From adf2275018ea9e20b11c87d175d32530c35e30ba Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Mon, 14 May 2018 19:38:12 +1000 Subject: [PATCH 01/10] unbind resolved on ubuntu 18.04 Stop systemd-resolved from interfering with dnsmasq/ftl Signed-off-by: Rob Gill --- automated install/basic-install.sh | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3100ce58..d4984061 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2304,6 +2304,25 @@ main() { fi fi + # resolved and dnsmasq can't share port 53. + # resolved needs to remain in place for installer to download needed files + # so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl + + # Check if running ubuntu 18.04 bionic beaver, which ships with resolved active on port 53 + # (This check may need to be broadened for other systems running resolved?) + if ( lsb_release -a | grep 'Ubuntu 18.04' &> /dev/null ); then + # Running ubuntu 18.04, so check if resolved is running, + if (systemctl is-enabled systemd-resolved | grep -c 'enabled' || true); then + # if resolveconf is running unbind it from port 53 + # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running + echo -e "Unbinding resolved from port 53" + # Make a backup of the original /etc/systemd/resolveconf.d + # (This will need to be restored on uninstallation) + sed -i.orig 's/#DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf + systemctl restart systemd-resolved + fi + fi + # Enable FTL start_service pihole-FTL enable_service pihole-FTL From 3d3e7a330cf8809bd53254eb5a5a660fdb3f8053 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Mon, 14 May 2018 19:44:23 +1000 Subject: [PATCH 02/10] restore resolvd.conf If dnsmasq is removed, resolved will need to be restored. Signed-off-by: Rob Gill --- automated install/uninstall.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 2f4c58a1..68eeec45 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -165,6 +165,13 @@ removeNoPurge() { ${SUDO} rm -f /etc/sudoers.d/pihole &> /dev/null echo -e " ${TICK} Removed config files" + # Restore resolved + if [[ -e /etc/systemd/resolved.conf.orig ]]; then + systemctl disable systemd-resolved + cp /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf + systemctl enable systemd-resolved + fi + # Remove FTL if command -v pihole-FTL &> /dev/null; then echo -ne " ${INFO} Removing pihole-FTL..." From 97809277df1ebe3f8a6546c9c4f0de5e75508c33 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Mon, 14 May 2018 19:50:58 +1000 Subject: [PATCH 03/10] Update uninstall.sh Signed-off-by: Rob Gill > --- automated install/uninstall.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 68eeec45..b339ed2c 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -168,7 +168,7 @@ removeNoPurge() { # Restore resolved if [[ -e /etc/systemd/resolved.conf.orig ]]; then systemctl disable systemd-resolved - cp /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf + ${SUDO} cp /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf systemctl enable systemd-resolved fi From b89a78ce1787dd917e604cbc6372473aacd36d4c Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 15 May 2018 19:42:18 +1000 Subject: [PATCH 04/10] message text Signed-off-by: Rob Gill > --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index d4984061..f5d17b04 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2315,7 +2315,7 @@ main() { if (systemctl is-enabled systemd-resolved | grep -c 'enabled' || true); then # if resolveconf is running unbind it from port 53 # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running - echo -e "Unbinding resolved from port 53" + echo -e "Disabling systemd-resolved DNSStubListener" # Make a backup of the original /etc/systemd/resolveconf.d # (This will need to be restored on uninstallation) sed -i.orig 's/#DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf From 25d0e125e58a3a921911be0257a9651a9606e459 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 15 May 2018 20:23:36 +1000 Subject: [PATCH 05/10] relocate as function The check for systemd-resolved DNSStubListener, and disabling as necessary is a new function, called just prior to start_service pihole-FTL. The check for ubuntu bionic 18.04 specifically is removed. The check if resolved is enabled is made with check_service_active() An additional check that the dnsstublistener is enabled is made. Signed-off-by: Rob Gill --- automated install/basic-install.sh | 39 ++++++++++++++++-------------- 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f5d17b04..155e9f90 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1265,6 +1265,25 @@ check_service_active() { fi } +# Systemd-resolved's DNSStubListener and dnsmasq can't share port 53. +# Resolved needs to remain in place for installer to download needed files +# so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl +disable_resolved_stublistener() { + # Check if Systemd-resolved's DNSSTub listener is enabled and active on port 53 + if check_service_active "systemd-resolved"; then + # Check if DNSStubListener is enabled + if ( grep '#DNSStubListener=yes' /etc/systemd/resolved.conf &> /dev/null ); then + # Disable the DNSStubListener to unbind it from port 53 + # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running + echo -e "Disabling systemd-resolved DNSStubListener" + # Make a backup of the original /etc/systemd/resolved.conf + # (This will need to be restored on uninstallation) + sed -i.orig 's/#DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf + systemctl restart systemd-resolved + fi + fi +} + update_package_cache() { # Running apt-get update/upgrade with minimal output can cause some issues with # requiring user input (e.g password for phpmyadmin see #218) @@ -2304,24 +2323,8 @@ main() { fi fi - # resolved and dnsmasq can't share port 53. - # resolved needs to remain in place for installer to download needed files - # so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl - - # Check if running ubuntu 18.04 bionic beaver, which ships with resolved active on port 53 - # (This check may need to be broadened for other systems running resolved?) - if ( lsb_release -a | grep 'Ubuntu 18.04' &> /dev/null ); then - # Running ubuntu 18.04, so check if resolved is running, - if (systemctl is-enabled systemd-resolved | grep -c 'enabled' || true); then - # if resolveconf is running unbind it from port 53 - # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running - echo -e "Disabling systemd-resolved DNSStubListener" - # Make a backup of the original /etc/systemd/resolveconf.d - # (This will need to be restored on uninstallation) - sed -i.orig 's/#DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf - systemctl restart systemd-resolved - fi - fi + # Check for and if necessary disable systemd-resolved-DNSStubListener + disable_resolved_stublistener # Enable FTL start_service pihole-FTL From a431c829cbbecfbcfb6036047776fc6f4df73cd9 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 16 May 2018 07:11:23 +1000 Subject: [PATCH 06/10] Regex & case fix grep & sed regexes match commented or uncommented Signed-off-by: Rob Gill --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 155e9f90..d9efa280 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1269,16 +1269,16 @@ check_service_active() { # Resolved needs to remain in place for installer to download needed files # so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl disable_resolved_stublistener() { - # Check if Systemd-resolved's DNSSTub listener is enabled and active on port 53 + # Check if Systemd-resolved's DNSStubListener is enabled and active on port 53 if check_service_active "systemd-resolved"; then # Check if DNSStubListener is enabled - if ( grep '#DNSStubListener=yes' /etc/systemd/resolved.conf &> /dev/null ); then + if ( grep -E '#?DNSStubListener=yes' /etc/systemd/resolved.conf &> /dev/null ); then # Disable the DNSStubListener to unbind it from port 53 # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running echo -e "Disabling systemd-resolved DNSStubListener" # Make a backup of the original /etc/systemd/resolved.conf # (This will need to be restored on uninstallation) - sed -i.orig 's/#DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf + sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf systemctl restart systemd-resolved fi fi From c400b914e5d46765a8613c1745ad67778b753a77 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 16 May 2018 07:28:32 +1000 Subject: [PATCH 07/10] Update basic-install.sh Force reloading of relsolved config where available Signed-off-by: Rob Gill --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index d9efa280..47462723 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1279,7 +1279,7 @@ disable_resolved_stublistener() { # Make a backup of the original /etc/systemd/resolved.conf # (This will need to be restored on uninstallation) sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf - systemctl restart systemd-resolved + systemctl reload-or-restart systemd-resolved fi fi } From 15f0ba839f5f4979d3cc43397dfc4090910cc198 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 16 May 2018 07:35:22 +1000 Subject: [PATCH 08/10] reload resloved reload resolved config if possible, restart otherwise Signed-off-by: Rob Gill --- automated install/uninstall.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index b339ed2c..70f8eeb3 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -167,9 +167,8 @@ removeNoPurge() { # Restore resolved if [[ -e /etc/systemd/resolved.conf.orig ]]; then - systemctl disable systemd-resolved ${SUDO} cp /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf - systemctl enable systemd-resolved + systemctl reload-or-restart systemd-resolved fi # Remove FTL From 8cfe89604af7d699b75b29fbede39f789636ffb8 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Thu, 17 May 2018 07:44:07 +1000 Subject: [PATCH 09/10] user-facing messages Signed-off-by: Rob Gill --- automated install/basic-install.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 47462723..07a4adc1 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1266,21 +1266,28 @@ check_service_active() { } # Systemd-resolved's DNSStubListener and dnsmasq can't share port 53. -# Resolved needs to remain in place for installer to download needed files +# Resolved needs to remain in place for installer to download needed files, # so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl disable_resolved_stublistener() { + echo -en " ${INFO} Testing if systemd-resolved is enabled" # Check if Systemd-resolved's DNSStubListener is enabled and active on port 53 if check_service_active "systemd-resolved"; then # Check if DNSStubListener is enabled + echo -en " ${OVER} ${INFO} Testing if systemd-resolved DNSStub-Listener is active" if ( grep -E '#?DNSStubListener=yes' /etc/systemd/resolved.conf &> /dev/null ); then # Disable the DNSStubListener to unbind it from port 53 # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running - echo -e "Disabling systemd-resolved DNSStubListener" + echo -en "${OVER} ${TICK} Disabling systemd-resolved DNSStubListener" # Make a backup of the original /etc/systemd/resolved.conf # (This will need to be restored on uninstallation) sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf + echo -e " and restarting systemd-resolved" systemctl reload-or-restart systemd-resolved + else + echo -e "${OVER} ${INFO} Systemd-resolved does not need to be restarted" fi + else + echo -e "${OVER} ${INFO} Systemd-resolved is not enabled" fi } From 20ccb7b5589bc7f1b2f225995f4c9f0c3bf385aa Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Mon, 21 May 2018 08:16:53 +1000 Subject: [PATCH 10/10] move & clarify comments --- automated install/basic-install.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 07a4adc1..3a8fe928 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1266,8 +1266,6 @@ check_service_active() { } # Systemd-resolved's DNSStubListener and dnsmasq can't share port 53. -# Resolved needs to remain in place for installer to download needed files, -# so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl disable_resolved_stublistener() { echo -en " ${INFO} Testing if systemd-resolved is enabled" # Check if Systemd-resolved's DNSStubListener is enabled and active on port 53 @@ -2316,8 +2314,11 @@ main() { fi fi - echo -e " ${INFO} Restarting services..." - # Start services + # Check for and disable systemd-resolved-DNSStubListener before reloading resolved + # DNSStubListener needs to remain in place for installer to download needed files, + # so this change needs to be made after installation is complete, + # but before starting or resarting the dnsmasq or ftl services + disable_resolved_stublistener # If the Web server was installed, if [[ "${INSTALL_WEB_SERVER}" == true ]]; then @@ -2330,8 +2331,8 @@ main() { fi fi - # Check for and if necessary disable systemd-resolved-DNSStubListener - disable_resolved_stublistener + echo -e " ${INFO} Restarting services..." + # Start services # Enable FTL start_service pihole-FTL