| #!/bin/sh |
| ### BEGIN INIT INFO |
| # Provides: dnsmasq |
| # Required-Start: $network $remote_fs $syslog |
| # Required-Stop: $network $remote_fs $syslog |
| # Default-Start: 2 3 4 5 |
| # Default-Stop: 0 1 6 |
| # Description: DHCP and DNS server |
| ### END INIT INFO |
| |
| # Don't exit on error status |
| set +e |
| |
| PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin |
| DAEMON=/usr/sbin/dnsmasq |
| NAME=dnsmasq |
| DESC="DNS forwarder and DHCP server" |
| INSTANCE="${2}" |
| |
| # Most configuration options in /etc/default/dnsmasq are deprecated |
| # but still honoured. |
| ENABLED=1 |
| if [ -r /etc/default/${NAME}${INSTANCE:+.${INSTANCE}} ]; then |
| . /etc/default/${NAME}${INSTANCE:+.${INSTANCE}} |
| fi |
| |
| # Get the system locale, so that messages are in the correct language, and the |
| # charset for IDN is correct |
| if [ -r /etc/default/locale ]; then |
| . /etc/default/locale |
| export LANG |
| fi |
| |
| # The following test ensures the dnsmasq service is not started, when the |
| # package 'dnsmasq' is removed but not purged, even if the dnsmasq-base |
| # package is still in place. |
| test -e /usr/share/dnsmasq/installed-marker || exit 0 |
| |
| test -x ${DAEMON} || exit 0 |
| |
| # Provide skeleton LSB log functions for backports which don't have LSB functions. |
| if [ -f /lib/lsb/init-functions ]; then |
| . /lib/lsb/init-functions |
| else |
| log_warning_msg () { |
| echo "${@}." |
| } |
| |
| log_success_msg () { |
| echo "${@}." |
| } |
| |
| log_daemon_msg () { |
| echo -n "${1}: ${2}" |
| } |
| |
| log_end_msg () { |
| if [ "${1}" -eq 0 ]; then |
| echo "." |
| elif [ "${1}" -eq 255 ]; then |
| /bin/echo -e " (warning)." |
| else |
| /bin/echo -e " failed!" |
| fi |
| } |
| fi |
| |
| # RESOLV_CONF: |
| # If the resolvconf package is installed then use the resolv conf file |
| # that it provides as the default. Otherwise use /etc/resolv.conf as |
| # the default. |
| # |
| # If IGNORE_RESOLVCONF is set in /etc/default/dnsmasq or an explicit |
| # filename is set there then this inhibits the use of the resolvconf-provided |
| # information. |
| # |
| # Note that if the resolvconf package is installed it is not possible to |
| # override it just by configuration in /etc/dnsmasq.conf, it is necessary |
| # to set IGNORE_RESOLVCONF=yes in /etc/default/dnsmasq. |
| |
| if [ ! "${RESOLV_CONF}" ] && |
| [ "${IGNORE_RESOLVCONF}" != "yes" ] && |
| [ -x /sbin/resolvconf ] |
| then |
| RESOLV_CONF=/run/dnsmasq/resolv.conf |
| fi |
| |
| for INTERFACE in ${DNSMASQ_INTERFACE}; do |
| DNSMASQ_INTERFACES="${DNSMASQ_INTERFACES} -i ${INTERFACE}" |
| done |
| |
| for INTERFACE in ${DNSMASQ_EXCEPT}; do |
| DNSMASQ_INTERFACES="${DNSMASQ_INTERFACES} -I ${INTERFACE}" |
| done |
| |
| if [ ! "${DNSMASQ_USER}" ]; then |
| DNSMASQ_USER="dnsmasq" |
| fi |
| |
| # This tells dnsmasq to ignore DNS requests that don't come from a local network. |
| # It's automatically ignored if --interface --except-interface, --listen-address |
| # or --auth-server exist in the configuration, so for most installations, it will |
| # have no effect, but for otherwise-unconfigured installations, it stops dnsmasq |
| # from being vulnerable to DNS-reflection attacks. |
| |
| DNSMASQ_OPTS="${DNSMASQ_OPTS} --local-service" |
| |
| # If the dns-root-data package is installed, then the trust anchors will be |
| # available in ROOT_DS, in BIND zone-file format. Reformat as dnsmasq |
| # --trust-anchor options. |
| |
| ROOT_DS="/usr/share/dns/root.ds" |
| |
| if [ -f ${ROOT_DS} ]; then |
| DNSMASQ_OPTS="$DNSMASQ_OPTS `env LC_ALL=C sed -rne "s/^([.a-zA-Z0-9]+)([[:space:]]+[0-9]+)*([[:space:]]+IN)*[[:space:]]+DS[[:space:]]+/--trust-anchor=\1,/;s/[[:space:]]+/,/gp" $ROOT_DS | tr '\n' ' '`" |
| fi |
| |
| start() |
| { |
| # Return |
| # 0 if daemon has been started |
| # 1 if daemon was already running |
| # 2 if daemon could not be started |
| |
| # /run may be volatile, so we need to ensure that |
| # /run/dnsmasq exists here as well as in postinst |
| if [ ! -d /run/dnsmasq ]; then |
| mkdir /run/dnsmasq || { [ -d /run/dnsmasq ] || return 2 ; } |
| chown dnsmasq:nogroup /run/dnsmasq || return 2 |
| fi |
| [ -x /sbin/restorecon ] && /sbin/restorecon /run/dnsmasq |
| |
| start-stop-daemon --start --quiet --pidfile /run/dnsmasq/${NAME}${INSTANCE:+.${INSTANCE}}.pid --exec ${DAEMON} --test > /dev/null || return 1 |
| start-stop-daemon --start --quiet --pidfile /run/dnsmasq/${NAME}${INSTANCE:+.${INSTANCE}}.pid --exec ${DAEMON} -- \ |
| -x /run/dnsmasq/${NAME}${INSTANCE:+.${INSTANCE}}.pid \ |
| ${MAILHOSTNAME:+ -m ${MAILHOSTNAME}} \ |
| ${MAILTARGET:+ -t ${MAILTARGET}} \ |
| ${DNSMASQ_USER:+ -u ${DNSMASQ_USER}} \ |
| ${DNSMASQ_INTERFACES:+ ${DNSMASQ_INTERFACES}} \ |
| ${DHCP_LEASE:+ -l ${DHCP_LEASE}} \ |
| ${DOMAIN_SUFFIX:+ -s ${DOMAIN_SUFFIX}} \ |
| ${RESOLV_CONF:+ -r ${RESOLV_CONF}} \ |
| ${CACHESIZE:+ -c ${CACHESIZE}} \ |
| ${CONFIG_DIR:+ -7 ${CONFIG_DIR}} \ |
| ${DNSMASQ_OPTS:+ ${DNSMASQ_OPTS}} \ |
| || return 2 |
| } |
| |
| start_resolvconf() |
| { |
| # If interface "lo" is explicitly disabled in /etc/default/dnsmasq |
| # Then dnsmasq won't be providing local DNS, so don't add it to |
| # the resolvconf server set. |
| for interface in ${DNSMASQ_EXCEPT}; do |
| [ ${interface} = lo ] && return |
| done |
| |
| # Also skip this if DNS functionality is disabled in /etc/dnsmasq.conf |
| if grep -qs '^port=0' /etc/dnsmasq.conf; then |
| return |
| fi |
| |
| if [ -x /sbin/resolvconf ] ; then |
| echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.${NAME}${INSTANCE:+.${INSTANCE}} |
| fi |
| return 0 |
| } |
| |
| stop() |
| { |
| # Return |
| # 0 if daemon has been stopped |
| # 1 if daemon was already stopped |
| # 2 if daemon could not be stopped |
| # other if a failure occurred |
| start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile /run/dnsmasq/${NAME}${INSTANCE:+.${INSTANCE}}.pid --name ${NAME} |
| } |
| |
| stop_resolvconf() |
| { |
| if [ -x /sbin/resolvconf ] ; then |
| /sbin/resolvconf -d lo.${NAME}${INSTANCE:+.${INSTANCE}} |
| fi |
| return 0 |
| } |
| |
| status() |
| { |
| # Return |
| # 0 if daemon is running |
| # 1 if daemon is dead and pid file exists |
| # 3 if daemon is not running |
| # 4 if daemon status is unknown |
| start-stop-daemon --start --quiet --pidfile /run/dnsmasq/${NAME}${INSTANCE:+.${INSTANCE}}.pid --exec ${DAEMON} --test > /dev/null |
| case "${?}" in |
| 0) [ -e "/run/dnsmasq/${NAME}${INSTANCE:+.${INSTANCE}}.pid" ] && return 1 ; return 3 ;; |
| 1) return 0 ;; |
| *) return 4 ;; |
| esac |
| } |
| |
| case "${1}" in |
| start) |
| test "${ENABLED}" != "0" || exit 0 |
| log_daemon_msg "Starting ${DESC}" "${NAME}${INSTANCE:+.${INSTANCE}}" |
| start |
| case "${?}" in |
| 0) |
| log_end_msg 0 |
| start_resolvconf |
| exit 0 |
| ;; |
| 1) |
| log_success_msg "(already running)" |
| exit 0 |
| ;; |
| *) |
| log_end_msg 1 |
| exit 1 |
| ;; |
| esac |
| ;; |
| stop) |
| stop_resolvconf |
| if [ "${ENABLED}" != "0" ]; then |
| log_daemon_msg "Stopping ${DESC}" "${NAME}${INSTANCE:+.${INSTANCE}}" |
| fi |
| stop |
| RETVAL="${?}" |
| if [ "${ENABLED}" = "0" ]; then |
| case "${RETVAL}" in |
| 0) log_daemon_msg "Stopping ${DESC}" "${NAME}${INSTANCE:+.${INSTANCE}}"; log_end_msg 0 ;; |
| esac |
| exit 0 |
| fi |
| case "${RETVAL}" in |
| 0) log_end_msg 0 ; exit 0 ;; |
| 1) log_warning_msg "(not running)" ; exit 0 ;; |
| *) log_end_msg 1; exit 1 ;; |
| esac |
| ;; |
| checkconfig) |
| ${DAEMON} --test ${CONFIG_DIR:+ -7 ${CONFIG_DIR}} ${DNSMASQ_OPTS:+ ${DNSMASQ_OPTS}} >/dev/null 2>&1 |
| RETVAL="${?}" |
| exit ${RETVAL} |
| ;; |
| restart|force-reload) |
| test "${ENABLED}" != "0" || exit 1 |
| ${DAEMON} --test ${CONFIG_DIR:+ -7 ${CONFIG_DIR}} ${DNSMASQ_OPTS:+ ${DNSMASQ_OPTS}} >/dev/null 2>&1 |
| if [ ${?} -ne 0 ]; then |
| NAME="configuration syntax check" |
| RETVAL="2" |
| else |
| stop_resolvconf |
| stop |
| RETVAL="${?}" |
| fi |
| log_daemon_msg "Restarting ${DESC}" "${NAME}${INSTANCE:+.${INSTANCE}}" |
| case "${RETVAL}" in |
| 0|1) |
| sleep 2 |
| start |
| case "${?}" in |
| 0) |
| log_end_msg 0 |
| start_resolvconf |
| exit 0 |
| ;; |
| *) |
| log_end_msg 1 |
| exit 1 |
| ;; |
| esac |
| ;; |
| *) |
| log_end_msg 1 |
| exit 1 |
| ;; |
| esac |
| ;; |
| status) |
| log_daemon_msg "Checking ${DESC}" "${NAME}${INSTANCE:+.${INSTANCE}}" |
| status |
| case "${?}" in |
| 0) log_success_msg "(running)" ; exit 0 ;; |
| 1) log_success_msg "(dead, pid file exists)" ; exit 1 ;; |
| 3) log_success_msg "(not running)" ; exit 3 ;; |
| *) log_success_msg "(unknown)" ; exit 4 ;; |
| esac |
| ;; |
| dump-stats) |
| kill -s USR1 `cat /run/dnsmasq/${NAME}${INSTANCE:+.${INSTANCE}}.pid` |
| ;; |
| systemd-start-resolvconf) |
| start_resolvconf |
| ;; |
| systemd-stop-resolvconf) |
| stop_resolvconf |
| ;; |
| systemd-exec) |
| # /run may be volatile, so we need to ensure that |
| # /run/dnsmasq exists here as well as in postinst |
| if [ ! -d /run/dnsmasq ]; then |
| mkdir /run/dnsmasq || { [ -d /run/dnsmasq ] || return 2 ; } |
| chown dnsmasq:nogroup /run/dnsmasq || return 2 |
| fi |
| exec ${DAEMON} -x /run/dnsmasq/${NAME}${INSTANCE:+.${INSTANCE}}.pid \ |
| ${MAILHOSTNAME:+ -m ${MAILHOSTNAME}} \ |
| ${MAILTARGET:+ -t ${MAILTARGET}} \ |
| ${DNSMASQ_USER:+ -u ${DNSMASQ_USER}} \ |
| ${DNSMASQ_INTERFACES:+ ${DNSMASQ_INTERFACES}} \ |
| ${DHCP_LEASE:+ -l ${DHCP_LEASE}} \ |
| ${DOMAIN_SUFFIX:+ -s ${DOMAIN_SUFFIX}} \ |
| ${RESOLV_CONF:+ -r ${RESOLV_CONF}} \ |
| ${CACHESIZE:+ -c ${CACHESIZE}} \ |
| ${CONFIG_DIR:+ -7 ${CONFIG_DIR}} \ |
| ${DNSMASQ_OPTS:+ ${DNSMASQ_OPTS}} |
| ;; |
| *) |
| echo "Usage: /etc/init.d/${NAME} {start|stop|restart|force-reload|dump-stats|status}" >&2 |
| exit 3 |
| ;; |
| esac |
| |
| exit 0 |