From: David van Moolenbroek Date: Thu, 16 Feb 2017 13:21:17 +0000 (+0000) Subject: Import NetBSD resolvconf(8) X-Git-Url: http://zhaoyanbai.com/repos/man.arpaname.html?a=commitdiff_plain;h=d642636d2d23d13bdfd55f00cfe917fe4a830a8a;p=minix.git Import NetBSD resolvconf(8) Also known as "openresolv". Needed for dhcpcd(8). Change-Id: Ibcb616837e9a5293377e451c6f6218a37260ed80 --- diff --git a/distrib/sets/lists/minix-base/mi b/distrib/sets/lists/minix-base/mi index 5ec198f9e..2796eb74e 100644 --- a/distrib/sets/lists/minix-base/mi +++ b/distrib/sets/lists/minix-base/mi @@ -196,6 +196,12 @@ ./home/bin/.exrc minix-base obsolete ./home/bin/.profile minix-base obsolete ./lib minix-base +./libexec minix-base +./libexec/resolvconf minix-base +./libexec/resolvconf/dnsmasq minix-base +./libexec/resolvconf/libc minix-base +./libexec/resolvconf/named minix-base +./libexec/resolvconf/unbound minix-base ./mnt minix-base ./proc minix-base ./root minix-base @@ -228,6 +234,7 @@ ./sbin/printconfig minix-base ./sbin/rcorder minix-base ./sbin/reboot minix-base +./sbin/resolvconf minix-base ./sbin/route minix-base ./sbin/shutdown minix-base ./sbin/sysctl minix-base diff --git a/distrib/sets/lists/minix-man/mi b/distrib/sets/lists/minix-man/mi index 21f4d0489..dae68dd5b 100644 --- a/distrib/sets/lists/minix-man/mi +++ b/distrib/sets/lists/minix-man/mi @@ -3315,8 +3315,9 @@ ./usr/man/man5/pkg_install.conf.5 minix-man ./usr/man/man5/pkg_summary.5 minix-man ./usr/man/man5/rc.conf.5 minix-man -./usr/man/man5/resolv.conf.5 minix-man obsolete -./usr/man/man5/resolver.5 minix-man obsolete +./usr/man/man5/resolv.conf.5 minix-man +./usr/man/man5/resolvconf.conf.5 minix-man +./usr/man/man5/resolver.5 minix-man ./usr/man/man5/rhosts.5 minix-man obsolete ./usr/man/man5/serv.access.5 minix-man obsolete ./usr/man/man5/statvfs.5 minix-man @@ -3460,6 +3461,7 @@ ./usr/man/man8/reboot.8 minix-man ./usr/man/man8/renice.8 minix-man ./usr/man/man8/repartition.8 minix-man +./usr/man/man8/resolvconf.8 minix-man ./usr/man/man8/rotate.8 minix-man ./usr/man/man8/route.8 minix-man ./usr/man/man8/rshd.8 minix-man diff --git a/etc/mtree/NetBSD.dist.base b/etc/mtree/NetBSD.dist.base index ce16d9694..5f636cdfa 100644 --- a/etc/mtree/NetBSD.dist.base +++ b/etc/mtree/NetBSD.dist.base @@ -56,6 +56,8 @@ ./etc/system.conf.d ./home ./lib +./libexec +./libexec/resolvconf ./mnt ./proc ./root diff --git a/external/bsd/Makefile b/external/bsd/Makefile index 224b56751..37cb6560e 100644 --- a/external/bsd/Makefile +++ b/external/bsd/Makefile @@ -6,7 +6,7 @@ SUBDIR= byacc \ fetch file flex less \ libarchive libevent mdocml \ - tmux top + openresolv tmux top .if (${MKATF} != "no") SUBDIR+= atf diff --git a/external/bsd/openresolv/Makefile b/external/bsd/openresolv/Makefile new file mode 100644 index 000000000..f5d54b2ad --- /dev/null +++ b/external/bsd/openresolv/Makefile @@ -0,0 +1,5 @@ +# $NetBSD: Makefile,v 1.1 2009/11/21 03:24:30 roy Exp $ + +SUBDIR= sbin + +.include diff --git a/external/bsd/openresolv/dist/README b/external/bsd/openresolv/dist/README new file mode 100644 index 000000000..b4042b0e8 --- /dev/null +++ b/external/bsd/openresolv/dist/README @@ -0,0 +1,11 @@ +openresolv is a resolvconf implementation which manages resolv.conf +You can find the latest version at http://roy.marples.name/projects/openresolv +It is written and maintained by Roy Marples + +This resolvconf implementation, along with its subscribers, work with a +POSIX compliant shell and userland utilities. It is designed to work without +tools such as sed as it *has* to work without /usr being available. + +On systems where resolvconf is expected to be used before /var/run is available +for writing, you can configure openresolv to write somewhere else, like say a +ramdisk. diff --git a/external/bsd/openresolv/dist/dnsmasq.in b/external/bsd/openresolv/dist/dnsmasq.in new file mode 100644 index 000000000..1b6ad1664 --- /dev/null +++ b/external/bsd/openresolv/dist/dnsmasq.in @@ -0,0 +1,202 @@ +#!/bin/sh +# Copyright (c) 2007-2012 Roy Marples +# All rights reserved + +# dnsmasq subscriber for resolvconf + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials provided +# with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +[ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 +. "@SYSCONFDIR@/resolvconf.conf" || exit 1 +[ -z "$dnsmasq_conf" -a -z "$dnsmasq_resolv" ] && exit 0 +[ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" +NL=" +" + +: ${dnsmasq_pid:=/var/run/dnsmasq.pid} +[ -s "$dnsmasq_pid" ] || dnsmasq_pid=/var/run/dnsmasq/dnsmasq.pid +[ -s "$dnsmasq_pid" ] || unset dnsmasq_pid +: ${dnsmasq_service:=dnsmasq} +: ${dnsmasq_restart:=@RESTARTCMD ${dnsmasq_service}@} +newconf="# Generated by resolvconf$NL" +newresolv="$newconf" + +# Using dbus means that we never have to restart the daemon +# This is important as it means we should not drop DNS queries +# whilst changing DNS options around. However, dbus support is optional +# so we need to validate a few things first. +# Check for DBus support in the binary +dbus=false +dbus_ex=false +dbus_introspect=$(dbus-send --print-reply --system \ + --dest=uk.org.thekelleys.dnsmasq \ + /uk/org/thekelleys/dnsmasq \ + org.freedesktop.DBus.Introspectable.Introspect \ + 2>/dev/null) +if [ $? = 0 ]; then + dbus=true + if printf %s "$dbus_introspect" | \ + grep -q '' + then + dbus_ex=true + fi +fi + +for n in $NAMESERVERS; do + newresolv="${newresolv}nameserver $n$NL" +done + +dbusdest= +dbusdest_ex= +conf= +for d in $DOMAINS; do + dn="${d%%:*}" + ns="${d#*:}" + while [ -n "$ns" ]; do + n="${ns%%,*}" + if $dbus && ! $dbus_ex; then + case "$n" in + *.*.*.*) + SIFS=${IFS-y} OIFS=$IFS + IFS=. + set -- $n + num="0x$(printf %02x $1 $2 $3 $4)" + if [ "$SIFS" = y ]; then + unset IFS + else + IFS=$OIFS + fi + dbusdest="$dbusdest uint32:$(printf %u $num)" + dbusdest="$dbusdest string:$dn" + ;; + *:*%*) + # This version of dnsmasq won't accept + # scoped IPv6 addresses + dbus=false + ;; + *:*) + SIFS=${IFS-y} OIFS=$IFS bytes= front= back= + empty=false i=0 + IFS=: + set -- $n + while [ -n "$1" -o -n "$2" ]; do + addr="$1" + shift + if [ -z "$addr" ]; then + empty=true + continue + fi + i=$(($i + 1)) + while [ ${#addr} -lt 4 ]; do + addr="0${addr}" + done + byte1="$(printf %d 0x${addr%??})" + byte2="$(printf %d 0x${addr#??})" + if $empty; then + back="$back byte:$byte1 byte:$byte2" + else + front="$front byte:$byte1 byte:$byte2" + fi + done + while [ $i != 8 ]; do + i=$(($i + 1)) + front="$front byte:0 byte:0" + done + front="${front}$back" + if [ "$SIFS" = y ]; then + unset IFS + else + IFS=$OIFS + fi + dbusdest="${dbusdest}$front string:$dn" + ;; + *) + if ! $dbus_ex; then + dbus=false + fi + ;; + esac + fi + dbusdest_ex="$dbusdest_ex${dbusdest_ex:+,}/$dn/$n" + conf="${conf}server=/$dn/$n$NL" + [ "$ns" = "${ns#*,}" ] && break + ns="${ns#*,}" + done +done + +if $dbus; then + newconf="$newconf$NL# Domain specific servers will" + newconf="$newconf be sent over dbus${NL}" +else + newconf="$newconf$conf" +fi + +# Try to ensure that config dirs exist +if type config_mkdirs >/dev/null 2>&1; then + config_mkdirs "$dnsmasq_conf" "$dnsmasq_resolv" +else + @SBINDIR@/resolvconf -D "$dnsmasq_conf" "$dnsmasq_resolv" +fi + +changed=false +if [ -n "$dnsmasq_conf" ]; then + if [ ! -f "$dnsmasq_conf" ] || \ + [ "$(cat "$dnsmasq_conf")" != "$(printf %s "$newconf")" ] + then + changed=true + printf %s "$newconf" >"$dnsmasq_conf" + fi +fi +if [ -n "$dnsmasq_resolv" ]; then + # dnsmasq polls this file so no need to set changed=true + if [ -f "$dnsmasq_resolv" ]; then + if [ "$(cat "$dnsmasq_resolv")" != "$(printf %s "$newresolv")" ] + then + printf %s "$newresolv" >"$dnsmasq_resolv" + fi + else + printf %s "$newresolv" >"$dnsmasq_resolv" + fi +fi + +if $changed; then + eval $dnsmasq_restart +fi +if $dbus; then + if [ -s "$dnsmasq_pid" ]; then + $changed || kill -HUP $(cat "$dnsmasq_pid") + fi + # Send even if empty so old servers are cleared + if $dbus_ex; then + method=SetDomainServers + if [ -n "$dbusdest_ex" ]; then + dbusdest_ex="array:string:$dbusdest_ex" + fi + dbusdest="$dbusdest_ex" + else + method=SetServers + fi + dbus-send --system --dest=uk.org.thekelleys.dnsmasq \ + /uk/org/thekelleys/dnsmasq uk.org.thekelleys.$method \ + $dbusdest +fi diff --git a/external/bsd/openresolv/dist/libc.in b/external/bsd/openresolv/dist/libc.in new file mode 100644 index 000000000..3be134bfc --- /dev/null +++ b/external/bsd/openresolv/dist/libc.in @@ -0,0 +1,246 @@ +#!/bin/sh +# Copyright (c) 2007-2014 Roy Marples +# All rights reserved + +# libc subscriber for resolvconf + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials provided +# with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +SYSCONFDIR=@SYSCONFDIR@ +LIBEXECDIR=@LIBEXECDIR@ +VARDIR=@VARDIR@ +IFACEDIR="$VARDIR/interfaces" +NL=" +" + +# sed may not be available, and this is faster on small files +key_get_value() +{ + local key="$1" x= line= + + shift + if [ $# -eq 0 ]; then + while read -r line; do + case "$line" in + "$key"*) echo "${line##$key}";; + esac + done + else + for x do + while read -r line; do + case "$line" in + "$key"*) echo "${line##$key}";; + esac + done < "$x" + done + fi +} + +keys_remove() +{ + local key x line found + + while read -r line; do + found=false + for key do + case "$line" in + "$key"*|"#"*|" "*|" "*|"") found=true;; + esac + $found && break + done + $found || echo "$line" + done +} + +local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1" + +# Support original resolvconf configuration layout +# as well as the openresolv config file +if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then + . "$SYSCONFDIR"/resolvconf.conf +elif [ -d "$SYSCONFDIR"/resolvconf ]; then + SYSCONFDIR="$SYSCONFDIR/resolvconf/resolv.conf.d" + base="$SYSCONFDIR/resolv.conf.d/base" + if [ -f "$base" ]; then + prepend_nameservers="$(key_get_value "nameserver " "$base")" + domain="$(key_get_value "domain " "$base")" + prepend_search="$(key_get_value "search " "$base")" + resolv_conf_options="$(key_get_value "options " "$base")" + resolv_conf_sortlist="$(key_get_value "sortlist " "$base")" + fi + if [ -f "$SYSCONFDIR"/resolv.conf.d/head ]; then + resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.d/head)" + fi + if [ -f "$SYSCONFDIR"/resolv.conf.d/tail ]; then + resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.d/tail)" + fi +fi +: ${resolv_conf:=/etc/resolv.conf} +: ${libc_service:=nscd} +: ${libc_restart:=@RESTARTCMD ${libc_service}@} +: ${list_resolv:=@SBINDIR@/resolvconf -l} +if [ "${resolv_conf_head-x}" = x -a -f "$SYSCONFDIR"/resolv.conf.head ]; then + resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.head)" +fi +if [ "${resolv_conf_tail-x}" = x -a -f "$SYSCONFDIR"/resolv.conf.tail ]; then + resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.tail)" +fi + +backup=true +signature="# Generated by resolvconf" + +uniqify() +{ + local result= + while [ -n "$1" ]; do + case " $result " in + *" $1 "*);; + *) result="$result $1";; + esac + shift + done + echo "${result# *}" +} + +case "${resolv_conf_passthrough:-NO}" in +[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) + backup=false + newest= + for conf in "$IFACEDIR"/*; do + if [ -z "$newest" -o "$conf" -nt "$newest" ]; then + newest="$conf" + fi + done + [ -z "$newest" ] && exit 0 + newconf="$(cat "$newest")$NL" + ;; +/dev/null|[Nn][Uu][Ll][Ll]) + : ${resolv_conf_local_only:=NO} + if [ "$local_nameservers" = "127.* 0.0.0.0 255.255.255.255 ::1" ]; then + local_nameservers= + fi + # Need to overwrite our variables. + eval "$(@SBINDIR@/resolvconf -V)" + ;; + +*) + [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" + ;; +esac +case "${resolv_conf_passthrough:-NO}" in +[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;; +*) + : ${domain:=$DOMAIN} + newsearch="$(uniqify $prepend_search $SEARCH $append_search)" + NS="$LOCALNAMESERVERS $NAMESERVERS" + newns= + gotlocal=false + for n in $(uniqify $prepend_nameservers $NS $append_nameservers); do + add=true + islocal=false + for l in $local_nameservers; do + case "$n" in + $l) islocal=true; gotlocal=true; break;; + esac + done + if ! $islocal; then + case "${resolv_conf_local_only:-YES}" in + [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) + $gotlocal && add=false;; + esac + fi + $add && newns="$newns $n" + done + + # Hold our new resolv.conf in a variable to save on temporary files + newconf="$signature$NL" + if [ -n "$resolv_conf_head" ]; then + newconf="$newconf$resolv_conf_head$NL" + fi + + [ -n "$domain" ] && newconf="${newconf}domain $domain$NL" + if [ -n "$newsearch" -a "$newsearch" != "$domain" ]; then + newconf="${newconf}search $newsearch$NL" + fi + for n in $newns; do + newconf="${newconf}nameserver $n$NL" + done + + # Now add anything we don't care about such as sortlist and options + stuff="$($list_resolv | keys_remove nameserver domain search)" + if [ -n "$stuff" ]; then + newconf="$newconf$stuff$NL" + fi + + # Append any user defined ones + if [ -n "$resolv_conf_options" ]; then + newconf="${newconf}options $resolv_conf_options$NL" + fi + if [ -n "$resolv_conf_sortlist" ]; then + newconf="${newconf}sortlist $resolv_conf_sortlist$NL" + fi + + if [ -n "$resolv_conf_tail" ]; then + newconf="$newconf$resolv_conf_tail$NL" + fi + ;; +esac + +# Check if the file has actually changed or not +if [ -e "$resolv_conf" ]; then + [ "$(cat "$resolv_conf")" = "$(printf %s "$newconf")" ] && exit 0 +fi + +# Change is good. +# If the old file does not have our signature, back it up. +# If the new file just has our signature, restore the backup. +if $backup; then + if [ "$newconf" = "$signature$NL" ]; then + if [ -e "$resolv_conf.bak" ]; then + newconf="$(cat "$resolv_conf.bak")" + fi + elif [ -e "$resolv_conf" ]; then + read line <"$resolv_conf" + if [ "$line" != "$signature" ]; then + cp "$resolv_conf" "$resolv_conf.bak" + fi + fi +fi + +# Create our resolv.conf now +(umask 022; printf %s "$newconf" >"$resolv_conf") +eval $libc_restart + +retval=0 +# Notify users of the resolver +for script in "$LIBEXECDIR"/libc.d/*; do + if [ -f "$script" ]; then + if [ -x "$script" ]; then + "$script" "$@" + else + (. "$script") + fi + retval=$(($retval + $?)) + fi +done +exit $retval diff --git a/external/bsd/openresolv/dist/named.in b/external/bsd/openresolv/dist/named.in new file mode 100644 index 000000000..43ceabb5e --- /dev/null +++ b/external/bsd/openresolv/dist/named.in @@ -0,0 +1,106 @@ +#!/bin/sh +# Copyright (c) 2007-2012 Roy Marples +# All rights reserved + +# named subscriber for resolvconf + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials provided +# with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +[ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 +. "@SYSCONFDIR@/resolvconf.conf" || exit 1 +[ -z "$named_zones" -a -z "$named_options" ] && exit 0 +[ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" +NL=" +" + +# Platform specific kludges +if [ -z "$named_service" -a -z "$named_restart" -a \ + -d "@RCDIR@" -a ! -x "@RCDIR@"/named ] +then + if [ -x "@RCDIR@"/bind9 ]; then + # Debian and derivatives + named_service=bind9 + elif [ -x "@RCDIR@"/rc.bind ]; then + # Slackware + named_service=rc.bind + fi +fi +: ${named_service:=named} +: ${named_restart:=@RESTARTCMD ${named_service}@} +newoptions="# Generated by resolvconf$NL" +newzones="$newoptions" + +forward= +for n in $NAMESERVERS; do + case "$forward" in + *"$NL $n;"*);; + *) forward="$forward$NL $n;";; + esac +done +if [ -n "$forward" ]; then + newoptions="${newoptions}forward first;${NL}forwarders {$forward${NL}};$NL" +fi + +for d in $DOMAINS; do + newzones="${newzones}zone \"${d%%:*}\" {$NL" + newzones="$newzones type forward;$NL" + newzones="$newzones forward first;$NL forwarders {$NL" + ns="${d#*:}" + while [ -n "$ns" ]; do + newzones="$newzones ${ns%%,*};$NL" + [ "$ns" = "${ns#*,}" ] && break + ns="${ns#*,}" + done + newzones="$newzones };$NL};$NL" +done + +# Try to ensure that config dirs exist +if type config_mkdirs >/dev/null 2>&1; then + config_mkdirs "$named_options" "$named_zones" +else + @SBINDIR@/resolvconf -D "$named_options" "$named_zones" +fi + +# No point in changing files or reloading bind if the end result has not +# changed +changed=false +if [ -n "$named_options" ]; then + if [ ! -f "$named_options" ] || \ + [ "$(cat "$named_options")" != "$(printf %s "$newoptions")" ] + then + printf %s "$newoptions" >"$named_options" + changed=true + fi +fi +if [ -n "$named_zones" ]; then + if [ ! -f "$named_zones" ] || \ + [ "$(cat "$named_zones")" != "$(printf %s "$newzones")" ] + then + printf %s "$newzones" >"$named_zones" + changed=true + fi +fi + +if $changed; then + eval $named_restart +fi diff --git a/external/bsd/openresolv/dist/pdnsd.in b/external/bsd/openresolv/dist/pdnsd.in new file mode 100644 index 000000000..59a4755af --- /dev/null +++ b/external/bsd/openresolv/dist/pdnsd.in @@ -0,0 +1,163 @@ +#!/bin/sh +# Copyright (c) 2010-2013 Roy Marples +# All rights reserved + +# pdnsd subscriber for resolvconf + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials provided +# with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +[ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 +. "@SYSCONFDIR@/resolvconf.conf" || exit 1 +[ -z "$pdnsd_conf" -a -z "$pdnsd_resolv" ] && exit 0 +[ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" +NL=" +" + +: ${pdnsd_restart:=pdnsd-ctl config $pdnsd_conf} +signature="# Generated by resolvconf" +signature_end="# End of resolvconf" + +# We normally use sed to remove markers from a configuration file +# but sed may not always be available at the time. +remove_markers() +{ + local m1="$1" m2="$2" x= line= in_marker=0 + + shift; shift + if type sed >/dev/null 2>&1; then + sed "/^$m1/,/^$m2/d" $@ + else + for x; do + while read -r line; do + case "$line" in + "$m1"*) in_marker=1;; + "$m2"*) in_marker=0;; + *) [ $in_marker = 0 ] && echo "$line";; + esac + done < "$x" + done + fi +} + +# Compare two files +# If different, replace first with second otherwise remove second +change_file() +{ + if [ -e "$1" ]; then + if type cmp >/dev/null 2>&1; then + cmp -s "$1" "$2" + elif type diff >/dev/null 2>&1; then + diff -q "$1" "$2" >/dev/null + else + # Hopefully we're only working on small text files ... + [ "$(cat "$1")" = "$(cat "$2")" ] + fi + if [ $? -eq 0 ]; then + rm -f "$2" + return 1 + fi + fi + cat "$2" > "$1" + rm -f "$2" + return 0 +} + +newresolv="# Generated by resolvconf$NL" +changed=false + +# Try to ensure that config dirs exist +if type config_mkdirs >/dev/null 2>&1; then + config_mkdirs "$pdnsd_resolv" "$pdnsd_conf" +else + @SBINDIR@/resolvconf -D "$pdnsd_resolv" "$pdnsd_conf" +fi + +if [ -n "$pdnsd_resolv" ]; then + for n in $NAMESERVERS; do + newresolv="${newresolv}nameserver $n$NL" + done +fi + +# Only modify the configuration if it exists and we can write to it +if [ -w "$pdnsd_conf" ]; then + cf="$pdnsd_conf.new" + newconf= + + if [ -z "$pdnsd_resolv" ]; then + newconf="${newconf}server {$NL" + newconf="${newconf} label=resolvconf;$NL" + if [ -n "$NAMESERVERS" ]; then + newconf="${newconf} ip=" + first=true + for n in $NAMESERVERS; do + if $first; then + first=false + else + newconf="${newconf}," + fi + newconf="$newconf$n" + done + newconf="${newconf};$NL" + fi + newconf="${newconf}}$NL" + fi + + for d in $DOMAINS; do + newconf="${newconf}server {$NL" + newconf="${newconf} include=.${d%%:*}.;$NL" + newconf="${newconf} policy=excluded;$NL" + newconf="${newconf} ip=" + ns="${d#*:}" + while [ -n "$ns" ]; do + newconf="${newconf}${ns%%,*}" + [ "$ns" = "${ns#*,}" ] && break + ns="${ns#*,}" + newconf="${newconf}," + done + newconf="${newconf};$NL}$NL" + done + + rm -f "$cf" + remove_markers "$signature" "$signature_end" "$pdnsd_conf" > "$cf" + if [ -n "$newconf" ]; then + echo "$signature" >> "$cf" + printf %s "$newconf" >> "$cf" + echo "$signature_end" >> "$cf" + fi + if change_file "$pdnsd_conf" "$cf"; then + changed=true + fi +fi + +if [ -n "$pdnsd_resolv" ]; then + if [ ! -f "$pdnsd_resolv" ] || \ + [ "$(cat "$pdnsd_resolv")" != "$(printf %s "$newresolv")" ] + then + changed=true + printf %s "$newresolv" >"$pdnsd_resolv" + fi +fi + +if $changed; then + eval $pdnsd_restart +fi diff --git a/external/bsd/openresolv/dist/resolvconf.8.in b/external/bsd/openresolv/dist/resolvconf.8.in new file mode 100644 index 000000000..bfbfc7f47 --- /dev/null +++ b/external/bsd/openresolv/dist/resolvconf.8.in @@ -0,0 +1,306 @@ +.\" Copyright (c) 2007-2015 Roy Marples +.\" All rights reserved +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.Dd April 27, 2015 +.Dt RESOLVCONF 8 +.Os +.Sh NAME +.Nm resolvconf +.Nd a framework for managing multiple DNS configurations +.Sh SYNOPSIS +.Nm +.Fl I +.Nm +.Op Fl m Ar metric +.Op Fl p +.Op Fl x +.Fl a Ar interface Ns Op Ar .protocol +.No < Ns Pa file +.Nm +.Op Fl f +.Fl d Ar interface Ns Op Ar .protocol +.Nm +.Op Fl x +.Fl il Ar pattern +.Nm +.Fl u +.Sh DESCRIPTION +.Nm +manages +.Xr resolv.conf 5 +files from multiple sources, such as DHCP and VPN clients. +Traditionally, the host runs just one client and that updates +.Pa /etc/resolv.conf . +More modern systems frequently have wired and wireless interfaces and there is +no guarantee both are on the same network. +With the advent of VPN and other +types of networking daemons, many things now contend for the contents of +.Pa /etc/resolv.conf . +.Pp +.Nm +solves this by letting the daemon send their +.Xr resolv.conf 5 +file to +.Nm +via +.Xr stdin 3 +with the argument +.Fl a Ar interface Ns Op Ar .protocol +instead of the filesystem. +.Nm +then updates +.Pa /etc/resolv.conf +as it thinks best. +When a local resolver other than libc is installed, such as +.Xr dnsmasq 8 +or +.Xr named 8 , +then +.Nm +will supply files that the resolver should be configured to include. +.Pp +.Nm +assumes it has a job to do. +In some situations +.Nm +needs to act as a deterrent to writing to +.Pa /etc/resolv.conf . +Where this file cannot be made immutable or you just need to toggle this +behaviour, +.Nm +can be disabled by adding +.Sy resolvconf Ns = Ns NO +to +.Xr resolvconf.conf 5 . +.Pp +.Nm +can mark an interfaces +.Pa resolv.conf +as private. +This means that the name servers listed in that +.Pa resolv.conf +are only used for queries against the domain/search listed in the same file. +This only works when a local resolver other than libc is installed. +See +.Xr resolvconf.conf 5 +for how to configure +.Nm +to use a local name server. +.Pp +.Nm +can mark an interfaces +.Pa resolv.conf +as exclusive. +Only the latest exclusive interface is used for processing, otherwise all are. +.Pp +When an interface goes down, it should then call +.Nm +with +.Fl d Ar interface.* +arguments to delete the +.Pa resolv.conf +file(s) for all the +.Ar protocols +on the +.Ar interface . +.Pp +Here are some more options that +.Nm +has:- +.Bl -tag -width indent +.It Fl I +Initialise the state directory +.Pa @VARDIR@ . +This only needs to be called if the initial system boot sequence does not +automatically clean it out; for example the state directory is moved +somewhere other than +.Pa /var/run . +If used, it should only be called once as early in the system boot sequence +as possible and before +.Nm +is used to add interfaces. +.It Fl f +Ignore non existant interfaces. +Only really useful for deleting interfaces. +.It Fl i Ar pattern +List the interfaces and protocols, optionally matching +.Ar pattern , +we have +.Pa resolv.conf +files for. +.It Fl l Ar pattern +List the +.Pa resolv.conf +files we have. +If +.Ar pattern +is specified then we list the files for the interfaces and protocols +that match it. +.It Fl m Ar metric +Set the metric of the interface when adding it, default of 0. +Lower metrics take precedence. +This affects the default order of interfaces when listed. +.It Fl p +Marks the interface +.Pa resolv.conf +as private. +.It Fl u +Force +.Nm +to update all its subscribers. +.Nm +does not update the subscribers when adding a resolv.conf that matches +what it already has for that interface. +.It Fl x +Mark the interface +.Pa resolv.conf +as exclusive when adding, otherwise only use the latest exclusive interface. +.El +.Pp +.Nm +also has some options designed to be used by its subscribers:- +.Bl -tag -width indent +.It Fl v +Echo variables DOMAINS, SEARCH and NAMESERVERS so that the subscriber can +configure the resolver easily. +.It Fl V +Same as +.Fl v +except that only the information configured in +.Xr resolvconf.conf 5 +is set. +.El +.Sh INTERFACE ORDERING +For +.Nm +to work effectively, it has to process the resolv.confs for the interfaces +in the correct order. +.Nm +first processes interfaces from the +.Sy interface_order +list, then interfaces without a metic and that match the +.Sy dynamic_order +list, then interfaces with a metric in order and finally the rest in +the operating systems lexical order. +See +.Xr resolvconf.conf 5 +for details on these lists. +.Sh PROTOCOLS +Here are some suggested protocol tags to use for each +.Pa resolv.conf +file registered on an +.Ar interface Ns No :- +.Bl -tag -width indent +.It dhcp +Dynamic Host Configuration Protocol. +Initial versions of +.Nm +did not recommend a +.Ar protocol +tag be appended to the +.Ar interface +name. +When the protocol is absent, it is assumed to be the DHCP protocol. +.It ppp +Point-to-Point Protocol. +.It ra +IPv6 Router Advertisement. +.It dhcp6 +Dynamic Host Configuration Protocol, version 6. +.El +.Sh IMPLEMENTATION NOTES +If a subscriber has the executable bit then it is executed otherwise it is +assumed to be a shell script and sourced into the current environment in a +subshell. +This is done so that subscribers can remain fast, but are also not limited +to the shell language. +.Pp +Portable subscribers should not use anything outside of +.Pa /bin +and +.Pa /sbin +because +.Pa /usr +and others may not be available when booting. +Also, it would be unwise to assume any shell specific features. +.Sh ENVIRONMENT +.Bl -ohang +.It Va IF_METRIC +If the +.Fl m +option is not present then we use +.Va IF_METRIC +for the metric. +.It Va IF_PRIVATE +Marks the interface +.Pa resolv.conf +as private. +.It Va IF_EXCLUSIVE +Marks the interface +.Pa resolv.conf +as exclusive. +.El +.Sh FILES +.Bl -ohang +.It Pa /etc/resolv.conf.bak +Backup file of the original resolv.conf. +.It Pa @SYSCONFDIR@/resolvconf.conf +Configuration file for +.Nm . +.It Pa @LIBEXECDIR@ +Directory of subscribers which are run every time +.Nm +adds, deletes or updates. +.It Pa @LIBEXECDIR@/libc.d +Directory of subscribers which are run after the libc subscriber is run. +.It Pa @VARDIR@ +State directory for +.Nm . +.El +.Sh HISTORY +This implementation of +.Nm +is called openresolv and is fully command line compatible with Debian's +resolvconf, as written by Thomas Hood. +.Sh SEE ALSO +.Xr resolv.conf 5 , +.Xr resolvconf.conf 5 , +.Xr resolver 3 , +.Xr stdin 3 +.Sh AUTHORS +.An Roy Marples Aq Mt roy@marples.name +.Sh BUGS +Please report them to +.Lk http://roy.marples.name/projects/openresolv +.Pp +.Nm +does not validate any of the files given to it. +.Pp +When running a local resolver other than libc, you will need to configure it +to include files that +.Nm +will generate. +You should consult +.Xr resolvconf.conf 5 +for instructions on how to configure your resolver. diff --git a/external/bsd/openresolv/dist/resolvconf.conf.5.in b/external/bsd/openresolv/dist/resolvconf.conf.5.in new file mode 100644 index 000000000..7aa14507f --- /dev/null +++ b/external/bsd/openresolv/dist/resolvconf.conf.5.in @@ -0,0 +1,318 @@ +.\" Copyright (c) 2009-2015 Roy Marples +.\" All rights reserved +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.Dd May 14, 2015 +.Dt RESOLVCONF.CONF 5 +.Os +.Sh NAME +.Nm resolvconf.conf +.Nd resolvconf configuration file +.Sh DESCRIPTION +.Nm +is the configuration file for +.Xr resolvconf 8 . +The +.Nm +file is a shell script that is sourced by +.Xr resolvconf 8 , +meaning that +.Nm +must contain valid shell commands. +Listed below are the standard +.Nm +variables that may be set. +If the values contain white space for special shell characters, +ensure they are quoted and escaped correctly. +.Pp +After updating this file, you may wish to run +.Nm resolvconf -u +to apply the new configuration. +.Pp +When a dynamically generated list is appended or prepended to, the whole +is made unique where left-most wins. +.Sh RESOLVCONF OPTIONS +.Bl -tag -width indent +.It Sy resolvconf +Set to NO to disable +.Nm resolvconf +from running any subscribers. +Defaults to YES. +.It Sy interface_order +These interfaces will always be processed first. +If unset, defaults to the following:- +.D1 lo lo[0-9]* +.It Sy dynamic_order +These interfaces will be processed next, unless they have a metric. +If unset, defaults to the following:- +.D1 tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]* +.It Sy local_nameservers +If unset, defaults to the following:- +.D1 127.* 0.0.0.0 255.255.255.255 ::1 +.It Sy search_domains +Prepend search domains to the dynamically generated list. +.It Sy search_domains_append +Append search domains to the dynamically generated list. +.It Sy domain_blacklist +A list of domains to be removed from consideration. +To remove a domain, you can use foo.* +To remove a sub domain, you can use *.bar +.It Sy name_servers +Prepend name servers to the dynamically generated list. +You should set this to 127.0.0.1 if you use a local name server other than +libc. +.It Sy name_servers_append +Append name servers to the dynamically generated list. +.It Sy name_server_blacklist +A list of name servers to be removed from consideration. +The default is 0.0.0.0 as some faulty routers send it via DHCP. +To remove a block, you can use 192.168.* +.It Sy private_interfaces +These interfaces name servers will only be queried for the domains listed +in their resolv.conf. +Useful for VPN domains. +Setting +.Sy private_interfaces Ns ="*" +will stop the forwarding of the root zone and allows the local resolver to +recursively query the root servers directly. +Requires a local nameserver other than libc. +This is equivalent to the +.Nm resolvconf -p +option. +.It Sy replace +Is a space separated list of replacement keywords. The syntax is this: +.Va $keyword Ns / Ns Va $match Ns / Ns Va $replacement +.Pp +Example, given this resolv.conf: +.D1 domain foo.org +.D1 search foo.org dead.beef +.D1 nameserver 1.2.3.4 +.D1 nameserver 2.3.4.5 +and this configuaration: +.D1 replace="search/foo*/bar.com nameserver/1.2.3.4/5.6.7.8 nameserver/2.3.4.5/" +you would get this resolv.conf instead: +.D1 domain foo.org +.D1 search bar.com +.D1 nameserver 5.6.7.8 +.It Sy replace_sub +Works the same way as +.Sy replace +except it works on each space separated value rather than the whole line, +so it's useful for the replacing a single domain within the search directive. +Using the same example resolv.conf and changing +.Sy replace +to +.Sy replace_sub , +you would get this resolv.conf instead: +.D1 domain foo.org +.D1 search bar.com dead.beef +.D1 nameserver 5.6.7.8 +.It Sy state_dir +Override the default state directory of +.Pa @VARDIR@ . +This should not be changed once +.Nm resolvconf +is in use unless the old directory is copied to the new one. +.El +.Sh LIBC OPTIONS +The following variables affect +.Xr resolv.conf 5 +directly:- +.Bl -tag -width indent +.It Sy resolv_conf +Defaults to +.Pa /etc/resolv.conf +if not set. +.It Sy resolv_conf_options +A list of libc resolver options, as specified in +.Xr resolv.conf 5 . +.It Sy resolv_conf_passthrough +When set to YES the latest resolv.conf is written to +.Sy resolv_conf +without any alteration. +When set to /dev/null or NULL, +.Sy resolv_conf_local_only +is defaulted to NO, +.Sy local_nameservers +is unset unless overridden and only the information set in +.Nm +is written to +.Sy resolv_conf . +.It Sy resolv_conf_sortlist +A libc resolver sortlist, as specified in +.Xr resolv.conf 5 . +.It Sy resolv_conf_local_only +If a local name server is configured then the default is just to specify that +and ignore all other entries as they will be configured for the local +name server. +Set this to NO to also list non-local nameservers. +This will give you working DNS even if the local nameserver stops functioning +at the expense of duplicated server queries. +.It Sy append_nameservers +Append name servers to the dynamically generated list. +.It Sy prepend_nameservers +Prepend name servers to the dynamically generated list. +.It Sy append_search +Append search domains to the dynamically generated list. +.It Sy prepend_search +Prepend search domains to the dynamically generated list. +.El +.Sh SUBSCRIBER OPTIONS +openresolv ships with subscribers for the name servers +.Xr dnsmasq 8 , +.Xr named 8 , +.Xr pdnsd 8 +and +.Xr unbound 8 . +Each subscriber can create configuration files which should be included in +in the subscribers main configuration file. +.Pp +To disable a subscriber, simply set it's name to NO. +For example, to disable the libc subscriber you would set: +.D1 libc=NO +.Bl -tag -width indent +.It Sy dnsmasq_conf +This file tells dnsmasq which name servers to use for specific domains. +.It Sy dnsmasq_resolv +This file tells dnsmasq which name servers to use for global lookups. +.Pp +Example resolvconf.conf for dnsmasq: +.D1 name_servers=127.0.0.1 +.D1 dnsmasq_conf=/etc/dnsmasq-conf.conf +.D1 dnsmasq_resolv=/etc/dnsmasq-resolv.conf +.Pp +Example dnsmasq.conf: +.D1 listen-address=127.0.0.1 +.D1 # If dnsmasq is compiled for DBus then we can take +.D1 # advantage of not having to restart dnsmasq. +.D1 enable-dbus +.D1 conf-file=/etc/dnsmasq-conf.conf +.D1 resolv-file=/etc/dnsmasq-resolv.conf +.It Sy named_options +Include this file in the named options block. +This file tells named which name servers to use for global lookups. +.It Sy named_zones +Include this file in the named global scope, after the options block. +This file tells named which name servers to use for specific domains. +.Pp +Example resolvconf.conf for named: +.D1 name_servers=127.0.0.1 +.D1 named_options=/etc/named-options.conf +.D1 named_zones=/etc/named-zones.conf +.Pp +Example named.conf: +.D1 options { +.D1 listen-on { 127.0.0.1; }; +.D1 include "/etc/named-options.conf"; +.D1 }; +.D1 include "/etc/named-zones.conf"; +.It Sy pdnsd_conf +This is the main pdnsd configuration file which we modify to add our +forward domains to. +If this variable is not set then we rely on the pdnsd configuration file +setup to read +.Pa pdnsd_resolv +as documented below. +.It Sy pdnsd_resolv +This file tells pdnsd about global name servers. +If this variable is not set then it's written to +.Pa pdnsd_conf . +.Pp +Example resolvconf.conf for pdnsd: +.D1 name_servers=127.0.0.1 +.D1 pdnsd_conf=/etc/pdnsd.conf +.D1 # pdnsd_resolv=/etc/pdnsd-resolv.conf +.Pp +Example pdnsd.conf: +.D1 global { +.D1 server_ip = 127.0.0.1; +.D1 status_ctl = on; +.D1 } +.D1 server { +.D1 # A server definition is required, even if emtpy. +.D1 label="empty"; +.D1 proxy_only=on; +.D1 # file="/etc/pdnsd-resolv.conf"; +.D1 } +.It Sy unbound_conf +This file tells unbound about specific and global name servers. +.It Sy unbound_insecure +When set to YES, unbound marks the domains as insecure, thus ignoring DNSSEC. +.Pp +Example resolvconf.conf for unbound: +.D1 name_servers=127.0.0.1 +.D1 unbound_conf=/etc/unbound-resolvconf.conf +.Pp +Example unbound.conf: +.D1 include: /etc/unbound-resolvconf.conf +.El +.Sh SUBSCRIBER INTEGRATION +Not all distributions store the files the subscribers need in the same +locations. +For example, named service scripts have been called named, bind and rc.bind +and they could be located in a directory called /etc/rc.d, /etc/init.d or +similar. +Each subscriber attempts to automatically configure itself, but not every +distribution has been catered for. +Also, users could equally want to use a different version from the one +installed by default, such as bind8 and bind9. +To accommodate this, the subscribers have these files in configurable +variables, documented below. +.Pp +.Bl -tag -width indent +.It Sy dnsmasq_service +Location of the dnsmasq service. +.It Sy dnsmasq_restart +Command to restart the dnsmasq service. +.It Sy dnsmasq_pid +Location of the dnsmasq pidfile. +.It Sy libc_service +Location of the libc service. +.It Sy libc_restart +Command to restart the libc service. +.It Sy named_service +Location of the named service. +.It Sy named_restart +Command to restart the named service. +.It Sy pdnsd_restart +Command to restart the pdnsd service. +.It Sy unbound_service +Location of the unbound service. +.It Sy unbound_restart +Command to restart the unbound service. +.It Sy unbound_pid +Location of the unbound pidfile. +.El +.Sh SEE ALSO +.Xr resolv.conf 5 , +.Xr resolvconf 8 +and +.Xr sh 1 . +.Sh AUTHORS +.An Roy Marples Aq Mt roy@marples.name +.Sh BUGS +Each distribution is a special snowflake and likes to name the same thing +differently, namely the named service script. +.Pp +Please report them to +.Lk http://roy.marples.name/projects/openresolv diff --git a/external/bsd/openresolv/dist/resolvconf.in b/external/bsd/openresolv/dist/resolvconf.in new file mode 100644 index 000000000..3b2b0f53f --- /dev/null +++ b/external/bsd/openresolv/dist/resolvconf.in @@ -0,0 +1,771 @@ +#!/bin/sh +# Copyright (c) 2007-2015 Roy Marples +# All rights reserved + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials provided +# with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +RESOLVCONF="$0" +SYSCONFDIR=@SYSCONFDIR@ +LIBEXECDIR=@LIBEXECDIR@ +VARDIR=@VARDIR@ + +# Disregard dhcpcd setting +unset interface_order state_dir + +# If you change this, change the test in VFLAG and libc.in as well +local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1" + +dynamic_order="tap[0-9]* tun[0-9]* vpn vpn[0-9]* ppp[0-9]* ippp[0-9]*" +interface_order="lo lo[0-9]*" +name_server_blacklist="0.0.0.0" + +# Support original resolvconf configuration layout +# as well as the openresolv config file +if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then + . "$SYSCONFDIR"/resolvconf.conf + [ -n "$state_dir" ] && VARDIR="$state_dir" +elif [ -d "$SYSCONFDIR/resolvconf" ]; then + SYSCONFDIR="$SYSCONFDIR/resolvconf" + if [ -f "$SYSCONFDIR"/interface-order ]; then + interface_order="$(cat "$SYSCONFDIR"/interface-order)" + fi +fi +TMPDIR="$VARDIR/tmp" +IFACEDIR="$VARDIR/interfaces" +METRICDIR="$VARDIR/metrics" +PRIVATEDIR="$VARDIR/private" +EXCLUSIVEDIR="$VARDIR/exclusive" +LOCKDIR="$VARDIR/lock" + +warn() +{ + echo "$*" >&2 +} + +error_exit() +{ + echo "$*" >&2 + exit 1 +} + +usage() +{ + cat <<-EOF + Usage: ${RESOLVCONF##*/} [options] + + Inform the system about any DNS updates. + + Options: + -a \$INTERFACE Add DNS information to the specified interface + (DNS supplied via stdin in resolv.conf format) + -m metric Give the added DNS information a metric + -p Mark the interface as private + -x Mark the interface as exclusive + -d \$INTERFACE Delete DNS information from the specified interface + -f Ignore non existant interfaces + -I Init the state dir + -u Run updates from our current DNS information + -l [\$PATTERN] Show DNS information, optionally from interfaces + that match the specified pattern + -i [\$PATTERN] Show interfaces that have supplied DNS information + optionally from interfaces that match the specified + pattern + -v [\$PATTERN] echo NEWDOMAIN, NEWSEARCH and NEWNS variables to + the console + -h Show this help cruft + EOF + [ -z "$1" ] && exit 0 + echo + error_exit "$*" +} + +echo_resolv() +{ + local line= OIFS="$IFS" + + [ -n "$1" -a -f "$IFACEDIR/$1" ] || return 1 + echo "# resolv.conf from $1" + # Our variable maker works of the fact each resolv.conf per interface + # is separated by blank lines. + # So we remove them when echoing them. + while read -r line; do + IFS="$OIFS" + if [ -n "$line" ]; then + # We need to set IFS here to preserve any whitespace + IFS='' + printf "%s\n" "$line" + fi + done < "$IFACEDIR/$1" + echo + IFS="$OIFS" +} + +# Parse resolv.conf's and make variables +# for domain name servers, search name servers and global nameservers +parse_resolv() +{ + local line= ns= ds= search= d= n= newns= + local new=true iface= private=false p= domain= l= islocal= + + newns= + + while read -r line; do + case "$line" in + "# resolv.conf from "*) + if ${new}; then + iface="${line#\# resolv.conf from *}" + new=false + if [ -e "$PRIVATEDIR/$iface" ]; then + private=true + else + # Allow expansion + cd "$IFACEDIR" + private=false + for p in $private_interfaces; do + case "$iface" in + "$p"|"$p":*) private=true; break;; + esac + done + fi + fi + ;; + "nameserver "*) + islocal=false + for l in $local_nameservers; do + case "${line#* }" in + $l) + islocal=true + echo "LOCALNAMESERVERS=\"\$LOCALNAMESERVERS ${line#* }\"" + break + ;; + esac + done + $islocal || ns="$ns${line#* } " + ;; + "domain "*) + if [ -z "$domain" ]; then + domain="${line#* }" + echo "DOMAIN=\"$domain\"" + fi + search="${line#* }" + ;; + "search "*) + search="${line#* }" + ;; + *) + [ -n "$line" ] && continue + if [ -n "$ns" -a -n "$search" ]; then + newns= + for n in $ns; do + newns="$newns${newns:+,}$n" + done + ds= + for d in $search; do + ds="$ds${ds:+ }$d:$newns" + done + echo "DOMAINS=\"\$DOMAINS $ds\"" + fi + echo "SEARCH=\"\$SEARCH $search\"" + if ! $private; then + echo "NAMESERVERS=\"\$NAMESERVERS $ns\"" + fi + ns= + search= + new=true + ;; + esac + done +} + +uniqify() +{ + local result= + while [ -n "$1" ]; do + case " $result " in + *" $1 "*);; + *) result="$result $1";; + esac + shift + done + echo "${result# *}" +} + +dirname() +{ + local dir= OIFS="$IFS" + local IFS=/ + set -- $@ + IFS="$OIFS" + if [ -n "$1" ]; then + printf %s . + else + shift + fi + while [ -n "$2" ]; do + printf "/%s" "$1" + shift + done + printf "\n" +} + +config_mkdirs() +{ + local e=0 f d + for f; do + [ -n "$f" ] || continue + d="$(dirname "$f")" + if [ ! -d "$d" ]; then + if type install >/dev/null 2>&1; then + install -d "$d" || e=$? + else + mkdir "$d" || e=$? + fi + fi + done + return $e +} + +list_resolv() +{ + [ -d "$IFACEDIR" ] || return 0 + + local report=false list= retval=0 cmd="$1" excl= + shift + + case "$IF_EXCLUSIVE" in + [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) + if [ -d "$EXCLUSIVEDIR" ]; then + cd "$EXCLUSIVEDIR" + for i in *; do + if [ -f "$i" ]; then + list="${i#* }" + break + fi + done + fi + excl=true + ;; + *) + excl=false + ;; + esac + + # If we have an interface ordering list, then use that. + # It works by just using pathname expansion in the interface directory. + if [ -n "$1" ]; then + list="$*" + $force || report=true + elif ! $excl; then + cd "$IFACEDIR" + for i in $interface_order; do + [ -f "$i" ] && list="$list $i" + for ii in "$i":* "$i".*; do + [ -f "$ii" ] && list="$list $ii" + done + done + for i in $dynamic_order; do + if [ -e "$i" -a ! -e "$METRICDIR/"*" $i" ]; then + list="$list $i" + fi + for ii in "$i":* "$i".*; do + if [ -f "$ii" -a ! -e "$METRICDIR/"*" $ii" ]; then + list="$list $ii" + fi + done + done + if [ -d "$METRICDIR" ]; then + cd "$METRICDIR" + for i in *; do + [ -f "$i" ] && list="$list ${i#* }" + done + fi + list="$list *" + fi + + cd "$IFACEDIR" + retval=1 + for i in $(uniqify $list); do + # Only list interfaces which we really have + if ! [ -f "$i" ]; then + if $report; then + echo "No resolv.conf for interface $i" >&2 + retval=2 + fi + continue + fi + + if [ "$cmd" = i -o "$cmd" = "-i" ]; then + printf %s "$i " + else + echo_resolv "$i" + fi + [ $? = 0 -a "$retval" = 1 ] && retval=0 + done + [ "$cmd" = i -o "$cmd" = "-i" ] && echo + return $retval +} + +list_remove() { + local list= e= l= result= found= retval=0 + + [ -z "$2" ] && return 0 + eval list=\"\$$1\" + shift + + set -f + for e; do + found=false + for l in $list; do + case "$e" in + $l) found=true;; + esac + $found && break + done + if $found; then + retval=$(($retval + 1)) + else + result="$result $e" + fi + done + set +f + echo "${result# *}" + return $retval +} + +echo_prepend() +{ + echo "# Generated by resolvconf" + if [ -n "$search_domains" ]; then + echo "search $search_domains" + fi + for n in $name_servers; do + echo "nameserver $n" + done + echo +} + +echo_append() +{ + echo "# Generated by resolvconf" + if [ -n "$search_domains_append" ]; then + echo "search $search_domains_append" + fi + for n in $name_servers_append; do + echo "nameserver $n" + done + echo +} + +replace() +{ + local r= k= f= v= val= sub= + + while read -r keyword value; do + for r in $replace; do + k="${r%%/*}" + r="${r#*/}" + f="${r%%/*}" + r="${r#*/}" + v="${r%%/*}" + case "$keyword" in + $k) + case "$value" in + $f) value="$v";; + esac + ;; + esac + done + val= + for sub in $value; do + for r in $replace_sub; do + k="${r%%/*}" + r="${r#*/}" + f="${r%%/*}" + r="${r#*/}" + v="${r%%/*}" + case "$keyword" in + $k) + case "$sub" in + $f) sub="$v";; + esac + ;; + esac + done + val="$val${val:+ }$sub" + done + printf "%s %s\n" "$keyword" "$val" + done +} + +make_vars() +{ + local newdomains= d= dn= newns= ns= + + # Clear variables + DOMAIN= + DOMAINS= + SEARCH= + NAMESERVERS= + LOCALNAMESERVERS= + + if [ -n "$name_servers" -o -n "$search_domains" ]; then + eval "$(echo_prepend | parse_resolv)" + fi + if [ -z "$VFLAG" ]; then + IF_EXCLUSIVE=1 + list_resolv -i "$@" >/dev/null || IF_EXCLUSIVE=0 + eval "$(list_resolv -l "$@" | replace | parse_resolv)" + fi + if [ -n "$name_servers_append" -o -n "$search_domains_append" ]; then + eval "$(echo_append | parse_resolv)" + fi + + # Ensure that we only list each domain once + for d in $DOMAINS; do + dn="${d%%:*}" + list_remove domain_blacklist "$dn" >/dev/null || continue + case " $newdomains" in + *" ${dn}:"*) continue;; + esac + newns= + for nd in $DOMAINS; do + if [ "$dn" = "${nd%%:*}" ]; then + ns="${nd#*:}" + while [ -n "$ns" ]; do + case ",$newns," in + *,${ns%%,*},*) ;; + *) list_remove name_server_blacklist \ + "${ns%%,*}" >/dev/null \ + && newns="$newns${newns:+,}${ns%%,*}";; + esac + [ "$ns" = "${ns#*,}" ] && break + ns="${ns#*,}" + done + fi + done + if [ -n "$newns" ]; then + newdomains="$newdomains${newdomains:+ }$dn:$newns" + fi + done + DOMAIN="$(list_remove domain_blacklist $DOMAIN)" + SEARCH="$(uniqify $SEARCH)" + SEARCH="$(list_remove domain_blacklist $SEARCH)" + NAMESERVERS="$(uniqify $NAMESERVERS)" + NAMESERVERS="$(list_remove name_server_blacklist $NAMESERVERS)" + LOCALNAMESERVERS="$(uniqify $LOCALNAMESERVERS)" + LOCALNAMESERVERS="$(list_remove name_server_blacklist $LOCALNAMESERVERS)" + echo "DOMAIN='$DOMAIN'" + echo "SEARCH='$SEARCH'" + echo "NAMESERVERS='$NAMESERVERS'" + echo "LOCALNAMESERVERS='$LOCALNAMESERVERS'" + echo "DOMAINS='$newdomains'" +} + +force=false +VFLAG= +while getopts a:Dd:fhIilm:puvVx OPT; do + case "$OPT" in + f) force=true;; + h) usage;; + m) IF_METRIC="$OPTARG";; + p) IF_PRIVATE=1;; + V) + VFLAG=1 + if [ "$local_nameservers" = \ + "127.* 0.0.0.0 255.255.255.255 ::1" ] + then + local_nameservers= + fi + ;; + x) IF_EXCLUSIVE=1;; + '?') ;; + *) cmd="$OPT"; iface="$OPTARG";; + esac +done +shift $(($OPTIND - 1)) +args="$iface${iface:+ }$*" + +# -I inits the state dir +if [ "$cmd" = I ]; then + if [ -d "$VARDIR" ]; then + rm -rf "$VARDIR"/* + fi + exit $? +fi + +# -D ensures that the listed config file base dirs exist +if [ "$cmd" = D ]; then + config_mkdirs "$@" + exit $? +fi + +# -l lists our resolv files, optionally for a specific interface +if [ "$cmd" = l -o "$cmd" = i ]; then + list_resolv "$cmd" "$args" + exit $? +fi + +# Not normally needed, but subscribers should be able to run independently +if [ "$cmd" = v -o -n "$VFLAG" ]; then + make_vars "$iface" + exit $? +fi + +# Test that we have valid options +if [ "$cmd" = a -o "$cmd" = d ]; then + if [ -z "$iface" ]; then + usage "Interface not specified" + fi +elif [ "$cmd" != u ]; then + [ -n "$cmd" -a "$cmd" != h ] && usage "Unknown option $cmd" + usage +fi + +if [ "$cmd" = a ]; then + for x in '/' \\ ' ' '*'; do + case "$iface" in + *[$x]*) error_exit "$x not allowed in interface name";; + esac + done + for x in '.' '-' '~'; do + case "$iface" in + [$x]*) error_exit \ + "$x not allowed at start of interface name";; + esac + done + [ "$cmd" = a -a -t 0 ] && error_exit "No file given via stdin" +fi + +if [ ! -d "$VARDIR" ]; then + if [ -L "$VARDIR" ]; then + dir="$(readlink "$VARDIR")" + # link maybe relative + cd "${VARDIR%/*}" + if ! mkdir -m 0755 -p "$dir"; then + error_exit "Failed to create needed" \ + "directory $dir" + fi + else + if ! mkdir -m 0755 -p "$VARDIR"; then + error_exit "Failed to create needed" \ + "directory $VARDIR" + fi + fi +fi + +if [ ! -d "$IFACEDIR" ]; then + mkdir -m 0755 -p "$IFACEDIR" || \ + error_exit "Failed to create needed directory $IFACEDIR" + if [ "$cmd" = d ]; then + # Provide the same error messages as below + if ! ${force}; then + cd "$IFACEDIR" + for i in $args; do + warn "No resolv.conf for interface $i" + done + fi + ${force} + exit $? + fi +fi + +# An interface was added, changed, deleted or a general update was called. +# Due to exclusivity we need to ensure that this is an atomic operation. +# Our subscribers *may* need this as well if the init system is sub par. +# As such we spinlock at this point as best we can. +# We don't use flock(1) because it's not widely available and normally resides +# in /usr which we do our very best to operate without. +[ -w "$VARDIR" ] || error_exit "Cannot write to $LOCKDIR" +: ${lock_timeout:=10} +while true; do + if mkdir "$LOCKDIR" 2>/dev/null; then + trap 'rm -rf "$LOCKDIR";' EXIT + trap 'rm -rf "$LOCKDIR"; exit 1' INT QUIT ABRT SEGV ALRM TERM + echo $$ >"$LOCKDIR/pid" + break + fi + pid=$(cat "$LOCKDIR/pid") + if ! kill -0 "$pid"; then + warn "clearing stale lock pid $pid" + rm -rf "$LOCKDIR" + continue + fi + lock_timeout=$(($lock_timeout - 1)) + if [ "$lock_timeout" -le 0 ]; then + error_exit "timed out waiting for lock from pid $pid" + fi + sleep 1 +done + +case "$cmd" in +a) + # Read resolv.conf from stdin + resolv="$(cat)" + changed=false + changedfile=false + # If what we are given matches what we have, then do nothing + if [ -e "$IFACEDIR/$iface" ]; then + if [ "$(echo "$resolv")" != \ + "$(cat "$IFACEDIR/$iface")" ] + then + changed=true + changedfile=true + fi + else + changed=true + changedfile=true + fi + + # Set metric and private before creating the interface resolv.conf file + # to ensure that it will have the correct flags + [ ! -d "$METRICDIR" ] && mkdir "$METRICDIR" + oldmetric="$METRICDIR/"*" $iface" + newmetric= + if [ -n "$IF_METRIC" ]; then + # Pad metric to 6 characters, so 5 is less than 10 + while [ ${#IF_METRIC} -le 6 ]; do + IF_METRIC="0$IF_METRIC" + done + newmetric="$METRICDIR/$IF_METRIC $iface" + fi + rm -f "$METRICDIR/"*" $iface" + [ "$oldmetric" != "$newmetric" -a \ + "$oldmetric" != "$METRICDIR/* $iface" ] && + changed=true + [ -n "$newmetric" ] && echo " " >"$newmetric" + + case "$IF_PRIVATE" in + [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) + if [ ! -d "$PRIVATEDIR" ]; then + [ -e "$PRIVATEDIR" ] && rm "$PRIVATEDIR" + mkdir "$PRIVATEDIR" + fi + [ -e "$PRIVATEDIR/$iface" ] || changed=true + [ -d "$PRIVATEDIR" ] && echo " " >"$PRIVATEDIR/$iface" + ;; + *) + if [ -e "$PRIVATEDIR/$iface" ]; then + rm -f "$PRIVATEDIR/$iface" + changed=true + fi + ;; + esac + + oldexcl= + for x in "$EXCLUSIVEDIR/"*" $iface"; do + if [ -f "$x" ]; then + oldexcl="$x" + break + fi + done + case "$IF_EXCLUSIVE" in + [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) + if [ ! -d "$EXCLUSIVEDIR" ]; then + [ -e "$EXCLUSIVEDIR" ] && rm "$EXCLUSIVEDIR" + mkdir "$EXCLUSIVEDIR" + fi + cd "$EXCLUSIVEDIR" + for x in *; do + [ -f "$x" ] && break + done + if [ "${x#* }" != "$iface" ]; then + if [ "$x" = "${x% *}" ]; then + x=10000000 + else + x="${x% *}" + fi + if [ "$x" = "0000000" ]; then + warn "exclusive underflow" + else + x=$(($x - 1)) + fi + if [ -d "$EXCLUSIVEDIR" ]; then + echo " " >"$EXCLUSIVEDIR/$x $iface" + fi + changed=true + fi + ;; + *) + if [ -f "$oldexcl" ]; then + rm -f "$oldexcl" + changed=true + fi + ;; + esac + + if $changedfile; then + printf "%s\n" "$resolv" >"$IFACEDIR/$iface" || exit $? + elif ! $changed; then + exit 0 + fi + unset changed changedfile oldmetric newmetric x oldexcl + ;; + +d) + # Delete any existing information about the interface + cd "$IFACEDIR" + changed=false + for i in $args; do + if [ -e "$i" ]; then + changed=true + elif ! ${force}; then + warn "No resolv.conf for interface $i" + fi + rm -f "$i" "$METRICDIR/"*" $i" \ + "$PRIVATEDIR/$i" \ + "$EXCLUSIVEDIR/"*" $i" || exit $? + done + if ! ${changed}; then + # Set the return code based on the forced flag + ${force} + exit $? + fi + unset changed i + ;; +esac + +case "${resolvconf:-YES}" in +[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;; +*) exit 0;; +esac + +eval "$(make_vars)" +export RESOLVCONF DOMAINS SEARCH NAMESERVERS LOCALNAMESERVERS +: ${list_resolv:=list_resolv -l} +retval=0 +for script in "$LIBEXECDIR"/*; do + if [ -f "$script" ]; then + eval script_enabled="\$${script##*/}" + case "${script_enabled:-YES}" in + [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;; + *) continue;; + esac + if [ -x "$script" ]; then + "$script" "$cmd" "$iface" + else + (set -- "$cmd" "$iface"; . "$script") + fi + retval=$(($retval + $?)) + fi +done +exit $retval diff --git a/external/bsd/openresolv/dist/unbound.in b/external/bsd/openresolv/dist/unbound.in new file mode 100644 index 000000000..a80361578 --- /dev/null +++ b/external/bsd/openresolv/dist/unbound.in @@ -0,0 +1,86 @@ +#!/bin/sh +# Copyright (c) 2009-2014 Roy Marples +# All rights reserved + +# unbound subscriber for resolvconf + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials provided +# with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +unbound_insecure= + +[ -f "@SYSCONFDIR@"/resolvconf.conf ] || exit 0 +. "@SYSCONFDIR@/resolvconf.conf" || exit 1 +[ -z "$unbound_conf" ] && exit 0 +[ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" +NL=" +" + +: ${unbound_pid:=/var/run/unbound.pid} +: ${unbound_service:=unbound} +: ${unbound_restart:=@RESTARTCMD ${unbound_service}@} +newconf="# Generated by resolvconf$NL" + +for d in $DOMAINS; do + dn="${d%%:*}" + ns="${d#*:}" + case "$unbound_insecure" in + [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) + newconf="$newconf${NL}server:$NL" + newconf="$newconf domain-insecure: \"$dn\"$NL" + ;; + esac + newconf="$newconf${NL}forward-zone:$NL name: \"$dn\"$NL" + while [ -n "$ns" ]; do + newconf="$newconf forward-addr: ${ns%%,*}$NL" + [ "$ns" = "${ns#*,}" ] && break + ns="${ns#*,}" + done +done + +if [ -n "$NAMESERVERS" ]; then + newconf="$newconf${NL}forward-zone:$NL name: \".\"$NL" + for n in $NAMESERVERS; do + newconf="$newconf forward-addr: $n$NL" + done +fi + +# Try to ensure that config dirs exist +if type config_mkdirs >/dev/null 2>&1; then + config_mkdirs "$unbound_conf" +else + @SBINDIR@/resolvconf -D "$unbound_conf" +fi + +if [ ! -f "$unbound_conf" ] || \ + [ "$(cat "$unbound_conf")" != "$(printf %s "$newconf")" ] +then + printf %s "$newconf" >"$unbound_conf" + # If we can't sent a HUP then force a restart + if [ -s "$unbound_pid" ]; then + if ! kill -HUP $(cat "$unbound_pid") 2>/dev/null; then + eval $unbound_restart + fi + else + eval $unbound_restart + fi +fi diff --git a/external/bsd/openresolv/sbin/Makefile b/external/bsd/openresolv/sbin/Makefile new file mode 100644 index 000000000..7b1493365 --- /dev/null +++ b/external/bsd/openresolv/sbin/Makefile @@ -0,0 +1,5 @@ +# $NetBSD: Makefile,v 1.1 2009/11/21 03:24:31 roy Exp $ + +SUBDIR= resolvconf + +.include diff --git a/external/bsd/openresolv/sbin/Makefile.inc b/external/bsd/openresolv/sbin/Makefile.inc new file mode 100644 index 000000000..43276a73d --- /dev/null +++ b/external/bsd/openresolv/sbin/Makefile.inc @@ -0,0 +1,5 @@ +# $NetBSD: Makefile.inc,v 1.1 2009/11/21 03:24:31 roy Exp $ + +.include + +BINDIR= /sbin diff --git a/external/bsd/openresolv/sbin/resolvconf/Makefile b/external/bsd/openresolv/sbin/resolvconf/Makefile new file mode 100644 index 000000000..c2c00c611 --- /dev/null +++ b/external/bsd/openresolv/sbin/resolvconf/Makefile @@ -0,0 +1,38 @@ +# $NetBSD: Makefile,v 1.6 2013/07/12 17:32:47 roy Exp $ +# + +.include + +DIST= ${NETBSDSRCDIR}/external/bsd/openresolv/dist +.PATH: ${DIST} + +SCRIPTS= resolvconf +SCRIPTSDIR= /sbin + +FILES= libc dnsmasq named unbound +FILESDIR= /libexec/resolvconf +# We should not have to do this ... +.for f in ${FILES} +FILESBUILD_$f= yes +.endfor + +MAN= resolvconf.conf.5 resolvconf.8 + +CLEANFILES= ${SCRIPTS} ${FILES} ${MAN} + +CMD1= \1 status >/dev/null 2>\&1 +CMD2= \1 restart +RESTARTCMD= if /etc/rc.d/${CMD1}; then /etc/rc.d/${CMD2}; fi +.for f in ${SCRIPTS} ${FILES} ${MAN} +${f}: Makefile ${f}.in + ${TOOL_SED} -e 's:@PREFIX@::g' \ + -e 's:@SBINDIR@:/sbin:g' \ + -e 's:@RCDIR@:/etc/rc.d:g' \ + -e 's:@SYSCONFDIR@:/etc:g' \ + -e 's:@LIBEXECDIR@:/libexec/resolvconf:g' \ + -e 's:@VARDIR@:/var/run/resolvconf:g' \ + -e 's:@RESTARTCMD \(.*\)@:${RESTARTCMD}:g' \ + ${DIST}/${f}.in > $@ +.endfor + +.include diff --git a/share/man/man5/Makefile b/share/man/man5/Makefile index ef3d1b5c3..c0bee0589 100644 --- a/share/man/man5/Makefile +++ b/share/man/man5/Makefile @@ -14,7 +14,7 @@ MAN= \ \ nsswitch.conf.5 \ rc.conf.5 \ - \ + resolv.conf.5 \ \ \ @@ -24,7 +24,7 @@ MAN= \ #MLINKS+=fs.5 inode.5 #MLINKS+=hosts.equiv.5 rhosts.5 #MLINKS+=monthly.5 monthly.conf.5 -#MLINKS+=resolv.conf.5 resolver.5 +MLINKS+=resolv.conf.5 resolver.5 #MLINKS+=utmp.5 wtmp.5 utmp.5 lastlog.5 passwd.5 master.passwd.5 #MLINKS+=utmpx.5 wtmpx.5 utmpx.5 lastlogx.5 #MLINKS+=weekly.5 weekly.conf.5 diff --git a/share/man/man5/resolv.conf.5 b/share/man/man5/resolv.conf.5 new file mode 100644 index 000000000..9a9e66bde --- /dev/null +++ b/share/man/man5/resolv.conf.5 @@ -0,0 +1,296 @@ +.\" $NetBSD: resolv.conf.5,v 1.30 2012/09/09 18:09:24 christos Exp $ +.\" +.\" Copyright (c) 1986, 1991 The Regents of the University of California. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)resolver.5 5.12 (Berkeley) 5/10/91 +.\" +.Dd September 9, 2012 +.Dt RESOLV.CONF 5 +.Os +.Sh NAME +.Nm resolv.conf +.Nd resolver configuration file +.Sh DESCRIPTION +The +.Nm resolv.conf +file specifies how the +.Xr resolver 3 +routines in the C library +(which provide access to the Internet Domain Name System) should operate. +The resolver configuration file contains information that is read +by the resolver routines the first time they are invoked by a process. +The file is designed to be human readable and contains a list of +keywords with values that provide various types of resolver information. +.Pp +On a normally configured system this file should not be necessary. +The only name server to be queried will be on the local machine, +the domain name is determined from the host name, +and the domain search path is constructed from the domain name. +.Pp +The different configuration options are: +.Bl -tag -width nameserver +.It Sy nameserver +IPv4 address +.Pq in dot notation +or IPv6 address +.Pq in hex-and-colon notation +of a name server that the resolver should query. +Scoped IPv6 address notation is accepted as well +.Po +see +.Xr inet6 4 +for details +.Pc . +Up to +.Dv MAXNS +(currently 3) name servers may be listed, +one per keyword. +If there are multiple servers, +the resolver library queries them in the order listed. +If no +.Sy nameserver +entries are present, +the default is to use the name server on the local machine. +(The algorithm used is to try a name server, and if the query times out, +try the next, until out of name servers, +then repeat trying all the name servers +until a maximum number of retries are made). +.It Sy domain +Local domain name. +Most queries for names within this domain can use short names +relative to the local domain. +If no +.Sy domain +entry is present, the domain is determined +from the local host name returned by +.Xr gethostname 3 ; +the domain part is taken to be everything after the first +.Sq \&. . +Finally, if the host name does not contain a domain part, the root +domain is assumed. +.It Sy lookup +This keyword is now ignored: its function has been superseded by +features of +.Xr nsswitch.conf 5 . +.Pp +.It Sy search +Search list for host-name lookup. +The search list is normally determined from the local domain name; +by default, it begins with the local domain name, then successive +parent domains that have at least two components in their names. +This may be changed by listing the desired domain search path +following the +.Sy search +keyword with spaces or tabs separating +the names. +Most resolver queries will be attempted using each component +of the search path in turn until a match is found. +Note that this process may be slow and will generate a lot of network +traffic if the servers for the listed domains are not local, +and that queries will time out if no server is available +for one of the domains. +.Pp +The search list is currently limited to six domains +with a total of 1024 characters. +.It Sy sortlist +Sortlist allows addresses returned by gethostbyname to +be sorted. +A sortlist is specified by IP address netmask pairs. +The netmask is optional and defaults to the natural +netmask of the net. +The IP address and optional network pairs are separated by +slashes. +Up to 10 pairs may be specified, ie. +.Pp +.Sy sortlist 130.155.160.0/255.255.240.0 130.155.0.0 +.It Sy options +Options allows certain internal resolver variables to be modified. +The syntax is: +.Pp +.Sy options option ... +.Pp +where option is one of the following: +.Bl -tag -width no-check-names +.It Sy debug +enable debugging information, by setting RES_DEBUG in _res.options +(see +.Xr resolver 3 ) . +.It Sy ndots:n +sets a threshold for the number of dots which +must appear in a name given to res_query (see +.Xr resolver 3 ) +before an initial absolute query will be made. +The default for n is 1, meaning that if there are any +dots in a name, the name will be tried first as an absolute +name before any search list elements are appended to it. +.It Sy timeout:n +sets the amount of time the resolver will wait for a response from a remote +name server before retrying the query via a different name server. +Measured in seconds, the default is +.Dv RES_TIMEOUT +(see +.Aq Pa resolv.h ) . +.It Sy attempts:n +sets the number of times the resolver will send a query to its name servers +before giving up and returning an error to the calling application. +The default is +.Dv RES_DFLRETRY +(see +.Aq Pa resolv.h ) . +.It Sy rotate +sets +.Dv RES_ROTATE +in +.Ft _res.options , +which causes round robin selection of nameservers from among those listed. +This has the effect of spreading the query load among all listed servers, +rather than having all clients try the first listed server first every time. +.It Sy no-check-names +sets +.Dv RES_NOCHECKNAME +in +.Ft _res.options , +which disables the modern BIND checking of incoming host names and mail names +for invalid characters such as underscore +.Pq Sq _ , +non-ASCII, or control characters. +This is the default. +.It Sy check-names +clears +.Dv RES_NOCHECKNAME +in +.Ft _res.options , +which enables the modern BIND checking of incoming host names and mail names +as described above. +.It Sy edns0 +attach OPT pseudo-RR for ENDS0 extension specified in RFC 2671, +to inform DNS server of our receive buffer size. +The option will allow DNS servers to take advantage of non-default receive +buffer size, and to send larger replies. +DNS query packets with EDNS0 extension is not compatible with +non-EDNS0 DNS servers. +The option must be used only when all the DNS servers listed in +.Sy nameserver +lines are able to handle EDNS0 extension. +.It Sy inet6 +enable support for IPv6-only applications, by setting RES_USE_INET6 in +_res.options (see +.Xr resolver 3 ) . +The option is meaningful with certain kernel configuration only and +use of this option is discouraged. +.It Sy insecure1 +Do not require IP source address on the reply packet to be equal to the +servers' address. +.It Sy insecure2 +Do not check if the query section of the reply packet is equal +to that of the query packet. +For testing purposes only. +.It Sy no-tld-query +sets +.Dv RES_NOTLDQUERY +in +.Ft _res.options . +This option causes +.Fn res_nsearch +to not attempt to resolve a unqualified name as if it were a top level +domain (TLD). +This option can cause problems if the site has +.Dq localhost +as a TLD rather +than having localhost on one or more elements of the search list. +This option has no effect if neither +.Dv RES_DEFNAMES +or +.Dv RES_DNSRCH +is set. +.El +.El +.Pp +The +.Sy domain +and +.Sy search +keywords are mutually exclusive. +If more than one instance of these keywords is present, +the last instance will override. +.Pp +The +.Sy search +keyword of a system's +.Pa resolv.conf +file can be overridden on a per-process basis by setting the +environment variable +.Ev LOCALDOMAIN +to a space-separated list of search domains. +.Pp +The +.Sy options +keyword of a system's +.Pa resolv.conf +file can be amended on a per-process basis by setting the +environment variable +.Ev RES_OPTIONS +to a space-separated list of resolver options as explained above. +.Pp +The keyword and value must appear on a single line, and the keyword +(e.g. +.Sy nameserver ) +must start the line. +The value follows the keyword, separated by white space. +.Sh FILES +.Bl -tag -width /etc/resolv.conf -compact +.It Pa /etc/resolv.conf +The file +.Nm resolv.conf +resides in +.Pa /etc . +.El +.Sh SEE ALSO +.Xr gethostbyname 3 , +.Xr resolver 3 , +.Xr nsswitch.conf 5 , +.Xr hostname 7 , +.Xr named 8 , +.Xr resolvconf 8 +.Rs +.%A Paul Vixie +.%A Kevin J. Dunlap +.%A Michael J. Karels +.%T "Name Server Operations Guide for BIND" +.%N Release 4.9.4 +.%I CSRG , +.%I Department of Electrical Engineering and Computer Sciences , +.%I University of California, Berkeley +.%D July 16, 1996 +.%U http://www.dns.net/dnsrd/docs/bog/bog.html +.Re +.Sh HISTORY +The +.Nm resolv.conf +file format appeared in +.Bx 4.3 .