blob: bafbca17cbd459c304e4d5761c32744d211452eb [file] [log] [blame]
Simon Kelleyc72daea2012-01-05 21:33:27 +00001#!/bin/sh
2### BEGIN INIT INFO
3# Provides: dnsmasq
4# Required-Start: $network $remote_fs $syslog
5# Required-Stop: $network $remote_fs $syslog
6# Default-Start: 2 3 4 5
7# Default-Stop: 0 1 6
8# Description: DHCP and DNS server
9### END INIT INFO
10
Simon Kelley332c41e2016-05-01 22:36:46 +010011# Don't exit on error status
12set +e
Simon Kelleyc72daea2012-01-05 21:33:27 +000013
14PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
15DAEMON=/usr/sbin/dnsmasq
16NAME=dnsmasq
17DESC="DNS forwarder and DHCP server"
18
19# Most configuration options in /etc/default/dnsmasq are deprecated
20# but still honoured.
21ENABLED=1
22if [ -r /etc/default/$NAME ]; then
23 . /etc/default/$NAME
24fi
25
26# Get the system locale, so that messages are in the correct language, and the
27# charset for IDN is correct
28if [ -r /etc/default/locale ]; then
29 . /etc/default/locale
30 export LANG
31fi
32
Simon Kelley332c41e2016-05-01 22:36:46 +010033# The following test ensures the dnsmasq service is not started, when the
34# package 'dnsmasq' is removed but not purged, even if the dnsmasq-base
35# package is still in place.
Simon Kelley9bb39982016-07-16 22:06:01 +010036test -e /usr/share/dnsmasq/installed-marker || exit 0
Simon Kelley332c41e2016-05-01 22:36:46 +010037
Simon Kelleyc72daea2012-01-05 21:33:27 +000038test -x $DAEMON || exit 0
39
40# Provide skeleton LSB log functions for backports which don't have LSB functions.
41if [ -f /lib/lsb/init-functions ]; then
42 . /lib/lsb/init-functions
43else
44 log_warning_msg () {
45 echo "${@}."
46 }
47
48 log_success_msg () {
49 echo "${@}."
50 }
51
52 log_daemon_msg () {
53 echo -n "${1}: $2"
54 }
55
56 log_end_msg () {
57 if [ $1 -eq 0 ]; then
58 echo "."
59 elif [ $1 -eq 255 ]; then
60 /bin/echo -e " (warning)."
61 else
62 /bin/echo -e " failed!"
63 fi
64 }
65fi
66
67# RESOLV_CONF:
68# If the resolvconf package is installed then use the resolv conf file
69# that it provides as the default. Otherwise use /etc/resolv.conf as
70# the default.
71#
72# If IGNORE_RESOLVCONF is set in /etc/default/dnsmasq or an explicit
73# filename is set there then this inhibits the use of the resolvconf-provided
74# information.
75#
76# Note that if the resolvconf package is installed it is not possible to
77# override it just by configuration in /etc/dnsmasq.conf, it is necessary
78# to set IGNORE_RESOLVCONF=yes in /etc/default/dnsmasq.
79
80if [ ! "$RESOLV_CONF" ] &&
81 [ "$IGNORE_RESOLVCONF" != "yes" ] &&
82 [ -x /sbin/resolvconf ]
83then
Simon Kelley47901152015-09-29 22:54:41 +010084 RESOLV_CONF=/run/dnsmasq/resolv.conf
Simon Kelleyc72daea2012-01-05 21:33:27 +000085fi
86
87for INTERFACE in $DNSMASQ_INTERFACE; do
88 DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -i $INTERFACE"
89done
90
91for INTERFACE in $DNSMASQ_EXCEPT; do
92 DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -I $INTERFACE"
93done
94
95if [ ! "$DNSMASQ_USER" ]; then
96 DNSMASQ_USER="dnsmasq"
97fi
98
Simon Kelley1a9a3482014-03-05 15:01:08 +000099# This tells dnsmasq to ignore DNS requests that don't come from a local network.
100# It's automatically ignored if --interface --except-interface, --listen-address
101# or --auth-server exist in the configuration, so for most installations, it will
102# have no effect, but for otherwise-unconfigured installations, it stops dnsmasq
103# from being vulnerable to DNS-reflection attacks.
104
105DNSMASQ_OPTS="$DNSMASQ_OPTS --local-service"
106
Simon Kelleyc43b8a62014-09-07 19:34:39 +0100107# If the dns-root-data package is installed, then the trust anchors will be
108# available in $ROOT_DS, in BIND zone-file format. Reformat as dnsmasq
109# --trust-anchor options.
110
111ROOT_DS="/usr/share/dns/root.ds"
112
113if [ -f $ROOT_DS ]; then
Simon Kelley39d85502017-12-14 21:23:34 +0000114 DNSMASQ_OPTS="$DNSMASQ_OPTS `env LC_ALL=C sed -rne "s/^([.a-zA-Z0-9]+)([[:space:]]+[0-9]+)*([[:space:]]+IN)*[[:space:]]+DS[[:space:]]+/--trust-anchor=\1,/;s/[[:space:]]+/,/gp" $ROOT_DS | tr '\n' ' '`"
Simon Kelleyc43b8a62014-09-07 19:34:39 +0100115fi
116
Simon Kelleyc72daea2012-01-05 21:33:27 +0000117start()
118{
119 # Return
120 # 0 if daemon has been started
121 # 1 if daemon was already running
122 # 2 if daemon could not be started
123
Simon Kelley47901152015-09-29 22:54:41 +0100124 # /run may be volatile, so we need to ensure that
125 # /run/dnsmasq exists here as well as in postinst
126 if [ ! -d /run/dnsmasq ]; then
127 mkdir /run/dnsmasq || return 2
128 chown dnsmasq:nogroup /run/dnsmasq || return 2
Simon Kelleyc72daea2012-01-05 21:33:27 +0000129 fi
130
Simon Kelley47901152015-09-29 22:54:41 +0100131 start-stop-daemon --start --quiet --pidfile /run/dnsmasq/$NAME.pid --exec $DAEMON --test > /dev/null || return 1
132 start-stop-daemon --start --quiet --pidfile /run/dnsmasq/$NAME.pid --exec $DAEMON -- \
133 -x /run/dnsmasq/$NAME.pid \
Simon Kelleyc72daea2012-01-05 21:33:27 +0000134 ${MAILHOSTNAME:+ -m $MAILHOSTNAME} \
135 ${MAILTARGET:+ -t $MAILTARGET} \
136 ${DNSMASQ_USER:+ -u $DNSMASQ_USER} \
137 ${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \
138 ${DHCP_LEASE:+ -l $DHCP_LEASE} \
139 ${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \
140 ${RESOLV_CONF:+ -r $RESOLV_CONF} \
141 ${CACHESIZE:+ -c $CACHESIZE} \
142 ${CONFIG_DIR:+ -7 $CONFIG_DIR} \
143 ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} \
144 || return 2
145}
146
147start_resolvconf()
148{
149# If interface "lo" is explicitly disabled in /etc/default/dnsmasq
150# Then dnsmasq won't be providing local DNS, so don't add it to
151# the resolvconf server set.
152 for interface in $DNSMASQ_EXCEPT
153 do
154 [ $interface = lo ] && return
155 done
156
Floris Bosbc87e602017-04-11 14:19:57 +0100157# Also skip this if DNS functionality is disabled in /etc/dnsmasq.conf
158 if grep -qs '^port=0' /etc/dnsmasq.conf; then
159 return
160 fi
161
Simon Kelleyc72daea2012-01-05 21:33:27 +0000162 if [ -x /sbin/resolvconf ] ; then
163 echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.$NAME
164 fi
165 return 0
166}
167
168stop()
169{
170 # Return
171 # 0 if daemon has been stopped
172 # 1 if daemon was already stopped
173 # 2 if daemon could not be stopped
174 # other if a failure occurred
Simon Kelley47901152015-09-29 22:54:41 +0100175 start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile /run/dnsmasq/$NAME.pid --name $NAME
Simon Kelleyc72daea2012-01-05 21:33:27 +0000176}
177
178stop_resolvconf()
179{
180 if [ -x /sbin/resolvconf ] ; then
181 /sbin/resolvconf -d lo.$NAME
182 fi
183 return 0
184}
185
186status()
187{
188 # Return
189 # 0 if daemon is running
190 # 1 if daemon is dead and pid file exists
191 # 3 if daemon is not running
192 # 4 if daemon status is unknown
Simon Kelley47901152015-09-29 22:54:41 +0100193 start-stop-daemon --start --quiet --pidfile /run/dnsmasq/$NAME.pid --exec $DAEMON --test > /dev/null
Simon Kelleyc72daea2012-01-05 21:33:27 +0000194 case "$?" in
Simon Kelley47901152015-09-29 22:54:41 +0100195 0) [ -e "/run/dnsmasq/$NAME.pid" ] && return 1 ; return 3 ;;
Simon Kelleyc72daea2012-01-05 21:33:27 +0000196 1) return 0 ;;
197 *) return 4 ;;
198 esac
199}
200
201case "$1" in
202 start)
203 test "$ENABLED" != "0" || exit 0
204 log_daemon_msg "Starting $DESC" "$NAME"
205 start
206 case "$?" in
207 0)
208 log_end_msg 0
209 start_resolvconf
210 exit 0
211 ;;
212 1)
213 log_success_msg "(already running)"
214 exit 0
215 ;;
216 *)
217 log_end_msg 1
218 exit 1
219 ;;
220 esac
221 ;;
222 stop)
223 stop_resolvconf
224 if [ "$ENABLED" != "0" ]; then
225 log_daemon_msg "Stopping $DESC" "$NAME"
226 fi
227 stop
228 RETVAL="$?"
229 if [ "$ENABLED" = "0" ]; then
230 case "$RETVAL" in
231 0) log_daemon_msg "Stopping $DESC" "$NAME"; log_end_msg 0 ;;
232 esac
233 exit 0
234 fi
235 case "$RETVAL" in
236 0) log_end_msg 0 ; exit 0 ;;
237 1) log_warning_msg "(not running)" ; exit 0 ;;
238 *) log_end_msg 1; exit 1 ;;
239 esac
240 ;;
241 restart|force-reload)
242 test "$ENABLED" != "0" || exit 1
243 $DAEMON --test ${CONFIG_DIR:+ -7 $CONFIG_DIR} ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} >/dev/null 2>&1
244 if [ $? -ne 0 ]; then
245 NAME="configuration syntax check"
246 RETVAL="2"
247 else
248 stop_resolvconf
249 stop
250 RETVAL="$?"
251 fi
252 log_daemon_msg "Restarting $DESC" "$NAME"
253 case "$RETVAL" in
254 0|1)
255 sleep 2
256 start
257 case "$?" in
258 0)
259 log_end_msg 0
260 start_resolvconf
261 exit 0
262 ;;
263 *)
264 log_end_msg 1
265 exit 1
266 ;;
267 esac
268 ;;
269 *)
270 log_end_msg 1
271 exit 1
272 ;;
273 esac
274 ;;
275 status)
276 log_daemon_msg "Checking $DESC" "$NAME"
277 status
278 case "$?" in
279 0) log_success_msg "(running)" ; exit 0 ;;
280 1) log_success_msg "(dead, pid file exists)" ; exit 1 ;;
281 3) log_success_msg "(not running)" ; exit 3 ;;
282 *) log_success_msg "(unknown)" ; exit 4 ;;
283 esac
284 ;;
Simon Kelley760169f2012-03-09 14:27:49 +0000285 dump-stats)
Simon Kelley47901152015-09-29 22:54:41 +0100286 kill -s USR1 `cat /run/dnsmasq/$NAME.pid`
Simon Kelley760169f2012-03-09 14:27:49 +0000287 ;;
Simon Kelley2cd9a0d2012-06-11 21:56:10 +0100288 systemd-start-resolvconf)
289 start_resolvconf
290 ;;
291 systemd-stop-resolvconf)
292 stop_resolvconf
293 ;;
294 systemd-exec)
Simon Kelley47901152015-09-29 22:54:41 +0100295# /run may be volatile, so we need to ensure that
296 # /run/dnsmasq exists here as well as in postinst
297 if [ ! -d /run/dnsmasq ]; then
298 mkdir /run/dnsmasq || return 2
299 chown dnsmasq:nogroup /run/dnsmasq || return 2
Simon Kelleyd92c53e2014-05-20 21:00:02 +0100300 fi
Simon Kelley47901152015-09-29 22:54:41 +0100301 exec $DAEMON -x /run/dnsmasq/$NAME.pid \
Simon Kelley2cd9a0d2012-06-11 21:56:10 +0100302 ${MAILHOSTNAME:+ -m $MAILHOSTNAME} \
303 ${MAILTARGET:+ -t $MAILTARGET} \
304 ${DNSMASQ_USER:+ -u $DNSMASQ_USER} \
305 ${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \
306 ${DHCP_LEASE:+ -l $DHCP_LEASE} \
307 ${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \
308 ${RESOLV_CONF:+ -r $RESOLV_CONF} \
309 ${CACHESIZE:+ -c $CACHESIZE} \
310 ${CONFIG_DIR:+ -7 $CONFIG_DIR} \
311 ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS}
312 ;;
Simon Kelleyc72daea2012-01-05 21:33:27 +0000313 *)
Simon Kelley760169f2012-03-09 14:27:49 +0000314 echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|dump-stats|status}" >&2
Simon Kelleyc72daea2012-01-05 21:33:27 +0000315 exit 3
316 ;;
317esac
318
319exit 0
320