dnsmasq issue

Daniel Golle daniel at makrotopia.org
Sun Dec 5 04:25:51 PST 2021


On Sun, Dec 05, 2021 at 12:13:16PM +0100, e9hack+dnsmasq wrote:
> 
> Hi,
> 
> I did configure a user script by adding:
> 
> option dhcpscript '/etc/dnsmasq-test.sh'
> 
> The script and the main-script are never executed. I did add a line to both scripts, which shall log to /var/run/dnsmaq/test-{1|2}.log
> 
> If I check afterwards if dnsmasq is running, I see two instances. One runs as user dnsmasq and the other as user root.

Usually dnsmasq should open sockets and then change to user dnsmasq to
drop priviledges (it does so by itself, ujail is not involved there).

> 
> root at my-home:~# ps -ww | grep dnsmasq.conf.main
> 12651 root      2652 S    {dnsmasq} /sbin/ujail -n dnsmasq -u -l -e USER_DHCPSCRIPT -r /bin/ubus -r /etc/TZ -r /etc/config/dhcp.dnsmasq -r /etc/dnsmasq-test.sh -r /etc/dnsmasq.conf -r /etc/ethers -r /etc/group -r /etc/hosts -r /etc/passwd -w /tmp/dhcp.leases -r /tmp/dnsmasq.d/main -r /tmp/hosts/dhcp.main -r /usr/bin/jshn -r /usr/lib/dnsmasq/dhcp-script.sh -r /usr/share/dnsmasq/dhcpbogushostname.conf -r /usr/share/dnsmasq/rfc6761.conf -r /usr/share/dnsmasq/trust-anchors.conf -r /usr/share/libubox/jshn.sh -r /var/etc/dnsmasq.conf.main -w /var/run/dnsmasq/ -- /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.main -k
> 12652 dnsmasq   4828 S    /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.main -k
> 12653 root      4564 S    /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.main -k
> 15415 root      1392 S    grep dnsmasq.conf.main
> 
> In the ujail command line, must the part '-e USER_DHCPSCRIPT' contain the content of the variable?

No, the content of the variable is read and copied from the host
environment by ujail and only passing the name is the inteded way to
use this feature. You can verify it being set correctly by checking
/proc/$pid/environ.

Be aware that you can also use /etc/hotplug.d/{dhcp,neigh,tftp} to have
scripts executed on dnsmasq events (and other than using
option dhcpscript the script is then run as as user root)



More information about the openwrt-devel mailing list