wg-quick: allow for the hatchet, but not by default

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2017-10-31 11:38:09 +01:00
parent 9bcb48eacd
commit d30d9630b6
4 changed files with 55 additions and 0 deletions

View file

@ -0,0 +1,8 @@
The DNS Hatchet
===============
This is a workaround for distributions without resolvconf or any proper
mechanism of setting the DNS. Running 'apply.sh` in this directory will
insert 'hatchet.bash` into the right place in 'wg-quick.bash`. It is
recommended that distributions without any resolvconf available run this
before calling 'make install` in their packaging scripts.

6
contrib/dns-hatchet/apply.sh Executable file
View file

@ -0,0 +1,6 @@
#!/bin/bash
ME="$(readlink -f "$(dirname "$(readlink -f "$0")")")"
TOOLS="$ME/../../../src/tools"
sed -i "/~~ function override insertion point ~~/r $ME/hatchet.bash" "$TOOLS/wg-quick.bash"

View file

@ -0,0 +1,39 @@
set_dns() {
[[ ${#DNS[@]} -gt 0 ]] || return 0
if [[ $(resolvconf --version 2>/dev/null) == openresolv\ * ]]; then
printf 'nameserver %s\n' "${DNS[@]}" | cmd resolvconf -a "$INTERFACE" -m 0 -x
else
echo "[#] mount \`${DNS[*]}' /etc/resolv.conf" >&2
[[ -e /etc/resolv.conf ]] || touch /etc/resolv.conf
{ cat <<-_EOF
# This file was generated by wg-quick(8) for use with
# the WireGuard interface $INTERFACE. It cannot be
# removed or altered directly. You may remove this file
# by running \`wg-quick down $INTERFACE', or if that
# poses problems, run \`umount /etc/resolv.conf'.
_EOF
printf 'nameserver %s\n' "${DNS[@]}"
} | unshare -m --propagation shared bash -c "$(cat <<-_EOF
set -e
mount --make-private /dev/shm
mount -t tmpfs none /dev/shm
cat > /dev/shm/resolv.conf
mount -o remount,ro /dev/shm
mount -o bind,ro /dev/shm/resolv.conf /etc/resolv.conf
_EOF
)"
fi
HAVE_SET_DNS=1
}
unset_dns() {
[[ ${#DNS[@]} -gt 0 ]] || return 0
if [[ $(resolvconf --version 2>/dev/null) == openresolv\ * ]]; then
cmd resolvconf -d "$INTERFACE"
else
cmd umount /etc/resolv.conf
fi
}

View file

@ -264,6 +264,8 @@ cmd_down() {
execute_hooks "${POST_DOWN[@]}" execute_hooks "${POST_DOWN[@]}"
} }
# ~~ function override insertion point ~~
if [[ $# -eq 1 && ( $1 == --help || $1 == -h || $1 == help ) ]]; then if [[ $# -eq 1 && ( $1 == --help || $1 == -h || $1 == help ) ]]; then
cmd_usage cmd_usage
elif [[ $# -eq 2 && $1 == up ]]; then elif [[ $# -eq 2 && $1 == up ]]; then