X-Git-Url: http://git.openwrt.org/?a=blobdiff_plain;f=package%2Fnetwork%2Fservices%2Fdnsmasq%2Ffiles%2Fdnsmasq.init;h=5844aaf8e2e3721abeaefa629cef28c238347b96;hb=44511577de8e9a7a9ec26778df8182333c52b6ab;hp=a0197ef7642457dd8a98fb287f9b6aa0173a12d4;hpb=940d5381e1d090b777fb304e1e377c64231db99a;p=openwrt%2Fsvn-archive%2Farchive.git

diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init
index a0197ef764..5844aaf8e2 100644
--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -15,6 +15,7 @@ ADD_LOCAL_HOSTNAME=1
 CONFIGFILE="/var/etc/dnsmasq.conf"
 HOSTFILE="/tmp/hosts/dhcp"
 TRUSTANCHORSFILE="/usr/share/dnsmasq/trust-anchors.conf"
+TIMESTAMPFILE="/etc/dnsmasq.time"
 
 xappend() {
 	local value="$1"
@@ -120,7 +121,7 @@ dnsmasq() {
 	append_bool "$cfg" nohosts "--no-hosts"
 	append_bool "$cfg" nonegcache "--no-negcache"
 	append_bool "$cfg" strictorder "--strict-order"
-	append_bool "$cfg" logqueries "--log-queries"
+	append_bool "$cfg" logqueries "--log-queries=extra"
 	append_bool "$cfg" noresolv "--no-resolv"
 	append_bool "$cfg" localise_queries "--localise-queries"
 	append_bool "$cfg" readethers "--read-ethers"
@@ -128,11 +129,13 @@ dnsmasq() {
 	append_bool "$cfg" boguspriv "--bogus-priv"
 	append_bool "$cfg" expandhosts "--expand-hosts"
 	append_bool "$cfg" enable_tftp "--enable-tftp"
+	append_bool "$cfg" tftp_no_fail "--tftp-no-fail"
 	append_bool "$cfg" nonwildcard "--bind-interfaces"
 	append_bool "$cfg" fqdn "--dhcp-fqdn"
 	append_bool "$cfg" proxydnssec "--proxy-dnssec"
 	append_bool "$cfg" localservice "--local-service"
 	append_bool "$cfg" quietdhcp "--quiet-dhcp"
+	append_bool "$cfg" sequential_ip "--dhcp-sequential-ip"
 
 	append_parm "$cfg" dhcpscript "--dhcp-script"
 	append_parm "$cfg" cachesize "--cache-size"
@@ -152,6 +155,7 @@ dnsmasq() {
 	config_list_foreach "$cfg" "bogusnxdomain" append_bogusnxdomain
 	append_parm "$cfg" "leasefile" "--dhcp-leasefile"
 	append_parm "$cfg" "resolvfile" "--resolv-file"
+	append_parm "$cfg" "serversfile" "--servers-file"
 	append_parm "$cfg" "tftp_root" "--tftp-root"
 	append_parm "$cfg" "dhcp_boot" "--dhcp-boot"
 	append_parm "$cfg" "local_ttl" "--local-ttl"
@@ -203,6 +207,7 @@ dnsmasq() {
 	[ "$dnssec" -gt 0 ] && {
 		xappend "--conf-file=$TRUSTANCHORSFILE"
 		xappend "--dnssec"
+		xappend "--dnssec-timestamp=$TIMESTAMPFILE"
 		append_bool "$cfg" dnsseccheckunsigned "--dnssec-check-unsigned"
 	}
 
@@ -547,13 +552,26 @@ start_service() {
 	config_load dhcp
 
 	procd_open_instance
-	procd_set_param command $PROG -C $CONFIGFILE -k
+	procd_set_param command $PROG -C $CONFIGFILE -k -x /var/run/dnsmasq/dnsmasq.pid
 	procd_set_param file $CONFIGFILE
 	procd_set_param respawn
+
+	procd_add_jail dnsmasq ubus log
+	procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE /etc/passwd /dev/urandom /etc/dnsmasq.conf /tmp/dnsmasq.d /tmp/resolv.conf.auto /etc/hosts /etc/ethers
+	procd_add_jail_mount_rw /var/run/dnsmasq/ /tmp/dhcp.leases $TIMESTAMPFILE
+	
 	procd_close_instance
 
 	# before we can call xappend
+	mkdir -p /var/run/dnsmasq/
 	mkdir -p $(dirname $CONFIGFILE)
+	mkdir -p /var/lib/misc
+	touch /tmp/dhcp.leases
+
+	if [ ! -f "$TIMESTAMPFILE" ]; then
+		touch "$TIMESTAMPFILE"
+		chown nobody.nogroup "$TIMESTAMPFILE"
+	fi
 
 	echo "# auto-generated config file from /etc/config/dhcp" > $CONFIGFILE
 	echo "# auto-generated config file from /etc/config/dhcp" > $HOSTFILE