-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/11/10 17:33, Jesse Young wrote:
> Signed-off-by: Jesse Young <jesse.yo...@gmail.com>
> ---
> contrib/pull-resolv-conf/client.down | 5 +++--
> contrib/pull-resolv-conf/client.up | 5 +++--
> 2 files changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/contrib/pull-resolv-conf/client.down
> b/contrib/pull-resolv-conf/client.down
> index 38c585b..05f2d4d 100644
> --- a/contrib/pull-resolv-conf/client.down
> +++ b/contrib/pull-resolv-conf/client.down
> @@ -34,9 +34,10 @@
> # A horrid work around, from a security perspective,
> # is to run OpenVPN as root. THIS IS NOT RECOMMENDED. You have
> # been WARNED.
> +PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin
>
> -if [ -x /sbin/resolvconf ] ; then
> - /sbin/resolvconf -d "${1}"
> +if type resolvconf >/dev/null 2>&1; then
Hi and thank you for your patch!
Even though I do see that this approach is much cleaner. Hardcoded
paths is not ideal. But I am not sure I like this way of test. It
works probably fine on up-to-date systems, but will it run on all most
bash versions? We must consider that there are some old systems with
older bash installations which we might break.
I'd rather see a similar patch which checks the exit code instead of
something more undefined like this approach. Also for clarity in the
code of what we expect or not.
kind regards,
David Sommerseth
> + resolvconf -d "${1}" -f
> elif [ -e /etc/resolv.conf.ovpnsave ] ; then
> # cp + rm rather than mv in case it's a symlink
> cp /etc/resolv.conf.ovpnsave /etc/resolv.conf
> diff --git a/contrib/pull-resolv-conf/client.up
> b/contrib/pull-resolv-conf/client.up
> index e81bd3a..b28d4d1 100644
> --- a/contrib/pull-resolv-conf/client.up
> +++ b/contrib/pull-resolv-conf/client.up
> @@ -33,6 +33,7 @@
> # A horrid work around, from a security perspective,
> # is to run OpenVPN as root. THIS IS NOT RECOMMENDED. You have
> # been WARNED.
> +PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin
>
> # init variables
>
> @@ -86,8 +87,8 @@ fi
> out="# resolv.conf autogenerated by ${0}
> (${1})${nl}${dns}${nl}${ds}${domains}"
>
> # use resolvconf if it's available
> -if [ -x /sbin/resolvconf ] ; then
> - printf "%s\n" "${out}" | /sbin/resolvconf -a "${1}"
> +if type resolvconf >/dev/null 2>&1; then
> + printf "%s\n" "${out}" | resolvconf -p -a "${1}"
> else
> # Preserve the existing resolv.conf
> if [ -e /etc/resolv.conf ] ; then
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkzbKc8ACgkQDC186MBRfroIxgCdG+GexMR06qTHB4HvDsNtK1eK
10cAnikZC4ppKb62udCCR3Lx/5VeEzVi
=6aYB
-----END PGP SIGNATURE-----
