[git.ipfire.org] IPFire 2.x development tree branch, next, updated. 077ea717e035aa5fa37ce670957d3312fcaabcf1

[git@ipfire.org]

[-- Attachment #1: Type: text/plain, Size: 14610 bytes --]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  077ea717e035aa5fa37ce670957d3312fcaabcf1 (commit)
       via  811f3d3050c713c9e86572c922734a5f44d70797 (commit)
       via  cc53e7ef230255bbf2ebf6ed6af8206d88206e8e (commit)
       via  36792be6ce3775b86a58e4696f793ead2dc97e7f (commit)
       via  6f5d8f0cce3c8eeab754f00ad2e367ffc83112b2 (commit)
       via  a66c4880d9a43893933bdaf19ca64654a6ebe210 (commit)
      from  266735a12faddf4635d2b3a772c4f4e9a472763c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 077ea717e035aa5fa37ce670957d3312fcaabcf1
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Sep 12 21:14:44 2016 +0100

    unbound+DHCP: Set TTL for local leases to 1m
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit 811f3d3050c713c9e86572c922734a5f44d70797
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Sep 12 21:13:25 2016 +0100

    unbound: Start service after network has been brought up
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit cc53e7ef230255bbf2ebf6ed6af8206d88206e8e
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Sep 12 20:52:51 2016 +0100

    unbound: Restart after local hosts have been modified
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit 36792be6ce3775b86a58e4696f793ead2dc97e7f
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Sep 12 20:46:02 2016 +0100

    DNS: Import local hosts into unbound
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit 6f5d8f0cce3c8eeab754f00ad2e367ffc83112b2
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Sep 12 20:20:08 2016 +0100

    Start unbound+DHCP bridge only when DHCP server is running
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit a66c4880d9a43893933bdaf19ca64654a6ebe210
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Sep 12 20:11:47 2016 +0100

    unbound: Start service at system boot
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 config/rootfiles/common/armv5tel/initscripts |  3 ++
 config/rootfiles/common/i586/initscripts     |  3 ++
 config/rootfiles/common/x86_64/initscripts   |  3 ++
 config/unbound/unbound-dhcp-leases-bridge    |  6 ++-
 html/cgi-bin/hosts.cgi                       |  1 +
 lfs/initscripts                              |  3 ++
 src/initscripts/init.d/dhcp                  | 12 +++++
 src/initscripts/init.d/unbound               | 31 ++++++-----
 src/misc-progs/rebuildhosts.c                | 79 ----------------------------
 9 files changed, 47 insertions(+), 94 deletions(-)

Difference in files:
diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts
index e3d48c2..9b62320 100644
--- a/config/rootfiles/common/armv5tel/initscripts
+++ b/config/rootfiles/common/armv5tel/initscripts
@@ -162,6 +162,7 @@ etc/rc.d/rc0.d/K49cyrus-sasl
 etc/rc.d/rc0.d/K51vnstat
 etc/rc.d/rc0.d/K78snort
 etc/rc.d/rc0.d/K79leds
+etc/rc.d/rc6.d/K79unbound
 etc/rc.d/rc0.d/K80network
 etc/rc.d/rc0.d/K82wlanclient
 #etc/rc.d/rc0.d/K84bluetooth
@@ -182,6 +183,7 @@ etc/rc.d/rc3.d/S15fireinfo
 etc/rc.d/rc3.d/S19smartenabler
 etc/rc.d/rc3.d/S19wlanclient
 etc/rc.d/rc3.d/S20network
+etc/rc.d/rc3.d/S21unbound
 etc/rc.d/rc3.d/S21leds
 etc/rc.d/rc3.d/S24cyrus-sasl
 etc/rc.d/rc3.d/S25random
@@ -211,6 +213,7 @@ etc/rc.d/rc6.d/K49cyrus-sasl
 etc/rc.d/rc6.d/K51vnstat
 etc/rc.d/rc6.d/K78snort
 etc/rc.d/rc6.d/K79leds
+etc/rc.d/rc6.d/K79unbound
 etc/rc.d/rc6.d/K80network
 etc/rc.d/rc6.d/K82wlanclient
 #etc/rc.d/rc6.d/K84bluetooth
diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts
index 8fb1680..9ac1ce4 100644
--- a/config/rootfiles/common/i586/initscripts
+++ b/config/rootfiles/common/i586/initscripts
@@ -164,6 +164,7 @@ etc/rc.d/rc0.d/K49cyrus-sasl
 etc/rc.d/rc0.d/K51vnstat
 etc/rc.d/rc0.d/K78snort
 etc/rc.d/rc0.d/K79leds
+etc/rc.d/rc6.d/K79unbound
 etc/rc.d/rc0.d/K80network
 etc/rc.d/rc0.d/K82wlanclient
 #etc/rc.d/rc0.d/K84bluetooth
@@ -186,6 +187,7 @@ etc/rc.d/rc3.d/S15fireinfo
 etc/rc.d/rc3.d/S19smartenabler
 etc/rc.d/rc3.d/S19wlanclient
 etc/rc.d/rc3.d/S20network
+etc/rc.d/rc3.d/S21unbound
 etc/rc.d/rc3.d/S21leds
 etc/rc.d/rc3.d/S24cyrus-sasl
 etc/rc.d/rc3.d/S25random
@@ -215,6 +217,7 @@ etc/rc.d/rc6.d/K49cyrus-sasl
 etc/rc.d/rc6.d/K51vnstat
 etc/rc.d/rc6.d/K78snort
 etc/rc.d/rc6.d/K79leds
+etc/rc.d/rc6.d/K79unbound
 etc/rc.d/rc6.d/K80network
 etc/rc.d/rc6.d/K82wlanclient
 #etc/rc.d/rc6.d/K84bluetooth
diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts
index 8fb1680..9ac1ce4 100644
--- a/config/rootfiles/common/x86_64/initscripts
+++ b/config/rootfiles/common/x86_64/initscripts
@@ -164,6 +164,7 @@ etc/rc.d/rc0.d/K49cyrus-sasl
 etc/rc.d/rc0.d/K51vnstat
 etc/rc.d/rc0.d/K78snort
 etc/rc.d/rc0.d/K79leds
+etc/rc.d/rc6.d/K79unbound
 etc/rc.d/rc0.d/K80network
 etc/rc.d/rc0.d/K82wlanclient
 #etc/rc.d/rc0.d/K84bluetooth
@@ -186,6 +187,7 @@ etc/rc.d/rc3.d/S15fireinfo
 etc/rc.d/rc3.d/S19smartenabler
 etc/rc.d/rc3.d/S19wlanclient
 etc/rc.d/rc3.d/S20network
+etc/rc.d/rc3.d/S21unbound
 etc/rc.d/rc3.d/S21leds
 etc/rc.d/rc3.d/S24cyrus-sasl
 etc/rc.d/rc3.d/S25random
@@ -215,6 +217,7 @@ etc/rc.d/rc6.d/K49cyrus-sasl
 etc/rc.d/rc6.d/K51vnstat
 etc/rc.d/rc6.d/K78snort
 etc/rc.d/rc6.d/K79leds
+etc/rc.d/rc6.d/K79unbound
 etc/rc.d/rc6.d/K80network
 etc/rc.d/rc6.d/K82wlanclient
 #etc/rc.d/rc6.d/K84bluetooth
diff --git a/config/unbound/unbound-dhcp-leases-bridge b/config/unbound/unbound-dhcp-leases-bridge
index 61bd5d0..06bff2e 100644
--- a/config/unbound/unbound-dhcp-leases-bridge
+++ b/config/unbound/unbound-dhcp-leases-bridge
@@ -30,6 +30,8 @@ import subprocess
 
 import inotify.adapters
 
+LOCAL_TTL = 60
+
 def setup_logging(loglevel=logging.INFO):
 	log = logging.getLogger("dhcp")
 	log.setLevel(loglevel)
@@ -255,10 +257,10 @@ class Lease(object):
 	def rrset(self):
 		return [
 			# Forward record
-			(self.fqdn, "IN A", self.ipaddr),
+			(self.fqdn, LOCAL_TTL, "IN A", self.ipaddr),
 
 			# Reverse record
-			(self.ipaddr, "IN PTR", self.fqdn),
+			(self.ipaddr, LOCAL_TTL, "IN PTR", self.fqdn),
 		]
 
 
diff --git a/html/cgi-bin/hosts.cgi b/html/cgi-bin/hosts.cgi
index e3463d1..41fe8a5 100644
--- a/html/cgi-bin/hosts.cgi
+++ b/html/cgi-bin/hosts.cgi
@@ -462,4 +462,5 @@ sub SortDataFile
 #
 sub BuildConfiguration {
     system '/usr/local/bin/rebuildhosts';
+    system '/usr/local/bin/unboundctrl restart &>/dev/null';
 }
diff --git a/lfs/initscripts b/lfs/initscripts
index 5e2cd24..4369ffe 100644
--- a/lfs/initscripts
+++ b/lfs/initscripts
@@ -127,6 +127,9 @@ $(TARGET) :
 	ln -sf ../init.d/network     /etc/rc.d/rc0.d/K80network
 	ln -sf ../init.d/network     /etc/rc.d/rc3.d/S20network
 	ln -sf ../init.d/network     /etc/rc.d/rc6.d/K80network
+	ln -sf ../init.d/unbound     /etc/rc.d/rc0.d/K79unbound
+	ln -sf ../init.d/unbound     /etc/rc.d/rc3.d/S21unbound
+	ln -sf ../init.d/unbound     /etc/rc.d/rc6.d/K79unbound
 	ln -sf ../init.d/random      /etc/rc.d/rc0.d/K45random
 	ln -sf ../init.d/random      /etc/rc.d/rc3.d/S25random
 	ln -sf ../init.d/random      /etc/rc.d/rc6.d/K45random
diff --git a/src/initscripts/init.d/dhcp b/src/initscripts/init.d/dhcp
index 083a555..2182bc4 100644
--- a/src/initscripts/init.d/dhcp
+++ b/src/initscripts/init.d/dhcp
@@ -7,7 +7,9 @@
 
 . /etc/sysconfig/rc
 . $rc_functions
+
 eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
+eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings)
 
 function flush_chains() {
 	iptables -F DHCPGREENINPUT
@@ -36,6 +38,12 @@ case "$1" in
 		boot_mesg "Starting DHCP Server..."
 		loadproc /usr/sbin/dhcpd -q ${devices}
 
+		# Start Unbound DHCP Lease Bridge unless RFC2136 is used
+		if [ "${DNS_UPDATE_ENABLED}" != on ]; then
+			boot_mesg "Starting Unbound DHCP Leases Bridge..."
+			loadproc /usr/sbin/unbound-dhcp-leases-bridge -d
+		fi
+
 		(sleep 5 && chmod 644 /var/run/dhcpd.pid) & # Fix because silly dhcpd creates its pid with mode 640
 		;;
 
@@ -52,6 +60,9 @@ case "$1" in
 		    echo_ok;
 		    exit 0
 		fi
+
+		boot_mesg "Stopping Unbound DHCP Leases Bridge..."
+		killproc /usr/sbin/unbound-dhcp-leases-bridge
 		;;
 
 	reload)
@@ -67,6 +78,7 @@ case "$1" in
 
 	status)
 		statusproc /usr/sbin/dhcpd
+		statusproc /usr/sbin/unbound-dhcp-leases-bridge
 		;;
 
 	*)
diff --git a/src/initscripts/init.d/unbound b/src/initscripts/init.d/unbound
index f3d35cf..6496265 100644
--- a/src/initscripts/init.d/unbound
+++ b/src/initscripts/init.d/unbound
@@ -3,15 +3,15 @@
 
 # Description : Unbound DNS resolver boot script for IPfire
 # Author      : Marcel Lorenz <marcel.lorenz(a)ipfire.org>
-#
-# Comment     : This init script additional starts the dhcpd watcher daemon
-#               if DNS-Update (RFC2136) in web interface enabled
 
 . /etc/sysconfig/rc
 . ${rc_functions}
 
 USE_FORWARDERS=1
 
+# Cache any local zones for 60 seconds
+LOCAL_TTL=60
+
 # Load optional configuration
 [ -e "/etc/sysconfig/unbound" ] && . /etc/sysconfig/unbound
 
@@ -67,6 +67,19 @@ update_forwarders() {
 	fi
 }
 
+update_hosts() {
+	local enabled address hostname domainname
+
+	while IFS="," read -r enabled address hostname domainname; do
+		[ "${enabled}" = "on" ] || continue
+
+		# Build FQDN
+		local fqdn="${hostname}.${domainname}"
+
+		unbound-control -q local_data "${fqdn} ${LOCAL_TTL} IN A ${address}"
+	done < /var/ipfire/main/hosts
+}
+
 write_interfaces_conf() {
 	(
 		config_header
@@ -169,7 +182,6 @@ get_memory_amount() {
 case "$1" in
 	start)
 		eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
-		eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings)
 
 		# Create control keys at first run
 		if [ ! -r "/etc/unbound/unbound_control.key" ]; then
@@ -187,17 +199,11 @@ case "$1" in
 		# Update any known forwarding name servers
 		update_forwarders
 
-		# Start Unbound DHCP Lease Bridge unless RFC2136 is used
-		if [ "${DNS_UPDATE_ENABLED}" != on ]; then
-			boot_mesg "Starting Unbound DHCP Leases Bridge..."
-			loadproc /usr/sbin/unbound-dhcp-leases-bridge -d
-		fi
+		# Update hosts
+		update_hosts
 		;;
 
 	stop)
-		boot_mesg "Stopping Unbound DHCP Leases Bridge..."
-		killproc /usr/sbin/unbound-dhcp-leases-bridge
-
 		boot_mesg "Stopping Unbound DNS Proxy..."
 		killproc /usr/sbin/unbound
 		;;
@@ -210,7 +216,6 @@ case "$1" in
 
 	status)
 		statusproc /usr/sbin/unbound
-		statusproc /usr/sbin/unbound-dhcp-leases-bridge
 		;;
 
 	update-forwarders)
diff --git a/src/misc-progs/rebuildhosts.c b/src/misc-progs/rebuildhosts.c
index f77c2df..549c653 100644
--- a/src/misc-progs/rebuildhosts.c
+++ b/src/misc-progs/rebuildhosts.c
@@ -14,16 +14,13 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
-#include <fcntl.h>
 #include <string.h>
 #include <sys/types.h>
 #include <sys/stat.h>
-#include <signal.h>
 
 #include "setuid.h"
 #include "netutil.h"
 
-FILE *fd = NULL;
 FILE *hosts = NULL;
 FILE *gw = NULL;
 struct keyvalue *kv = NULL;
@@ -32,8 +29,6 @@ void exithandler(void)
 {
 	if (kv)
 		freekeyvalues(kv);
-	if (fd)
-		fclose(fd);
 	if (hosts)
 		fclose(hosts);
 	if (gw)
@@ -42,22 +37,16 @@ void exithandler(void)
 
 int main(int argc, char *argv[])
 {
-	int fdpid; 
 	char hostname[STRING_SIZE] = "";
 	char domainname[STRING_SIZE] = "";
 	char gateway[STRING_SIZE] = "";
-	char buffer[STRING_SIZE];
 	char address[STRING_SIZE] = "";
-	char *active, *ip, *host, *domain;
-	int pid;
 
 	if (!(initsetuid()))
 		exit(1);
 
 	atexit(exithandler);
 
-	memset(buffer, 0, STRING_SIZE);
-
 	kv = initkeyvalues();
 	if (!(readkeyvalues(kv, CONFIG_ROOT "/ethernet/settings")))
 	{
@@ -88,17 +77,9 @@ int main(int argc, char *argv[])
 		fprintf(stderr, "Couldn't open remote-ipaddress file\n");
 	}
 
-	if (!(fd = fopen(CONFIG_ROOT "/main/hosts", "r")))
-	{
-		fprintf(stderr, "Couldn't open main hosts file\n");
-		exit(1);
-	}
-
 	if (!(hosts = fopen("/etc/hosts", "w")))
 	{
 		fprintf(stderr, "Couldn't open /etc/hosts file\n");
-    		fclose(fd);
-		fd = NULL;
 		exit(1);
 	}
 	fprintf(hosts, "127.0.0.1\tlocalhost\n");
@@ -110,65 +91,5 @@ int main(int argc, char *argv[])
 	if (strlen(gateway) > 0)
 		fprintf(hosts, "%s\tgateway\n", gateway);
 
-	while (fgets(buffer, STRING_SIZE, fd))
-	{
-		buffer[strlen(buffer) - 1] = 0;
-		if (buffer[0]==',') continue;		/* disabled if empty field	*/
-		active = strtok(buffer, ",");
-		if (strcmp(active, "off")==0) continue; /* or 'off'			*/
-		
-		ip = strtok(NULL, ",");
-		host = strtok(NULL, ",");
-		domain = strtok(NULL, ",");
-
-		if (!(ip && host))
-			continue;	// bad line ? skip
-
-		if (!VALID_IP(ip))
-		{
-			fprintf(stderr, "Bad IP: %s\n", ip);
-			continue;       /*  bad ip, skip */
-		}
-
-		if (strspn(host, LETTERS_NUMBERS "-") != strlen(host))
-		{
-			fprintf(stderr, "Bad Host: %s\n", host);
-			continue;       /*  bad name, skip */
-		}
-
-		if (domain)
-			fprintf(hosts, "%s\t%s.%s\t%s\n",ip,host,domain,host);
-		else
-			fprintf(hosts, "%s\t%s\n",ip,host);
-	}
-	fclose(fd);
-	fd = NULL;
-	fclose(hosts);
-	hosts = NULL;
-
-	if ((fdpid = open("/var/run/dnsmasq.pid", O_RDONLY)) == -1)
-	{
-		fprintf(stderr, "Couldn't open pid file\n");
-		exit(1);
-	}
-	if (read(fdpid, buffer, STRING_SIZE - 1) == -1)
-	{
-		fprintf(stderr, "Couldn't read from pid file\n");
-		close(fdpid);
-		exit(1);
-	}
-	close(fdpid);
-	pid = atoi(buffer);
-	if (pid <= 1)
-	{
-		fprintf(stderr, "Bad pid value\n");
-		exit(1);
-	}
-	if (kill(pid, SIGHUP) == -1)
-	{
-		fprintf(stderr, "Unable to send SIGHUP\n");
-		exit(1);
-	}
-
 	return 0;
 }


hooks/post-receive
--
IPFire 2.x development tree