This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 077ea717e035aa5fa37ce670957d3312fcaabcf1 (commit) via 811f3d3050c713c9e86572c922734a5f44d70797 (commit) via cc53e7ef230255bbf2ebf6ed6af8206d88206e8e (commit) via 36792be6ce3775b86a58e4696f793ead2dc97e7f (commit) via 6f5d8f0cce3c8eeab754f00ad2e367ffc83112b2 (commit) via a66c4880d9a43893933bdaf19ca64654a6ebe210 (commit) from 266735a12faddf4635d2b3a772c4f4e9a472763c (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 077ea717e035aa5fa37ce670957d3312fcaabcf1 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Sep 12 21:14:44 2016 +0100
unbound+DHCP: Set TTL for local leases to 1m
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 811f3d3050c713c9e86572c922734a5f44d70797 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Sep 12 21:13:25 2016 +0100
unbound: Start service after network has been brought up
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit cc53e7ef230255bbf2ebf6ed6af8206d88206e8e Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Sep 12 20:52:51 2016 +0100
unbound: Restart after local hosts have been modified
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 36792be6ce3775b86a58e4696f793ead2dc97e7f Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Sep 12 20:46:02 2016 +0100
DNS: Import local hosts into unbound
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 6f5d8f0cce3c8eeab754f00ad2e367ffc83112b2 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Sep 12 20:20:08 2016 +0100
Start unbound+DHCP bridge only when DHCP server is running
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit a66c4880d9a43893933bdaf19ca64654a6ebe210 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Sep 12 20:11:47 2016 +0100
unbound: Start service at system boot
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/common/armv5tel/initscripts | 3 ++ config/rootfiles/common/i586/initscripts | 3 ++ config/rootfiles/common/x86_64/initscripts | 3 ++ config/unbound/unbound-dhcp-leases-bridge | 6 ++- html/cgi-bin/hosts.cgi | 1 + lfs/initscripts | 3 ++ src/initscripts/init.d/dhcp | 12 +++++ src/initscripts/init.d/unbound | 31 ++++++----- src/misc-progs/rebuildhosts.c | 79 ---------------------------- 9 files changed, 47 insertions(+), 94 deletions(-)
Difference in files: diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts index e3d48c2..9b62320 100644 --- a/config/rootfiles/common/armv5tel/initscripts +++ b/config/rootfiles/common/armv5tel/initscripts @@ -162,6 +162,7 @@ etc/rc.d/rc0.d/K49cyrus-sasl etc/rc.d/rc0.d/K51vnstat etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds +etc/rc.d/rc6.d/K79unbound etc/rc.d/rc0.d/K80network etc/rc.d/rc0.d/K82wlanclient #etc/rc.d/rc0.d/K84bluetooth @@ -182,6 +183,7 @@ etc/rc.d/rc3.d/S15fireinfo etc/rc.d/rc3.d/S19smartenabler etc/rc.d/rc3.d/S19wlanclient etc/rc.d/rc3.d/S20network +etc/rc.d/rc3.d/S21unbound etc/rc.d/rc3.d/S21leds etc/rc.d/rc3.d/S24cyrus-sasl etc/rc.d/rc3.d/S25random @@ -211,6 +213,7 @@ etc/rc.d/rc6.d/K49cyrus-sasl etc/rc.d/rc6.d/K51vnstat etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds +etc/rc.d/rc6.d/K79unbound etc/rc.d/rc6.d/K80network etc/rc.d/rc6.d/K82wlanclient #etc/rc.d/rc6.d/K84bluetooth diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts index 8fb1680..9ac1ce4 100644 --- a/config/rootfiles/common/i586/initscripts +++ b/config/rootfiles/common/i586/initscripts @@ -164,6 +164,7 @@ etc/rc.d/rc0.d/K49cyrus-sasl etc/rc.d/rc0.d/K51vnstat etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds +etc/rc.d/rc6.d/K79unbound etc/rc.d/rc0.d/K80network etc/rc.d/rc0.d/K82wlanclient #etc/rc.d/rc0.d/K84bluetooth @@ -186,6 +187,7 @@ etc/rc.d/rc3.d/S15fireinfo etc/rc.d/rc3.d/S19smartenabler etc/rc.d/rc3.d/S19wlanclient etc/rc.d/rc3.d/S20network +etc/rc.d/rc3.d/S21unbound etc/rc.d/rc3.d/S21leds etc/rc.d/rc3.d/S24cyrus-sasl etc/rc.d/rc3.d/S25random @@ -215,6 +217,7 @@ etc/rc.d/rc6.d/K49cyrus-sasl etc/rc.d/rc6.d/K51vnstat etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds +etc/rc.d/rc6.d/K79unbound etc/rc.d/rc6.d/K80network etc/rc.d/rc6.d/K82wlanclient #etc/rc.d/rc6.d/K84bluetooth diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts index 8fb1680..9ac1ce4 100644 --- a/config/rootfiles/common/x86_64/initscripts +++ b/config/rootfiles/common/x86_64/initscripts @@ -164,6 +164,7 @@ etc/rc.d/rc0.d/K49cyrus-sasl etc/rc.d/rc0.d/K51vnstat etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds +etc/rc.d/rc6.d/K79unbound etc/rc.d/rc0.d/K80network etc/rc.d/rc0.d/K82wlanclient #etc/rc.d/rc0.d/K84bluetooth @@ -186,6 +187,7 @@ etc/rc.d/rc3.d/S15fireinfo etc/rc.d/rc3.d/S19smartenabler etc/rc.d/rc3.d/S19wlanclient etc/rc.d/rc3.d/S20network +etc/rc.d/rc3.d/S21unbound etc/rc.d/rc3.d/S21leds etc/rc.d/rc3.d/S24cyrus-sasl etc/rc.d/rc3.d/S25random @@ -215,6 +217,7 @@ etc/rc.d/rc6.d/K49cyrus-sasl etc/rc.d/rc6.d/K51vnstat etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds +etc/rc.d/rc6.d/K79unbound etc/rc.d/rc6.d/K80network etc/rc.d/rc6.d/K82wlanclient #etc/rc.d/rc6.d/K84bluetooth diff --git a/config/unbound/unbound-dhcp-leases-bridge b/config/unbound/unbound-dhcp-leases-bridge index 61bd5d0..06bff2e 100644 --- a/config/unbound/unbound-dhcp-leases-bridge +++ b/config/unbound/unbound-dhcp-leases-bridge @@ -30,6 +30,8 @@ import subprocess
import inotify.adapters
+LOCAL_TTL = 60 + def setup_logging(loglevel=logging.INFO): log = logging.getLogger("dhcp") log.setLevel(loglevel) @@ -255,10 +257,10 @@ class Lease(object): def rrset(self): return [ # Forward record - (self.fqdn, "IN A", self.ipaddr), + (self.fqdn, LOCAL_TTL, "IN A", self.ipaddr),
# Reverse record - (self.ipaddr, "IN PTR", self.fqdn), + (self.ipaddr, LOCAL_TTL, "IN PTR", self.fqdn), ]
diff --git a/html/cgi-bin/hosts.cgi b/html/cgi-bin/hosts.cgi index e3463d1..41fe8a5 100644 --- a/html/cgi-bin/hosts.cgi +++ b/html/cgi-bin/hosts.cgi @@ -462,4 +462,5 @@ sub SortDataFile # sub BuildConfiguration { system '/usr/local/bin/rebuildhosts'; + system '/usr/local/bin/unboundctrl restart &>/dev/null'; } diff --git a/lfs/initscripts b/lfs/initscripts index 5e2cd24..4369ffe 100644 --- a/lfs/initscripts +++ b/lfs/initscripts @@ -127,6 +127,9 @@ $(TARGET) : ln -sf ../init.d/network /etc/rc.d/rc0.d/K80network ln -sf ../init.d/network /etc/rc.d/rc3.d/S20network ln -sf ../init.d/network /etc/rc.d/rc6.d/K80network + ln -sf ../init.d/unbound /etc/rc.d/rc0.d/K79unbound + ln -sf ../init.d/unbound /etc/rc.d/rc3.d/S21unbound + ln -sf ../init.d/unbound /etc/rc.d/rc6.d/K79unbound ln -sf ../init.d/random /etc/rc.d/rc0.d/K45random ln -sf ../init.d/random /etc/rc.d/rc3.d/S25random ln -sf ../init.d/random /etc/rc.d/rc6.d/K45random diff --git a/src/initscripts/init.d/dhcp b/src/initscripts/init.d/dhcp index 083a555..2182bc4 100644 --- a/src/initscripts/init.d/dhcp +++ b/src/initscripts/init.d/dhcp @@ -7,7 +7,9 @@
. /etc/sysconfig/rc . $rc_functions + eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) +eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings)
function flush_chains() { iptables -F DHCPGREENINPUT @@ -36,6 +38,12 @@ case "$1" in boot_mesg "Starting DHCP Server..." loadproc /usr/sbin/dhcpd -q ${devices}
+ # Start Unbound DHCP Lease Bridge unless RFC2136 is used + if [ "${DNS_UPDATE_ENABLED}" != on ]; then + boot_mesg "Starting Unbound DHCP Leases Bridge..." + loadproc /usr/sbin/unbound-dhcp-leases-bridge -d + fi + (sleep 5 && chmod 644 /var/run/dhcpd.pid) & # Fix because silly dhcpd creates its pid with mode 640 ;;
@@ -52,6 +60,9 @@ case "$1" in echo_ok; exit 0 fi + + boot_mesg "Stopping Unbound DHCP Leases Bridge..." + killproc /usr/sbin/unbound-dhcp-leases-bridge ;;
reload) @@ -67,6 +78,7 @@ case "$1" in
status) statusproc /usr/sbin/dhcpd + statusproc /usr/sbin/unbound-dhcp-leases-bridge ;;
*) diff --git a/src/initscripts/init.d/unbound b/src/initscripts/init.d/unbound index f3d35cf..6496265 100644 --- a/src/initscripts/init.d/unbound +++ b/src/initscripts/init.d/unbound @@ -3,15 +3,15 @@
# Description : Unbound DNS resolver boot script for IPfire # Author : Marcel Lorenz marcel.lorenz@ipfire.org -# -# Comment : This init script additional starts the dhcpd watcher daemon -# if DNS-Update (RFC2136) in web interface enabled
. /etc/sysconfig/rc . ${rc_functions}
USE_FORWARDERS=1
+# Cache any local zones for 60 seconds +LOCAL_TTL=60 + # Load optional configuration [ -e "/etc/sysconfig/unbound" ] && . /etc/sysconfig/unbound
@@ -67,6 +67,19 @@ update_forwarders() { fi }
+update_hosts() { + local enabled address hostname domainname + + while IFS="," read -r enabled address hostname domainname; do + [ "${enabled}" = "on" ] || continue + + # Build FQDN + local fqdn="${hostname}.${domainname}" + + unbound-control -q local_data "${fqdn} ${LOCAL_TTL} IN A ${address}" + done < /var/ipfire/main/hosts +} + write_interfaces_conf() { ( config_header @@ -169,7 +182,6 @@ get_memory_amount() { case "$1" in start) eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) - eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings)
# Create control keys at first run if [ ! -r "/etc/unbound/unbound_control.key" ]; then @@ -187,17 +199,11 @@ case "$1" in # Update any known forwarding name servers update_forwarders
- # Start Unbound DHCP Lease Bridge unless RFC2136 is used - if [ "${DNS_UPDATE_ENABLED}" != on ]; then - boot_mesg "Starting Unbound DHCP Leases Bridge..." - loadproc /usr/sbin/unbound-dhcp-leases-bridge -d - fi + # Update hosts + update_hosts ;;
stop) - boot_mesg "Stopping Unbound DHCP Leases Bridge..." - killproc /usr/sbin/unbound-dhcp-leases-bridge - boot_mesg "Stopping Unbound DNS Proxy..." killproc /usr/sbin/unbound ;; @@ -210,7 +216,6 @@ case "$1" in
status) statusproc /usr/sbin/unbound - statusproc /usr/sbin/unbound-dhcp-leases-bridge ;;
update-forwarders) diff --git a/src/misc-progs/rebuildhosts.c b/src/misc-progs/rebuildhosts.c index f77c2df..549c653 100644 --- a/src/misc-progs/rebuildhosts.c +++ b/src/misc-progs/rebuildhosts.c @@ -14,16 +14,13 @@ #include <stdio.h> #include <stdlib.h> #include <unistd.h> -#include <fcntl.h> #include <string.h> #include <sys/types.h> #include <sys/stat.h> -#include <signal.h>
#include "setuid.h" #include "netutil.h"
-FILE *fd = NULL; FILE *hosts = NULL; FILE *gw = NULL; struct keyvalue *kv = NULL; @@ -32,8 +29,6 @@ void exithandler(void) { if (kv) freekeyvalues(kv); - if (fd) - fclose(fd); if (hosts) fclose(hosts); if (gw) @@ -42,22 +37,16 @@ void exithandler(void)
int main(int argc, char *argv[]) { - int fdpid; char hostname[STRING_SIZE] = ""; char domainname[STRING_SIZE] = ""; char gateway[STRING_SIZE] = ""; - char buffer[STRING_SIZE]; char address[STRING_SIZE] = ""; - char *active, *ip, *host, *domain; - int pid;
if (!(initsetuid())) exit(1);
atexit(exithandler);
- memset(buffer, 0, STRING_SIZE); - kv = initkeyvalues(); if (!(readkeyvalues(kv, CONFIG_ROOT "/ethernet/settings"))) { @@ -88,17 +77,9 @@ int main(int argc, char *argv[]) fprintf(stderr, "Couldn't open remote-ipaddress file\n"); }
- if (!(fd = fopen(CONFIG_ROOT "/main/hosts", "r"))) - { - fprintf(stderr, "Couldn't open main hosts file\n"); - exit(1); - } - if (!(hosts = fopen("/etc/hosts", "w"))) { fprintf(stderr, "Couldn't open /etc/hosts file\n"); - fclose(fd); - fd = NULL; exit(1); } fprintf(hosts, "127.0.0.1\tlocalhost\n"); @@ -110,65 +91,5 @@ int main(int argc, char *argv[]) if (strlen(gateway) > 0) fprintf(hosts, "%s\tgateway\n", gateway);
- while (fgets(buffer, STRING_SIZE, fd)) - { - buffer[strlen(buffer) - 1] = 0; - if (buffer[0]==',') continue; /* disabled if empty field */ - active = strtok(buffer, ","); - if (strcmp(active, "off")==0) continue; /* or 'off' */ - - ip = strtok(NULL, ","); - host = strtok(NULL, ","); - domain = strtok(NULL, ","); - - if (!(ip && host)) - continue; // bad line ? skip - - if (!VALID_IP(ip)) - { - fprintf(stderr, "Bad IP: %s\n", ip); - continue; /* bad ip, skip */ - } - - if (strspn(host, LETTERS_NUMBERS "-") != strlen(host)) - { - fprintf(stderr, "Bad Host: %s\n", host); - continue; /* bad name, skip */ - } - - if (domain) - fprintf(hosts, "%s\t%s.%s\t%s\n",ip,host,domain,host); - else - fprintf(hosts, "%s\t%s\n",ip,host); - } - fclose(fd); - fd = NULL; - fclose(hosts); - hosts = NULL; - - if ((fdpid = open("/var/run/dnsmasq.pid", O_RDONLY)) == -1) - { - fprintf(stderr, "Couldn't open pid file\n"); - exit(1); - } - if (read(fdpid, buffer, STRING_SIZE - 1) == -1) - { - fprintf(stderr, "Couldn't read from pid file\n"); - close(fdpid); - exit(1); - } - close(fdpid); - pid = atoi(buffer); - if (pid <= 1) - { - fprintf(stderr, "Bad pid value\n"); - exit(1); - } - if (kill(pid, SIGHUP) == -1) - { - fprintf(stderr, "Unable to send SIGHUP\n"); - exit(1); - } - return 0; }
hooks/post-receive -- IPFire 2.x development tree