1*59c22029Sroy.\" Copyright (c) 2007-2023 Roy Marples 2793621c9Sroy.\" All rights reserved 3793621c9Sroy.\" 4793621c9Sroy.\" Redistribution and use in source and binary forms, with or without 5793621c9Sroy.\" modification, are permitted provided that the following conditions 6793621c9Sroy.\" are met: 7793621c9Sroy.\" 1. Redistributions of source code must retain the above copyright 8793621c9Sroy.\" notice, this list of conditions and the following disclaimer. 9793621c9Sroy.\" 2. Redistributions in binary form must reproduce the above copyright 10793621c9Sroy.\" notice, this list of conditions and the following disclaimer in the 11793621c9Sroy.\" documentation and/or other materials provided with the distribution. 12793621c9Sroy.\" 13793621c9Sroy.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14793621c9Sroy.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15793621c9Sroy.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16793621c9Sroy.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17793621c9Sroy.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18793621c9Sroy.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19793621c9Sroy.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20793621c9Sroy.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21793621c9Sroy.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22793621c9Sroy.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23793621c9Sroy.\" SUCH DAMAGE. 24793621c9Sroy.\" 250949b2edSroy.Dd December 23, 2016 269d0b84c4Sroy.Dt RESOLVCONF 8 27793621c9Sroy.Os 28793621c9Sroy.Sh NAME 29793621c9Sroy.Nm resolvconf 30793621c9Sroy.Nd a framework for managing multiple DNS configurations 31793621c9Sroy.Sh SYNOPSIS 32793621c9Sroy.Nm 33793621c9Sroy.Fl I 34793621c9Sroy.Nm 35793621c9Sroy.Op Fl m Ar metric 36793621c9Sroy.Op Fl p 379d0b84c4Sroy.Op Fl x 389d0b84c4Sroy.Fl a Ar interface Ns Op Ar .protocol 399d0b84c4Sroy.No < Ns Pa file 40793621c9Sroy.Nm 410949b2edSroy.Fl C Ar pattern 420949b2edSroy.Nm 430949b2edSroy.Fl c Ar pattern 440949b2edSroy.Nm 45793621c9Sroy.Op Fl f 469d0b84c4Sroy.Fl d Ar interface Ns Op Ar .protocol 47793621c9Sroy.Nm 489d0b84c4Sroy.Op Fl x 49793621c9Sroy.Fl il Ar pattern 50793621c9Sroy.Nm 51793621c9Sroy.Fl u 52bc19ce3dSroy.Nm 53bc19ce3dSroy.Fl Fl version 54793621c9Sroy.Sh DESCRIPTION 55793621c9Sroy.Nm 56793621c9Sroymanages 57793621c9Sroy.Xr resolv.conf 5 58793621c9Sroyfiles from multiple sources, such as DHCP and VPN clients. 59793621c9SroyTraditionally, the host runs just one client and that updates 60793621c9Sroy.Pa /etc/resolv.conf . 61793621c9SroyMore modern systems frequently have wired and wireless interfaces and there is 62793621c9Sroyno guarantee both are on the same network. 63793621c9SroyWith the advent of VPN and other 64793621c9Sroytypes of networking daemons, many things now contend for the contents of 65793621c9Sroy.Pa /etc/resolv.conf . 66793621c9Sroy.Pp 67793621c9Sroy.Nm 68793621c9Sroysolves this by letting the daemon send their 69793621c9Sroy.Xr resolv.conf 5 70793621c9Sroyfile to 71793621c9Sroy.Nm 72793621c9Sroyvia 73307c12e0Swiz.Xr stdin 4 74793621c9Sroywith the argument 759d0b84c4Sroy.Fl a Ar interface Ns Op Ar .protocol 76793621c9Sroyinstead of the filesystem. 77793621c9Sroy.Nm 78793621c9Sroythen updates 79793621c9Sroy.Pa /etc/resolv.conf 80793621c9Sroyas it thinks best. 81793621c9SroyWhen a local resolver other than libc is installed, such as 82793621c9Sroy.Xr dnsmasq 8 83793621c9Sroyor 84793621c9Sroy.Xr named 8 , 85793621c9Sroythen 86793621c9Sroy.Nm 87793621c9Sroywill supply files that the resolver should be configured to include. 88793621c9Sroy.Pp 89793621c9Sroy.Nm 9060642c5bSroyassumes it has a job to do. 9160642c5bSroyIn some situations 9260642c5bSroy.Nm 93c97a5801Sroyneeds to act as a deterrent to writing to 9460642c5bSroy.Pa /etc/resolv.conf . 9560642c5bSroyWhere this file cannot be made immutable or you just need to toggle this 9660642c5bSroybehaviour, 9760642c5bSroy.Nm 9860642c5bSroycan be disabled by adding 9960642c5bSroy.Sy resolvconf Ns = Ns NO 10060642c5bSroyto 10160642c5bSroy.Xr resolvconf.conf 5 . 10260642c5bSroy.Pp 10360642c5bSroy.Nm 104793621c9Sroycan mark an interfaces 105793621c9Sroy.Pa resolv.conf 106793621c9Sroyas private. 107793621c9SroyThis means that the name servers listed in that 108793621c9Sroy.Pa resolv.conf 109793621c9Sroyare only used for queries against the domain/search listed in the same file. 110793621c9SroyThis only works when a local resolver other than libc is installed. 111793621c9SroySee 112793621c9Sroy.Xr resolvconf.conf 5 113793621c9Sroyfor how to configure 114793621c9Sroy.Nm 115bc19ce3dSroyto use a local name server and how to remove the private marking. 116793621c9Sroy.Pp 1179d0b84c4Sroy.Nm 1189d0b84c4Sroycan mark an interfaces 1199d0b84c4Sroy.Pa resolv.conf 1209d0b84c4Sroyas exclusive. 1219d0b84c4SroyOnly the latest exclusive interface is used for processing, otherwise all are. 1229d0b84c4Sroy.Pp 123793621c9SroyWhen an interface goes down, it should then call 124793621c9Sroy.Nm 125793621c9Sroywith 1269d0b84c4Sroy.Fl d Ar interface.* 127793621c9Sroyarguments to delete the 128793621c9Sroy.Pa resolv.conf 1299d0b84c4Sroyfile(s) for all the 1309d0b84c4Sroy.Ar protocols 1319d0b84c4Sroyon the 132793621c9Sroy.Ar interface . 1330949b2edSroyFor systems that support the concept of persisting configuration when 1340949b2edSroythe carrier goes down, then it should instead call 1350949b2edSroy.Nm 1360949b2edSroywith 1370949b2edSroy.Fl C Ar interface.* 1380949b2edSroyarguments to deprecate the matching interfaces and 1390949b2edSroy.Fl c Ar interface.* 1400949b2edSroyto activate the matching interfaces when the carrier comes up. 1410949b2edSroyThis only affects the order in which interfaces are processed. 142793621c9Sroy.Pp 1433ddffba0SroyHere are some options for the above commands:- 144bc19ce3dSroy.Bl -tag -width pattern_opt 145793621c9Sroy.It Fl f 146bc19ce3dSroyIgnore non existent interfaces. 147793621c9SroyOnly really useful for deleting interfaces. 1483ddffba0Sroy.It Fl m Ar metric 1493ddffba0SroySet the metric of the interface when adding it, default of 0. 1503ddffba0SroyLower metrics take precedence. 1513ddffba0SroyThis affects the default order of interfaces when listed. 1523ddffba0Sroy.It Fl p 1533ddffba0SroyMarks the interface 1543ddffba0Sroy.Pa resolv.conf 1553ddffba0Sroyas private. 1563ddffba0Sroy.It Fl x 1573ddffba0SroyMark the interface 1583ddffba0Sroy.Pa resolv.conf 1593ddffba0Sroyas exclusive when adding, otherwise only use the latest exclusive interface. 1603ddffba0Sroy.El 1613ddffba0Sroy.Pp 1623ddffba0Sroy.Nm 1633ddffba0Sroyhas some more commands for general usage:- 164bc19ce3dSroy.Bl -tag -width pattern_opt 165793621c9Sroy.It Fl i Ar pattern 1669d0b84c4SroyList the interfaces and protocols, optionally matching 167793621c9Sroy.Ar pattern , 168793621c9Sroywe have 169793621c9Sroy.Pa resolv.conf 170793621c9Sroyfiles for. 171793621c9Sroy.It Fl l Ar pattern 172793621c9SroyList the 173793621c9Sroy.Pa resolv.conf 174793621c9Sroyfiles we have. 175793621c9SroyIf 176793621c9Sroy.Ar pattern 1779d0b84c4Sroyis specified then we list the files for the interfaces and protocols 1789d0b84c4Sroythat match it. 179793621c9Sroy.It Fl u 180793621c9SroyForce 181793621c9Sroy.Nm 18260642c5bSroyto update all its subscribers. 183793621c9Sroy.Nm 184793621c9Sroydoes not update the subscribers when adding a resolv.conf that matches 185793621c9Sroywhat it already has for that interface. 186bc19ce3dSroy.It Fl Fl version 187bc19ce3dSroyEcho the resolvconf version to 188bc19ce3dSroy.Em stdout . 189793621c9Sroy.El 190793621c9Sroy.Pp 191793621c9Sroy.Nm 192*59c22029Sroyalso has some commands designed to be used by its subscribers and 1933ddffba0Sroysystem startup:- 194bc19ce3dSroy.Bl -tag -width pattern_opt 1953ddffba0Sroy.It Fl I 1963ddffba0SroyInitialise the state directory 1973ddffba0Sroy.Pa @VARDIR@ . 1983ddffba0SroyThis only needs to be called if the initial system boot sequence does not 1993ddffba0Sroyautomatically clean it out; for example the state directory is moved 2003ddffba0Sroysomewhere other than 2013ddffba0Sroy.Pa /var/run . 2023ddffba0SroyIf used, it should only be called once as early in the system boot sequence 2033ddffba0Sroyas possible and before 2043ddffba0Sroy.Nm 2053ddffba0Sroyis used to add interfaces. 2063ddffba0Sroy.It Fl R 2073ddffba0SroyEcho the command used to restart a service. 2083ddffba0Sroy.It Fl r Ar service 2093ddffba0SroyIf the 2103ddffba0Sroy.Ar service 2113ddffba0Sroyis running then restart it. 2123ddffba0SroyIf the service does not exist or is not running then zero is returned, 2133ddffba0Sroyotherwise the result of restarting the service. 214793621c9Sroy.It Fl v 215793621c9SroyEcho variables DOMAINS, SEARCH and NAMESERVERS so that the subscriber can 216793621c9Sroyconfigure the resolver easily. 21760642c5bSroy.It Fl V 21860642c5bSroySame as 21960642c5bSroy.Fl v 22060642c5bSroyexcept that only the information configured in 22160642c5bSroy.Xr resolvconf.conf 5 22260642c5bSroyis set. 223793621c9Sroy.El 224793621c9Sroy.Sh INTERFACE ORDERING 225793621c9SroyFor 226793621c9Sroy.Nm 227793621c9Sroyto work effectively, it has to process the resolv.confs for the interfaces 228793621c9Sroyin the correct order. 229793621c9Sroy.Nm 230793621c9Sroyfirst processes interfaces from the 231793621c9Sroy.Sy interface_order 232*59c22029Sroylist, then interfaces without a metric and that match the 233793621c9Sroy.Sy dynamic_order 234793621c9Sroylist, then interfaces with a metric in order and finally the rest in 235793621c9Sroythe operating systems lexical order. 236793621c9SroySee 237793621c9Sroy.Xr resolvconf.conf 5 238793621c9Sroyfor details on these lists. 2399d0b84c4Sroy.Sh PROTOCOLS 2409d0b84c4SroyHere are some suggested protocol tags to use for each 2419d0b84c4Sroy.Pa resolv.conf 2429d0b84c4Sroyfile registered on an 2439d0b84c4Sroy.Ar interface Ns No :- 244bc19ce3dSroy.Bl -tag -width pattern_opt 2459d0b84c4Sroy.It dhcp 2469d0b84c4SroyDynamic Host Configuration Protocol. 2479d0b84c4SroyInitial versions of 2489d0b84c4Sroy.Nm 2499d0b84c4Sroydid not recommend a 2509d0b84c4Sroy.Ar protocol 2519d0b84c4Sroytag be appended to the 2529d0b84c4Sroy.Ar interface 2539d0b84c4Sroyname. 2549d0b84c4SroyWhen the protocol is absent, it is assumed to be the DHCP protocol. 2559d0b84c4Sroy.It ppp 2569d0b84c4SroyPoint-to-Point Protocol. 2579d0b84c4Sroy.It ra 2589d0b84c4SroyIPv6 Router Advertisement. 2599d0b84c4Sroy.It dhcp6 2609d0b84c4SroyDynamic Host Configuration Protocol, version 6. 2619d0b84c4Sroy.El 2625bcbb70cSroy.Sh IMPLEMENTATION NOTES 2635bcbb70cSroyIf a subscriber has the executable bit then it is executed otherwise it is 2645bcbb70cSroyassumed to be a shell script and sourced into the current environment in a 2655bcbb70cSroysubshell. 2665bcbb70cSroyThis is done so that subscribers can remain fast, but are also not limited 2675bcbb70cSroyto the shell language. 2685bcbb70cSroy.Pp 2695bcbb70cSroyPortable subscribers should not use anything outside of 2705bcbb70cSroy.Pa /bin 2715bcbb70cSroyand 2725bcbb70cSroy.Pa /sbin 2735bcbb70cSroybecause 2745bcbb70cSroy.Pa /usr 2755bcbb70cSroyand others may not be available when booting. 2765bcbb70cSroyAlso, it would be unwise to assume any shell specific features. 277793621c9Sroy.Sh ENVIRONMENT 278793621c9Sroy.Bl -ohang 279793621c9Sroy.It Va IF_METRIC 280793621c9SroyIf the 281793621c9Sroy.Fl m 282793621c9Sroyoption is not present then we use 283793621c9Sroy.Va IF_METRIC 284793621c9Sroyfor the metric. 285793621c9Sroy.It Va IF_PRIVATE 286793621c9SroyMarks the interface 287793621c9Sroy.Pa resolv.conf 288793621c9Sroyas private. 2899d0b84c4Sroy.It Va IF_EXCLUSIVE 2909d0b84c4SroyMarks the interface 2919d0b84c4Sroy.Pa resolv.conf 2929d0b84c4Sroyas exclusive. 293793621c9Sroy.El 294793621c9Sroy.Sh FILES 295793621c9Sroy.Bl -ohang 296c97a5801Sroy.It Pa /etc/resolv.conf.bak 297c97a5801SroyBackup file of the original resolv.conf. 298793621c9Sroy.It Pa @SYSCONFDIR@/resolvconf.conf 299793621c9SroyConfiguration file for 300793621c9Sroy.Nm . 301793621c9Sroy.It Pa @LIBEXECDIR@ 302793621c9SroyDirectory of subscribers which are run every time 303793621c9Sroy.Nm 304793621c9Sroyadds, deletes or updates. 305793621c9Sroy.It Pa @LIBEXECDIR@/libc.d 306793621c9SroyDirectory of subscribers which are run after the libc subscriber is run. 307793621c9Sroy.It Pa @VARDIR@ 308793621c9SroyState directory for 309793621c9Sroy.Nm . 310793621c9Sroy.El 311307c12e0Swiz.Sh SEE ALSO 312307c12e0Swiz.Xr resolver 3 , 313307c12e0Swiz.Xr stdin 4 , 314307c12e0Swiz.Xr resolv.conf 5 , 315307c12e0Swiz.Xr resolvconf.conf 5 316793621c9Sroy.Sh HISTORY 317793621c9SroyThis implementation of 318793621c9Sroy.Nm 319793621c9Sroyis called openresolv and is fully command line compatible with Debian's 320793621c9Sroyresolvconf, as written by Thomas Hood. 321d8775c93Sroy.Sh AUTHORS 322a5684d07Swiz.An Roy Marples Aq Mt roy@marples.name 323793621c9Sroy.Sh BUGS 324333b3001SroyPlease report them to 325333b3001Sroy.Lk http://roy.marples.name/projects/openresolv 326d8775c93Sroy.Pp 327793621c9Sroy.Nm 328793621c9Sroydoes not validate any of the files given to it. 329793621c9Sroy.Pp 330793621c9SroyWhen running a local resolver other than libc, you will need to configure it 331793621c9Sroyto include files that 332793621c9Sroy.Nm 333793621c9Sroywill generate. 334793621c9SroyYou should consult 335793621c9Sroy.Xr resolvconf.conf 5 336793621c9Sroyfor instructions on how to configure your resolver. 337