+.Dq localhost
+as a TLD rather
+than having localhost on one or more elements of the search list.
+This option has no effect if neither
+.Dv RES_DEFNAMES
+or
+.Dv RES_DNSRCH
+is set.
+.El
+.El
+.Pp
+The
+.Sy domain
+and
+.Sy search
+keywords are mutually exclusive.
+If more than one instance of these keywords is present,
+the last instance will override.
+.Pp
+The
+.Sy search
+keyword of a system's
+.Pa resolv.conf
+file can be overridden on a per-process basis by setting the
+environment variable
+.Ev LOCALDOMAIN
+to a space-separated list of search domains.
+.Pp
+The
+.Sy options
+keyword of a system's
+.Pa resolv.conf
+file can be amended on a per-process basis by setting the
+environment variable
+.Ev RES_OPTIONS
+to a space-separated list of resolver options as explained above.
+.Pp
+The keyword and value must appear on a single line, and the keyword
+(e.g.
+.Sy nameserver )
+must start the line.
+The value follows the keyword, separated by white space.
+.Sh FILES
+.Bl -tag -width /etc/resolv.conf -compact
+.It Pa /etc/resolv.conf
+The file
+.Nm resolv.conf
+resides in
+.Pa /etc .
+.El
+.Sh SEE ALSO
+.Xr gethostbyname 3 ,
+.Xr resolver 3 ,
+.Xr nsswitch.conf 5 ,
+.Xr hostname 7 ,
+.Xr named 8 ,
+.Xr resolvconf 8
+.Rs
+.%A Paul Vixie
+.%A Kevin J. Dunlap
+.%A Michael J. Karels
+.%T "Name Server Operations Guide for BIND"
+.%N Release 4.9.4
+.%I CSRG ,
+.%I Department of Electrical Engineering and Computer Sciences ,
+.%I University of California, Berkeley
+.%D July 16, 1996
+.%U http://www.dns.net/dnsrd/docs/bog/bog.html
+.Re
+.Sh HISTORY
+The
+.Nm resolv.conf
+file format appeared in
+.Bx 4.3 .