LibrePortal/scripts/system/libreportal-dns
librelad afe0ef1c7e chore: drop duplicate doc files + fix wrong/stale comments
- docs: remove the docs/README.md index and docs/CONTRIBUTING.md pointer
  (duplicate filenames); the canonical contributing guide stays at
  docs/contributing/contributing.md. Clean tree, no name collisions.
- scripts/system/*: 6 helper headers + host_access.sh said the helpers
  install to /usr/local/sbin, but init.sh installs all of them to
  /usr/local/lib/libreportal/ (verified via initRootHelpers + the sudoers
  Cmnd_Alias). Corrected. The only remaining /usr/local/sbin is the legit
  PATH export in the task processor.
- frontend kernel: drop migration-era comments that are now false post-
  modularization (feature-registry 'passive/phase 0/unused', lifecycle
  'ctx.services lands with Phase 2', manifest 'scan generator lands') —
  describe current behaviour instead.

Comment-only edits to scripts/system/* — no footprint_version bump (no
behavioural change; bumping would force needless reinstalls).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-31 01:05:16 +01:00

43 lines
1.3 KiB
Bash

#!/bin/bash
# LibrePortal DNS helper — the only root-privileged edit of /etc/resolv.conf the
# manager may trigger. Installed root:root 0755 to /usr/local/lib/libreportal/ by init.sh.
# Self-contained (sources no manager code). Operates ONLY on /etc/resolv.conf and
# only with strictly-validated IP arguments, so the scoped sudoers can allow it
# wholesale instead of a blanket `sudo sed`/`sudo tee` (which would be root).
set -u
[[ $EUID -eq 0 ]] || { echo "libreportal-dns: must run as root" >&2; exit 1; }
RESOLV="/etc/resolv.conf"
_is_ip() {
local ip="$1"
# IPv4
if [[ "$ip" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; then
local o; for o in ${ip//./ }; do (( o <= 255 )) || return 1; done
return 0
fi
# IPv6 (loose but safe — only hex/colon, no shell metachars)
[[ "$ip" =~ ^[0-9A-Fa-f:]+$ ]] && return 0
return 1
}
clear_ns() {
[[ -f "$RESOLV" ]] || return 0
sed -i '/^nameserver/d' "$RESOLV"
}
add_ns() {
local ip="$1"
_is_ip "$ip" || { echo "libreportal-dns: invalid IP '$ip'" >&2; return 1; }
printf 'nameserver %s\n' "$ip" >> "$RESOLV"
}
action="${1:-}"; shift 2>/dev/null || true
case "$action" in
clear) clear_ns ;;
add) add_ns "${1:-}" ;;
*) echo "usage: libreportal-dns {clear|add <ip>}" >&2; exit 2 ;;
esac