This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 077ea717e035aa5fa37ce670957d3312fcaabcf1 (commit)
via 811f3d3050c713c9e86572c922734a5f44d70797 (commit)
via cc53e7ef230255bbf2ebf6ed6af8206d88206e8e (commit)
via 36792be6ce3775b86a58e4696f793ead2dc97e7f (commit)
via 6f5d8f0cce3c8eeab754f00ad2e367ffc83112b2 (commit)
via a66c4880d9a43893933bdaf19ca64654a6ebe210 (commit)
from 266735a12faddf4635d2b3a772c4f4e9a472763c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 077ea717e035aa5fa37ce670957d3312fcaabcf1
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Sep 12 21:14:44 2016 +0100
unbound+DHCP: Set TTL for local leases to 1m
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 811f3d3050c713c9e86572c922734a5f44d70797
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Sep 12 21:13:25 2016 +0100
unbound: Start service after network has been brought up
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit cc53e7ef230255bbf2ebf6ed6af8206d88206e8e
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Sep 12 20:52:51 2016 +0100
unbound: Restart after local hosts have been modified
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 36792be6ce3775b86a58e4696f793ead2dc97e7f
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Sep 12 20:46:02 2016 +0100
DNS: Import local hosts into unbound
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 6f5d8f0cce3c8eeab754f00ad2e367ffc83112b2
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Sep 12 20:20:08 2016 +0100
Start unbound+DHCP bridge only when DHCP server is running
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit a66c4880d9a43893933bdaf19ca64654a6ebe210
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon Sep 12 20:11:47 2016 +0100
unbound: Start service at system boot
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/common/armv5tel/initscripts | 3 ++
config/rootfiles/common/i586/initscripts | 3 ++
config/rootfiles/common/x86_64/initscripts | 3 ++
config/unbound/unbound-dhcp-leases-bridge | 6 ++-
html/cgi-bin/hosts.cgi | 1 +
lfs/initscripts | 3 ++
src/initscripts/init.d/dhcp | 12 +++++
src/initscripts/init.d/unbound | 31 ++++++-----
src/misc-progs/rebuildhosts.c | 79 ----------------------------
9 files changed, 47 insertions(+), 94 deletions(-)
Difference in files:
diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts
index e3d48c2..9b62320 100644
--- a/config/rootfiles/common/armv5tel/initscripts
+++ b/config/rootfiles/common/armv5tel/initscripts
@@ -162,6 +162,7 @@ etc/rc.d/rc0.d/K49cyrus-sasl
etc/rc.d/rc0.d/K51vnstat
etc/rc.d/rc0.d/K78snort
etc/rc.d/rc0.d/K79leds
+etc/rc.d/rc6.d/K79unbound
etc/rc.d/rc0.d/K80network
etc/rc.d/rc0.d/K82wlanclient
#etc/rc.d/rc0.d/K84bluetooth
@@ -182,6 +183,7 @@ etc/rc.d/rc3.d/S15fireinfo
etc/rc.d/rc3.d/S19smartenabler
etc/rc.d/rc3.d/S19wlanclient
etc/rc.d/rc3.d/S20network
+etc/rc.d/rc3.d/S21unbound
etc/rc.d/rc3.d/S21leds
etc/rc.d/rc3.d/S24cyrus-sasl
etc/rc.d/rc3.d/S25random
@@ -211,6 +213,7 @@ etc/rc.d/rc6.d/K49cyrus-sasl
etc/rc.d/rc6.d/K51vnstat
etc/rc.d/rc6.d/K78snort
etc/rc.d/rc6.d/K79leds
+etc/rc.d/rc6.d/K79unbound
etc/rc.d/rc6.d/K80network
etc/rc.d/rc6.d/K82wlanclient
#etc/rc.d/rc6.d/K84bluetooth
diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts
index 8fb1680..9ac1ce4 100644
--- a/config/rootfiles/common/i586/initscripts
+++ b/config/rootfiles/common/i586/initscripts
@@ -164,6 +164,7 @@ etc/rc.d/rc0.d/K49cyrus-sasl
etc/rc.d/rc0.d/K51vnstat
etc/rc.d/rc0.d/K78snort
etc/rc.d/rc0.d/K79leds
+etc/rc.d/rc6.d/K79unbound
etc/rc.d/rc0.d/K80network
etc/rc.d/rc0.d/K82wlanclient
#etc/rc.d/rc0.d/K84bluetooth
@@ -186,6 +187,7 @@ etc/rc.d/rc3.d/S15fireinfo
etc/rc.d/rc3.d/S19smartenabler
etc/rc.d/rc3.d/S19wlanclient
etc/rc.d/rc3.d/S20network
+etc/rc.d/rc3.d/S21unbound
etc/rc.d/rc3.d/S21leds
etc/rc.d/rc3.d/S24cyrus-sasl
etc/rc.d/rc3.d/S25random
@@ -215,6 +217,7 @@ etc/rc.d/rc6.d/K49cyrus-sasl
etc/rc.d/rc6.d/K51vnstat
etc/rc.d/rc6.d/K78snort
etc/rc.d/rc6.d/K79leds
+etc/rc.d/rc6.d/K79unbound
etc/rc.d/rc6.d/K80network
etc/rc.d/rc6.d/K82wlanclient
#etc/rc.d/rc6.d/K84bluetooth
diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts
index 8fb1680..9ac1ce4 100644
--- a/config/rootfiles/common/x86_64/initscripts
+++ b/config/rootfiles/common/x86_64/initscripts
@@ -164,6 +164,7 @@ etc/rc.d/rc0.d/K49cyrus-sasl
etc/rc.d/rc0.d/K51vnstat
etc/rc.d/rc0.d/K78snort
etc/rc.d/rc0.d/K79leds
+etc/rc.d/rc6.d/K79unbound
etc/rc.d/rc0.d/K80network
etc/rc.d/rc0.d/K82wlanclient
#etc/rc.d/rc0.d/K84bluetooth
@@ -186,6 +187,7 @@ etc/rc.d/rc3.d/S15fireinfo
etc/rc.d/rc3.d/S19smartenabler
etc/rc.d/rc3.d/S19wlanclient
etc/rc.d/rc3.d/S20network
+etc/rc.d/rc3.d/S21unbound
etc/rc.d/rc3.d/S21leds
etc/rc.d/rc3.d/S24cyrus-sasl
etc/rc.d/rc3.d/S25random
@@ -215,6 +217,7 @@ etc/rc.d/rc6.d/K49cyrus-sasl
etc/rc.d/rc6.d/K51vnstat
etc/rc.d/rc6.d/K78snort
etc/rc.d/rc6.d/K79leds
+etc/rc.d/rc6.d/K79unbound
etc/rc.d/rc6.d/K80network
etc/rc.d/rc6.d/K82wlanclient
#etc/rc.d/rc6.d/K84bluetooth
diff --git a/config/unbound/unbound-dhcp-leases-bridge b/config/unbound/unbound-dhcp-leases-bridge
index 61bd5d0..06bff2e 100644
--- a/config/unbound/unbound-dhcp-leases-bridge
+++ b/config/unbound/unbound-dhcp-leases-bridge
@@ -30,6 +30,8 @@ import subprocess
import inotify.adapters
+LOCAL_TTL = 60
+
def setup_logging(loglevel=logging.INFO):
log = logging.getLogger("dhcp")
log.setLevel(loglevel)
@@ -255,10 +257,10 @@ class Lease(object):
def rrset(self):
return [
# Forward record
- (self.fqdn, "IN A", self.ipaddr),
+ (self.fqdn, LOCAL_TTL, "IN A", self.ipaddr),
# Reverse record
- (self.ipaddr, "IN PTR", self.fqdn),
+ (self.ipaddr, LOCAL_TTL, "IN PTR", self.fqdn),
]
diff --git a/html/cgi-bin/hosts.cgi b/html/cgi-bin/hosts.cgi
index e3463d1..41fe8a5 100644
--- a/html/cgi-bin/hosts.cgi
+++ b/html/cgi-bin/hosts.cgi
@@ -462,4 +462,5 @@ sub SortDataFile
#
sub BuildConfiguration {
system '/usr/local/bin/rebuildhosts';
+ system '/usr/local/bin/unboundctrl restart &>/dev/null';
}
diff --git a/lfs/initscripts b/lfs/initscripts
index 5e2cd24..4369ffe 100644
--- a/lfs/initscripts
+++ b/lfs/initscripts
@@ -127,6 +127,9 @@ $(TARGET) :
ln -sf ../init.d/network /etc/rc.d/rc0.d/K80network
ln -sf ../init.d/network /etc/rc.d/rc3.d/S20network
ln -sf ../init.d/network /etc/rc.d/rc6.d/K80network
+ ln -sf ../init.d/unbound /etc/rc.d/rc0.d/K79unbound
+ ln -sf ../init.d/unbound /etc/rc.d/rc3.d/S21unbound
+ ln -sf ../init.d/unbound /etc/rc.d/rc6.d/K79unbound
ln -sf ../init.d/random /etc/rc.d/rc0.d/K45random
ln -sf ../init.d/random /etc/rc.d/rc3.d/S25random
ln -sf ../init.d/random /etc/rc.d/rc6.d/K45random
diff --git a/src/initscripts/init.d/dhcp b/src/initscripts/init.d/dhcp
index 083a555..2182bc4 100644
--- a/src/initscripts/init.d/dhcp
+++ b/src/initscripts/init.d/dhcp
@@ -7,7 +7,9 @@
. /etc/sysconfig/rc
. $rc_functions
+
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
+eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings)
function flush_chains() {
iptables -F DHCPGREENINPUT
@@ -36,6 +38,12 @@ case "$1" in
boot_mesg "Starting DHCP Server..."
loadproc /usr/sbin/dhcpd -q ${devices}
+ # Start Unbound DHCP Lease Bridge unless RFC2136 is used
+ if [ "${DNS_UPDATE_ENABLED}" != on ]; then
+ boot_mesg "Starting Unbound DHCP Leases Bridge..."
+ loadproc /usr/sbin/unbound-dhcp-leases-bridge -d
+ fi
+
(sleep 5 && chmod 644 /var/run/dhcpd.pid) & # Fix because silly dhcpd creates its pid with mode 640
;;
@@ -52,6 +60,9 @@ case "$1" in
echo_ok;
exit 0
fi
+
+ boot_mesg "Stopping Unbound DHCP Leases Bridge..."
+ killproc /usr/sbin/unbound-dhcp-leases-bridge
;;
reload)
@@ -67,6 +78,7 @@ case "$1" in
status)
statusproc /usr/sbin/dhcpd
+ statusproc /usr/sbin/unbound-dhcp-leases-bridge
;;
*)
diff --git a/src/initscripts/init.d/unbound b/src/initscripts/init.d/unbound
index f3d35cf..6496265 100644
--- a/src/initscripts/init.d/unbound
+++ b/src/initscripts/init.d/unbound
@@ -3,15 +3,15 @@
# Description : Unbound DNS resolver boot script for IPfire
# Author : Marcel Lorenz <marcel.lorenz(a)ipfire.org>
-#
-# Comment : This init script additional starts the dhcpd watcher daemon
-# if DNS-Update (RFC2136) in web interface enabled
. /etc/sysconfig/rc
. ${rc_functions}
USE_FORWARDERS=1
+# Cache any local zones for 60 seconds
+LOCAL_TTL=60
+
# Load optional configuration
[ -e "/etc/sysconfig/unbound" ] && . /etc/sysconfig/unbound
@@ -67,6 +67,19 @@ update_forwarders() {
fi
}
+update_hosts() {
+ local enabled address hostname domainname
+
+ while IFS="," read -r enabled address hostname domainname; do
+ [ "${enabled}" = "on" ] || continue
+
+ # Build FQDN
+ local fqdn="${hostname}.${domainname}"
+
+ unbound-control -q local_data "${fqdn} ${LOCAL_TTL} IN A ${address}"
+ done < /var/ipfire/main/hosts
+}
+
write_interfaces_conf() {
(
config_header
@@ -169,7 +182,6 @@ get_memory_amount() {
case "$1" in
start)
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
- eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings)
# Create control keys at first run
if [ ! -r "/etc/unbound/unbound_control.key" ]; then
@@ -187,17 +199,11 @@ case "$1" in
# Update any known forwarding name servers
update_forwarders
- # Start Unbound DHCP Lease Bridge unless RFC2136 is used
- if [ "${DNS_UPDATE_ENABLED}" != on ]; then
- boot_mesg "Starting Unbound DHCP Leases Bridge..."
- loadproc /usr/sbin/unbound-dhcp-leases-bridge -d
- fi
+ # Update hosts
+ update_hosts
;;
stop)
- boot_mesg "Stopping Unbound DHCP Leases Bridge..."
- killproc /usr/sbin/unbound-dhcp-leases-bridge
-
boot_mesg "Stopping Unbound DNS Proxy..."
killproc /usr/sbin/unbound
;;
@@ -210,7 +216,6 @@ case "$1" in
status)
statusproc /usr/sbin/unbound
- statusproc /usr/sbin/unbound-dhcp-leases-bridge
;;
update-forwarders)
diff --git a/src/misc-progs/rebuildhosts.c b/src/misc-progs/rebuildhosts.c
index f77c2df..549c653 100644
--- a/src/misc-progs/rebuildhosts.c
+++ b/src/misc-progs/rebuildhosts.c
@@ -14,16 +14,13 @@
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
-#include <fcntl.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
-#include <signal.h>
#include "setuid.h"
#include "netutil.h"
-FILE *fd = NULL;
FILE *hosts = NULL;
FILE *gw = NULL;
struct keyvalue *kv = NULL;
@@ -32,8 +29,6 @@ void exithandler(void)
{
if (kv)
freekeyvalues(kv);
- if (fd)
- fclose(fd);
if (hosts)
fclose(hosts);
if (gw)
@@ -42,22 +37,16 @@ void exithandler(void)
int main(int argc, char *argv[])
{
- int fdpid;
char hostname[STRING_SIZE] = "";
char domainname[STRING_SIZE] = "";
char gateway[STRING_SIZE] = "";
- char buffer[STRING_SIZE];
char address[STRING_SIZE] = "";
- char *active, *ip, *host, *domain;
- int pid;
if (!(initsetuid()))
exit(1);
atexit(exithandler);
- memset(buffer, 0, STRING_SIZE);
-
kv = initkeyvalues();
if (!(readkeyvalues(kv, CONFIG_ROOT "/ethernet/settings")))
{
@@ -88,17 +77,9 @@ int main(int argc, char *argv[])
fprintf(stderr, "Couldn't open remote-ipaddress file\n");
}
- if (!(fd = fopen(CONFIG_ROOT "/main/hosts", "r")))
- {
- fprintf(stderr, "Couldn't open main hosts file\n");
- exit(1);
- }
-
if (!(hosts = fopen("/etc/hosts", "w")))
{
fprintf(stderr, "Couldn't open /etc/hosts file\n");
- fclose(fd);
- fd = NULL;
exit(1);
}
fprintf(hosts, "127.0.0.1\tlocalhost\n");
@@ -110,65 +91,5 @@ int main(int argc, char *argv[])
if (strlen(gateway) > 0)
fprintf(hosts, "%s\tgateway\n", gateway);
- while (fgets(buffer, STRING_SIZE, fd))
- {
- buffer[strlen(buffer) - 1] = 0;
- if (buffer[0]==',') continue; /* disabled if empty field */
- active = strtok(buffer, ",");
- if (strcmp(active, "off")==0) continue; /* or 'off' */
-
- ip = strtok(NULL, ",");
- host = strtok(NULL, ",");
- domain = strtok(NULL, ",");
-
- if (!(ip && host))
- continue; // bad line ? skip
-
- if (!VALID_IP(ip))
- {
- fprintf(stderr, "Bad IP: %s\n", ip);
- continue; /* bad ip, skip */
- }
-
- if (strspn(host, LETTERS_NUMBERS "-") != strlen(host))
- {
- fprintf(stderr, "Bad Host: %s\n", host);
- continue; /* bad name, skip */
- }
-
- if (domain)
- fprintf(hosts, "%s\t%s.%s\t%s\n",ip,host,domain,host);
- else
- fprintf(hosts, "%s\t%s\n",ip,host);
- }
- fclose(fd);
- fd = NULL;
- fclose(hosts);
- hosts = NULL;
-
- if ((fdpid = open("/var/run/dnsmasq.pid", O_RDONLY)) == -1)
- {
- fprintf(stderr, "Couldn't open pid file\n");
- exit(1);
- }
- if (read(fdpid, buffer, STRING_SIZE - 1) == -1)
- {
- fprintf(stderr, "Couldn't read from pid file\n");
- close(fdpid);
- exit(1);
- }
- close(fdpid);
- pid = atoi(buffer);
- if (pid <= 1)
- {
- fprintf(stderr, "Bad pid value\n");
- exit(1);
- }
- if (kill(pid, SIGHUP) == -1)
- {
- fprintf(stderr, "Unable to send SIGHUP\n");
- exit(1);
- }
-
return 0;
}
hooks/post-receive
--
IPFire 2.x development tree