diff options
author | John Crispin <john@openwrt.org> | 2015-03-26 10:58:30 +0000 |
---|---|---|
committer | John Crispin <john@openwrt.org> | 2015-03-26 10:58:30 +0000 |
commit | f5e2b62ab7729c7c21e75d7b60ce3bb99620fa8a (patch) | |
tree | ae3f82248aef84407bb3c4afac3c69d90ae0563c | |
parent | e85b93d9b83fef4f3d6f1bc82be15f97b2cb98bf (diff) | |
download | upstream-f5e2b62ab7729c7c21e75d7b60ce3bb99620fa8a.tar.gz upstream-f5e2b62ab7729c7c21e75d7b60ce3bb99620fa8a.tar.bz2 upstream-f5e2b62ab7729c7c21e75d7b60ce3bb99620fa8a.zip |
dnsmasq: add jail support
Signed-off-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 45011
-rw-r--r-- | package/network/services/dnsmasq/files/dnsmasq.init | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init index a0197ef764..052a22dade 100644 --- a/package/network/services/dnsmasq/files/dnsmasq.init +++ b/package/network/services/dnsmasq/files/dnsmasq.init @@ -547,13 +547,22 @@ start_service() { config_load dhcp procd_open_instance - procd_set_param command $PROG -C $CONFIGFILE -k + procd_set_param command $PROG -C $CONFIGFILE -d -x /var/run/dnsmasq/dnsmasq.pid procd_set_param file $CONFIGFILE procd_set_param respawn + + procd_add_jail dnsmasq ubus log + procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE /etc/passwd /dev/urandom /etc/dnsmasq.conf /tmp/dnsmasq.d /tmp/resolv.conf.auto /etc/hosts /etc/ethers + procd_add_jail_mount_rw /var/run/dnsmasq/ /tmp/dhcp.leases + procd_close_instance # before we can call xappend + mkdir -p /var/run/dnsmasq/ mkdir -p $(dirname $CONFIGFILE) + mkdir -p /var/lib/misc + touch /tmp/dhcp.leases + echo "# auto-generated config file from /etc/config/dhcp" > $CONFIGFILE echo "# auto-generated config file from /etc/config/dhcp" > $HOSTFILE |