From: Arne Fitzenreiter <git@ipfire.org>
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 3ec3329dffe9e045c37b1b3d048947bb59cd6fa6
Date: Tue, 16 Jul 2019 18:25:06 +0100 [thread overview]
Message-ID: <20190716172506.D3E8084FDAF@people01.i.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 9129 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 3ec3329dffe9e045c37b1b3d048947bb59cd6fa6 (commit)
from 4a46575628378e447f6aec0771cc4cc0f2743a3a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3ec3329dffe9e045c37b1b3d048947bb59cd6fa6
Author: Arne Fitzenreiter <arne_f(a)ipfire.org>
Date: Tue Jul 16 11:14:41 2019 +0200
unbound: rework dns-forwader handling
add check if red interface has an IPv4 address before test the servers at
red up and simply remove forwarders at down process.
This also fix the hung at dhcpd shutdown.
Signed-off-by: Arne Fitzenreiter <arne_f(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/common/aarch64/initscripts | 2 +-
config/rootfiles/common/armv5tel/initscripts | 2 +-
config/rootfiles/common/i586/initscripts | 2 +-
config/rootfiles/common/x86_64/initscripts | 2 +-
config/rootfiles/core/135/filelists/files | 1 +
config/rootfiles/core/135/update.sh | 1 +
.../networking/red.down/05-remove-dns-forwarders | 4 ++
.../networking/red.down/05-update-dns-forwarders | 4 --
src/initscripts/system/unbound | 44 ++++++++++++++++++++--
9 files changed, 51 insertions(+), 11 deletions(-)
create mode 100644 src/initscripts/networking/red.down/05-remove-dns-forwarders
delete mode 100644 src/initscripts/networking/red.down/05-update-dns-forwarders
Difference in files:
diff --git a/config/rootfiles/common/aarch64/initscripts b/config/rootfiles/common/aarch64/initscripts
index b731a70c1..260a961fe 100644
--- a/config/rootfiles/common/aarch64/initscripts
+++ b/config/rootfiles/common/aarch64/initscripts
@@ -41,7 +41,7 @@ etc/rc.d/init.d/networking/green
etc/rc.d/init.d/networking/orange
etc/rc.d/init.d/networking/red
#etc/rc.d/init.d/networking/red.down
-etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders
+etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders
etc/rc.d/init.d/networking/red.down/10-ipsec
etc/rc.d/init.d/networking/red.down/10-miniupnpd
etc/rc.d/init.d/networking/red.down/10-ovpn
diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts
index b731a70c1..260a961fe 100644
--- a/config/rootfiles/common/armv5tel/initscripts
+++ b/config/rootfiles/common/armv5tel/initscripts
@@ -41,7 +41,7 @@ etc/rc.d/init.d/networking/green
etc/rc.d/init.d/networking/orange
etc/rc.d/init.d/networking/red
#etc/rc.d/init.d/networking/red.down
-etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders
+etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders
etc/rc.d/init.d/networking/red.down/10-ipsec
etc/rc.d/init.d/networking/red.down/10-miniupnpd
etc/rc.d/init.d/networking/red.down/10-ovpn
diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts
index df4f859f1..88ec789bc 100644
--- a/config/rootfiles/common/i586/initscripts
+++ b/config/rootfiles/common/i586/initscripts
@@ -49,7 +49,7 @@ etc/rc.d/init.d/networking/red.down/10-static-routes
etc/rc.d/init.d/networking/red.down/20-firewall
#etc/rc.d/init.d/networking/red.up
etc/rc.d/init.d/networking/red.up/01-conntrack-cleanup
-etc/rc.d/init.d/networking/red.up/05-update-dns-forwarders
+etc/rc.d/init.d/networking/red.up/05-remove-dns-forwarders
etc/rc.d/init.d/networking/red.up/10-miniupnpd
etc/rc.d/init.d/networking/red.up/10-multicast
etc/rc.d/init.d/networking/red.up/10-static-routes
diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts
index df4f859f1..d74fb743b 100644
--- a/config/rootfiles/common/x86_64/initscripts
+++ b/config/rootfiles/common/x86_64/initscripts
@@ -41,7 +41,7 @@ etc/rc.d/init.d/networking/green
etc/rc.d/init.d/networking/orange
etc/rc.d/init.d/networking/red
#etc/rc.d/init.d/networking/red.down
-etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders
+etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders
etc/rc.d/init.d/networking/red.down/10-ipsec
etc/rc.d/init.d/networking/red.down/10-miniupnpd
etc/rc.d/init.d/networking/red.down/10-ovpn
diff --git a/config/rootfiles/core/135/filelists/files b/config/rootfiles/core/135/filelists/files
index 3d868d324..d8df9f65b 100644
--- a/config/rootfiles/core/135/filelists/files
+++ b/config/rootfiles/core/135/filelists/files
@@ -6,6 +6,7 @@ etc/unbound/root.hints
etc/rc.d/helper/azure-setup
etc/rc.d/init.d/cloud-init
etc/rc.d/init.d/functions
+etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders
etc/rc.d/init.d/partresize
etc/rc.d/init.d/unbound
etc/sysctl.conf
diff --git a/config/rootfiles/core/135/update.sh b/config/rootfiles/core/135/update.sh
index 56854d2c9..55f72fc4e 100644
--- a/config/rootfiles/core/135/update.sh
+++ b/config/rootfiles/core/135/update.sh
@@ -35,6 +35,7 @@ done
rm -vf \
/etc/rc.d/init.d/aws \
/etc/rc.d/rcsysinit.d/S74aws
+ /etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders
# Stop services
/etc/init.d/squid stop
diff --git a/src/initscripts/networking/red.down/05-remove-dns-forwarders b/src/initscripts/networking/red.down/05-remove-dns-forwarders
new file mode 100644
index 000000000..671cca9df
--- /dev/null
+++ b/src/initscripts/networking/red.down/05-remove-dns-forwarders
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+# Remove DNS forwarders for unbound
+exec /etc/init.d/unbound remove-forwarders
diff --git a/src/initscripts/networking/red.down/05-update-dns-forwarders b/src/initscripts/networking/red.down/05-update-dns-forwarders
deleted file mode 100644
index 7f35696f5..000000000
--- a/src/initscripts/networking/red.down/05-update-dns-forwarders
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/bash
-
-# Update DNS forwarders for unbound
-exec /etc/init.d/unbound update-forwarders
diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound
index 5d3c5062f..dbcfc951f 100644
--- a/src/initscripts/system/unbound
+++ b/src/initscripts/system/unbound
@@ -41,6 +41,22 @@ read_name_servers() {
done 2>/dev/null | xargs echo
}
+check_red_has_carrier_and_ip() {
+ # Interface configured ?
+ [ ! -e "/var/ipfire/red/iface" ] && return 0;
+
+ # Interface present ?
+ [ ! -e "/sys/class/net/$(</var/ipfire/red/iface)" ] && return 0;
+
+ # has carrier ?
+ [ ! "$(</sys/class/net/$(</var/ipfire/red/iface)/carrier)" = "1" ] && return 0;
+
+ # has ip ?
+ [ "$(ip address show dev $(</var/ipfire/red/iface) | grep "inet")" = "" ] && return 0;
+
+ return 1;
+}
+
config_header() {
echo "# This file is automatically generated and any changes"
echo "# will be overwritten. DO NOT EDIT!"
@@ -48,7 +64,8 @@ config_header() {
}
update_forwarders() {
- if [ "${USE_FORWARDERS}" = "1" -a -e "/var/ipfire/red/iface" -a "$(</sys/class/net/$(</var/ipfire/red/iface)/carrier)" = "1" ]; then
+ check_red_has_carrier_and_ip
+ if [ "${USE_FORWARDERS}" = "1" -a "${?}" = "1" ]; then
local forwarders
local broken_forwarders
@@ -131,6 +148,13 @@ update_forwarders() {
unbound-control -q forward off
}
+remove_forwarders() {
+ enable_dnssec
+ echo "local recursor" > /var/ipfire/red/dns
+ unbound-control -q forward off
+
+}
+
own_hostname() {
local hostname=$(hostname -f)
# 1.1.1.1 is reserved for unused green, skip this
@@ -473,7 +497,8 @@ disable_dnssec() {
fix_time_if_dns_fail() {
# If DNS still not work try to init ntp with
# hardcoded ntp.ipfire.org (81.3.27.46)
- if [ -e "/var/ipfire/red/iface" -a "$(</sys/class/net/$(</var/ipfire/red/iface)/carrier)" = "1" ]; then
+ check_red_has_carrier_and_ip
+ if [ -e "/var/ipfire/red/iface" -a "${?}" = "1" ]; then
host 0.ipfire.pool.ntp.org > /dev/null 2>&1
if [ "${?}" != "0" ]; then
boot_mesg "DNS still not functioning... Trying to sync time with ntp.ipfire.org (81.3.27.46)..."
@@ -807,6 +832,19 @@ case "$1" in
fix_time_if_dns_fail
;;
+ remove-forwarders)
+ # Do not try updating forwarders when unbound is not running
+ if ! pgrep unbound &>/dev/null; then
+ exit 0
+ fi
+
+ remove_forwarders
+
+ unbound-control flush_negative > /dev/null
+ unbound-control flush_bogus > /dev/null
+ ;;
+
+
test-name-server)
ns=${2}
@@ -848,7 +886,7 @@ case "$1" in
;;
*)
- echo "Usage: $0 {start|stop|restart|status|update-forwarders|test-name-server|resolve}"
+ echo "Usage: $0 {start|stop|restart|status|update-forwarders|remove-forwarders|test-name-server|resolve}"
exit 1
;;
esac
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2019-07-16 17:25 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190716172506.D3E8084FDAF@people01.i.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox