[dnssec-trigger] Add script to backup and restore resolv.conf on dnssec-trigger start/stop
Tomas Hozza
thozza at fedoraproject.org
Tue Nov 26 14:50:27 UTC 2013
commit f644e8e5b8b5917fee407e11fc23ca1f216fadf9
Author: Tomas Hozza <thozza at redhat.com>
Date: Thu Nov 21 14:48:48 2013 +0100
Add script to backup and restore resolv.conf on dnssec-trigger start/stop
Signed-off-by: Tomas Hozza <thozza at redhat.com>
dnssec-trigger.spec | 13 ++++-
dnssec-triggerd-resolvconf-handle.service | 11 ++++
dnssec-triggerd-resolvconf-handle.sh | 83 +++++++++++++++++++++++++++++
dnssec-triggerd.service | 2 +
4 files changed, 108 insertions(+), 1 deletions(-)
---
diff --git a/dnssec-trigger.spec b/dnssec-trigger.spec
index b6277c8..72cb6f0 100644
--- a/dnssec-trigger.spec
+++ b/dnssec-trigger.spec
@@ -1,7 +1,7 @@
Summary: NetworkManager plugin to update/reconfigure DNSSEC resolving
Name: dnssec-trigger
Version: 0.11
-Release: 16%{?dist}
+Release: 17%{?dist}
License: BSD
Url: http://www.nlnetlabs.nl/downloads/dnssec-trigger/
Source: http://www.nlnetlabs.nl/downloads/dnssec-trigger/%{name}-%{version}.tar.gz
@@ -12,6 +12,8 @@ Source3: dnssec-trigger.conf
# http://www.nlnetlabs.nl/svn/dnssec-trigger/trunk/01-dnssec-trigger-hook.sh.in
Source4: 01-dnssec-trigger-hook
Source5: dnssec-trigger.tmpfiles.d
+Source6: dnssec-triggerd-resolvconf-handle.sh
+Source7: dnssec-triggerd-resolvconf-handle.service
Patch1: dnssec-trigger-0.11-improve_dialog_texts.patch
Patch2: dnssec-trigger-842455.patch
# https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=489
@@ -63,6 +65,10 @@ install -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}d.service
install -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}d-keygen.service
install -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/%{name}/
+mkdir -p %{buildroot}%{_libexecdir}
+install -m 0755 %{SOURCE6} %{buildroot}%{_libexecdir}/%{name}d-resolvconf-handle.sh
+install -m 0644 %{SOURCE7} %{buildroot}%{_unitdir}/%{name}d-resolvconf-handle.service
+
desktop-file-install --dir=%{buildroot}%{_datadir}/applications dnssec-trigger-panel.desktop
# overwrite the stock NM hook since there is new one in upstream SVN that has not been released yet
@@ -93,6 +99,7 @@ rm -rf ${RPM_BUILD_ROOT}
%doc README LICENSE
%{_unitdir}/%{name}d.service
%{_unitdir}/%{name}d-keygen.service
+%{_unitdir}/%{name}d-resolvconf-handle.service
%attr(0755,root,root) %dir %{_sysconfdir}/%{name}
%attr(0755,root,root) %{_sysconfdir}/NetworkManager/dispatcher.d/01-dnssec-trigger-hook
@@ -103,6 +110,7 @@ rm -rf ${RPM_BUILD_ROOT}
%{_bindir}/dnssec-trigger-panel
%{_bindir}/dnssec-trigger
%{_sbindir}/dnssec-trigger*
+%{_libexecdir}/%{name}d-resolvconf-handle.sh
%{_mandir}/*/*
%attr(0755,root,root) %dir %{_datadir}/%{name}
%attr(0644,root,root) %{_datadir}/%{name}/*
@@ -130,6 +138,9 @@ fi
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
%changelog
+* Thu Nov 21 2013 Tomas Hozza <thozza at redhat.com> - 0.11-17
+- Add script to backup and restore resolv.conf on dnssec-trigger start/stop
+
* Mon Nov 18 2013 Tomas Hozza <thozza at redhat.com> - 0.11-16
- Improve GUI dialogs texts
diff --git a/dnssec-triggerd-resolvconf-handle.service b/dnssec-triggerd-resolvconf-handle.service
new file mode 100644
index 0000000..a23760c
--- /dev/null
+++ b/dnssec-triggerd-resolvconf-handle.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Backups and restores /etc/resolv.conf after dnssec-trigger starts/stops
+PartOf=dnssec-triggerd.service
+
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+
+ExecStart=/usr/libexec/dnssec-triggerd-resolvconf-handle.sh backup
+ExecStop=/usr/libexec/dnssec-triggerd-resolvconf-handle.sh restore
diff --git a/dnssec-triggerd-resolvconf-handle.sh b/dnssec-triggerd-resolvconf-handle.sh
new file mode 100755
index 0000000..4b8e672
--- /dev/null
+++ b/dnssec-triggerd-resolvconf-handle.sh
@@ -0,0 +1,83 @@
+#!/bin/sh
+# dnssec-trigger script handling possible backup and restore of resolv.conf
+
+SCRIPT_NAME="dnssec-trigger-resolvconf-handle.sh"
+STATE_DIR="/var/run/dnssec-trigger"
+RESOLV_CONF="/etc/resolv.conf"
+RESOLV_CONF_BAK="$STATE_DIR/resolv.conf.bak"
+NM_CONFIG="/etc/NetworkManager/NetworkManager.conf"
+
+usage()
+{
+ echo
+ echo "This script backs up or restores /etc/resolv.conf content"
+ echo "Usage: $SCRIPT_NAME [backup|restore]"
+}
+
+# check number of arguments
+if ! [ "$#" -eq 1 ]; then
+ echo "ERROR: Wrong number of arguments!"
+ usage
+ exit 1
+fi
+
+does_nm_handle_resolv_conf()
+{
+ grep -x "^dns=none" $NM_CONFIG &> /dev/null
+ echo "$?"
+}
+
+backup_resolv_conf()
+{
+ # find out if NM handles the resolv.conf
+ if [ "`does_nm_handle_resolv_conf`" -eq 0 ]; then
+ cp -fp $RESOLV_CONF $RESOLV_CONF_BAK
+ fi
+}
+
+restore_resolv_conf()
+{
+ # if we have a backup and NM does not handle resolv.conf -> restore it
+ if [ "`does_nm_handle_resolv_conf`" -eq 0 ] && [ -s $RESOLV_CONF_BAK ]; then
+ cp -fp $RESOLV_CONF_BAK $RESOLV_CONF
+ else
+ # get global nameservers
+ # try to get nmcli version
+ NMCLI_VER="`nmcli -v 2> /dev/null | sed 's/.*version \([0-9]\)\.\([0-9]\)\.\([0-9]\)\.\([0-9]\).*/\1\2\3\4/'`"
+ # if nmcli exists
+ if [ -n $NMCLI_VER ]; then
+ # if the version is greater or equal 0.9.9.0
+ if [ $NMCLI_VER -ge 0990 ]; then
+ global_nameservers="`nmcli -f IP4,IP6 dev show | fgrep 'DNS' | awk '{print $2;}'`"
+ else
+ global_nameservers="`nmcli -f IP4,IP6 dev list | fgrep 'DNS' | awk '{print $2;}'`"
+ fi
+ # nmcli does not exist
+ else
+ global_nameservers="`nm-tool | grep 'DNS:' | awk '{print $2;}'`"
+ fi
+ # fix whitespaces
+ global_nameservers="`echo $global_nameservers`"
+
+ # write servers to the resolv.conf
+ echo "# generated by $SCRIPT_NAME script" > $RESOLV_CONF
+ for server in $global_nameservers ; do
+ echo "nameserver $server" >> $RESOLV_CONF
+ done
+ fi
+}
+
+case "$1" in
+ backup)
+ backup_resolv_conf
+ ;;
+ restore)
+ restore_resolv_conf
+ ;;
+ *)
+ echo "ERROR: Wrong argument!"
+ usage
+ exit 1
+esac
+
+exit 0
diff --git a/dnssec-triggerd.service b/dnssec-triggerd.service
index bc8fcd8..9d55778 100644
--- a/dnssec-triggerd.service
+++ b/dnssec-triggerd.service
@@ -3,6 +3,8 @@ Description=Reconfigure local DNS(SEC) resolver on network change
After=syslog.target network.target
After=dnssec-triggerd-keygen.service
Wants=dnssec-triggerd-keygen.service
+After=dnssec-triggerd-resolvconf-handle.service
+Wants=dnssec-triggerd-resolvconf-handle.service
After=unbound.service
Wants=unbound.service
More information about the scm-commits
mailing list