[git.ipfire.org] IPFire 2.x development tree branch, next, updated. 3ec3329dffe9e045c37b1b3d048947bb59cd6fa6

public inbox for ipfire-scm@lists.ipfire.org
 help / color / mirror / Atom feed

* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 3ec3329dffe9e045c37b1b3d048947bb59cd6fa6
@ 2019-07-16 17:25 Arne Fitzenreiter
  0 siblings, 0 replies; only message in thread
From: Arne Fitzenreiter @ 2019-07-16 17:25 UTC (permalink / raw)
  To: ipfire-scm

[-- Attachment #1: Type: text/plain, Size: 9129 bytes --]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  3ec3329dffe9e045c37b1b3d048947bb59cd6fa6 (commit)
      from  4a46575628378e447f6aec0771cc4cc0f2743a3a (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 3ec3329dffe9e045c37b1b3d048947bb59cd6fa6
Author: Arne Fitzenreiter <arne_f(a)ipfire.org>
Date:   Tue Jul 16 11:14:41 2019 +0200

    unbound: rework dns-forwader handling
    
    add check if red interface has an IPv4 address before test the servers at
    red up and simply remove forwarders at down process.
    
    This also fix the hung at dhcpd shutdown.
    
    Signed-off-by: Arne Fitzenreiter <arne_f(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 config/rootfiles/common/aarch64/initscripts        |  2 +-
 config/rootfiles/common/armv5tel/initscripts       |  2 +-
 config/rootfiles/common/i586/initscripts           |  2 +-
 config/rootfiles/common/x86_64/initscripts         |  2 +-
 config/rootfiles/core/135/filelists/files          |  1 +
 config/rootfiles/core/135/update.sh                |  1 +
 .../networking/red.down/05-remove-dns-forwarders   |  4 ++
 .../networking/red.down/05-update-dns-forwarders   |  4 --
 src/initscripts/system/unbound                     | 44 ++++++++++++++++++++--
 9 files changed, 51 insertions(+), 11 deletions(-)
 create mode 100644 src/initscripts/networking/red.down/05-remove-dns-forwarders
 delete mode 100644 src/initscripts/networking/red.down/05-update-dns-forwarders

Difference in files:
diff --git a/config/rootfiles/common/aarch64/initscripts b/config/rootfiles/common/aarch64/initscripts
index b731a70c1..260a961fe 100644
--- a/config/rootfiles/common/aarch64/initscripts
+++ b/config/rootfiles/common/aarch64/initscripts
@@ -41,7 +41,7 @@ etc/rc.d/init.d/networking/green
 etc/rc.d/init.d/networking/orange
 etc/rc.d/init.d/networking/red
 #etc/rc.d/init.d/networking/red.down
-etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders
+etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders
 etc/rc.d/init.d/networking/red.down/10-ipsec
 etc/rc.d/init.d/networking/red.down/10-miniupnpd
 etc/rc.d/init.d/networking/red.down/10-ovpn
diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts
index b731a70c1..260a961fe 100644
--- a/config/rootfiles/common/armv5tel/initscripts
+++ b/config/rootfiles/common/armv5tel/initscripts
@@ -41,7 +41,7 @@ etc/rc.d/init.d/networking/green
 etc/rc.d/init.d/networking/orange
 etc/rc.d/init.d/networking/red
 #etc/rc.d/init.d/networking/red.down
-etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders
+etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders
 etc/rc.d/init.d/networking/red.down/10-ipsec
 etc/rc.d/init.d/networking/red.down/10-miniupnpd
 etc/rc.d/init.d/networking/red.down/10-ovpn
diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts
index df4f859f1..88ec789bc 100644
--- a/config/rootfiles/common/i586/initscripts
+++ b/config/rootfiles/common/i586/initscripts
@@ -49,7 +49,7 @@ etc/rc.d/init.d/networking/red.down/10-static-routes
 etc/rc.d/init.d/networking/red.down/20-firewall
 #etc/rc.d/init.d/networking/red.up
 etc/rc.d/init.d/networking/red.up/01-conntrack-cleanup
-etc/rc.d/init.d/networking/red.up/05-update-dns-forwarders
+etc/rc.d/init.d/networking/red.up/05-remove-dns-forwarders
 etc/rc.d/init.d/networking/red.up/10-miniupnpd
 etc/rc.d/init.d/networking/red.up/10-multicast
 etc/rc.d/init.d/networking/red.up/10-static-routes
diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts
index df4f859f1..d74fb743b 100644
--- a/config/rootfiles/common/x86_64/initscripts
+++ b/config/rootfiles/common/x86_64/initscripts
@@ -41,7 +41,7 @@ etc/rc.d/init.d/networking/green
 etc/rc.d/init.d/networking/orange
 etc/rc.d/init.d/networking/red
 #etc/rc.d/init.d/networking/red.down
-etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders
+etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders
 etc/rc.d/init.d/networking/red.down/10-ipsec
 etc/rc.d/init.d/networking/red.down/10-miniupnpd
 etc/rc.d/init.d/networking/red.down/10-ovpn
diff --git a/config/rootfiles/core/135/filelists/files b/config/rootfiles/core/135/filelists/files
index 3d868d324..d8df9f65b 100644
--- a/config/rootfiles/core/135/filelists/files
+++ b/config/rootfiles/core/135/filelists/files
@@ -6,6 +6,7 @@ etc/unbound/root.hints
 etc/rc.d/helper/azure-setup
 etc/rc.d/init.d/cloud-init
 etc/rc.d/init.d/functions
+etc/rc.d/init.d/networking/red.down/05-remove-dns-forwarders
 etc/rc.d/init.d/partresize
 etc/rc.d/init.d/unbound
 etc/sysctl.conf
diff --git a/config/rootfiles/core/135/update.sh b/config/rootfiles/core/135/update.sh
index 56854d2c9..55f72fc4e 100644
--- a/config/rootfiles/core/135/update.sh
+++ b/config/rootfiles/core/135/update.sh
@@ -35,6 +35,7 @@ done
 rm -vf \
 	/etc/rc.d/init.d/aws \
 	/etc/rc.d/rcsysinit.d/S74aws
+	/etc/rc.d/init.d/networking/red.down/05-update-dns-forwarders
 
 # Stop services
 /etc/init.d/squid stop
diff --git a/src/initscripts/networking/red.down/05-remove-dns-forwarders b/src/initscripts/networking/red.down/05-remove-dns-forwarders
new file mode 100644
index 000000000..671cca9df
--- /dev/null
+++ b/src/initscripts/networking/red.down/05-remove-dns-forwarders
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+# Remove DNS forwarders for unbound
+exec /etc/init.d/unbound remove-forwarders
diff --git a/src/initscripts/networking/red.down/05-update-dns-forwarders b/src/initscripts/networking/red.down/05-update-dns-forwarders
deleted file mode 100644
index 7f35696f5..000000000
--- a/src/initscripts/networking/red.down/05-update-dns-forwarders
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/bash
-
-# Update DNS forwarders for unbound
-exec /etc/init.d/unbound update-forwarders
diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound
index 5d3c5062f..dbcfc951f 100644
--- a/src/initscripts/system/unbound
+++ b/src/initscripts/system/unbound
@@ -41,6 +41,22 @@ read_name_servers() {
 	done 2>/dev/null | xargs echo
 }
 
+check_red_has_carrier_and_ip() {
+	# Interface configured ?
+	[ ! -e "/var/ipfire/red/iface" ] && return 0;
+
+	# Interface present ?
+	[ ! -e "/sys/class/net/$(</var/ipfire/red/iface)" ] && return 0;
+
+	# has carrier ?
+	[ ! "$(</sys/class/net/$(</var/ipfire/red/iface)/carrier)" = "1" ] && return 0;
+
+	# has ip ?
+	[ "$(ip address show dev $(</var/ipfire/red/iface) | grep "inet")" = "" ] && return 0;
+
+	return 1;
+}
+
 config_header() {
 	echo "# This file is automatically generated and any changes"
 	echo "# will be overwritten. DO NOT EDIT!"
@@ -48,7 +64,8 @@ config_header() {
 }
 
 update_forwarders() {
-	if [ "${USE_FORWARDERS}" = "1" -a -e "/var/ipfire/red/iface" -a "$(</sys/class/net/$(</var/ipfire/red/iface)/carrier)" = "1" ]; then
+	check_red_has_carrier_and_ip
+	if [ "${USE_FORWARDERS}" = "1" -a "${?}" = "1" ]; then
 		local forwarders
 		local broken_forwarders
 
@@ -131,6 +148,13 @@ update_forwarders() {
 	unbound-control -q forward off
 }
 
+remove_forwarders() {
+	enable_dnssec
+	echo "local recursor" > /var/ipfire/red/dns
+	unbound-control -q forward off
+
+}
+
 own_hostname() {
 	local hostname=$(hostname -f)
 	# 1.1.1.1 is reserved for unused green, skip this
@@ -473,7 +497,8 @@ disable_dnssec() {
 fix_time_if_dns_fail() {
 	# If DNS still not work try to init ntp with
 	# hardcoded ntp.ipfire.org (81.3.27.46)
-	if [ -e "/var/ipfire/red/iface" -a "$(</sys/class/net/$(</var/ipfire/red/iface)/carrier)" = "1" ]; then
+	check_red_has_carrier_and_ip
+	if [ -e "/var/ipfire/red/iface" -a "${?}" = "1" ]; then
 		host 0.ipfire.pool.ntp.org > /dev/null 2>&1
 		if [ "${?}" != "0" ]; then
 			boot_mesg "DNS still not functioning... Trying to sync time with ntp.ipfire.org (81.3.27.46)..."
@@ -807,6 +832,19 @@ case "$1" in
 		fix_time_if_dns_fail
 		;;
 
+	remove-forwarders)
+		# Do not try updating forwarders when unbound is not running
+		if ! pgrep unbound &>/dev/null; then
+			exit 0
+		fi
+
+		remove_forwarders
+
+		unbound-control flush_negative > /dev/null
+		unbound-control flush_bogus > /dev/null
+		;;
+
+
 	test-name-server)
 		ns=${2}
 
@@ -848,7 +886,7 @@ case "$1" in
 		;;
 
 	*)
-		echo "Usage: $0 {start|stop|restart|status|update-forwarders|test-name-server|resolve}"
+		echo "Usage: $0 {start|stop|restart|status|update-forwarders|remove-forwarders|test-name-server|resolve}"
 		exit 1
 		;;
 esac


hooks/post-receive
--
IPFire 2.x development tree

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2019-07-16 17:25 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-07-16 17:25 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 3ec3329dffe9e045c37b1b3d048947bb59cd6fa6 Arne Fitzenreiter

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox