2 # Copyright (c) 2007-2020 Roy Marples
5 # Redistribution and use in source and binary forms, with or without
6 # modification, are permitted provided that the following conditions
8 # * Redistributions of source code must retain the above copyright
9 # notice, this list of conditions and the following disclaimer.
10 # * Redistributions in binary form must reproduce the above
11 # copyright notice, this list of conditions and the following
12 # disclaimer in the documentation and/or other materials provided
13 # with the distribution.
15 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16 # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17 # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
18 # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
19 # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
20 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
21 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 OPENRESOLV_VERSION="3.12.0"
29 SYSCONFDIR=@SYSCONFDIR@
30 LIBEXECDIR=@LIBEXECDIR@
33 RESTARTCMD=@RESTARTCMD@
35 if [ "$1" = "--version" ]; then
36 echo "openresolv $OPENRESOLV_VERSION"
37 echo "Copyright (c) 2007-2020 Roy Marples"
41 # Disregard dhcpcd setting
42 unset interface_order state_dir
44 # If you change this, change the test in VFLAG and libc.in as well
45 local_nameservers="127.* 0.0.0.0 255.255.255.255 ::1"
47 dynamic_order="tap[0-9]* tun[0-9]* vpn vpn[0-9]* wg[0-9]* ppp[0-9]* ippp[0-9]*"
48 interface_order="lo lo[0-9]*"
49 name_server_blacklist="0.0.0.0"
51 # Support original resolvconf configuration layout
52 # as well as the openresolv config file
53 if [ -f "$SYSCONFDIR"/resolvconf.conf ]; then
54 . "$SYSCONFDIR"/resolvconf.conf
55 [ -n "$state_dir" ] && VARDIR="$state_dir"
56 elif [ -d "$SYSCONFDIR/resolvconf" ]; then
57 SYSCONFDIR="$SYSCONFDIR/resolvconf"
58 if [ -f "$SYSCONFDIR"/interface-order ]; then
59 interface_order="$(cat "$SYSCONFDIR"/interface-order)"
63 IFACEDIR="$VARDIR/interfaces"
64 METRICDIR="$VARDIR/metrics"
65 PRIVATEDIR="$VARDIR/private"
66 EXCLUSIVEDIR="$VARDIR/exclusive"
67 DEPRECATEDDIR="$VARDIR/deprecated"
68 LOCKDIR="$VARDIR/lock"
85 Usage: ${RESOLVCONF##*/} [options] command [argument]
87 Inform the system about any DNS updates.
90 -a \$INTERFACE Add DNS information to the specified interface
91 (DNS supplied via stdin in resolv.conf format)
92 -C \$PATTERN Deprecate DNS information for matched interfaces
93 -c \$PATTERN Configure DNS information for matched interfaces
94 -d \$INTERFACE Delete DNS information from the specified interface
95 -h Show this help cruft
96 -i [\$PATTERN] Show interfaces that have supplied DNS information
97 optionally from interfaces that match the specified
99 -l [\$PATTERN] Show DNS information, optionally from interfaces
100 that match the specified pattern
102 -u Run updates from our current DNS information
103 --version Echo the ${RESOLVCONF##*/} version
106 -f Ignore non existent interfaces
107 -m metric Give the added DNS information a metric
108 -p Mark the interface as private
109 -x Mark the interface as exclusive
111 Subscriber and System Init Commands:
112 -I Init the state dir
113 -r \$SERVICE Restart the system service
114 (restarting a non-existent or non-running service
115 should have no output and return 0)
116 -R Show the system service restart command
117 -v [\$PATTERN] echo NEWDOMAIN, NEWSEARCH and NEWNS variables to
119 -V [\$PATTERN] Same as -v, but only uses configuration in
120 $SYSCONFDIR/resolvconf.conf
122 [ -z "$1" ] && exit 0
127 # Strip any trailing dot from each name as a FQDN does not belong
129 # If you think otherwise, capture a DNS trace and you'll see libc
130 # will strip it regardless.
131 # This also solves setting up duplicate zones in our subscribers.
132 # Also strip any comments denoted by #.
140 printf "%s%s" "$space${word%.}"
151 # Public interfaces override private ones.
152 for p in $public_interfaces; do
154 "$p"|"$p":*) return 1;;
158 if [ -e "$PRIVATEDIR/$iface" ]; then
162 for p in $private_interfaces; do
164 "$p"|"$p":*) return 0;;
168 # Not a private interface
172 # Parse resolv.conf's and make variables
173 # for domain name servers, search name servers and global nameservers
183 while read -r line; do
184 stripped_line="$(resolv_strip ${line#* })"
186 "# resolv.conf from "*)
188 iface="${line#\# resolv.conf from *}"
190 if private_iface "$iface"; then
199 for l in $local_nameservers; do
200 case "$stripped_line" in
208 echo "LOCALNAMESERVERS=\"\$LOCALNAMESERVERS $stripped_line\""
210 ns="$ns$stripped_line "
214 search="$stripped_line"
215 if [ -z "$domain" ]; then
217 echo "DOMAIN=\"$domain\""
221 search="$stripped_line"
224 [ -n "$line" ] && continue
225 if [ -n "$ns" ] && [ -n "$search" ]; then
228 newns="$newns${newns:+,}$n"
232 ds="$ds${ds:+ }$d:$newns"
234 echo "DOMAINS=\"\$DOMAINS $ds\""
236 echo "SEARCH=\"\$SEARCH $search\""
238 echo "NAMESERVERS=\"\$NAMESERVERS $ns\""
251 while [ -n "$1" ]; do
254 *) result="$result $1";;
272 while [ -n "$2" ]; do
282 [ -n "$f" ] || continue
284 if [ ! -d "$d" ]; then
285 mkdir -p "$d" || return $?
291 # With the advent of alternative init systems, it's possible to have
292 # more than one installed. So we need to try and guess what one we're
293 # using unless overridden by configure.
294 # Note that restarting a service is a last resort - the subscribers
295 # should make a reasonable attempt to reconfigure the service via some
296 # method, normally SIGHUP.
299 [ -n "$RESTARTCMD" ] && return 0
301 # Detect the running init system.
302 # As systemd and OpenRC can be installed on top of legacy init
303 # systems we try to detect them first.
306 if [ -x /bin/systemctl ] && [ -S /run/systemd/private ]; then
308 if /bin/systemctl --quiet is-active $1.service
310 /bin/systemctl restart $1.service
312 elif [ -x /usr/bin/systemctl ] && [ -S /run/systemd/private ]; then
314 if /usr/bin/systemctl --quiet is-active $1.service
316 /usr/bin/systemctl restart $1.service
318 elif [ -x /sbin/rc-service ] &&
319 { [ -s /libexec/rc/init.d/softlevel ] ||
320 [ -s /run/openrc/softlevel ]; }
322 RESTARTCMD='/sbin/rc-service -i $1 -- -Ds restart'
323 elif [ -x /usr/sbin/invoke-rc.d ]; then
326 if /usr/sbin/invoke-rc.d --quiet $1 status >/dev/null 2>&1
328 /usr/sbin/invoke-rc.d $1 restart
330 elif [ -x /sbin/service ]; then
334 if /sbin/service $1; then
335 /sbin/service $1 restart
337 elif [ -x /usr/sbin/service ]; then
340 if /usr/sbin/service \$1 $status >/dev/null 2>&1
342 /usr/sbin/service \$1 restart
344 elif [ -x /bin/sv ]; then
345 RESTARTCMD='/bin/sv status $1 >/dev/null 2>&1 &&
346 /bin/sv try-restart $1'
347 elif [ -x /usr/bin/sv ]; then
348 RESTARTCMD='/usr/bin/sv status $1 >/dev/null 2>&1 &&
349 /usr/bin/sv try-restart $1'
350 elif [ -e /etc/arch-release ] && [ -d /etc/rc.d ]; then
353 if [ -e /var/run/daemons/$1 ]
357 elif [ -e /etc/slackware-version ] && [ -d /etc/rc.d ]; then
359 if /etc/rc.d/rc.$1 status >/dev/null 2>&1
361 /etc/rc.d/rc.$1 restart
363 elif [ -e /etc/rc.d/rc.subr ] && [ -d /etc/rc.d ]; then
366 if /etc/rc.d/$1 check >/dev/null 2>&1
370 elif [ -d /etc/dinit.d ] && command -v dinitctl >/dev/null 2>&1; then
371 RESTARTCMD='dinitctl --quiet restart --ignore-unstarted $1'
373 for x in /etc/init.d/rc.d /etc/rc.d /etc/init.d; do
374 [ -d $x ] || continue
376 if $x/\$1 $status >/dev/null 2>&1
384 if [ -z "$RESTARTCMD" ]; then
385 if [ "$_NOINIT_WARNED" != true ]; then
386 warn "could not detect a useable init system"
399 [ -n "$1" ] && [ -f "$IFACEDIR/$1" ] || return 1
400 echo "# resolv.conf from $1"
401 # Our variable maker works of the fact each resolv.conf per interface
402 # is separated by blank lines.
403 # So we remove them when echoing them.
404 while read -r line; do
406 if [ -n "$line" ]; then
407 # We need to set IFS here to preserve any whitespace
409 printf "%s\n" "$line"
411 done < "$IFACEDIR/$1"
415 deprecated_interface()
417 [ -d "$DEPRECATEDDIR" ] || return 1
422 [ -f "$daf" ] || continue
433 [ -d "$IFACEDIR" ] || return 0
442 case "$IF_EXCLUSIVE" in
443 [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
445 if [ -d "$EXCLUSIVEDIR" ]; then
455 for i in $inclusive_interfaces; do
456 if [ -f "$i" ] && [ "$list" = "$i" ]; then
465 # If we have an interface ordering list, then use that.
466 # It works by just using pathname expansion in the interface directory.
469 $force || report=true
473 for i in $interface_order; do
474 [ -f "$i" ] && list="$list $i"
475 for ii in "$i":* "$i".*; do
476 [ -f "$ii" ] && list="$list $ii"
480 for i in $dynamic_order; do
481 if [ -e "$i" ] && ! [ -e "$METRICDIR/"*" $i" ]; then
484 for ii in "$i":* "$i".*; do
485 if [ -f "$ii" ] && ! [ -e "$METRICDIR/"*" $ii" ]
492 # Interfaces have an implicit metric of 0 if not specified.
494 if [ -f "$i" ] && ! [ -e "$METRICDIR/"*" $i" ]; then
499 if [ -d "$METRICDIR" ]; then
502 [ -f "$i" ] && list="$list ${i#* }"
506 # Move deprecated interfaces to the back
510 if deprecated_interface "$i"; then
511 deprecated="$deprecated $i"
516 list="$active $deprecated"
521 for i in $(uniqify $list); do
522 # Only list interfaces which we really have
523 if ! [ -f "$i" ]; then
525 echo "No resolv.conf for interface $i" >&2
531 if ! $ALLIFACES; then
532 if [ -n "$allow_interfaces" ]; then
534 for j in $allow_interfaces; do
535 if [ "$i" = "$j" ]; then
541 for j in $deny_interfaces; do
542 if [ "$i" = "$j" ]; then
548 if [ "$cmd" = i ] || [ "$cmd" = "-i" ]; then
551 echo_resolv "$i" && echo
553 [ $? = 0 ] && [ "$retval" = 1 ] && retval=0
555 [ "$cmd" = i ] || [ "$cmd" = "-i" ] && echo
561 [ -z "$2" ] && return 0
577 retval=$(($retval + 1))
589 echo "# Generated by resolvconf"
590 if [ -n "$search_domains" ]; then
591 echo "search $search_domains"
593 for n in $name_servers; do
601 echo "# Generated by resolvconf"
602 if [ -n "$search_domains_append" ]; then
603 echo "search $search_domains_append"
605 for n in $name_servers_append; do
613 while read -r keyword value; do
614 for r in $replace; do
629 for sub in $value; do
630 for r in $replace_sub; do
644 val="$val${val:+ }$sub"
646 printf "%s %s\n" "$keyword" "$val"
659 if [ -n "${name_servers}${search_domains}" ]; then
660 eval "$(echo_prepend | parse_resolv)"
662 if [ -z "$VFLAG" ]; then
664 list_resolv -i "$@" >/dev/null || IF_EXCLUSIVE=0
665 eval "$(list_resolv -l "$@" | replace | parse_resolv)"
667 if [ -n "${name_servers_append}${search_domains_append}" ]; then
668 eval "$(echo_append | parse_resolv)"
671 # Ensure that we only list each domain once
673 for d in $DOMAINS; do
675 list_remove domain_blacklist "$dn" >/dev/null || continue
676 case " $newdomains" in
677 *" ${dn}:"*) continue;;
680 for nd in $DOMAINS; do
681 if [ "$dn" = "${nd%%:*}" ]; then
683 while [ -n "$ns" ]; do
686 *) list_remove name_server_blacklist \
687 "${ns%%,*}" >/dev/null \
688 && newns="$newns${newns:+,}${ns%%,*}";;
690 [ "$ns" = "${ns#*,}" ] && break
695 if [ -n "$newns" ]; then
696 newdomains="$newdomains${newdomains:+ }$dn:$newns"
699 DOMAIN="$(list_remove domain_blacklist $DOMAIN)"
700 SEARCH="$(uniqify $SEARCH)"
701 SEARCH="$(list_remove domain_blacklist $SEARCH)"
702 NAMESERVERS="$(uniqify $NAMESERVERS)"
703 NAMESERVERS="$(list_remove name_server_blacklist $NAMESERVERS)"
704 LOCALNAMESERVERS="$(uniqify $LOCALNAMESERVERS)"
705 LOCALNAMESERVERS="$(list_remove name_server_blacklist $LOCALNAMESERVERS)"
706 echo "DOMAIN='$DOMAIN'"
707 echo "SEARCH='$SEARCH'"
708 echo "NAMESERVERS='$NAMESERVERS'"
709 echo "LOCALNAMESERVERS='$LOCALNAMESERVERS'"
710 echo "DOMAINS='$newdomains'"
715 while getopts a:C:c:Dd:fhIilm:pRruvVx OPT; do
719 m) IF_METRIC="$OPTARG";;
723 if [ "$local_nameservers" = \
724 "127.* 0.0.0.0 255.255.255.255 ::1" ]
731 *) cmd="$OPT"; iface="$OPTARG";;
734 shift $(($OPTIND - 1))
735 args="$iface${iface:+ }$*"
737 # -I inits the state dir
738 if [ "$cmd" = I ]; then
739 if [ -d "$VARDIR" ]; then
745 # -D ensures that the listed config file base dirs exist
746 if [ "$cmd" = D ]; then
751 # -l lists our resolv files, optionally for a specific interface
752 if [ "$cmd" = l ] || [ "$cmd" = i ]; then
754 list_resolv "$cmd" "$args"
759 # Restart a service or echo the command to restart a service
760 if [ "$cmd" = r ] || [ "$cmd" = R ]; then
761 detect_init || exit 1
762 if [ "$cmd" = r ]; then
767 sed -e '/^$/d' -e 's/^ //g'
772 # Not normally needed, but subscribers should be able to run independently
773 if [ "$cmd" = v ] || [ -n "$VFLAG" ]; then
778 # Test that we have valid options
781 if [ -z "$iface" ]; then
782 error_exit "Interface not specified"
787 if [ -n "$cmd" ] && [ "$cmd" != h ]; then
788 error_exit "Unknown option $cmd"
794 if [ "$cmd" = a ]; then
795 for x in '/' \\ ' ' '*'; do
797 *[$x]*) error_exit "$x not allowed in interface name";;
800 for x in '.' '-' '~'; do
803 "$x not allowed at start of interface name";;
806 [ "$cmd" = a ] && [ -t 0 ] && error_exit "No file given via stdin"
809 if [ ! -d "$VARDIR" ]; then
810 if [ -L "$VARDIR" ]; then
811 dir="$(readlink "$VARDIR")"
812 # link maybe relative
814 if ! mkdir -m 0755 -p "$dir"; then
815 error_exit "Failed to create needed" \
819 if ! mkdir -m 0755 -p "$VARDIR"; then
820 error_exit "Failed to create needed" \
826 if [ ! -d "$IFACEDIR" ]; then
827 mkdir -m 0755 -p "$IFACEDIR" || \
828 error_exit "Failed to create needed directory $IFACEDIR"
829 if [ "$cmd" = d ]; then
830 # Provide the same error messages as below
834 warn "No resolv.conf for interface $i"
842 # An interface was added, changed, deleted or a general update was called.
843 # Due to exclusivity we need to ensure that this is an atomic operation.
844 # Our subscribers *may* need this as well if the init system is sub par.
845 # As such we spinlock at this point as best we can.
846 # We don't use flock(1) because it's not widely available and normally resides
847 # in /usr which we do our very best to operate without.
848 [ -w "$VARDIR" ] || error_exit "Cannot write to $LOCKDIR"
849 : ${lock_timeout:=10}
854 if mkdir "$LOCKDIR" 2>/dev/null; then
855 trap 'rm -rf "$LOCKDIR";' EXIT
856 trap 'rm -rf "$LOCKDIR"; exit 1' INT QUIT ABRT SEGV ALRM TERM
857 echo $$ >"$LOCKDIR/pid"
860 pid=$(cat "$LOCKDIR/pid" 2>/dev/null)
861 if [ "$pid" -gt 0 ] 2>/dev/null; then
866 clear_nopids=$(($clear_nopids - 1))
867 if [ "$clear_nopids" -le 0 ]; then
868 warn "not seen a pid, clearing lock directory"
871 lock_timeout=$(($lock_timeout - 1))
876 if $have_pid && ! kill -0 "$pid"; then
877 warn "clearing stale lock pid $pid"
881 lock_timeout=$(($lock_timeout - 1))
882 if [ "$lock_timeout" -le 0 ]; then
884 error_exit "timed out waiting for lock from pid $pid"
887 error_exit "timed out waiting for lock" \
890 error_exit "timed out waiting for lock"
896 unset have_pid had_pid clear_nopids
900 # Read resolv.conf from stdin
904 # If what we are given matches what we have, then do nothing
905 if [ -e "$IFACEDIR/$iface" ]; then
906 if [ "$(echo "$resolv")" != \
907 "$(cat "$IFACEDIR/$iface")" ]
917 # Set metric and private before creating the interface resolv.conf file
918 # to ensure that it will have the correct flags
919 [ ! -d "$METRICDIR" ] && mkdir "$METRICDIR"
920 oldmetric="$METRICDIR/"*" $iface"
922 if [ -n "$IF_METRIC" ]; then
923 # Pad metric to 6 characters, so 5 is less than 10
924 while [ ${#IF_METRIC} -le 6 ]; do
925 IF_METRIC="0$IF_METRIC"
927 newmetric="$METRICDIR/$IF_METRIC $iface"
929 rm -f "$METRICDIR/"*" $iface"
930 [ "$oldmetric" != "$newmetric" ] &&
931 [ "$oldmetric" != "$METRICDIR/* $iface" ] &&
933 [ -n "$newmetric" ] && echo " " >"$newmetric"
935 case "$IF_PRIVATE" in
936 [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
937 if [ ! -d "$PRIVATEDIR" ]; then
938 [ -e "$PRIVATEDIR" ] && rm "$PRIVATEDIR"
941 [ -e "$PRIVATEDIR/$iface" ] || changed=true
942 [ -d "$PRIVATEDIR" ] && echo " " >"$PRIVATEDIR/$iface"
945 if [ -e "$PRIVATEDIR/$iface" ]; then
946 rm -f "$PRIVATEDIR/$iface"
953 for x in "$EXCLUSIVEDIR/"*" $iface"; do
959 case "$IF_EXCLUSIVE" in
960 [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
961 if [ ! -d "$EXCLUSIVEDIR" ]; then
962 [ -e "$EXCLUSIVEDIR" ] && rm "$EXCLUSIVEDIR"
963 mkdir "$EXCLUSIVEDIR"
969 if [ "${x#* }" != "$iface" ]; then
970 if [ "$x" = "${x% *}" ]; then
975 if [ "$x" = "0000000" ]; then
976 warn "exclusive underflow"
980 if [ -d "$EXCLUSIVEDIR" ]; then
981 echo " " >"$EXCLUSIVEDIR/$x $iface"
987 if [ -f "$oldexcl" ]; then
994 if $changedfile; then
995 printf "%s\n" "$resolv" >"$IFACEDIR/$iface" || exit $?
996 elif ! $changed; then
999 unset changed changedfile oldmetric newmetric x oldexcl
1003 # Delete any existing information about the interface
1007 if [ -e "$i" ]; then
1009 elif ! ${force}; then
1010 warn "No resolv.conf for interface $i"
1012 rm -f "$i" "$METRICDIR/"*" $i" \
1014 "$EXCLUSIVEDIR/"*" $i" || exit $?
1018 # Set the return code based on the forced flag
1026 # Mark interface as deprecated
1027 [ ! -d "$DEPRECATEDDIR" ] && mkdir "$DEPRECATEDDIR"
1031 if [ ! -e "$i" ]; then
1033 echo " " >"$i" || exit $?
1041 # Mark interface as active
1042 if [ -d "$DEPRECATEDDIR" ]; then
1046 if [ -e "$i" ]; then
1057 case "${resolvconf:-YES}" in
1058 [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;;
1062 # Try and detect a suitable init system for our scripts
1064 export RESTARTCMD RCDIR _NOINIT_WARNED
1067 export RESOLVCONF DOMAINS SEARCH NAMESERVERS LOCALNAMESERVERS
1068 : ${list_resolv:=list_resolv -l}
1071 # Run scripts in the same directory resolvconf is run from
1072 # in case any scripts accidentally dump files in the wrong place.
1074 for script in "$LIBEXECDIR"/*; do
1075 if [ -f "$script" ]; then
1076 eval script_enabled="\$${script##*/}"
1077 case "${script_enabled:-YES}" in
1078 [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) ;;
1081 if [ -x "$script" ]; then
1082 "$script" "$cmd" "$iface"
1084 (set -- "$cmd" "$iface"; . "$script")
1086 retval=$(($retval + $?))