projects
/
openwrt
/
staging
/
yousong.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
dnsmasq: dnssec time handling uses ntpd hotplug
[openwrt/staging/yousong.git]
/
package
/
network
/
services
/
dnsmasq
/
files
/
dnsmasq.init
diff --git
a/package/network/services/dnsmasq/files/dnsmasq.init
b/package/network/services/dnsmasq/files/dnsmasq.init
index 1a9903e50dc8edb2eb11f6d8c23ba12ba81f846b..5f7afdb95715d563af4dbb35a758d9d39e5cc58e 100644
(file)
--- a/
package/network/services/dnsmasq/files/dnsmasq.init
+++ b/
package/network/services/dnsmasq/files/dnsmasq.init
@@
-16,6
+16,7
@@
CONFIGFILE="/var/etc/dnsmasq.conf"
HOSTFILE="/tmp/hosts/dhcp"
TRUSTANCHORSFILE="/usr/share/dnsmasq/trust-anchors.conf"
TIMESTAMPFILE="/etc/dnsmasq.time"
HOSTFILE="/tmp/hosts/dhcp"
TRUSTANCHORSFILE="/usr/share/dnsmasq/trust-anchors.conf"
TIMESTAMPFILE="/etc/dnsmasq.time"
+TIMEVALIDFILE="/var/state/dnsmasqsec"
xappend() {
local value="$1"
xappend() {
local value="$1"
@@
-235,7
+236,12
@@
dnsmasq() {
[ "$dnssec" -gt 0 ] && {
xappend "--conf-file=$TRUSTANCHORSFILE"
xappend "--dnssec"
[ "$dnssec" -gt 0 ] && {
xappend "--conf-file=$TRUSTANCHORSFILE"
xappend "--dnssec"
- xappend "--dnssec-timestamp=$TIMESTAMPFILE"
+ [ -x /etc/init.d/sysntpd ] && {
+ /etc/init.d/sysntpd enabled
+ [ "$?" -ne 0 -o "$(uci_get system.ntp.enabled)" = "1" ] && {
+ [ -f "$TIMEVALIDFILE" ] || xappend "--dnssec-no-timecheck"
+ }
+ }
append_bool "$cfg" dnsseccheckunsigned "--dnssec-check-unsigned"
}
append_bool "$cfg" dnsseccheckunsigned "--dnssec-check-unsigned"
}
@@
-627,10
+633,7
@@
start_service() {
mkdir -p /var/lib/misc
touch /tmp/dhcp.leases
mkdir -p /var/lib/misc
touch /tmp/dhcp.leases
- if [ ! -f "$TIMESTAMPFILE" ]; then
- touch "$TIMESTAMPFILE"
- chown dnsmasq.dnsmasq "$TIMESTAMPFILE"
- fi
+ [ -f "$TIMESTAMPFILE" ] && rm -f "$TIMESTAMPFILE"
echo "# auto-generated config file from /etc/config/dhcp" > $CONFIGFILE
echo "# auto-generated config file from /etc/config/dhcp" > $HOSTFILE
echo "# auto-generated config file from /etc/config/dhcp" > $CONFIGFILE
echo "# auto-generated config file from /etc/config/dhcp" > $HOSTFILE
@@
-709,7
+712,7
@@
start_service() {
procd_add_jail dnsmasq ubus log
procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE /etc/passwd /etc/group /etc/TZ /dev/null /dev/urandom /etc/dnsmasq.conf /tmp/dnsmasq.d /tmp/resolv.conf.auto /etc/hosts /etc/ethers $EXTRA_MOUNT
procd_add_jail dnsmasq ubus log
procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE /etc/passwd /etc/group /etc/TZ /dev/null /dev/urandom /etc/dnsmasq.conf /tmp/dnsmasq.d /tmp/resolv.conf.auto /etc/hosts /etc/ethers $EXTRA_MOUNT
- procd_add_jail_mount_rw /var/run/dnsmasq/ /tmp/dhcp.leases
$TIMESTAMPFILE
+ procd_add_jail_mount_rw /var/run/dnsmasq/ /tmp/dhcp.leases
procd_close_instance
}
procd_close_instance
}