[OpenWrt-Devel] [PATCH] odhcpd: add network dependent start trigger
Recent (20190207) changes to odhcpd makee it dependent on OpenWrt logical interfaces. Boot time race conditions may make odhcpd binding a challenge. Intermittent or inconsistent problems can occur with DHCP requests until odhcpd is restarted. Change start up scripts to use procd interface triggers such as dnsmasq and others have already. Signed-off-by: Eric Luehrsen --- .../network/services/odhcpd/files/odhcpd.init | 20 +-- 1 file changed, 18 insertions(+), 2 deletions(-) --- a/package/network/services/odhcpd/files/odhcpd.init +++ b/package/network/services/odhcpd/files/odhcpd.init @@ -1,10 +1,20 @@ #!/bin/sh /etc/rc.common -START=35 +START=19 STOP=85 USE_PROCD=1 +boot() { + ODHCPD_BOOT=1 + start "$@" +} + start_service() { + if [ -n "$ODHCPD_BOOT" ] ; then + # odhcpd needs to wait for OpenWrt logical interfaces + return 0 + fi + procd_open_instance procd_set_param command /usr/sbin/odhcpd procd_set_param respawn @@ -17,6 +27,12 @@ reload_service() { service_triggers() { - procd_add_reload_trigger "dhcp" + if [ -n "$ODHCPD_BOOT" ] ; then + # one time trigger at boot to wait for logical interface setup + procd_add_raw_trigger "interface.*.up" 3000 /etc/init.d/odhcpd restart + else + # reload odhcpd also for network reconfiguration + procd_add_reload_trigger "dhcp" "network" + fi } -- 2.20.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 18.06 2/2] dnsmasq: prefer localuse over resolvfile guesswork
> Op 23 feb. 2019, om 03:17 heeft Yousong Zhou het > volgende geschreven: > > This makes it clear that localuse when explicitly specified in the > config will have its final say on whether or not the initscript should > touch /etc/resolv.conf, no matter whatever the result of previous > guesswork would be > > (cherry picked from c17a68cc61a0f8a28e19c7f60b24beaf1a1a402d) > Signed-off-by: Yousong Zhou Tested-by: Paul Oranje > --- > package/network/services/dnsmasq/Makefile | 2 +- > package/network/services/dnsmasq/files/dnsmasq.init | 8 > 2 files changed, 5 insertions(+), 5 deletions(-) > > diff --git a/package/network/services/dnsmasq/Makefile > b/package/network/services/dnsmasq/Makefile > index c50717d091..eff9cfea24 100644 > --- a/package/network/services/dnsmasq/Makefile > +++ b/package/network/services/dnsmasq/Makefile > @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk > > PKG_NAME:=dnsmasq > PKG_VERSION:=2.80 > -PKG_RELEASE:=1.3 > +PKG_RELEASE:=1.4 > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz > PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq > diff --git a/package/network/services/dnsmasq/files/dnsmasq.init > b/package/network/services/dnsmasq/files/dnsmasq.init > index b119981cb8..33ef98ce56 100644 > --- a/package/network/services/dnsmasq/files/dnsmasq.init > +++ b/package/network/services/dnsmasq/files/dnsmasq.init > @@ -733,7 +733,7 @@ dnsmasq_start() > { > local cfg="$1" > local disabled user_dhcpscript > - local resolvfile localuse > + local resolvfile localuse=0 > > config_get_bool disabled "$cfg" disabled 0 > [ "$disabled" -gt 0 ] && return 0 > @@ -883,13 +883,13 @@ dnsmasq_start() > config_get_bool cachelocal "$cfg" cachelocal 1 > > config_get_bool noresolv "$cfg" noresolv 0 > - config_get_bool localuse "$cfg" localuse 0 > if [ "$noresolv" != "1" ]; then > config_get resolvfile "$cfg" resolvfile /tmp/resolv.conf.auto > [ -n "$resolvfile" -a ! -e "$resolvfile" ] && touch > "$resolvfile" > xappend "--resolv-file=$resolvfile" > [ "$resolvfile" = "/tmp/resolv.conf.auto" ] && localuse=1 > fi > + config_get_bool localuse "$cfg" localuse "$localuse" > > config_get hostsfile "$cfg" dhcphostsfile > [ -e "$hostsfile" ] && xappend "--dhcp-hostsfile=$hostsfile" > @@ -1039,13 +1039,13 @@ dnsmasq_start() > dnsmasq_stop() > { > local cfg="$1" > - local noresolv resolvfile localuse > + local noresolv resolvfile localuse=0 > > config_get_bool noresolv "$cfg" noresolv 0 > - config_get_bool localuse "$cfg" localuse 0 > config_get resolvfile "$cfg" "resolvfile" > > [ "$noresolv" = 0 -a "$resolvfile" = "/tmp/resolv.conf.auto" ] && > localuse=1 > + config_get_bool localuse "$cfg" localuse "$localuse" > [ "$localuse" -gt 0 ] && ln -sf "/tmp/resolv.conf.auto" /tmp/resolv.conf > > rm -f ${BASEDHCPSTAMPFILE}.${cfg}.*.dhcp ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 18.06 1/2] dnsmasq: allow using dnsmasq as the sole resolver
> Op 23 feb. 2019, om 03:17 heeft Yousong Zhou het > volgende geschreven: > > Currently it seems impossible to configure /etc/config/dhcp to achieve > the following use case > > - run dnsmasq with no-resolv > - re-generate /etc/resolv.conf with "nameserver 127.0.0.1" > > Before this change, we have to set resolvfile to /tmp/resolv.conf.auto > to achive the 2nd effect above, but setting resolvfile requires noresolv > being false. > > A new boolean option "localuse" is added to indicate that we intend to > use dnsmasq as the local dns resolver. It's false by default and to > align with old behaviour it will be true automatically if resolvfile is > set to /tmp/resolv.conf.auto > > (cherry picked from 2aea1ada65f050d74a064e74466bbe4e8d) > Signed-off-by: Yousong Zhou Tested-by: Paul Oranje > --- > package/network/services/dnsmasq/Makefile | 2 +- > .../services/dnsmasq/files/dnsmasq.init | 30 +-- > 2 files changed, 16 insertions(+), 16 deletions(-) > > diff --git a/package/network/services/dnsmasq/Makefile > b/package/network/services/dnsmasq/Makefile > index e89ad19f5c..c50717d091 100644 > --- a/package/network/services/dnsmasq/Makefile > +++ b/package/network/services/dnsmasq/Makefile > @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk > > PKG_NAME:=dnsmasq > PKG_VERSION:=2.80 > -PKG_RELEASE:=1.2 > +PKG_RELEASE:=1.3 > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz > PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq > diff --git a/package/network/services/dnsmasq/files/dnsmasq.init > b/package/network/services/dnsmasq/files/dnsmasq.init > index 9c922eec6c..b119981cb8 100644 > --- a/package/network/services/dnsmasq/files/dnsmasq.init > +++ b/package/network/services/dnsmasq/files/dnsmasq.init > @@ -731,7 +731,9 @@ dhcp_relay_add() { > > dnsmasq_start() > { > - local cfg="$1" disabled resolvfile user_dhcpscript > + local cfg="$1" > + local disabled user_dhcpscript > + local resolvfile localuse > > config_get_bool disabled "$cfg" disabled 0 > [ "$disabled" -gt 0 ] && return 0 > @@ -881,14 +883,14 @@ dnsmasq_start() > config_get_bool cachelocal "$cfg" cachelocal 1 > > config_get_bool noresolv "$cfg" noresolv 0 > + config_get_bool localuse "$cfg" localuse 0 > if [ "$noresolv" != "1" ]; then > - config_get resolvfile "$cfg" resolvfile "/tmp/resolv.conf.auto" > - # So jail doesn't complain if file missing > - [ -n "$resolvfile" -a \! -e "$resolvfile" ] && touch > "$resolvfile" > + config_get resolvfile "$cfg" resolvfile /tmp/resolv.conf.auto > + [ -n "$resolvfile" -a ! -e "$resolvfile" ] && touch > "$resolvfile" > + xappend "--resolv-file=$resolvfile" > + [ "$resolvfile" = "/tmp/resolv.conf.auto" ] && localuse=1 > fi > > - [ -n "$resolvfile" ] && xappend "--resolv-file=$resolvfile" > - > config_get hostsfile "$cfg" dhcphostsfile > [ -e "$hostsfile" ] && xappend "--dhcp-hostsfile=$hostsfile" > > @@ -1010,7 +1012,7 @@ dnsmasq_start() > mv -f $CONFIGFILE_TMP $CONFIGFILE > mv -f $HOSTFILE_TMP $HOSTFILE > > - [ "$resolvfile" = "/tmp/resolv.conf.auto" ] && { > + [ "$localuse" -gt 0 ] && { > rm -f /tmp/resolv.conf > [ $ADD_LOCAL_DOMAIN -eq 1 ] && [ -n "$DOMAIN" ] && { > echo "search $DOMAIN" >> /tmp/resolv.conf > @@ -1036,17 +1038,15 @@ dnsmasq_start() > > dnsmasq_stop() > { > - local cfg="$1" resolvfile > + local cfg="$1" > + local noresolv resolvfile localuse > > + config_get_bool noresolv "$cfg" noresolv 0 > + config_get_bool localuse "$cfg" localuse 0 > config_get resolvfile "$cfg" "resolvfile" > > - #relink /tmp/resolve.conf only for main instance > - [ "$resolvfile" = "/tmp/resolv.conf.auto" ] && { > - [ -f /tmp/resolv.conf ] && { > - rm -f /tmp/resolv.conf > - ln -s "$resolvfile" /tmp/resolv.conf > - } > - } > + [ "$noresolv" = 0 -a "$resolvfile" = "/tmp/resolv.conf.auto" ] && > localuse=1 > + [ "$localuse" -gt 0 ] && ln -sf "/tmp/resolv.conf.auto" /tmp/resolv.conf > > rm -f ${BASEDHCPSTAMPFILE}.${cfg}.*.dhcp > } ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] build: Activate ASLR PIE by default
On 2/23/19 4:36 PM, Dave Taht wrote: > Hauke Mehrtens writes: > >> On 2/13/19 11:51 PM, Felix Fietkau wrote: >>> On 2019-02-13 23:15, Hauke Mehrtens wrote: This will build all executable as Position Independent Executables (PIE) by default. PIE executable can make full use of Address Space Layout Randomization (ASLR) because all sections can be placed at random offsets of the executed program. This makes it harder to exploit bugs in our binaries. This will increase the size of executable, libraries are already build position independent and their size will not change. This increases the size of the resulting images by about 3% on MIPS BE. I tested this with the default configuration for the lantiq xrx200 target. The size of the initramfs binaries increased by 2.88%: Without PIE: 5.303.716 openwrt-lantiq-xrx200-bt_homehub-v5a-initramfs-kernel.bin With PIE: 5.456.339 openwrt-lantiq-xrx200-bt_homehub-v5a-initramfs-kernel.bin With PIE activated the executable are getting bigger, here are some examples from the lantiq mips_24kc target: Without PIE: 112.309 /bin/opkg 299.061 /bin/busybox 456.549 /usr/sbin/wpad With PIE: 142.496 /bin/opkg (26.87% increase) 388.404 /bin/busybox(29.87% increase) 580.128 /usr/sbin/wpad (27.06% increase) With PIE activated the sections of the binaries are loaded to different offsets for each program instance like shown here: root@OpenWrt:/# cat /proc/self/maps 555c4000-55622000 r-xp 00:02 1030 /bin/busybox 55631000-55632000 r-xp 0005d000 00:02 1030 /bin/busybox 55632000-55633000 rwxp 0005e000 00:02 1030 /bin/busybox 55633000-55634000 rwxp 00:00 0 77ee2000-77f04000 r-xp 00:02 331/lib/libgcc_s.so.1 77f04000-77f05000 r-xp 00012000 00:02 331/lib/libgcc_s.so.1 77f05000-77f06000 rwxp 00013000 00:02 331/lib/libgcc_s.so.1 77f06000-77f9a000 r-xp 00:02 329/lib/libc.so 77fa9000-77fab000 rwxp 00093000 00:02 329/lib/libc.so 77fab000-77fad000 rwxp 00:00 0 7fb26000-7fb47000 rw-p 00:00 0 [stack] 7fefb000-7fefc000 r-xp 00:00 0 7ff0a000-7ff0b000 r--p 00:00 0 [vvar] 7ff0b000-7ff0c000 r-xp 00:00 0 [vdso] root@OpenWrt:/# cat /proc/self/maps 5561d000-5567b000 r-xp 00:02 1030 /bin/busybox 5568a000-5568b000 r-xp 0005d000 00:02 1030 /bin/busybox 5568b000-5568c000 rwxp 0005e000 00:02 1030 /bin/busybox 5568c000-5568d000 rwxp 00:00 0 77e8e000-77eb r-xp 00:02 331/lib/libgcc_s.so.1 77eb-77eb1000 r-xp 00012000 00:02 331/lib/libgcc_s.so.1 77eb1000-77eb2000 rwxp 00013000 00:02 331/lib/libgcc_s.so.1 77eb2000-77f46000 r-xp 00:02 329/lib/libc.so 77f55000-77f57000 rwxp 00093000 00:02 329/lib/libc.so 77f57000-77f59000 rwxp 00:00 0 7fd1c000-7fd3d000 rw-p 00:00 0 [stack] 7fefb000-7fefc000 r-xp 00:00 0 7ff6-7ff61000 r--p 00:00 0 [vvar] 7ff61000-7ff62000 r-xp 00:00 0 [vdso] root@OpenWrt:/# Signed-off-by: Hauke Mehrtens --- I would like to get some comments if we should activate PIE by default. The advantage is that it will be harder to exploit OpenWrt, but on the other hand the binaries are getting bigger. We could also restrict this to some CPU types, but as targets share the binaries it is not really possible to do this based on the target. I am not sure if this should go into the next release or wait for later. This could also break some packages, as it is possible to activate PIE by default for some time many bugs are already fixed, but probably not all of them. >>> I think this is a lot of extra bloat. Maybe we can add a restricted PIE >>> mode where packages can opt-in individually? >> >> So we should probably make it a chose with 3 options: >> 1. No PIE >> 2. Use PIE for exposed binaries >> 3. Use PIE for all binaries > > I hate that we have to make choices like this for space reasons. Option > 2 will help but means attackers will try to go after something else. We could also make this depended n the architecture, I think device with ARM64 or x86 CPU normally also have much RAM and flash, while many MIPS based devices are constrained. > By exposed, you mean "on the network", I guess? Yes with exposed applications I meant exposed from the network like dnsmasq, dropbear and so on. >> Then we need something in addition to the existing PKG_ASLR_PIE we >> already have to deactivate it. >> >> Do we want a generic name like this: >> PKG_CRITICAL >> or something
Re: [OpenWrt-Devel] [PATCH] build: Activate ASLR PIE by default
Hauke Mehrtens writes: > On 2/13/19 11:51 PM, Felix Fietkau wrote: >> On 2019-02-13 23:15, Hauke Mehrtens wrote: >>> This will build all executable as Position Independent Executables (PIE) >>> by default. PIE executable can make full use of Address Space Layout >>> Randomization (ASLR) because all sections can be placed at random >>> offsets of the executed program. This makes it harder to exploit bugs >>> in our binaries. >>> >>> This will increase the size of executable, libraries are already build >>> position independent and their size will not change. >>> >>> This increases the size of the resulting images by about 3% on MIPS BE. >>> I tested this with the default configuration for the lantiq xrx200 >>> target. >>> >>> The size of the initramfs binaries increased by 2.88%: >>> Without PIE: >>> 5.303.716 openwrt-lantiq-xrx200-bt_homehub-v5a-initramfs-kernel.bin >>> With PIE: >>> 5.456.339 openwrt-lantiq-xrx200-bt_homehub-v5a-initramfs-kernel.bin >>> >>> With PIE activated the executable are getting bigger, here are some >>> examples from the lantiq mips_24kc target: >>> >>> Without PIE: >>> 112.309 /bin/opkg >>> 299.061 /bin/busybox >>> 456.549 /usr/sbin/wpad >>> >>> With PIE: >>> 142.496 /bin/opkg (26.87% increase) >>> 388.404 /bin/busybox(29.87% increase) >>> 580.128 /usr/sbin/wpad (27.06% increase) >>> >>> With PIE activated the sections of the binaries are loaded to >>> different offsets for each program instance like shown here: >>> >>> root@OpenWrt:/# cat /proc/self/maps >>> 555c4000-55622000 r-xp 00:02 1030 /bin/busybox >>> 55631000-55632000 r-xp 0005d000 00:02 1030 /bin/busybox >>> 55632000-55633000 rwxp 0005e000 00:02 1030 /bin/busybox >>> 55633000-55634000 rwxp 00:00 0 >>> 77ee2000-77f04000 r-xp 00:02 331/lib/libgcc_s.so.1 >>> 77f04000-77f05000 r-xp 00012000 00:02 331/lib/libgcc_s.so.1 >>> 77f05000-77f06000 rwxp 00013000 00:02 331/lib/libgcc_s.so.1 >>> 77f06000-77f9a000 r-xp 00:02 329/lib/libc.so >>> 77fa9000-77fab000 rwxp 00093000 00:02 329/lib/libc.so >>> 77fab000-77fad000 rwxp 00:00 0 >>> 7fb26000-7fb47000 rw-p 00:00 0 [stack] >>> 7fefb000-7fefc000 r-xp 00:00 0 >>> 7ff0a000-7ff0b000 r--p 00:00 0 [vvar] >>> 7ff0b000-7ff0c000 r-xp 00:00 0 [vdso] >>> root@OpenWrt:/# cat /proc/self/maps >>> 5561d000-5567b000 r-xp 00:02 1030 /bin/busybox >>> 5568a000-5568b000 r-xp 0005d000 00:02 1030 /bin/busybox >>> 5568b000-5568c000 rwxp 0005e000 00:02 1030 /bin/busybox >>> 5568c000-5568d000 rwxp 00:00 0 >>> 77e8e000-77eb r-xp 00:02 331/lib/libgcc_s.so.1 >>> 77eb-77eb1000 r-xp 00012000 00:02 331/lib/libgcc_s.so.1 >>> 77eb1000-77eb2000 rwxp 00013000 00:02 331/lib/libgcc_s.so.1 >>> 77eb2000-77f46000 r-xp 00:02 329/lib/libc.so >>> 77f55000-77f57000 rwxp 00093000 00:02 329/lib/libc.so >>> 77f57000-77f59000 rwxp 00:00 0 >>> 7fd1c000-7fd3d000 rw-p 00:00 0 [stack] >>> 7fefb000-7fefc000 r-xp 00:00 0 >>> 7ff6-7ff61000 r--p 00:00 0 [vvar] >>> 7ff61000-7ff62000 r-xp 00:00 0 [vdso] >>> root@OpenWrt:/# >>> >>> Signed-off-by: Hauke Mehrtens >>> --- >>> >>> I would like to get some comments if we should activate PIE by default. >>> The advantage is that it will be harder to exploit OpenWrt, but on the >>> other hand the binaries are getting bigger. We could also restrict this >>> to some CPU types, but as targets share the binaries it is not really >>> possible to do this based on the target. >>> >>> I am not sure if this should go into the next release or wait for later. >>> >>> This could also break some packages, as it is possible to activate PIE >>> by default for some time many bugs are already fixed, but probably not >>> all of them. >> I think this is a lot of extra bloat. Maybe we can add a restricted PIE >> mode where packages can opt-in individually? > > So we should probably make it a chose with 3 options: > 1. No PIE > 2. Use PIE for exposed binaries > 3. Use PIE for all binaries I hate that we have to make choices like this for space reasons. Option 2 will help but means attackers will try to go after something else. By exposed, you mean "on the network", I guess? > > Then we need something in addition to the existing PKG_ASLR_PIE we > already have to deactivate it. > > Do we want a generic name like this: > PKG_CRITICAL > or something specific to PIE: > PKG_ASLR_PIE_PREFERED > > Hauke > > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 18.06 2/2] dnsmasq: prefer localuse over resolvfile guesswork
On Sat, Feb 23, 2019 at 3:17 AM Yousong Zhou wrote: > > This makes it clear that localuse when explicitly specified in the > config will have its final say on whether or not the initscript should > touch /etc/resolv.conf, no matter whatever the result of previous > guesswork would be > > (cherry picked from c17a68cc61a0f8a28e19c7f60b24beaf1a1a402d) > Signed-off-by: Yousong Zhou Acked-by: Hans Dedecker > --- > package/network/services/dnsmasq/Makefile | 2 +- > package/network/services/dnsmasq/files/dnsmasq.init | 8 > 2 files changed, 5 insertions(+), 5 deletions(-) > > diff --git a/package/network/services/dnsmasq/Makefile > b/package/network/services/dnsmasq/Makefile > index c50717d091..eff9cfea24 100644 > --- a/package/network/services/dnsmasq/Makefile > +++ b/package/network/services/dnsmasq/Makefile > @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk > > PKG_NAME:=dnsmasq > PKG_VERSION:=2.80 > -PKG_RELEASE:=1.3 > +PKG_RELEASE:=1.4 > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz > PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq > diff --git a/package/network/services/dnsmasq/files/dnsmasq.init > b/package/network/services/dnsmasq/files/dnsmasq.init > index b119981cb8..33ef98ce56 100644 > --- a/package/network/services/dnsmasq/files/dnsmasq.init > +++ b/package/network/services/dnsmasq/files/dnsmasq.init > @@ -733,7 +733,7 @@ dnsmasq_start() > { > local cfg="$1" > local disabled user_dhcpscript > - local resolvfile localuse > + local resolvfile localuse=0 > > config_get_bool disabled "$cfg" disabled 0 > [ "$disabled" -gt 0 ] && return 0 > @@ -883,13 +883,13 @@ dnsmasq_start() > config_get_bool cachelocal "$cfg" cachelocal 1 > > config_get_bool noresolv "$cfg" noresolv 0 > - config_get_bool localuse "$cfg" localuse 0 > if [ "$noresolv" != "1" ]; then > config_get resolvfile "$cfg" resolvfile /tmp/resolv.conf.auto > [ -n "$resolvfile" -a ! -e "$resolvfile" ] && touch > "$resolvfile" > xappend "--resolv-file=$resolvfile" > [ "$resolvfile" = "/tmp/resolv.conf.auto" ] && localuse=1 > fi > + config_get_bool localuse "$cfg" localuse "$localuse" > > config_get hostsfile "$cfg" dhcphostsfile > [ -e "$hostsfile" ] && xappend "--dhcp-hostsfile=$hostsfile" > @@ -1039,13 +1039,13 @@ dnsmasq_start() > dnsmasq_stop() > { > local cfg="$1" > - local noresolv resolvfile localuse > + local noresolv resolvfile localuse=0 > > config_get_bool noresolv "$cfg" noresolv 0 > - config_get_bool localuse "$cfg" localuse 0 > config_get resolvfile "$cfg" "resolvfile" > > [ "$noresolv" = 0 -a "$resolvfile" = "/tmp/resolv.conf.auto" ] && > localuse=1 > + config_get_bool localuse "$cfg" localuse "$localuse" > [ "$localuse" -gt 0 ] && ln -sf "/tmp/resolv.conf.auto" > /tmp/resolv.conf > > rm -f ${BASEDHCPSTAMPFILE}.${cfg}.*.dhcp ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 18.06 1/2] dnsmasq: allow using dnsmasq as the sole resolver
On Sat, Feb 23, 2019 at 3:17 AM Yousong Zhou wrote: > > Currently it seems impossible to configure /etc/config/dhcp to achieve > the following use case > > - run dnsmasq with no-resolv > - re-generate /etc/resolv.conf with "nameserver 127.0.0.1" > > Before this change, we have to set resolvfile to /tmp/resolv.conf.auto > to achive the 2nd effect above, but setting resolvfile requires noresolv > being false. > > A new boolean option "localuse" is added to indicate that we intend to > use dnsmasq as the local dns resolver. It's false by default and to > align with old behaviour it will be true automatically if resolvfile is > set to /tmp/resolv.conf.auto > > (cherry picked from 2aea1ada65f050d74a064e74466bbe4e8d) > Signed-off-by: Yousong Zhou Acked-by: Hans Dedecker > --- > package/network/services/dnsmasq/Makefile | 2 +- > .../services/dnsmasq/files/dnsmasq.init | 30 +-- > 2 files changed, 16 insertions(+), 16 deletions(-) > > diff --git a/package/network/services/dnsmasq/Makefile > b/package/network/services/dnsmasq/Makefile > index e89ad19f5c..c50717d091 100644 > --- a/package/network/services/dnsmasq/Makefile > +++ b/package/network/services/dnsmasq/Makefile > @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk > > PKG_NAME:=dnsmasq > PKG_VERSION:=2.80 > -PKG_RELEASE:=1.2 > +PKG_RELEASE:=1.3 > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz > PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq > diff --git a/package/network/services/dnsmasq/files/dnsmasq.init > b/package/network/services/dnsmasq/files/dnsmasq.init > index 9c922eec6c..b119981cb8 100644 > --- a/package/network/services/dnsmasq/files/dnsmasq.init > +++ b/package/network/services/dnsmasq/files/dnsmasq.init > @@ -731,7 +731,9 @@ dhcp_relay_add() { > > dnsmasq_start() > { > - local cfg="$1" disabled resolvfile user_dhcpscript > + local cfg="$1" > + local disabled user_dhcpscript > + local resolvfile localuse > > config_get_bool disabled "$cfg" disabled 0 > [ "$disabled" -gt 0 ] && return 0 > @@ -881,14 +883,14 @@ dnsmasq_start() > config_get_bool cachelocal "$cfg" cachelocal 1 > > config_get_bool noresolv "$cfg" noresolv 0 > + config_get_bool localuse "$cfg" localuse 0 > if [ "$noresolv" != "1" ]; then > - config_get resolvfile "$cfg" resolvfile > "/tmp/resolv.conf.auto" > - # So jail doesn't complain if file missing > - [ -n "$resolvfile" -a \! -e "$resolvfile" ] && touch > "$resolvfile" > + config_get resolvfile "$cfg" resolvfile /tmp/resolv.conf.auto > + [ -n "$resolvfile" -a ! -e "$resolvfile" ] && touch > "$resolvfile" > + xappend "--resolv-file=$resolvfile" > + [ "$resolvfile" = "/tmp/resolv.conf.auto" ] && localuse=1 > fi > > - [ -n "$resolvfile" ] && xappend "--resolv-file=$resolvfile" > - > config_get hostsfile "$cfg" dhcphostsfile > [ -e "$hostsfile" ] && xappend "--dhcp-hostsfile=$hostsfile" > > @@ -1010,7 +1012,7 @@ dnsmasq_start() > mv -f $CONFIGFILE_TMP $CONFIGFILE > mv -f $HOSTFILE_TMP $HOSTFILE > > - [ "$resolvfile" = "/tmp/resolv.conf.auto" ] && { > + [ "$localuse" -gt 0 ] && { > rm -f /tmp/resolv.conf > [ $ADD_LOCAL_DOMAIN -eq 1 ] && [ -n "$DOMAIN" ] && { > echo "search $DOMAIN" >> /tmp/resolv.conf > @@ -1036,17 +1038,15 @@ dnsmasq_start() > > dnsmasq_stop() > { > - local cfg="$1" resolvfile > + local cfg="$1" > + local noresolv resolvfile localuse > > + config_get_bool noresolv "$cfg" noresolv 0 > + config_get_bool localuse "$cfg" localuse 0 > config_get resolvfile "$cfg" "resolvfile" > > - #relink /tmp/resolve.conf only for main instance > - [ "$resolvfile" = "/tmp/resolv.conf.auto" ] && { > - [ -f /tmp/resolv.conf ] && { > - rm -f /tmp/resolv.conf > - ln -s "$resolvfile" /tmp/resolv.conf > - } > - } > + [ "$noresolv" = 0 -a "$resolvfile" = "/tmp/resolv.conf.auto" ] && > localuse=1 > + [ "$localuse" -gt 0 ] && ln -sf "/tmp/resolv.conf.auto" > /tmp/resolv.conf > > rm -f ${BASEDHCPSTAMPFILE}.${cfg}.*.dhcp > } ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] ath79: add ar71xx support-list entry for Fritz4020
This adds the support-list entry the AVM FRITZ!Box 4020 expects in the ar71xx target to allow non-forced sysupgrades from ar71xx to ath79. Signed-off-by: David Bauer --- target/linux/ath79/image/generic.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/target/linux/ath79/image/generic.mk b/target/linux/ath79/image/generic.mk index 889321867a..d3978629fd 100644 --- a/target/linux/ath79/image/generic.mk +++ b/target/linux/ath79/image/generic.mk @@ -92,6 +92,7 @@ define Device/avm_fritz4020 append-squashfs-fakeroot-be | pad-to 256 | \ append-rootfs | pad-rootfs | append-metadata | check-size (IMAGE_SIZE) DEVICE_PACKAGES := fritz-tffs + SUPPORTED_DEVICES += fritz4020 endef TARGET_DEVICES += avm_fritz4020 -- 2.20.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel