#!/bin/sh # Copyright (c) 2007-2023 Roy Marples # All rights reserved # libc subscriber for resolvconf # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above # copyright notice, this list of conditions and the following # disclaimer in the documentation and/or other materials provided # with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. SYSCONFDIR=@SYSCONFDIR@ LIBEXECDIR=@LIBEXECDIR@ VARDIR=@VARDIR@ IFACEDIR="$VARDIR/interfaces" NL=" " # sed may not be available, and this is faster on small files key_get_value() { key="$1" shift if [ $# -eq 0 ]; then while read -r line; do case "$line" in "$key"*) echo "${line##$key}";; esac done else for x do while read -r line; do case "$line" in "$key"*) echo "${line##$key}";; esac done < "$x" done fi } keys_remove() { while read -r line; do found=false for key do case "$line" in "$key"*|"#"*|" "*|" "*|"") found=true;; esac $found && break done $found || echo "$line" done } local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1" # Support original resolvconf configuration layout # as well as the openresolv config file if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then . "$SYSCONFDIR"/resolvconf.conf elif [ -d "$SYSCONFDIR"/resolvconf ]; then SYSCONFDIR="$SYSCONFDIR/resolvconf" base="$SYSCONFDIR/resolv.conf.d/base" if [ -f "$base" ]; then prepend_nameservers="$(key_get_value "nameserver " "$base")" domain="$(key_get_value "domain " "$base")" prepend_search="$(key_get_value "search " "$base")" resolv_conf_options="$(key_get_value "options " "$base")" resolv_conf_sortlist="$(key_get_value "sortlist " "$base")" fi if [ -f "$SYSCONFDIR"/resolv.conf.d/head ]; then resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.d/head)" fi if [ -f "$SYSCONFDIR"/resolv.conf.d/tail ]; then resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.d/tail)" fi fi : ${resolv_conf:=/etc/resolv.conf} : ${resolv_conf_tmp:="$resolv_conf.$$.openresolv"} : ${libc_service:=nscd} : ${list_resolv:=@SBINDIR@/resolvconf -l} if [ "${resolv_conf_head-x}" = x ] && [ -f "$SYSCONFDIR"/resolv.conf.head ] then resolv_conf_head="$(cat "${SYSCONFDIR}"/resolv.conf.head)" fi if [ "${resolv_conf_tail-x}" = x ] && [ -f "$SYSCONFDIR"/resolv.conf.tail ] then resolv_conf_tail="$(cat "$SYSCONFDIR"/resolv.conf.tail)" fi backup=true signature="# Generated by resolvconf" uniqify() { result= while [ -n "$1" ]; do case " $result " in *" $1 "*);; *) result="$result $1";; esac shift done echo "${result# *}" } case "${resolv_conf_passthrough:-NO}" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) backup=false newest= for conf in "$IFACEDIR"/*; do if [ -z "$newest" ] || [ "$conf" -nt "$newest" ]; then newest="$conf" fi done [ -z "$newest" ] && exit 0 newconf="$(cat "$newest")$NL" ;; /dev/null|[Nn][Uu][Ll][Ll]) : ${resolv_conf_local_only:=NO} if [ "$local_nameservers" = "127.* 0.0.0.0 255.255.255.255 ::1" ]; then local_nameservers= fi # Need to overwrite our variables. eval "$(@SBINDIR@/resolvconf -V)" ;; *) [ -z "$RESOLVCONF" ] && eval "$(@SBINDIR@/resolvconf -v)" ;; esac case "${resolv_conf_passthrough:-NO}" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;; *) : ${domain:=$DOMAIN} newsearch="$(uniqify $prepend_search $SEARCH $append_search)" NS="$LOCALNAMESERVERS $NAMESERVERS" newns= gotlocal=false for n in $(uniqify $prepend_nameservers $NS $append_nameservers); do add=true islocal=false for l in $local_nameservers; do case "$n" in $l) islocal=true; gotlocal=true; break;; esac done if ! $islocal; then case "${resolv_conf_local_only:-YES}" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) $gotlocal && add=false;; esac fi $add && newns="$newns $n" done # Hold our new resolv.conf in a variable to save on temporary files newconf="$signature$NL" if [ -n "$resolv_conf_head" ]; then newconf="$newconf$resolv_conf_head$NL" fi [ -n "$domain" ] && newconf="${newconf}domain $domain$NL" if [ -n "$newsearch" ] && [ "$newsearch" != "$domain" ]; then newconf="${newconf}search $newsearch$NL" fi for n in $newns; do newconf="${newconf}nameserver $n$NL" done # Now add anything we don't care about such as sortlist and options stuff="$($list_resolv | keys_remove nameserver domain search)" if [ -n "$stuff" ]; then newconf="$newconf$stuff$NL" fi # Append any user defined ones if [ -n "$resolv_conf_options" ]; then newconf="${newconf}options $resolv_conf_options$NL" fi if [ -n "$resolv_conf_sortlist" ]; then newconf="${newconf}sortlist $resolv_conf_sortlist$NL" fi if [ -n "$resolv_conf_tail" ]; then newconf="$newconf$resolv_conf_tail$NL" fi ;; esac # Check if the file has actually changed or not if [ -e "$resolv_conf" ]; then [ "$(cat "$resolv_conf")" = "$(printf %s "$newconf")" ] && exit 0 fi # Change is good. # If the old file does not have our signature, back it up. # If the new file just has our signature, restore the backup. if $backup; then if [ "$newconf" = "$signature$NL" ]; then if [ -e "$resolv_conf.bak" ]; then newconf="$(cat "$resolv_conf.bak")$NL" fi elif [ -e "$resolv_conf" ]; then read line <"$resolv_conf" if [ "$line" != "$signature" ]; then cp "$resolv_conf" "$resolv_conf.bak" fi fi fi # There are pros and cons for writing directly to resolv.conf # instead of a temporary file and then moving it over. # The default is to write to resolv.conf as it has the least # issues and has been the long standing default behaviour. case "${resolv_conf_mv:-NO}" in [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) # Protect against symlink attack, ensure new file does not exist rm -f "$resolv_conf_tmp" # Keep original file owner, group and mode [ -r "$resolv_conf" ] && cp -p "$resolv_conf" "$resolv_conf_tmp" # Create our resolv.conf now if (umask 022; printf %s "$newconf" >"$resolv_conf_tmp"); then mv "$resolv_conf_tmp" "$resolv_conf" fi ;; *) (umask 022; printf %s "$newconf" >"$resolv_conf") ;; esac if [ -n "$libc_restart" ]; then eval $libc_restart elif [ -n "$RESTARTCMD" ]; then set -- ${libc_service} eval "$RESTARTCMD" else @SBINDIR@/resolvconf -r ${libc_service} fi retval=0 # Notify users of the resolver for script in "$LIBEXECDIR"/libc.d/*; do if [ -f "$script" ]; then if [ -x "$script" ]; then "$script" "$@" else (. "$script") fi retval=$(($retval + $?)) fi done exit $retval