dnsmasq: improve init script

* fix restart in LuCI (inherited umask was to restrictive)
 * make directory of hosts-file (!= /tmp) accessible in ujail

Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This commit is contained in:
Daniel Golle 2021-10-31 12:54:06 +00:00
parent 61a36cefd6
commit a2fcd3900c
No known key found for this signature in database
GPG Key ID: 5A8F39C31C3217CA

View File

@ -829,12 +829,14 @@ dnsmasq_start()
CONFIGFILE_TMP="${CONFIGFILE}.$$"
HOSTFILE="${BASEHOSTFILE}.${cfg}"
HOSTFILE_TMP="${HOSTFILE}.$$"
HOSTFILE_DIR="$(dirname "$HOSTFILE")"
BASEDHCPSTAMPFILE_CFG="${BASEDHCPSTAMPFILE}.${cfg}"
# before we can call xappend
umask u=rwx,g=rx,o=rx
mkdir -p /var/run/dnsmasq/
mkdir -p $(dirname $CONFIGFILE)
mkdir -p $(dirname $HOSTFILE)
mkdir -p "$HOSTFILE_DIR"
mkdir -p /var/lib/misc
chown dnsmasq:dnsmasq /var/run/dnsmasq
@ -1154,6 +1156,7 @@ dnsmasq_start()
procd_add_jail_mount $EXTRA_MOUNT $RFC6761FILE $TRUSTANCHORSFILE
procd_add_jail_mount $dnsmasqconffile $dnsmasqconfdir $resolvdir $user_dhcpscript
procd_add_jail_mount /etc/passwd /etc/group /etc/TZ /etc/hosts /etc/ethers
[ "$HOSTFILE_DIR" != "/tmp" ] && procd_add_jail_mount "$HOSTFILE_DIR"
procd_add_jail_mount_rw /var/run/dnsmasq/ $leasefile
procd_close_instance