From 374825ec05243314d010041edf4a02644baec1ef Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Sat, 24 Aug 2024 10:37:30 +0900 Subject: [PATCH] resolvconf: disable default route when -p is specified Internally, the switch triggers 'resolvectl default-route INTERFACE no'. Closes #34112. --- man/resolvectl.xml | 13 +++++++++++-- src/resolve/resolvconf-compat.c | 24 +++++++++++++++++------- src/resolve/resolvectl.c | 9 ++++++++- src/resolve/resolvectl.h | 1 + 4 files changed, 37 insertions(+), 10 deletions(-) diff --git a/man/resolvectl.xml b/man/resolvectl.xml index 1cecd97631b..b30517741fd 100644 --- a/man/resolvectl.xml +++ b/man/resolvectl.xml @@ -570,10 +570,19 @@ - - These switches are not supported and are silently ignored. + When specified, the interface will not be used as the default route. See also + systemd-resolved.service8 + about the default route. + + + + + + + + The switch is not supported and is silently ignored. diff --git a/src/resolve/resolvconf-compat.c b/src/resolve/resolvconf-compat.c index 30570ad34f2..218f2affc54 100644 --- a/src/resolve/resolvconf-compat.c +++ b/src/resolve/resolvconf-compat.c @@ -34,13 +34,14 @@ static int resolvconf_help(void) { " --version Show package version\n" " -a Register per-interface DNS server and domain data\n" " -d Unregister per-interface DNS server and domain data\n" + " -p Do not use this interface as default route\n" " -f Ignore if specified interface does not exist\n" " -x Send DNS traffic preferably over this interface\n" "\n" "This is a compatibility alias for the resolvectl(1) tool, providing native\n" "command line compatibility with the resolvconf(8) tool of various Linux\n" "distributions and BSD systems. Some options supported by other implementations\n" - "are not supported and are ignored: -m, -p, -u. Various options supported by other\n" + "are not supported and are ignored: -m, -u. Various options supported by other\n" "implementations are not supported and will cause the invocation to fail:\n" "-I, -i, -l, -R, -r, -v, -V, --enable-updates, --disable-updates,\n" "--updates-are-enabled.\n" @@ -119,7 +120,7 @@ int resolvconf_parse_argv(int argc, char *argv[]) { enum { TYPE_REGULAR, - TYPE_PRIVATE, /* -p: Not supported, treated identically to TYPE_REGULAR */ + TYPE_PRIVATE, TYPE_EXCLUSIVE, /* -x */ } type = TYPE_REGULAR; @@ -132,7 +133,7 @@ int resolvconf_parse_argv(int argc, char *argv[]) { if (getenv("IF_EXCLUSIVE")) type = TYPE_EXCLUSIVE; if (getenv("IF_PRIVATE")) - type = TYPE_PRIVATE; /* not actually supported */ + type = TYPE_PRIVATE; arg_mode = _MODE_INVALID; @@ -160,7 +161,7 @@ int resolvconf_parse_argv(int argc, char *argv[]) { break; case 'p': - type = TYPE_PRIVATE; /* not actually supported */ + type = TYPE_PRIVATE; break; case 'f': @@ -256,17 +257,26 @@ int resolvconf_parse_argv(int argc, char *argv[]) { log_syntax(NULL, LOG_DEBUG, "stdin", n, 0, "Ignoring resolv.conf line: %s", line); } - if (type == TYPE_EXCLUSIVE) { + switch (type) { + case TYPE_REGULAR: + break; + + case TYPE_PRIVATE: + arg_disable_default_route = true; + break; + case TYPE_EXCLUSIVE: /* If -x mode is selected, let's preferably route non-suffixed lookups to this interface. This * somewhat matches the original -x behaviour */ r = strv_extend(&arg_set_domain, "~."); if (r < 0) return log_oom(); + break; - } else if (type == TYPE_PRIVATE) - log_debug("Private DNS server data not supported, ignoring."); + default: + assert_not_reached(); + } if (strv_isempty(arg_set_dns)) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), diff --git a/src/resolve/resolvectl.c b/src/resolve/resolvectl.c index 8d32b6784aa..ec75b9892d7 100644 --- a/src/resolve/resolvectl.c +++ b/src/resolve/resolvectl.c @@ -71,10 +71,11 @@ typedef enum RawType { } RawType; static RawType arg_raw = RAW_NONE; +/* Used by compat interfaces: systemd-resolve and resolvconf. */ ExecutionMode arg_mode = MODE_RESOLVE_HOST; - char **arg_set_dns = NULL; char **arg_set_domain = NULL; +bool arg_disable_default_route = false; static const char *arg_set_llmnr = NULL; static const char *arg_set_mdns = NULL; static const char *arg_set_dns_over_tls = NULL; @@ -4178,6 +4179,12 @@ static int compat_main(int argc, char *argv[]) { case MODE_SET_LINK: assert(arg_ifname); + if (arg_disable_default_route) { + r = translate("default-route", arg_ifname, 1, STRV_MAKE("no")); + if (r < 0) + return r; + } + if (arg_set_dns) { r = translate("dns", arg_ifname, strv_length(arg_set_dns), arg_set_dns); if (r < 0) diff --git a/src/resolve/resolvectl.h b/src/resolve/resolvectl.h index 3e404dad102..16e11fcd08e 100644 --- a/src/resolve/resolvectl.h +++ b/src/resolve/resolvectl.h @@ -24,6 +24,7 @@ typedef enum ExecutionMode { extern ExecutionMode arg_mode; extern char **arg_set_dns; extern char **arg_set_domain; +extern bool arg_disable_default_route; extern bool arg_ifindex_permissive; int ifname_mangle_full(const char *s, bool drop_protocol_specifier); -- 2.47.3