dnsmasq: make /tmp/dnsmasq.d and /tmp/hosts preferred over UCI settings

[openwrt.git] / package / network / services / dnsmasq / files / dnsmasq.init

diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init
index 20333c8..1b42cff 100644 (file)
--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -15,6 +15,7 @@ ADD_LOCAL_HOSTNAME=1
 CONFIGFILE="/var/etc/dnsmasq.conf"
 HOSTFILE="/tmp/hosts/dhcp"
 TRUSTANCHORSFILE="/usr/share/dnsmasq/trust-anchors.conf"
+TIMESTAMPFILE="/etc/dnsmasq.time"
 
 xappend() {
        local value="$1"
@@ -120,7 +121,7 @@ dnsmasq() {
        append_bool "$cfg" nohosts "--no-hosts"
        append_bool "$cfg" nonegcache "--no-negcache"
        append_bool "$cfg" strictorder "--strict-order"
-       append_bool "$cfg" logqueries "--log-queries"
+       append_bool "$cfg" logqueries "--log-queries=extra"
        append_bool "$cfg" noresolv "--no-resolv"
        append_bool "$cfg" localise_queries "--localise-queries"
        append_bool "$cfg" readethers "--read-ethers"
@@ -134,6 +135,7 @@ dnsmasq() {
        append_bool "$cfg" proxydnssec "--proxy-dnssec"
        append_bool "$cfg" localservice "--local-service"
        append_bool "$cfg" quietdhcp "--quiet-dhcp"
+       append_bool "$cfg" sequential_ip "--dhcp-sequential-ip"
 
        append_parm "$cfg" dhcpscript "--dhcp-script"
        append_parm "$cfg" cachesize "--cache-size"
@@ -174,10 +176,6 @@ dnsmasq() {
        config_get hostsfile "$cfg" dhcphostsfile
        [ -e "$hostsfile" ] && xappend "--dhcp-hostsfile=$hostsfile"
 
-       mkdir -p /tmp/hosts /tmp/dnsmasq.d
-       xappend "--addn-hosts=/tmp/hosts"
-       xappend "--conf-dir=/tmp/dnsmasq.d"
-
        local rebind
        config_get_bool rebind "$cfg" rebind_protection 1
        [ $rebind -gt 0 ] && {
@@ -205,6 +203,7 @@ dnsmasq() {
        [ "$dnssec" -gt 0 ] && {
                xappend "--conf-file=$TRUSTANCHORSFILE"
                xappend "--dnssec"
+               xappend "--dnssec-timestamp=$TIMESTAMPFILE"
                append_bool "$cfg" dnsseccheckunsigned "--dnssec-check-unsigned"
        }
 
@@ -212,6 +211,10 @@ dnsmasq() {
 
        xappend "--dhcp-broadcast=tag:needs-broadcast"
 
+       mkdir -p /tmp/hosts /tmp/dnsmasq.d
+       xappend "--addn-hosts=/tmp/hosts"
+       xappend "--conf-dir=/tmp/dnsmasq.d"
+
        echo >> $CONFIGFILE
 }
 
@@ -554,8 +557,8 @@ start_service() {
        procd_set_param respawn
 
        procd_add_jail dnsmasq ubus log
-       procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE /etc/passwd /dev/urandom /etc/dnsmasq.conf /tmp/dnsmasq.d /tmp/resolv.conf.auto /etc/hosts /etc/ethers
-       procd_add_jail_mount_rw /var/run/dnsmasq/ /tmp/dhcp.leases
+       procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE /etc/passwd /etc/group /etc/TZ /dev/null /dev/urandom /etc/dnsmasq.conf /tmp/dnsmasq.d /tmp/resolv.conf.auto /etc/hosts /etc/ethers
+       procd_add_jail_mount_rw /var/run/dnsmasq/ /tmp/dhcp.leases $TIMESTAMPFILE
        
        procd_close_instance
 
@@ -565,6 +568,10 @@ start_service() {
        mkdir -p /var/lib/misc
        touch /tmp/dhcp.leases
 
+       if [ ! -f "$TIMESTAMPFILE" ]; then
+               touch "$TIMESTAMPFILE"
+               chown nobody.nogroup "$TIMESTAMPFILE"
+       fi
 
        echo "# auto-generated config file from /etc/config/dhcp" > $CONFIGFILE
        echo "# auto-generated config file from /etc/config/dhcp" > $HOSTFILE