- docs: remove the docs/README.md index and docs/CONTRIBUTING.md pointer (duplicate filenames); the canonical contributing guide stays at docs/contributing/contributing.md. Clean tree, no name collisions. - scripts/system/*: 6 helper headers + host_access.sh said the helpers install to /usr/local/sbin, but init.sh installs all of them to /usr/local/lib/libreportal/ (verified via initRootHelpers + the sudoers Cmnd_Alias). Corrected. The only remaining /usr/local/sbin is the legit PATH export in the task processor. - frontend kernel: drop migration-era comments that are now false post- modularization (feature-registry 'passive/phase 0/unused', lifecycle 'ctx.services lands with Phase 2', manifest 'scan generator lands') — describe current behaviour instead. Comment-only edits to scripts/system/* — no footprint_version bump (no behavioural change; bumping would force needless reinstalls). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
43 lines
1.3 KiB
Bash
43 lines
1.3 KiB
Bash
#!/bin/bash
|
|
# LibrePortal DNS helper — the only root-privileged edit of /etc/resolv.conf the
|
|
# manager may trigger. Installed root:root 0755 to /usr/local/lib/libreportal/ by init.sh.
|
|
# Self-contained (sources no manager code). Operates ONLY on /etc/resolv.conf and
|
|
# only with strictly-validated IP arguments, so the scoped sudoers can allow it
|
|
# wholesale instead of a blanket `sudo sed`/`sudo tee` (which would be root).
|
|
|
|
set -u
|
|
|
|
[[ $EUID -eq 0 ]] || { echo "libreportal-dns: must run as root" >&2; exit 1; }
|
|
|
|
RESOLV="/etc/resolv.conf"
|
|
|
|
_is_ip() {
|
|
local ip="$1"
|
|
# IPv4
|
|
if [[ "$ip" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; then
|
|
local o; for o in ${ip//./ }; do (( o <= 255 )) || return 1; done
|
|
return 0
|
|
fi
|
|
# IPv6 (loose but safe — only hex/colon, no shell metachars)
|
|
[[ "$ip" =~ ^[0-9A-Fa-f:]+$ ]] && return 0
|
|
return 1
|
|
}
|
|
|
|
clear_ns() {
|
|
[[ -f "$RESOLV" ]] || return 0
|
|
sed -i '/^nameserver/d' "$RESOLV"
|
|
}
|
|
|
|
add_ns() {
|
|
local ip="$1"
|
|
_is_ip "$ip" || { echo "libreportal-dns: invalid IP '$ip'" >&2; return 1; }
|
|
printf 'nameserver %s\n' "$ip" >> "$RESOLV"
|
|
}
|
|
|
|
action="${1:-}"; shift 2>/dev/null || true
|
|
case "$action" in
|
|
clear) clear_ns ;;
|
|
add) add_ns "${1:-}" ;;
|
|
*) echo "usage: libreportal-dns {clear|add <ip>}" >&2; exit 2 ;;
|
|
esac
|