├── test
    ├── bin
    │   ├── dhcpcd-mock
    │   ├── nsupdate-mock
    │   ├── radvd-trigger
    │   ├── rdisc6-mock
    │   ├── systemctl-mock
    │   ├── resolvconf-mock
    │   ├── resolvectl-mock
    │   ├── systemd-run-mock
    │   ├── dhclient-mock
    │   ├── dummy-mock
    │   └── dig-mock
    ├── conf
    │   ├── ipv6-prefix-wan1.conf
    │   ├── ipv6-prefix-eth3-from-wan0.conf
    │   ├── ipv6-prefix-wan2.conf
    │   ├── ddns-br1-from-wan1.conf
    │   ├── ddns-eth0.conf
    │   ├── ddns-br1-from-wan0.conf
    │   ├── ddns-eth0-from-eth0.conf
    │   ├── ipv6-prefix-br0-from-wan0.conf
    │   ├── nm-ddns-br1-from-xxx.conf
    │   ├── test-ddns.conf
    │   ├── ipv6-prefix-br1-from-wan0.conf
    │   ├── ddns-eth1.conf
    │   ├── nm-ddns-eth0.conf
    │   ├── testweb-ddns.conf
    │   ├── ip-mock-monitor
    │   ├── 4-ip-mock-addrs
    │   ├── 3-radvd.conf.templ
    │   ├── 2-ip-mock-addrs
    │   ├── 1-ip-mock-addrs
    │   ├── 3-ip-mock-addrs
    │   ├── 2-radvd.conf.templ
    │   ├── 1-radvd.conf.templ
    │   ├── 4-radvd.conf.templ
    │   ├── 4-radvd.conf
    │   ├── radvd-gen.conf
    │   ├── dig-mock-names
    │   ├── common.conf
    │   ├── ip-mock-routes
    │   ├── ip-mock-addrs
    │   ├── general.conf
    │   ├── nmg_xtest
    │   └── xtest_setup
    ├── expected
    │   ├── 1-radvd.conf
    │   ├── 4-radvd.conf
    │   ├── 3-radvd.conf
    │   └── 2-radvd.conf
    ├── radvd-test
    ├── Makefile
    ├── nm-ddns-test
    ├── ipv6-prefix-addr-test
    └── ddns-test
├── etc
    ├── NetworkManager
    │   └── dispatcher.d
    │   │   ├── pre-down.d
    │   │       ├── 08-ipv6-prefix
    │   │       └── 96-interface-action
    │   │   ├── 96-interface-action
    │   │   ├── 90-transmission
    │   │   └── 09-ddns
    ├── systemd
    │   └── system
    │   │   ├── ddns-onboot@.timer
    │   │   └── ddns-onboot@.service
    └── nmutils
    │   ├── dispatcher_action
    │   ├── ipv6_utils.sh
    │   └── ddns-functions
├── .gitignore
├── examples
    ├── simple
    │   ├── radvd.conf.templ
    │   ├── ifa99-rsyslog-eth0.conf
    │   └── ipv6-prefix-eth0.conf
    └── complex
    │   ├── general.conf
    │   ├── radvd-gen.conf
    │   ├── ipv6-prefix-eth1-from-eth0.conf
    │   ├── ipv6-prefix-eth2-from-eth0.conf
    │   ├── ddns-eth1-from-eth0.conf
    │   ├── ddns-eth1.conf
    │   ├── ddns-eth0-from-eth0.conf
    │   ├── radvd.conf.templ
    │   ├── ifa50-mylogger-eth1.conf
    │   ├── ddns-eth0.conf
    │   └── ipv6-prefix-eth0.conf
├── meson_options.txt
├── selinux
    ├── GNUmakefile
    ├── nmutils.te
    └── nmutils.fc
├── NEWS.md
├── GNUmakefile
├── nmutils.spec
├── meson.build
├── LICENSE.LGPLv3
└── README.md


/test/bin/dhcpcd-mock:
--------------------------------------------------------------------------------
1 | dummy-mock


--------------------------------------------------------------------------------
/test/bin/nsupdate-mock:
--------------------------------------------------------------------------------
1 | dummy-mock


--------------------------------------------------------------------------------
/test/bin/radvd-trigger:
--------------------------------------------------------------------------------
1 | dummy-mock


--------------------------------------------------------------------------------
/test/bin/rdisc6-mock:
--------------------------------------------------------------------------------
1 | dummy-mock


--------------------------------------------------------------------------------
/test/bin/systemctl-mock:
--------------------------------------------------------------------------------
1 | dummy-mock


--------------------------------------------------------------------------------
/test/bin/resolvconf-mock:
--------------------------------------------------------------------------------
1 | dummy-mock


--------------------------------------------------------------------------------
/test/bin/resolvectl-mock:
--------------------------------------------------------------------------------
1 | dummy-mock


--------------------------------------------------------------------------------
/test/bin/systemd-run-mock:
--------------------------------------------------------------------------------
1 | dummy-mock


--------------------------------------------------------------------------------
/etc/NetworkManager/dispatcher.d/pre-down.d/08-ipv6-prefix:
--------------------------------------------------------------------------------
1 | ../08-ipv6-prefix


--------------------------------------------------------------------------------
/etc/NetworkManager/dispatcher.d/pre-down.d/96-interface-action:
--------------------------------------------------------------------------------
1 | ../96-interface-action


--------------------------------------------------------------------------------
/test/conf/ipv6-prefix-wan1.conf:
--------------------------------------------------------------------------------
1 | # for ipv6-prefix-nm-test
2 | # shellcheck shell=bash disable=SC2034
3 | WAN_LAN_INTFS="br1"
4 | 


--------------------------------------------------------------------------------
/test/conf/ipv6-prefix-eth3-from-wan0.conf:
--------------------------------------------------------------------------------
1 | # used by ipv6-prefix-dhclient-test
2 | # shellcheck shell=bash disable=SC2034
3 | LAN_NODE=1


--------------------------------------------------------------------------------
/test/conf/ipv6-prefix-wan2.conf:
--------------------------------------------------------------------------------
1 | # for ipv6-prefix-nm-test
2 | # shellcheck shell=bash disable=SC2034
3 | WAN_LAN_INTFS="br1"
4 | WAN_DHCPCD_ARGS=(-E -d)
5 | 


--------------------------------------------------------------------------------
/test/conf/ddns-br1-from-wan1.conf:
--------------------------------------------------------------------------------
1 | # for ipv6-prefix-nm-test
2 | # shellcheck shell=bash disable=SC2034
3 | DDNS_ZONE=example.test
4 | DDNS_RREC_AAAA_NAME=br1-w1.example.test
5 | 


--------------------------------------------------------------------------------
/test/conf/ddns-eth0.conf:
--------------------------------------------------------------------------------
1 | # test config for ddns-test helper
2 | # shellcheck shell=bash disable=SC2034
3 | DDNS_ZONE=example.test
4 | DDNS_RREC_AAAA_NAME=www.example.test
5 | 


--------------------------------------------------------------------------------
/test/conf/ddns-br1-from-wan0.conf:
--------------------------------------------------------------------------------
1 | # for ipv6-prefix-dhclient-test
2 | # shellcheck shell=bash disable=SC2034
3 | DDNS_ZONE=example.test
4 | DDNS_RREC_AAAA_NAME=home.example.test
5 | 


--------------------------------------------------------------------------------
/test/conf/ddns-eth0-from-eth0.conf:
--------------------------------------------------------------------------------
1 | # for ipv6-prefix-dhclient-test
2 | # shellcheck shell=bash disable=SC2034
3 | DDNS_ZONE=example.test
4 | DDNS_RREC_AAAA_NAME=eth0.example.test
5 | 


--------------------------------------------------------------------------------
/test/conf/ipv6-prefix-br0-from-wan0.conf:
--------------------------------------------------------------------------------
1 | # for ipv6-prefix-dhclient-test
2 | # shellcheck shell=bash disable=SC2034
3 | # pspace=56, site=0
4 | LAN_SITE=ab80
5 | LAN_PREFIX_LEN=63
6 | 


--------------------------------------------------------------------------------
/test/conf/nm-ddns-br1-from-xxx.conf:
--------------------------------------------------------------------------------
1 | # test config for nm-ddns-test
2 | # shellcheck shell=bash disable=SC2034
3 | DDNS_ZONE=example.test
4 | DDNS_RREC_AAAA_NAME=dns2.example.test
5 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | *~
 2 | .*.sw?
 3 | *.bak
 4 | *.tgz
 5 | *.tar.gz
 6 | *.rpm
 7 | /test/run/
 8 | /test/results/
 9 | /selinux/nmutils.if
10 | /selinux/nmutils.pp*
11 | /selinux/tmp/
12 | /build/
13 | 


--------------------------------------------------------------------------------
/test/conf/test-ddns.conf:
--------------------------------------------------------------------------------
1 | # test config for ddns-test ddns
2 | # shellcheck shell=bash disable=SC2034
3 | DDNS_ZONE=example.test
4 | DDNS_RREC_A_PRIVATE=1
5 | DDNS_RREC_A_NAME=www.example.test
6 | 


--------------------------------------------------------------------------------
/test/conf/ipv6-prefix-br1-from-wan0.conf:
--------------------------------------------------------------------------------
1 | # for ipv6-prefix-dhclient-test
2 | # pspace=64, site=2 - addrs in ip-mock for ddns
3 | # shellcheck shell=bash disable=SC2034
4 | LAN_SITE=2
5 | LAN_PREFIX_LEN=64
6 | 


--------------------------------------------------------------------------------
/etc/systemd/system/ddns-onboot@.timer:
--------------------------------------------------------------------------------
 1 | [Unit]
 2 | Description=Activate DDNS after boot
 3 | 
 4 | [Timer]
 5 | OnActiveSec=45
 6 | RemainAfterElapse=no
 7 | 
 8 | [Install]
 9 | WantedBy=named.service
10 | 
11 | 


--------------------------------------------------------------------------------
/test/conf/ddns-eth1.conf:
--------------------------------------------------------------------------------
1 | # test config for ddns-test helper
2 | # shellcheck shell=bash disable=SC2034
3 | DDNS_SERVER=home.test
4 | DDNS_ZONE=home.test
5 | DDNS_RREC_A_NAME=gateway.home.test
6 | DDNS_RREC_A_PRIVATE=1


--------------------------------------------------------------------------------
/test/conf/nm-ddns-eth0.conf:
--------------------------------------------------------------------------------
1 | # test config for nm-ddns-test
2 | # shellcheck shell=bash disable=SC2034
3 | DDNS_ZONE=example.test
4 | DDNS_RREC_A_NAME=dns.example.test
5 | DDNS_RREC_A_PRIVATE=1
6 | DDNS_RREC_AAAA_NAME=dns.example.test
7 | 


--------------------------------------------------------------------------------
/test/conf/testweb-ddns.conf:
--------------------------------------------------------------------------------
1 | # test config for ddns-test helper
2 | # shellcheck shell=bash disable=SC2034
3 | DDNS_ZONE=example.test
4 | DDNS_RREC_A_NAME=web.example.test
5 | DDNS_RREC_AAAA_NAME=web.example.test
6 | DDNS_RREC_TXT_NAME=web.example.test
7 | DDNS_RREC_TXT_VALUE="replacement txt"
8 | 
9 | 


--------------------------------------------------------------------------------
/test/conf/ip-mock-monitor:
--------------------------------------------------------------------------------
1 | ADDR6: 13: eth1    2001:db8:a0b:12f0::1/64 scope global tentative
2 | ADDR6:       valid_lft forever preferred_lft forever
3 | ROUTE6: local 2001:db8:a0b:12f0::1 dev eth1 table local proto kernel metric 0 pref medium
4 | ROUTE6: fd66:7777:7777::1 dev eth1 proto kernel metric 256 pref medium
5 | SLEEP: 5
6 | 


--------------------------------------------------------------------------------
/etc/systemd/system/ddns-onboot@.service:
--------------------------------------------------------------------------------
 1 | #
 2 | # ddns-onboot.service
 3 | #
 4 | # systemd service to trigger ddns-onboot
 5 | # 
 6 | [Unit]
 7 | Description=Set addresses in Bind from interface %I
 8 | After=nss-lookup.target
 9 | 
10 | [Service]
11 | Type=oneshot
12 | ExecStart=/etc/NetworkManager/dispatcher.d/09-ddns direct %I
13 | 
14 | [Install]
15 | WantedBy=multi-user.target
16 | 


--------------------------------------------------------------------------------
/test/conf/4-ip-mock-addrs:
--------------------------------------------------------------------------------
1 | dev eth0 9000
2 | addr 192.168.10.4/24 8600sec 2400sec
3 | addr6 fda5:3d6f:2bc7:203d:1c52:4ac2:27ff:fe1b/64 3600sec 1800sec global noprefixroute
4 | addr6 fe80::a00:27ff:fe1b:ff9a/64 forever forever link
5 | dev eth1
6 | addr 10.0.10.12/24 forever forever
7 | addr6 fdac:3741:50f8:f623::1/48 86400sec 14400sec global
8 | addr6 fe80::31fd:68fd:ed8b:4d77/64 forever forever link
9 | 


--------------------------------------------------------------------------------
/test/conf/3-radvd.conf.templ:
--------------------------------------------------------------------------------
 1 | interface eth0
 2 | {
 3 | 	AdvDefaultLifetime @ROUTER_LIFETIME@;
 4 | 	AdvSendAdvert on;
 5 | 	MinRtrAdvInterval 30;
 6 | 	# should match 2 additional
 7 | 	@PREFIX@
 8 | };
 9 | interface eth1
10 | {
11 | 	AdvSendAdvert on;
12 | 	MinRtrAdvInterval 30;
13 | 	# prefix wired, no options
14 | 	prefix fdac:3741:50f8::/48;
15 | 	# should match 1 additional
16 | 	@PREFIX@;
17 | };
18 | 


--------------------------------------------------------------------------------
/examples/simple/radvd.conf.templ:
--------------------------------------------------------------------------------
 1 | #
 2 | # radvd template used by 95-radvd-gen
 3 | #
 4 | # See /etc/NetworkManager/dispatcher.d/95-radvd-gen for docs
 5 | #
 6 | # Unlike other configurations in this directory, place this file in
 7 | #   /etc/NetworkManager
 8 | #
 9 | # @PREFIX@ will be replaced with any ipv6 prefixes on interface eth1
10 | #
11 | interface eth1
12 | {
13 |        @PREFIX@ {
14 |                 DecrementLifetimes on;
15 |         };
16 | };
17 | 


--------------------------------------------------------------------------------
/test/conf/2-ip-mock-addrs:
--------------------------------------------------------------------------------
 1 | dev eth0
 2 | addr 192.168.10.4/24 8600sec 2400sec
 3 | addr6 2001:0db8:871a:00c1::1/64 86400sec 14400sec
 4 | addr6 fda5:3d6f:1000:203d::fe1b/64 3600sec 1800sec global noprefixroute
 5 | addr6 fe80::a00:27ff:fe1b:ff9a/64 forever forever link
 6 | dev eth1
 7 | addr 10.0.10.12/24 forever forever
 8 | addr6 2001:db8:a0b:12f0::1/64 86400sec 14400sec
 9 | addr6 fdac:3741:50f8:f623::1/64 86400sec 14400sec global
10 | addr6 fe80::31fd:68fd:ed8b:4d77/64 forever forever link
11 | 


--------------------------------------------------------------------------------
/test/conf/1-ip-mock-addrs:
--------------------------------------------------------------------------------
 1 | dev eth0 9000
 2 | addr 192.168.66.4/24 8600sec 2400sec
 3 | addr6 2001:db8:871a:28c1::1/64 86400sec 14400sec
 4 | addr6 fda5:3d6f:2bc7:203d:1c52:4ac2:27ff:fe1b/64 3600sec 1800sec global noprefixroute
 5 | addr6 fe80::a00:27ff:fe1b:ff9a/64 forever forever link
 6 | dev eth1
 7 | addr 10.0.10.12/24 forever forever
 8 | addr6 2001:db8:a0b:12f0::1/64 86400sec 14400sec
 9 | addr6 fdac:3741:50f8:f623::1/48 86400sec 14400sec global
10 | addr6 fe80::31fd:68fd:ed8b:4d77/64 forever forever link
11 | 


--------------------------------------------------------------------------------
/test/conf/3-ip-mock-addrs:
--------------------------------------------------------------------------------
 1 | dev eth0 9000
 2 | addr 192.168.66.4/24 8600sec 2400sec
 3 | addr6 2001:db8:871a:28c1::1/64 86400sec 14400sec
 4 | addr6 fda5:3d6f:2bc7:203d:1c52:4ac2:27ff:fe1b/64 3600sec 1800sec global noprefixroute
 5 | addr6 fe80::a00:27ff:fe1b:ff9a/64 forever forever link
 6 | dev eth1
 7 | addr 10.0.10.12/24 forever forever
 8 | addr6 2001:db8:a0b:12f0::1/64 86400sec 14400sec
 9 | addr6 fdac:3741:50f8:f623::1/48 86400sec 14400sec global
10 | addr6 fe80::31fd:68fd:ed8b:4d77/64 forever forever link
11 | 


--------------------------------------------------------------------------------
/examples/simple/ifa99-rsyslog-eth0.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # Configuration for 96-interface-action
 3 | #
 4 | #      Named: ifa99-rsyslog-eth0.conf
 5 | #
 6 | #    Pattern: ifa##-<service>-<interface>.conf
 7 | #
 8 | # See /etc/NetworkManager/dispatcher.d/96-interface-action for docs
 9 | #
10 | 
11 | # Config with restart `rsyslog` whenever the `eth0` interface is brought up,
12 | # ordered 99 (after other 96-interface-action configs)
13 | #
14 | # Useful when a UDP listener doesn't have netlink support
15 | #
16 | CMD_UP=on
17 | 


--------------------------------------------------------------------------------
/test/conf/2-radvd.conf.templ:
--------------------------------------------------------------------------------
 1 | interface eth0
 2 | {
 3 | 	AdvSendAdvert on;
 4 | 	MinRtrAdvInterval 30;
 5 | 	# address not wired
 6 | 	prefix fda5:0000:2bc7:203d::/64 {
 7 | 		AdvAutonomous off;
 8 | 	};
 9 | 	# should match multiple prefixes
10 | 	@PREFIX@ {
11 | 		AdvAutonomous on;
12 | 	#	Comment in dynamic	
13 | 		AdvPreferredLifetime 300;
14 | 	        AdvValidLifetime 100;
15 | 	};
16 | };
17 | interface eth1
18 | {
19 | 	AdvSendAdvert on;
20 | 	# empty saved, should match 2
21 | 	@PREFIX@ {
22 | 	};
23 | };
24 | 


--------------------------------------------------------------------------------
/examples/simple/ipv6-prefix-eth0.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # Configuration for 08-ipv6-prefix
 3 | #
 4 | #      Named: ipv6-prefix-eth0.conf
 5 | #
 6 | #    Pattern: ipv6-prefix-<WAN>.conf
 7 | #
 8 | # Simplest setup to assign an ipv6 sub-prefix (/64 by default) to a LAN
 9 | # interface (`eth1` below) from the prefix delegated to WAN
10 | # (`eth0` in the file name)
11 | #
12 | # See /etc/NetworkManager/dispatcher.d/08-ipv6-prefix for docs
13 | #
14 | 
15 | # WAN_LAN_INTFS contains a space-separated list of LAN interfaces
16 | #   to receive sub-prefixes
17 | WAN_LAN_INTFS="eth1"
18 | 


--------------------------------------------------------------------------------
/test/conf/1-radvd.conf.templ:
--------------------------------------------------------------------------------
 1 | interface eth0
 2 | {
 3 | 	AdvSendAdvert on;
 4 | 	MinRtrAdvInterval 30;
 5 | 	# prefix not wired
 6 | 	prefix fda5:0000:2bc7:203d::/64;
 7 | 	# prefix match wired
 8 | 	prefix fda5:3d6f:2bc7:203d::/64 {
 9 | 		route fddd:1000:0:1234/64 {
10 | 			RemoveRoute on;
11 | 		};
12 | 		AdvAutonomous off;
13 | 		AdvPreferredLifetime 600;
14 | 	};
15 | 	# should match 1 additional
16 | 	@PREFIX@ {
17 | 		DNSSL example.test {
18 | 			AdvDNSSLLifetime 60;
19 | 		};
20 | 		AdvPreferredLifetime 300;
21 | 	        AdvValidLifetime 100;
22 | 	};
23 | };
24 | # end?


--------------------------------------------------------------------------------
/test/conf/4-radvd.conf.templ:
--------------------------------------------------------------------------------
 1 | interface eth0
 2 | {
 3 | 	AdvDefaultLifetime @ROUTER_LIFETIME@;
 4 | 	AdvSendAdvert on;
 5 | 	MinRtrAdvInterval 30;
 6 | 	# should match 1 additional (and remove 1 from source conf)
 7 | 	@PREFIX@ {
 8 | 		AdvAutonomous on;
 9 | 		DecrementLifetimes on;
10 | 	};
11 | };
12 | interface eth1
13 | {
14 | 	AdvSendAdvert on;
15 | 	MinRtrAdvInterval 30;
16 | 	# prefix wired, no options
17 | 	prefix fdac:3741:50f8::/48;
18 | 	# should remove existing source prefix as not wired
19 | 	@PREFIX@ {
20 | 		AdvValidLifetime 14400;
21 | 		AdvPreferredLifetime 86400;
22 | 	};
23 | };
24 | 


--------------------------------------------------------------------------------
/test/expected/1-radvd.conf:
--------------------------------------------------------------------------------
 1 | interface eth0
 2 | {
 3 | 	AdvSendAdvert on;
 4 | 	MinRtrAdvInterval 30;
 5 | 	# prefix not wired
 6 | 	prefix fda5:0000:2bc7:203d::/64;
 7 | 	# prefix match wired
 8 | 	prefix fda5:3d6f:2bc7:203d::/64 {
 9 | 		route fddd:1000:0:1234/64 {
10 | 			RemoveRoute on;
11 | 		};
12 | 		AdvAutonomous off;
13 | 		AdvPreferredLifetime 600;
14 | 		AdvValidLifetime 3600;
15 | 	};
16 | 	# should match 1 additional
17 | 	prefix 2001:db8:871a:28c1::/64 {
18 | 		DNSSL example.test {
19 | 			AdvDNSSLLifetime 60;
20 | 		};
21 | 		AdvPreferredLifetime 300;
22 | 	        AdvValidLifetime 100;
23 | 	};
24 | };
25 | # end?
26 | 


--------------------------------------------------------------------------------
/meson_options.txt:
--------------------------------------------------------------------------------
 1 | option('unitdir', type: 'string', value: 'auto',
 2 |        description: 'Directory for systemd service files, or "" to disable')
 3 | option('runstatedir', type: 'string', value: '/run',
 4 |        description: 'Directory for transient runtime state')
 5 | option('selinuxtype', type: 'string', value: 'auto',
 6 |        description: 'SELinux policy type (eg. targeted,mls...), or "" to disable')
 7 | option('nmlibdir', type: 'string', value: '/usr/lib',
 8 |        description: 'NetworkManager system libdir')
 9 | option('pkg', type: 'boolean', value: false,
10 |        description: 'Patch paths for packaged install')
11 | 


--------------------------------------------------------------------------------
/selinux/GNUmakefile:
--------------------------------------------------------------------------------
 1 | 
 2 | .SUFFIXES:
 3 | .SUFFIXES: .pp .bz2
 4 | 
 5 | V := 0
 6 | VB_0 := @
 7 | VB := $(VB_$(V))
 8 | SELINUX_MAKE := /usr/share/selinux/devel/Makefile
 9 | 
10 | all: nmutils.pp.bz2
11 | 
12 | nmutils.pp.bz2: selinux-devel nmutils.pp
13 | 	$(VB)rm -f "$@"
14 | 	bzip2 -k -9 nmutils.pp
15 | 
16 | .PHONY: selinux-devel
17 | selinux-devel:
18 | 	$(VB)[ -f "$(SELINUX_MAKE)" ] || { \
19 | 	 echo "Install selinux-policy-devel before compiling policy"; \
20 | 	 false; }
21 | 
22 | local_clean:
23 | 	$(VB)rm -f nmutils.pp.bz2 nmutils.if
24 | 
25 | # clean defined in include, add dep
26 | clean: local_clean
27 | 
28 | -include $(SELINUX_MAKE)
29 | 


--------------------------------------------------------------------------------
/test/expected/4-radvd.conf:
--------------------------------------------------------------------------------
 1 | interface eth0
 2 | {
 3 | 	AdvDefaultLifetime 1800;
 4 | 	AdvSendAdvert on;
 5 | 	MinRtrAdvInterval 30;
 6 | 	# should match 1 additional (and remove 1 from source conf)
 7 | 	prefix fda5:3d6f:2bc7:203d::/64 {
 8 | 		AdvValidLifetime 3600;
 9 | 		AdvPreferredLifetime 1800;
10 | 		AdvAutonomous on;
11 | 		DecrementLifetimes on;
12 | 	};
13 | };
14 | interface eth1
15 | {
16 | 	AdvSendAdvert on;
17 | 	MinRtrAdvInterval 30;
18 | 	# prefix wired, no options
19 | 	prefix fdac:3741:50f8::/48 {
20 | 		AdvValidLifetime 86400;
21 | 		AdvPreferredLifetime 14400;
22 | 	};
23 | 	# should remove existing source prefix as not wired
24 | };
25 | 


--------------------------------------------------------------------------------
/examples/complex/general.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # Optional overrides of global values
 3 | #
 4 | # See /etc/nmutils/general-functions for docs
 5 | #
 6 | 
 7 | # uncomment for command line debugging
 8 | nmg_log_stderr=1
 9 | nmg_show_debug=1
10 | 
11 | # uncomment to disable commands that change things
12 | #nmg_dryrun=0
13 | 
14 | # for systems without /run
15 | RUNDIR="/tmp/nmutils"
16 | 
17 | # use single lockfile for everything... (default is ddns-*.conf file)
18 | DDNS_GLOBAL_LOCKFILE="/etc/named.conf"
19 | 
20 | # longer timeouts for slow name servers
21 | DDNS_GLOBAL_DIG_TIMEOUT=15
22 | DDNS_GLOBAL_NSUPDATE_TIMEOUT=15
23 | DDNS_GLOBAL_NSUPDATE_OPTIONS="-v -k /etc/Kexample.net.+157+43833.private"
24 | 


--------------------------------------------------------------------------------
/examples/complex/radvd-gen.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # Configuration for 95-radvd-gen
 3 | #
 4 | # See /etc/NetworkManager/dispatcher.d/95-radvd-gen for docs
 5 | #
 6 | # Unlike other configurations in this directory, place this file in
 7 | #   /etc/NetworkManager
 8 | #
 9 | 
10 | # only regen radvd.conf from template if differences are 20% (default 10%)
11 | PERDIFF=20
12 | 
13 | # override conf group
14 | RADVD_GROUP=wheel
15 | 
16 | # set SELinux context
17 | RESTORECON_EXE="/usr/sbin/restorecon"
18 | 
19 | # default for @ROUTER_LIFETIME@ if no dynamic prefixes
20 | ROUTER_DEFAULT_LIFETIME=900
21 | # override min/max defaults for @ROUTER_LIFETIME@
22 | ROUTER_MIN_LIFETIME=900
23 | ROUTER_MAX_LIFETIME=3600
24 | 
25 | # disable router test (always succeed)
26 | DEFROUTE_TEST=
27 | 


--------------------------------------------------------------------------------
/test/expected/3-radvd.conf:
--------------------------------------------------------------------------------
 1 | interface eth0
 2 | {
 3 | 	AdvDefaultLifetime 9000;
 4 | 	AdvSendAdvert on;
 5 | 	MinRtrAdvInterval 30;
 6 | 	# should match 2 additional
 7 | 	prefix 2001:db8:871a:28c1::/64 {
 8 | 		AdvValidLifetime 86400;
 9 | 		AdvPreferredLifetime 14400;
10 | 	};
11 | 	prefix fda5:3d6f:2bc7:203d::/64 {
12 | 		AdvValidLifetime 3600;
13 | 		AdvPreferredLifetime 1800;
14 | 	};
15 | };
16 | interface eth1
17 | {
18 | 	AdvSendAdvert on;
19 | 	MinRtrAdvInterval 30;
20 | 	# prefix wired, no options
21 | 	prefix fdac:3741:50f8::/48 {
22 | 		AdvValidLifetime 86400;
23 | 		AdvPreferredLifetime 14400;
24 | 	};
25 | 	# should match 1 additional
26 | 	prefix 2001:db8:a0b:12f0::/64 {
27 | 		AdvValidLifetime 86400;
28 | 		AdvPreferredLifetime 14400;
29 | 	};
30 | };
31 | 


--------------------------------------------------------------------------------
/examples/complex/ipv6-prefix-eth1-from-eth0.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # Optional LAN configuration for 08-ipv6-prefix
 3 | #
 4 | # See /etc/NetworkManager/dispatcher.d/08-ipv6-prefix for docs
 5 | #
 6 | #      FILENAME: ipv6-prefix-eth1-from-eth0.conf
 7 | #      PATTERN:  ipv6-prefix-<LAN>-from-<WAN>.conf
 8 | #
 9 | # So below will affect eth1 (LAN) sub-prefix allocated from delegation
10 | # given to eth0 (WAN)
11 | #
12 | # eg: with 2001:db8:3311:aa00::/56 delegation on eth0, config would assign
13 | #  2001:db8:3311:aa00::4000/62
14 | # made from
15 | #  2001:db8:3311:aa         - 56-bit delegation from DHCP
16 | LAN_PREFIX_LEN=62
17 | # LAN_PREFIX_LEN           /62
18 | #   LAN_SITE=auto  00::     - 6-bit (LAN_PREFIX_LEN - 56) auto-allocated site
19 | LAN_NODE=4000
20 | # LAN_NODE           ::4000
21 | 


--------------------------------------------------------------------------------
/test/conf/4-radvd.conf:
--------------------------------------------------------------------------------
 1 | interface eth0
 2 | {
 3 | 	AdvSendAdvert on;
 4 | 	MinRtrAdvInterval 30;
 5 | 	# should match 1 additional (and remove 1 from source conf)
 6 | 	prefix 2001:db8:871a:28c1::/64 {
 7 | 		AdvValidLifetime 86400;
 8 | 		AdvPreferredLifetime 14400;
 9 | 	};
10 | 	prefix fda5:3d6f:2bc7:203d::/64 {
11 | 		AdvValidLifetime 86400;
12 | 		AdvPreferredLifetime 14400;
13 | 	};
14 | };
15 | interface eth1
16 | {
17 | 	AdvSendAdvert on;
18 | 	MinRtrAdvInterval 30;
19 | 	# prefix wired, no options
20 | 	prefix fdac:3741:50f8::/48 {
21 | 		AdvValidLifetime 86400;
22 | 		AdvPreferredLifetime 14400;
23 | 	};
24 | 	# should remove existing source prefix as not wired
25 | 	prefix 2001:db8:a0b:12f0::/64 {
26 | 		AdvValidLifetime 14400;
27 | 		AdvPreferredLifetime 86400;
28 | 	};
29 | };
30 | 


--------------------------------------------------------------------------------
/examples/complex/ipv6-prefix-eth2-from-eth0.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # Optional LAN configuration for 08-ipv6-prefix
 3 | #
 4 | # See /etc/NetworkManager/dispatcher.d/08-ipv6-prefix for docs
 5 | #
 6 | #      FILENAME: ipv6-prefix-eth2-from-eth0.conf
 7 | #      PATTERN:  ipv6-prefix-<LAN>-from-<WAN>.conf
 8 | #
 9 | # So below will affect eth2 (LAN) sub-prefix allocated from delegation
10 | # given to eth0 (WAN)
11 | #
12 | # eg: with 2001:db8:3311:aa00::/56 delegation on eth0, config would assign
13 | #  2001:db8:3311:aad0::1/60
14 | # made from
15 | #  2001:db8:3311:aa         - 56-bit delegation from DHCP
16 | LAN_PREFIX_LEN=60
17 | # LAN_PREFIX_LEN        /60
18 | LAN_SITE=cd
19 | # LAN_SITE         d0::     - lowest 4-bits (LAN_PREFIX_LEN - 56) of "cd"
20 | LAN_NODE=1
21 | # LAN_NODE           ::1
22 | 


--------------------------------------------------------------------------------
/test/conf/radvd-gen.conf:
--------------------------------------------------------------------------------
 1 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
 2 | # vim:set ft=sh et sw=2 ts=2:
 3 | # shellcheck shell=bash disable=SC2034
 4 | 
 5 | # test # is required
 6 | TEST_NUM=${TEST_NUM:-1}
 7 | 
 8 | SRC_ROOT=${SRC_ROOT-..}
 9 | TEST_BIN=${TEST_BIN-bin}
10 | 
11 | IPV6_UTILS="$SRC_ROOT/etc/nmutils/ipv6_utils.sh"
12 | IP_EXE=${TEST_IP-$TEST_BIN/ip-mock}
13 | SC_EXE=${TEST_SYSTEMCTL-$TEST_BIN/systemctl-mock}
14 | KILL_EXE=''
15 | RESTORECON_EXE=''
16 | 
17 | # radvd specific overrides
18 | RADVD_GROUP=
19 | 
20 | SRC="$TEST_CONF/${TEST_NUM}-radvd.conf.templ"
21 | # shellcheck disable=SC2153
22 | DST="$TEST_OUT/${TEST_NUM}-radvd.conf"
23 | 
24 | # override if it exists
25 | [[ -r $TEST_CONF/${TEST_NUM}-ip-mock-addrs ]] &&
26 |   export IP_MOCK_ADDRS="$TEST_CONF/${TEST_NUM}-ip-mock-addrs"
27 | 


--------------------------------------------------------------------------------
/examples/complex/ddns-eth1-from-eth0.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # Dynamic DNS configuration for 08-ipv6-prefix
 3 | #
 4 | # See /etc/NetworkManager/dispatcher.d/08-ipv6-prefix and
 5 | # /etc/nmutils/ddns-functions for docs
 6 | #
 7 | #      FILENAME: ddns-eth1-from-eth0.conf
 8 | #      PATTERN:  ddns-<INTF>-from-<WAN>.conf
 9 | #
10 | # So below will affect addresses assigned by the DHCP client running
11 | # on eth0 (WAN) to eth1 (INTF) via sub-prefix assignment
12 | #
13 | 
14 | # zone to update (required)
15 | DDNS_ZONE=example.net.
16 | 
17 | # resources
18 | DDNS_RREC_AAAA_NAME=int.example.net.
19 | 
20 | DDNS_RREC_CNAME_NAME=ldap.example.net.
21 | DDNS_RREC_CNAME_VALUE=int.example.net.
22 | 
23 | # change default nsupdate options
24 | DDNS_NSUPDATE_OPTIONS="-v -k /etc/Kinternal.example.net.+157+{random}.private"
25 | DDNS_SERVER=192.168.1.1
26 | DDNS_TTL=1200
27 | 
28 | 


--------------------------------------------------------------------------------
/test/radvd-test:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
 3 | # vim:set ft=sh et sw=2 ts=2:
 4 | # SPDX-License-Identifier: GPL-3.0-or-later
 5 | #
 6 | # Fake radvd to test scripts
 7 | #
 8 | # Set the following in your radvd-gen.conf file to test:
 9 | #
10 | # shellcheck disable=SC1090
11 | 
12 | [ "$1" = "-h" ] && {
13 |   echo "Usage: ${0##*/} [ <radvd-gen-args> ]"
14 |   exit 1
15 | }
16 | 
17 | fail() {
18 |   echo >&2 "$*"
19 |   exit 1
20 | }
21 | 
22 | # load common.conf
23 | TEST_COMMON=${TEST_COMMON:-conf/common.conf}
24 | { [[ -r ${TEST_COMMON} ]] && . "${TEST_COMMON}"; } ||
25 |   fail "Unable to load ${TEST_COMMON}"
26 | 
27 | # radvd-gen.conf loads general.conf for program overrides
28 | export RADVDGEN_CONF=${RADVDGEN_CONF-$TEST_CONF/radvd-gen.conf}
29 | 
30 | "${BASH}" "${TEST_NMDIR}/95-radvd-gen" "$@" eth0 up
31 | 


--------------------------------------------------------------------------------
/test/expected/2-radvd.conf:
--------------------------------------------------------------------------------
 1 | interface eth0
 2 | {
 3 | 	AdvSendAdvert on;
 4 | 	MinRtrAdvInterval 30;
 5 | 	# address not wired
 6 | 	prefix fda5:0000:2bc7:203d::/64 {
 7 | 		AdvAutonomous off;
 8 | 	};
 9 | 	# should match multiple prefixes
10 | 	prefix 2001:db8:871a:c1::/64 {
11 | 		AdvAutonomous on;
12 | 	#	Comment in dynamic	
13 | 		AdvPreferredLifetime 300;
14 | 	        AdvValidLifetime 100;
15 | 	};
16 | 	prefix fda5:3d6f:1000:203d::/64 {
17 | 		AdvAutonomous on;
18 | 	#	Comment in dynamic	
19 | 		AdvPreferredLifetime 300;
20 | 	        AdvValidLifetime 100;
21 | 	};
22 | };
23 | interface eth1
24 | {
25 | 	AdvSendAdvert on;
26 | 	# empty saved, should match 2
27 | 	prefix 2001:db8:a0b:12f0::/64 {
28 | 		AdvValidLifetime 86400;
29 | 		AdvPreferredLifetime 14400;
30 | 	};
31 | 	prefix fdac:3741:50f8:f623::/64 {
32 | 		AdvValidLifetime 86400;
33 | 		AdvPreferredLifetime 14400;
34 | 	};
35 | };
36 | 


--------------------------------------------------------------------------------
/test/conf/dig-mock-names:
--------------------------------------------------------------------------------
 1 | # dns names for dig-mock
 2 | # format:
 3 | # $ORIGIN <domain>
 4 | # $TTL <secs>
 5 | # [ <name> ] <rrec> <value>
 6 | $TTL 12894
 7 | . NS a.root-servers.test.
 8 | $SERVER 127.0.0.1
 9 | $ORIGIN example.test.
10 | $TTL 1800
11 | www     A 192.0.2.8
12 |         A 203.0.113.4
13 |         AAAA 2001:DB8:4860:4860::8888
14 | ipv6    AAAA 2001:DB8:4860:4860::8844
15 | mail    TXT "v=spf1 mx ~all"
16 |         TXT "some value"
17 | home    AAAA 2001:db8:100:2:32fb:93c5:555:1
18 | dns     A 198.51.100.2
19 |         AAAA 2001:db8:871a:28c1::1
20 | dns2    AAAA 2001:db8:100:2:32fb:93c5:555:1
21 | 	AAAA 2001:db8:200:2:32fb:93c5:555:1
22 | web     A 198.51.100.2
23 |         AAAA 2001:db8:871a:28c1::1
24 |         TXT "v=spf1 mx ~all"
25 | $ORIGIN .
26 | example.test MX 10 mail.example.test.
27 | 
28 | $SERVER home.test
29 | $ORIGIN home.test.
30 | $TTL 120
31 | gateway  AAAA fda5:3d6f:2bc7:203d:1c52:4ac2:27ff:fe1b
32 |          A 10.0.10.12
33 | desktop  A 198.168.66.24
34 | 


--------------------------------------------------------------------------------
/examples/complex/ddns-eth1.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # Configuration for 09-ddns
 3 | #
 4 | # See /etc/NetworkManager/dispatcher.d/09-ddns and /etc/nmutils/ddns-functions
 5 | # for docs
 6 | #
 7 | #      FILENAME: ddns-eth1.conf
 8 | #      PATTERN:  ddns-<INTF>.conf
 9 | #
10 | # So below will affect addresses assigned to eth1 (INTF)
11 | #
12 | 
13 | # zone to update (required)
14 | DDNS_ZONE=example.net.
15 | 
16 | # resources
17 | DDNS_RREC_A_NAME=router.example.net.
18 | DDNS_RREC_A_FALLBACK=192.168.1.1
19 | DDNS_RREC_A_PRIVATE=1
20 | 
21 | DDNS_RREC_AAAA_NAME=router.example.net.
22 | DDNS_RREC_AAAA_PRIVATE=1
23 | 
24 | DDNS_RREC_CNAME_NAME=mail.example.net.
25 | DDNS_RREC_CNAME_VALUE=router.example.net.
26 | DDNS_RREC_CNAME_FALLBACK=internal.example.net.
27 | 
28 | DDNS_RREC_TXT_NAME=router.example.net.
29 | DDNS_RREC_TXT_VALUE="The router is up"
30 | 
31 | # change default nsupdate options
32 | DDNS_NSUPDATE_OPTIONS="-v -k /etc/Kinternal.example.net.+157+{random}.private"
33 | DDNS_SERVER=192.168.1.1
34 | DDNS_TTL=1200
35 | 


--------------------------------------------------------------------------------
/selinux/nmutils.te:
--------------------------------------------------------------------------------
 1 | policy_module(nmutils, 0.2.0)
 2 | 
 3 | #
 4 | # Policy labels nmutils files in dispatcher.d as nmutils_exec_t (see .fc file)
 5 | # and then defines domain transition so scripts are run in the initrc_t domain
 6 | #
 7 | require {
 8 | 	type dhcpc_t;
 9 | 	type NetworkManager_etc_t;
10 | 	type NetworkManager_initrc_exec_t;
11 | }
12 | 
13 | # define entry point, useable by NetworkManager and init scripts
14 | type nmutils_exec_t;
15 | init_script_file(nmutils_exec_t)
16 | 
17 | # Required for dhclient to execute 08-ipv6-prefix
18 | search_dirs_pattern(dhcpc_t, NetworkManager_etc_t, NetworkManager_initrc_exec_t);
19 | domtrans_pattern(dhcpc_t, nmutils_exec_t, initrc_t)
20 | 
21 | # required for newer NetworkManager
22 | optional {
23 | 	require {
24 | 		type NetworkManager_dispatcher_t;
25 | 		type NetworkManager_dispatcher_script_t;
26 | 	}
27 | 	domtrans_pattern(NetworkManager_dispatcher_t, nmutils_exec_t, initrc_t)
28 | 	search_dirs_pattern(dhcpc_t, NetworkManager_etc_t, NetworkManager_dispatcher_script_t);
29 | }
30 | 


--------------------------------------------------------------------------------
/examples/complex/ddns-eth0-from-eth0.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # Dynamic DNS configuration for 08-ipv6-prefix
 3 | #
 4 | # See /etc/NetworkManager/dispatcher.d/08-ipv6-prefix and
 5 | # /etc/nmutils/ddns-functions for docs
 6 | #
 7 | #      FILENAME: ddns-eth0-from-eth0.conf
 8 | #      PATTERN:  ddns-<INTF>-from-<WAN>.conf
 9 | #
10 | # So below will affect addresses assigned by the DHCP client running
11 | # on eth0 (WAN) to eth0 (INTF)
12 | #
13 | 
14 | # zone to update (required)
15 | DDNS_ZONE=example.net.
16 | 
17 | # resources
18 | # for prefix, only AAAA will be assigned
19 | DDNS_RREC_AAAA_NAME=www.example.net.
20 | 
21 | # A values can be set when prefix assigned by using DDNS_RREC_A_VALUE
22 | DDNS_RREC_A_NAME=www.example.net.
23 | DDNS_RREC_A_VALUE=4.3.2.1
24 | 
25 | DDNS_RREC_CNAME_NAME=mail.example.net.
26 | DDNS_RREC_CNAME_VALUE=www.example.net.
27 | DDNS_RREC_CNAME_FALLBACK=alt.example.net.
28 | 
29 | # change default nsupdate options
30 | DDNS_NSUPDATE_OPTIONS="-v -k /etc/Kpublic.example.net.+157+{random}.private"
31 | DDNS_SERVER=2.3.4.5
32 | DDNS_TTL=300
33 | 
34 | 


--------------------------------------------------------------------------------
/examples/complex/radvd.conf.templ:
--------------------------------------------------------------------------------
 1 | #
 2 | # radvd template used by 95-radvd-gen
 3 | #
 4 | # See /etc/NetworkManager/dispatcher.d/95-radvd-gen for docs
 5 | #
 6 | # Unlike other configurations in this directory, place this file in
 7 | #   /etc/NetworkManager
 8 | #
 9 | # @PREFIX@ will be replaced with any ipv6 prefixes on interface eth1
10 | #
11 | interface eth0
12 | {
13 | 	AdvSendAdvert on;
14 | 	MinRtrAdvInterval 30;
15 | 	# static prefix
16 | 	prefix fda5:0000:2bc7:203d::/64 {
17 | 		# no addr-gen for this prefix
18 | 		AdvAutonomous off;
19 | 	};
20 | 	# delegated prefixes with fixed lifetimes
21 | 	@PREFIX@ {
22 | 		AdvAutonomous on;
23 | 		DecrementLifetimes on;
24 | 	};
25 | 	# @ROUTER_LIFETIME@ replaced with from max preferred life of
26 | 	# any addresses found for @PREFIX@ above
27 | 	AdvDefaultLifetime @ROUTER_LIFETIME@;
28 | };
29 | interface eth1
30 | {
31 | 	AdvSendAdvert on;
32 | 	MinRtrAdvInterval 30;
33 | 	# prefix, no options
34 | 	prefix fdac:3741:50f8::/48;
35 | 	# override lifetimes
36 | 	@PREFIX@ {
37 | 		AdvValidLifetime 14400;
38 | 		AdvPreferredLifetime 86400;
39 | 	};
40 | };
41 | 


--------------------------------------------------------------------------------
/examples/complex/ifa50-mylogger-eth1.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # Config for 96-interface-action
 3 | #
 4 | # See /etc/NetworkManager/dispatcher.d/96-interface-action for docs
 5 | #
 6 | #    FILENAME: ifa50-mylogger-eth1.conf
 7 | #    PATTERN:  ifa##-<service>-<interface>.conf
 8 | #
 9 | # So config below affects the `mylogger` service based on on `eth1` interface
10 | # changes, ordered at "50" vs other interface-action configs
11 | # (ie. after ifa{49-}-xxx, before ifa{51+}-xxx)
12 | #
13 | # ignore service is-enabled flag - eg. service may be disabled at boot,
14 | #   but started when interface is up
15 | IGNORE_ENABLED=1
16 | # service is started/restarted on interface up
17 | CMD_UP=restart
18 | # service is reloaded on dhcp4-change
19 | CMD_CHANGE=reload
20 | # ... also on dhcp6-change
21 | CMD_CHANGE6=reload
22 | # service is stopped on interface before interface is brought down
23 | CMD_PRE_DOWN=stop
24 | 
25 | # name of state file (may be used in combination with other flags
26 | # in service conditions)
27 | STATE_FILE=/run/mylogger-flag-eth1
28 | # contents on $RESTART_UP written to $STATE_FILE on interface up
29 | RESTART_UP="eth1 up at $(date)"
30 | # $STATE_FILE removed on interface down
31 | STOP_DOWN=1
32 | 
33 | 


--------------------------------------------------------------------------------
/test/conf/common.conf:
--------------------------------------------------------------------------------
 1 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
 2 | # vim:set ft=sh et sw=2 ts=2:
 3 | # common.conf - sourced before any tests start
 4 | #
 5 | # shellcheck shell=bash disable=SC2034
 6 | 
 7 | # don't use syslog
 8 | export nmg_log_stderr=1
 9 | # never use default logger
10 | export NMG_LOGGER=echo
11 | 
12 | export SRC_ROOT=${SRC_ROOT:-..}
13 | export TEST_ROOT=${TEST_ROOT:-.}
14 | export TEST_CONF=${TEST_CONF:-${TEST_ROOT}/conf}
15 | export TEST_BIN=${TEST_BIN:-${TEST_ROOT}/bin}
16 | export TEST_NMUTILS=${TEST_NMUTILS:-${SRC_ROOT}/etc/nmutils}
17 | export TEST_NMDIR=${TEST_NMDIR:-${SRC_ROOT}/etc/NetworkManager/dispatcher.d}
18 | export TEST_RUNDIR=${TEST_RUNDIR:-${TEST_ROOT}/run/nmutils}
19 | 
20 | # used for file outputs
21 | export TEST_OUT=${TEST_OUT:-${TEST_ROOT}/results}
22 | [ -d "${TEST_OUT}" ] || command -p mkdir -p "${TEST_OUT}"
23 | 
24 | # check if xtest_common available
25 | XTEST_SETUP=${XTEST_SETUP:-${TEST_CONF}/xtest_setup}
26 | [[ -r ${XTEST_SETUP} ]] || XTEST_SETUP=''
27 | 
28 | export NMUTILS="${TEST_NMUTILS}"
29 | export NMCONF="${TEST_CONF}"
30 | 
31 | # for state/pids
32 | export RUNDIR="${TEST_RUNDIR}"
33 | [ -d "${RUNDIR}" ] || command -p mkdir -p "${RUNDIR}"
34 | 


--------------------------------------------------------------------------------
/examples/complex/ddns-eth0.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # Configuration for 09-ddns
 3 | #
 4 | # See /etc/NetworkManager/dispatcher.d/09-ddns and /etc/nmutils/ddns-functions
 5 | # for docs
 6 | #
 7 | #      FILENAME: ddns-eth0.conf
 8 | #      PATTERN:  ddns-<INTF>.conf
 9 | #
10 | # So below will affect addresses assigned to eth0 (INTF)
11 | #
12 | 
13 | # zone to update (required)
14 | DDNS_ZONE=example.net.
15 | 
16 | # resources
17 | DDNS_RREC_A_NAME=www.example.net.
18 | # if DDNS_RREC_A_VALUE (or AAAA) set, it's value is used instead
19 | # of address on interface
20 | #DDNS_RREC_A_VALUE=10.10.10.10
21 | # if DDNS_RREC_<rrec>_FALLBACK empty (default) <rrec> removed when down
22 | #DDNS_RREC_A_FALLBACK=
23 | 
24 | DDNS_RREC_AAAA_NAME=www.example.net.
25 | 
26 | DDNS_RREC_CNAME_NAME=mail.example.net.
27 | DDNS_RREC_CNAME_VALUE=www.example.net.
28 | DDNS_RREC_CNAME_FALLBACK=alt.example.net.
29 | 
30 | # change default nsupdate options
31 | DDNS_NSUPDATE_OPTIONS="-v -k /etc/Kpublic.example.net.+157+{random}.private"
32 | DDNS_SERVER=2.3.4.5
33 | DDNS_TTL=300
34 | 
35 | # DDNS server is slow
36 | DDNS_DIG_TIMEOUT=15
37 | DDNS_NSUPDATE_TIMEOUT=15
38 | DDNS_FLOCK_TIMEOUT=30
39 | # use our own lockfile
40 | DDNS_LOCKFILE="/etc/nmutils/conf/ddns-eth0.conf"


--------------------------------------------------------------------------------
/selinux/nmutils.fc:
--------------------------------------------------------------------------------
 1 | /run/nmutils/dhclient.* -- gen_context(system_u:object_r:dhcpc_var_run_t,s0)
 2 | /run/nmutils/.* -- gen_context(system_u:object_r:initrc_var_run_t,s0)
 3 | /etc/NetworkManager/dispatcher\.d/[0-9][0-9]-ifd-.* -- gen_context(system_u:object_r:nmutils_exec_t,s0)
 4 | /etc/NetworkManager/dispatcher\.d/08-ipv6-prefix -- gen_context(system_u:object_r:nmutils_exec_t,s0)
 5 | /etc/NetworkManager/dispatcher\.d/09-ddns -- gen_context(system_u:object_r:nmutils_exec_t,s0)
 6 | /etc/NetworkManager/dispatcher\.d/90-transmission -- gen_context(system_u:object_r:nmutils_exec_t,s0)
 7 | /etc/NetworkManager/dispatcher\.d/95-radvd-gen -- gen_context(system_u:object_r:nmutils_exec_t,s0)
 8 | /etc/NetworkManager/dispatcher\.d/96-interfac(e)-action -- gen_context(system_u:object_r:nmutils_exec_t,s0)
 9 | /usr/lib/NetworkManager/dispatcher\.d/08-ipv6-prefix -- gen_context(system_u:object_r:nmutils_exec_t,s0)
10 | /usr/lib/NetworkManager/dispatcher\.d/09-ddns -- gen_context(system_u:object_r:nmutils_exec_t,s0)
11 | /usr/lib/NetworkManager/dispatcher\.d/90-transmission -- gen_context(system_u:object_r:nmutils_exec_t,s0)
12 | /usr/lib/NetworkManager/dispatcher\.d/95-radvd-gen -- gen_context(system_u:object_r:nmutils_exec_t,s0)
13 | /usr/lib/NetworkManager/dispatcher\.d/96-interfac(e)-action -- gen_context(system_u:object_r:nmutils_exec_t,s0)
14 | 


--------------------------------------------------------------------------------
/test/conf/ip-mock-routes:
--------------------------------------------------------------------------------
 1 | route default via 192.168.66.254 dev eth0 proto static src 192.168.66.4 metric 400
 2 | route6 default via fe80::fcac:2fff:fe4f:a805 dev eth0 proto ra metric 405
 3 | route 192.168.66.0/24 dev eth0 proto kernel src 192.168.66.4 metric 400
 4 | route6 2001:db8:871a:28c1::/64 dev eth0 proto kernel
 5 | route6 2001:db8:4860:4860::/64 dev eth0 proto kernel
 6 | route6 fda5:3d6f:2bc7:203d::/64 dev eth0 proto kernel
 7 | route6 fe80::/64 dev eth0 proto kernel
 8 | route default via 10.0.10.1 dev eth1 proto static src 10.0.10.12 metric 400
 9 | route6 default via fe80::59b1:2362:2abc:512f dev eth1 proto ra metric 406
10 | route6 default from 2001:db8:871a:28c1::/64 via fe80::59b1:2362:2abc:512f dev eth1 proto static
11 | route 10.0.10.0/24 dev eth1 proto kernel scope link src 10.0.10.12 metric 400
12 | route6 2001:db8:a0b:12f0::/64 dev eth1 proto kernel
13 | route6 fdac:3741:50f8:f623::/64 dev eth1 proto kernel
14 | route6 fe80::/64 dev eth1 proto kernel
15 | route6 default via fe80::faaa:dead:beef:8000 dev wan0 proto ra metric 405
16 | route6 default from 2001:db8:100::/56 via fe80::faaa:dead:beef:8000 dev wan0 proto static
17 | route6 default from 2001:db8:200::/56 via fe80::faaa:dead:beef:8000 dev wan0 proto static
18 | route6 2001:db8:100::/56 type unreachable dev lo metric 2147483647
19 | route6 2001:db8:200::/56 type unreachable dev lo metric 2147483647
20 | #
21 | # ip route get entries (totally separate for now)
22 | #
23 | groute6 2001:db8:aaa::100 from :: dev wan0 proto ra src 2001:db8:aaa::1
24 | groute6 2001:db8:aaa::200 from :: dev wan0 proto ra src 2001:db8:aaa::1
25 | groute6 default from :: via fe80::faaa:dead:beef:8000 dev wan0 proto ra src 2001:db8:aaa::1
26 | 


--------------------------------------------------------------------------------
/examples/complex/ipv6-prefix-eth0.conf:
--------------------------------------------------------------------------------
 1 | #
 2 | # WAN configuration for 08-ipv6-prefix
 3 | #
 4 | # See /etc/NetworkManager/dispatcher.d/08-ipv6-prefix for docs
 5 | #
 6 | #      FILENAME: ipv6-prefix-eth0.conf
 7 | #      PATTERN:  ipv6-prefix-<WAN>.conf
 8 | #
 9 | # So below will affect configuration for eth0 (WAN)
10 | #
11 | # Add space-separated list of LAN interfaces to assign prefixes to them
12 | WAN_LAN_INTFS="eth1 eth2"
13 | 
14 | # prefix-len (works on dhclient and dhcpcd)
15 | WAN_PREFIXLEN_HINT=60
16 | 
17 | # uncomment to force use of dhclient
18 | #DHCPCD=''
19 | WAN_DHCLIENT_ARGS=(-H router.example.net)
20 | 
21 | # debug for dhcpcd
22 | WAN_DHCPCD_ARGS=(-d)
23 | # add global config for dhcpcd
24 | #WAN_DHCPCD_PRECONFIG=/etc/nmutils/conf/dhcpcd-pre-eth0.conf
25 | # add vlan1 interface config for dhcpcd
26 | #WAN_DHCPCD_POSTCONFIG=/etc/nmutils/conf/dhcpcd-post-eth0.conf
27 | 
28 | # override 2m timeout to restart dhcp client
29 | DHCP_REBIND_TIMEOUT=30
30 | 
31 | # set WAN_REQUIRE_IP4=any if even a private address is enough to trigger
32 | # prefix delegation (unset means no ipv4 address is needed to start dhclient)
33 | WAN_REQUIRE_IP4=1
34 | 
35 | # Static ips added when interface up
36 | WAN_STATIC_IP6="2001:db8:55::1/64, 2001:db8:100::1/64"
37 | # Static DNS entries for interface (can't be assigned in NM until
38 | # interface has an address)
39 | WAN_STATIC_DNS6="2001:db8:aaaa::1, 2001:db8:bbbb::1"
40 | # Static DNS search list
41 | WAN_STATIC_DNS6_SEARCH='home.lan, office.lan'
42 | 
43 | # config for source-based default routes
44 | WAN_SADR_METRIC=100
45 | #WAN_SADR_DISABLE=1
46 | 
47 | # use the 95-radvd-gen to update radvd.conf when LAN delegations change
48 | NMG_RADVD_TRIGGER="/etc/NetworkManager/dispatcher.d/95-radvd-gen"
49 | 


--------------------------------------------------------------------------------
/test/conf/ip-mock-addrs:
--------------------------------------------------------------------------------
 1 | dev eth0 9000
 2 | addr 192.168.66.4/24 8600sec 2400sec
 3 | addr6 2001:db8:871a:28c1::1/128 86400sec 14400sec
 4 | addr6 2001:db8:4860:4860::8888/128 86400sec 14400sec
 5 | addr6 fda5:3d6f:2bc7:203d:1c52:4ac2:27ff:fe1b/64 3600sec 1800sec global noprefixroute
 6 | addr6 fe80::a00:27ff:fe1b:ff9a/64 forever forever link
 7 | dev eth1
 8 | addr 10.0.10.12/24 forever forever global noprefixroute
 9 | addr6 2001:db8:a0b:12f0::1/64 86400sec 14400sec
10 | addr6 fdac:3741:50f8:f623::1/48 86400sec 14400sec global
11 | addr6 fe80::31fd:68fd:ed8b:4d77/64 forever forever link
12 | dev eth2
13 | addr 10.1.10.12/24 forever forever global noprefixroute
14 | addr 10.2.10.12/24 forever forever global noprefixroute
15 | addr6 2001:db8:1::1/64 14400sec 86400sec global tentative
16 | addr6 fe80::50fa:5fff:ec9b:5d92/64 forever forever link noprefixroute
17 | dev eth3
18 | addr6 2001:db8:5::1/64 14400sec 86400sec global tentative dadfailed
19 | addr6 fe80::1e5a:81fe:ed8a:21a4/64 forever forever link noprefixroute
20 | dev wan0
21 | addr6 2001:db8:800::2/128 forever forever global
22 | addr6 2001:db8:aaa::1/128 forever forever global
23 | addr6 2001:db8:aaa::2/128 forever forever global tentative dadfailed
24 | addr6 2001:db8:ffee::1/64 forever forever global
25 | addr6 fe80::0a44:e1f0:d471:03b5/64 forever forever link noprefixroute
26 | dev br0
27 | addr 192.168.88.1/24 forever forever global noprefixroute
28 | addr6 fdc0:4455:b240::1/64 forever forever global noprefixroute
29 | addr6 2001:db8:100:0:32fb:93c5:6555:845a/63 240 120 global
30 | addr6 2001:db8:200:0:32fb:93c5:6555:845a/63 forever forever global
31 | addr6 2001:db8:200:4:32fb:93c5:6555:845a/63 7200 3600 global
32 | addr6 fe80::32fb:93c5:6555:845a/64 forever forever link noprefixroute
33 | dev br1
34 | addr 192.168.99.1/24 forever forever global noprefixroute
35 | addr6 2001:db8:100:2:32fb:93c5:555:1/64 forever forever global noprefixroute
36 | addr6 2001:db8:200:2:32fb:93c5:555:1/64 forever forever global noprefixroute
37 | addr6 fe80::32fb:93c5:555:1/64 forever forever link noprefixroute
38 | 


--------------------------------------------------------------------------------
/test/conf/general.conf:
--------------------------------------------------------------------------------
 1 | # general.conf included by most scripts
 2 | 
 3 | # shellcheck shell=bash disable=SC2034
 4 | 
 5 | # in case test driver didn't load common.sh (assume pwd of test directory)
 6 | SRC_ROOT=${SRC_ROOT-..}
 7 | TEST_BIN=${TEST_BIN-bin}
 8 | 
 9 | # no syslog, output to stderr (stdout may be used for returning values)
10 | nmg_log_stderr=${nmg_log_stderr:-1}
11 | # can be used to identify test
12 | NMG_TAG=''
13 | 
14 | # locate programs
15 | NMDDNS_DHELPER=${TEST_DDNS_HELPER-$SRC_ROOT/etc/NetworkManager/dispatcher.d/09-ddns}
16 | 
17 | # test programs
18 | NMG_IP=${TEST_IP-$TEST_BIN/ip-mock}
19 | # useful for debug
20 | #NMDDNS_GLOBAL_DIG_OPTIONS="-d"
21 | NMDDNS_DIG=${TEST_DIG-$TEST_BIN/dig-mock}
22 | 
23 | NMDDNS_NSUPDATE=${TEST_NSUPDATE-$TEST_BIN/nsupdate-mock}
24 | 
25 | # pgrep/date not used in tests
26 | NMG_PGREP=${TEST_PGREP-$(PATH=/usr/bin:/bin command -v false)}
27 | EPOCHREALTIME=1.000000
28 | NMG_DATE=${TEST_DATE:-$(PATH=/usr/bin:/bin command -v false)}
29 | # handle empty PATH bug in bash3
30 | NMG_RM=${TEST_RM:-$(PATH=/usr/bin:/bin command -v rm)}
31 | NMDDNS_FLOCK=${TEST_FLOCK:-$(PATH=/usr/local/bin:/usr/bin:/bin command -v flock)}
32 | [[ $NMDDNS_FLOCK ]] || DDNS_GLOBAL_LOCKFILE=''
33 | 
34 | # just bogus so ignored
35 | NMG_RADVD="radvd-missing"
36 | 
37 | DDNS_GLOBAL_DIG_OPTIONS="+time=1 +retry=2"
38 | 
39 | # used in 08-ipv6-prefix
40 | NMCLI=${TEST_NMCLI-$TEST_BIN/nmcli-mock}
41 | DHCLIENT=${TEST_DHCLIENT-$TEST_BIN/dhclient-mock}
42 | SYSTEMCTL=${TEST_SYSTEMCTL-$TEST_BIN/systemctl-mock}
43 | SYSTEMD_RUN=${TEST_SYSTEMD_RUN-$TEST_BIN/systemd-run-mock}
44 | DHCPCD=${TEST_DHCPCD-$TEST_BIN/dhcpcd-mock}
45 | RDISC6=${TEST_RDISC6-$TEST_BIN/rdisc6-mock}
46 | RESOLVECTL=${TEST_RESOLVECTL-$TEST_BIN/resolvectl-mock}
47 | RESOLVCONF=${TEST_RESOLVCONF-$TEST_BIN/resolvconf-mock}
48 | 
49 | # all tests check command args
50 | export MOCK_ECHO=1
51 | # nsupdate, resolvconf send commands to stdin
52 | export MOCK_ECHO_STDIN_nsupdate_mock=1
53 | export MOCK_ECHO_STDIN_resolvconf_mock=1
54 | export MOCK_ECHO_STDIN_ARGS_resolvconf_mock="-a"
55 | 


--------------------------------------------------------------------------------
/etc/nmutils/dispatcher_action:
--------------------------------------------------------------------------------
 1 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
 2 | # vim:set ft=sh et sw=2 ts=2:
 3 | # SPDX-License-Identifier: GPL-3.0-or-later
 4 | #
 5 | # Copyright (C) 2015-2024 Scott Shambarger
 6 | #
 7 | # dispatcher_action v1.4.0 - service restart on interface change
 8 | # Author: Scott Shambarger <devel@shambarger.net>
 9 | #
10 | # This file supports the same functions as 96-interface-action, but allows
11 | # re-ordering the action relative to other dispatchers.  However, it requires
12 | # an extra config step.
13 | #
14 | # The extra step is creating a file named
15 | #
16 | #   /etc/NetworkManager/dispatcher.d/##-ifd-<service>
17 | #
18 | # (or wherever your distro has these files) where <##> is a 2-digit
19 | # number, and <service> is a systemd service name.  The file should be
20 | # executable and contain the following:
21 | #
22 | # --- start
23 | # #!/bin/bash
24 | # . /etc/nmutils/dispatcher_action
25 | # --- end
26 | #
27 | # The configuration settings are documented in 96-interface-action, but
28 | # those settings are should instead be placed in:
29 | #
30 | #   /etc/nmutils/conf/ifd-<service>-<interface>.conf
31 | #
32 | # NOTE: If any PRE_DOWN actions are used, the ##-ifd-<service> script
33 | #       should be symlinked to the pre-down.d directory.
34 | #
35 | # shellcheck shell=bash disable=SC1090
36 | interface=${1-}
37 | action=${2-}
38 | 
39 | ########## SCRIPT START
40 | 
41 | # anything for us to do?
42 | [[ ${interface} && ${action} ]] || exit 0
43 | 
44 | # check dispatcher name format for ##-ifd-service
45 | base_name=${0##*/}
46 | [[ ${base_name} =~ ^[0-9][0-9]-ifd-([^/]+)$ ]] || {
47 |   echo >&2 "Invalid command name: ${base_name}" && exit 3
48 | }
49 | IFD_UNIT=${BASH_REMATCH[1]}
50 | 
51 | # shellcheck disable=SC2034
52 | IFD_CONFIG="ifd-${IFD_UNIT}-${interface}.conf"
53 | 
54 | NMG_TAG=${NMG_TAG-nm-ifd}
55 | IFA_FILE="/etc/NetworkManager/dispatcher.d/96-interface-action"
56 | { [[ -r "${IFA_FILE}" ]] && . "${IFA_FILE}"; } || {
57 |   echo >&2 "Unable to load ${IFA_FILE}" && exit 2
58 | }
59 | 
60 | exit 0
61 | 


--------------------------------------------------------------------------------
/test/bin/dhclient-mock:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
 3 | # vim:set ft=sh et sw=2 ts=2:
 4 | # SPDX-License-Identifier: GPL-3.0-or-later
 5 | #
 6 | # dhclient-mock for test scripts
 7 | #
 8 | # Set the following in your ipv6-prefix-wan-${interface}.conf file to test:
 9 | #
10 | #if [ "$reason" = "BOUND6" ]; then
11 | #  old_ip6_prefix=<ip6-prefix/len>
12 | #  new_ip6_prefix=<ip6-prefix/len>
13 | #  new_max_life=100
14 | #elif [ "$reason" = "STOP6" ]; then
15 | #  old_ip6_prefix=<ip6-prefix/len>
16 | #fi
17 | 
18 | unset IFS
19 | 
20 | err() {
21 |   printf >&2 "%s\n" "$*"
22 | }
23 | 
24 | fail() {
25 |   local -i rc=0
26 |   [[ $1 != 0 ]] && { printf 2>/dev/null -v rc "%d" "$1" || rc=1; }
27 |   shift
28 |   [[ $1 ]] && { if [[ $rc == 0 ]]; then echo "$@"; else err "$@"; fi; }
29 |   exit "$rc"
30 | }
31 | 
32 | [[ ${DHCLIENT_MOCK_FAIL-} || ${DHCLIENT_MOCK_OUTPUT-} ]] && {
33 |   args='' arg=''; for arg in "$@"; do args+="${args:+ }'${arg}'"; done
34 |   fail "${DHCLIENT_MOCK_FAIL:-0}" \
35 |        "${DHCLIENT_MOCK_OUTPUT+${DHCLIENT_MOCK_OUTPUT/@ARGS@/${args}}}"
36 | }
37 | 
38 | SCRIPT='' PID='' CMD=''
39 | 
40 | parse_args() {
41 |   local arg nextarg=''
42 | 
43 |   for arg in "$@"; do
44 | 
45 |     [[ ${nextarg} ]] && {
46 |       case ${nextarg} in
47 |         script) SCRIPT=${arg} ;;
48 |         pid) PID=${arg} ;;
49 |       esac
50 |       nextarg=''
51 |       continue
52 |     }
53 | 
54 |     case ${arg} in
55 |       -sf) nextarg=script ;;
56 |       -pf) nextarg=pid ;;
57 |       *) CMD=${arg}; break ;;
58 |     esac
59 |   done
60 |   return 0
61 | }
62 | 
63 | usage() {
64 |   err "Usage: ${0##*/} [ -sf <script> ] [ -pf <pid> ] <interface>"
65 |   err "Usage: ${0##*/} [ -pf <pid> ] sleep"
66 | }
67 | 
68 | parse_args "$@"
69 | 
70 | case ${CMD} in
71 |   sleep)
72 |     if [[ ${PID} ]]; then
73 |       "$0" -pf "${PID}" xsleep &
74 |     else
75 |       "$0" xsleep &
76 |     fi
77 |     exit 0
78 |     ;;
79 |   xsleep)
80 |     [[ $nmg_show_debug ]] && echo "Spawned background dhclient_test [$$]"
81 |     [[ ${PID} ]] && echo $$ > "${PID}"
82 |     sleep 5
83 |     exit 0
84 |     ;;
85 |   '') usage; exit 1 ;;
86 | esac
87 | 
88 | 
89 | [[ ${SCRIPT} ]] || exit 0
90 | 
91 | export interface=${CMD}
92 | export reason=BOUND6
93 | 
94 | [[ ${PID} ]] && echo $$ > "${PID}"
95 | 
96 | (exec "${SCRIPT}" </dev/null) &
97 | exit 0
98 | 


--------------------------------------------------------------------------------
/test/bin/dummy-mock:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
  3 | # vim:set ft=sh et sw=2 ts=2:
  4 | # SPDX-License-Identifier: GPL-3.0-or-later
  5 | #
  6 | # General placeholder command
  7 | #
  8 | # Environment values:
  9 | #
 10 | # DUMMY_MOCK_FAIL (optional) - !0 fail code
 11 | #
 12 | # DUMMY_MOCK_FAIL_ARGS (optional) - if args match regex, use MOCK_FAIL
 13 | #   NOTE: each arg is enclosed in single-quotes, eg: 'first' 'second arg'
 14 | #
 15 | # DUMMY_MOCK_OUTPUT (optional) - echo value to stdout (stderr if _FAIL):
 16 | #     "@EXE@" replaced by executable name
 17 | #     "@ARGS@" replaced by arguments
 18 | #
 19 | # MOCK_ECHO (optional) - output quoted args
 20 | #
 21 | # MOCK_ECHO_STDIN (optional) - echos stdin
 22 | #
 23 | # MOCK_ECHO_STDIN_ARGS (optional) - if args match regex, use MOCK_ECHO_STDIN
 24 | #
 25 | # MOCK_ECHO_FD (optional) - MOCK_ECHO(_STDIN) to this file descriptor
 26 | #
 27 | # DUMMY_MOCK_FD (optional) - DUMMY_MOCK_OUTPUT to this file descriptor
 28 | #
 29 | # Any DUMMY_MOCK_<NAME>_<FILENAME> overrides above values if $0 ends
 30 | # in <FILENAME> ('-' mapped to '_')
 31 | #
 32 | unset IFS
 33 | 
 34 | set_output() {
 35 |   [[ ${DUMMY_MOCK_FD-} ]] || return 0
 36 |   local fd=2
 37 |   printf 2>/dev/null -v fd "%d" "${DUMMY_MOCK_FD}" || fd=2
 38 |   [[ $fd != 1 ]] && exec >&"$fd"
 39 |   [[ $fd != 2 ]] && exec 2>&"$fd"
 40 | }
 41 | 
 42 | err() {
 43 |   printf >&2 "%s\n" "$*"
 44 | }
 45 | 
 46 | fail() {
 47 |   # <rc> <output>
 48 |   local -i rc=0
 49 |   [[ $1 != 0 ]] && { printf 2>/dev/null -v rc "%d" "$1" || rc=1; }
 50 |   shift
 51 |   [[ $1 ]] && { if [[ $rc == 0 ]]; then echo "$@"; else err "$@"; fi; }
 52 |   exit "$rc"
 53 | }
 54 | 
 55 | check_overrides() {
 56 |   local var exe=${0##*/}
 57 |   exe=${exe//-/_}
 58 |   var="DUMMY_MOCK_FAIL_${exe}"
 59 |   [[ ${!var+x} ]] && DUMMY_MOCK_FAIL=${!var}
 60 |   var="DUMMY_MOCK_FAIL_ARGS_${exe}"
 61 |   [[ ${!var+x} ]] && DUMMY_MOCK_FAIL_ARGS=${!var}
 62 |   var="DUMMY_MOCK_OUTPUT_${exe}"
 63 |   [[ ${!var+x} ]] && DUMMY_MOCK_OUTPUT=${!var}
 64 |   var="DUMMY_MOCK_FD_${exe}"
 65 |   [[ ${!var+x} ]] && DUMMY_MOCK_FD=${!var}
 66 |   var="MOCK_ECHO_${exe}"
 67 |   [[ ${!var+x} ]] && MOCK_ECHO=${!var}
 68 |   var="MOCK_ECHO_STDIN_${exe}"
 69 |   [[ ${!var+x} ]] && MOCK_ECHO_STDIN=${!var}
 70 |   var="MOCK_ECHO_STDIN_ARGS_${exe}"
 71 |   [[ ${!var+x} ]] && MOCK_ECHO_STDIN_ARGS=${!var}
 72 |   var="MOCK_ECHO_FD_${exe}"
 73 |   [[ ${!var+x} ]] && MOCK_ECHO_FD=${!var}
 74 | }
 75 | 
 76 | mock_echo() {
 77 |   # <arg>...
 78 |   [[ ${MOCK_ECHO-} || ${MOCK_ECHO_STDIN-} ]] || return 0
 79 |   local fd=1
 80 |   [[ ${MOCK_ECHO_FD-} ]] && {
 81 |     printf 2>/dev/null -v fd "%d" "${MOCK_ECHO_FD}" || fd=1
 82 |   }
 83 |   # echo args if requested
 84 |   [[ ${MOCK_ECHO-} ]] && {
 85 |     local arg out=${0##*/}
 86 |     out=${out%-mock}
 87 |     for arg in "$@"; do out+=" '${arg}'"; done
 88 |     printf >&"$fd" "%s\n" "${out}"
 89 |   }
 90 |   # echo stdin if requested
 91 |   [[ ${MOCK_ECHO_STDIN-} ]] && command -p cat >&"$fd" -
 92 | }
 93 | 
 94 | check_overrides
 95 | 
 96 | args=''
 97 | for arg in "$@"; do args+="${args:+ }'${arg}'"; done
 98 | 
 99 | [[ ${DUMMY_MOCK_FAIL_ARGS-} ]] && {
100 |   [[ ${args} =~ ${DUMMY_MOCK_FAIL_ARGS} ]] || DUMMY_MOCK_FAIL=''
101 | }
102 | [[ ${MOCK_ECHO_STDIN_ARGS-} ]] && {
103 |   [[ ${args} =~ ${MOCK_ECHO_STDIN_ARGS} ]] || MOCK_ECHO_STDIN=''
104 | }
105 | 
106 | mock_echo "$@"
107 | 
108 | set_output
109 | 
110 | [[ ${DUMMY_MOCK_FAIL-} || ${DUMMY_MOCK_OUTPUT-} ]] && {
111 |   out=${DUMMY_MOCK_OUTPUT+${DUMMY_MOCK_OUTPUT/@EXE@/$0}}
112 |   fail "${DUMMY_MOCK_FAIL:-0}" "${out/@ARGS@/$args}"
113 | }
114 | 
115 | exit 0
116 | 


--------------------------------------------------------------------------------
/test/Makefile:
--------------------------------------------------------------------------------
  1 | #
  2 | # Tests for nmutils
  3 | #
  4 | # make help for instructions
  5 | #
  6 | .EXPORT_ALL_VARIABLES:
  7 | .SUFFIXES:
  8 | 
  9 | V := 0
 10 | VB_0 := @
 11 | VB := $(VB_$(V))
 12 | 
 13 | # command progress to stderr
 14 | #VERBOSE := 1
 15 | # logs of debug output to stderr
 16 | #DEBUG := 2
 17 | # test args
 18 | TEST_ARGS := strict verbose
 19 | 
 20 | TEST_ROOT := .
 21 | TEST_BIN := $(TEST_ROOT)/bin
 22 | TEST_SHELL := bash
 23 | 
 24 | # variables used in configuration files (exported)
 25 | 
 26 | # directory with source files
 27 | SRC_ROOT := ..
 28 | # test configuration files
 29 | TEST_CONF := $(TEST_ROOT)/conf
 30 | # common test configuration
 31 | TEST_COMMON := $(TEST_CONF)/common.conf
 32 | # directory for generated results
 33 | TEST_OUT := $(TEST_ROOT)/results
 34 | # directory for expected results
 35 | TEST_EXPECT := $(TEST_ROOT)/expected
 36 | 
 37 | # default addrs for ip-mock
 38 | IP_MOCK_ADDRS := $(TEST_CONF)/ip-mock-addrs
 39 | 
 40 | .PHONY: Makefile all
 41 | all: general ddns prefix all-radvd
 42 | 
 43 | .PHONY: help
 44 | help:
 45 | 	@echo "make targets:"
 46 | 	@echo "  all               - run all tests"
 47 | 	@echo "  general           - run general-funcions tests"
 48 | 	@echo "  ddns              - run ddns-funcions tests"
 49 | 	@echo "  prefix            - run ipv6 prefix tests"
 50 | 	@echo "  all-radvd          - run all radvd tests"
 51 | 	@echo "  radvd-test-#      - run radvd test # (1, 2, etc)"
 52 | 	@echo "  bless-radvd-test  - replace a test results (prompts for #)"
 53 | 
 54 | .PHONY: general
 55 | general:
 56 | 	$(TEST_SHELL) $(TEST_ROOT)/general-test $(TEST_ARGS)
 57 | 
 58 | .PHONY: ddns
 59 | ddns:
 60 | 	$(TEST_SHELL) $(TEST_ROOT)/ddns-test $(TEST_ARGS)
 61 | 	$(TEST_SHELL) $(TEST_ROOT)/nm-ddns-test $(TEST_ARGS)
 62 | 
 63 | .PHONY: prefix
 64 | prefix:
 65 | 	$(TEST_SHELL) $(TEST_ROOT)/ipv6-prefix-addr-test $(TEST_ARGS)
 66 | 	$(TEST_SHELL) $(TEST_ROOT)/ipv6-prefix-nm-test $(TEST_ARGS)
 67 | 	$(TEST_SHELL) $(TEST_ROOT)/ipv6-prefix-dhclient-test $(TEST_ARGS)
 68 | 	$(TEST_SHELL) $(TEST_ROOT)/ipv6-prefix-dhcpcd-test $(TEST_ARGS)
 69 | 
 70 | .PHONY: all-radvd
 71 | all-radvd: radvd-test-1 radvd-test-2 radvd-test-3 radvd-test-4
 72 | 
 73 | $(TEST_OUT):
 74 | 	$(VB)mkdir "$(TEST_OUT)"
 75 | 
 76 | #
 77 | # 95-radvd-gen tests
 78 | #
 79 | # For each test #:
 80 | #
 81 | #   Config is CONF/radvd-gen.conf - which in turn sets:
 82 | #        SRC = CONF/#-radvd.conf.templ
 83 | #        DST = OUT/#-radvd.conf
 84 | #        IP_MOCK_ADDRS = CONF/#-ip-mock-addrs (if present)
 85 | #
 86 | #   The output is then compared with EXPECT/#-radvd.conf
 87 | #
 88 | RADVDGEN_CONF := $(TEST_CONF)/radvd-gen.conf
 89 | 
 90 | $(TEST_OUT)/%-radvd.conf: $(TEST_EXPECT)/%-radvd.conf
 91 | 	@echo "Running radvd-gen test $(TEST_NUM)"
 92 | 	$(VB)[ -f "$(TEST_CONF)/$(TEST_NUM)-radvd.conf" ] && \
 93 | 	 cp "$(TEST_CONF)/$(TEST_NUM)-radvd.conf" "$@" || :
 94 | 	$(VB)VERBOSE=$(VERBOSE) $(TEST_SHELL) $(TEST_ROOT)/radvd-test
 95 | 	$(VB)diff >/dev/null "$<" "$@" || { \
 96 | 	   echo "FAIL: $< $@ differ:"; diff "$<" "$@"; }
 97 | 
 98 | radvd-test-%: $(TEST_EXPECT)/%-radvd.conf $(TEST_OUT)
 99 | 	-$(VB)rm -f "$(TEST_OUT)/$*-radvd.conf"
100 | 	$(VB)$(MAKE) "$(TEST_OUT)/$*-radvd.conf" TEST_NUM="$*"
101 | 
102 | .PHONY: bless-radvd-test
103 | bless-radvd-test:
104 | 	@echo "WARNING: this will overwrite the expected for this test!"
105 | 	$(VB)read -p "Test # to replace (empty to quit): " TEST_NUM && \
106 | 	 [ -n "$$TEST_NUM" ] && export TEST_NUM && \
107 | 	 $(TEST_SHELL) $(TEST_ROOT)/radvd-test && \
108 | 	 cp -f "$(TEST_OUT)/$${TEST_NUM}-radvd.conf" $(TEST_EXPECT)
109 | 
110 | .PHONY: clean
111 | clean:
112 | 	$(VB)rm -rf $(TEST_OUT) ./run
113 | 


--------------------------------------------------------------------------------
/NEWS.md:
--------------------------------------------------------------------------------
 1 | Overview of changes in nmutils-20250418
 2 | =======================================
 3 | 
 4 | - Added config command to 08-ipv6-prefix and 09-ddns with tests
 5 | - general-functions 1.8.0 adds nmg::print_env, nmg::unset_env, 
 6 |     nmg::get_config and nmg::load_comment
 7 | - ddns-functions 1.6.0 adds nmddns_get_config and nmddns_get_globals
 8 | - Added tests for new functions
 9 | - `08-ipv6-prefix` now has config command
10 | - `09-ddns` now has help and config command
11 | 
12 | Overview of changes in nmutils-20241216
13 | =======================================
14 | 
15 | - SELinux patch for dhclient pid file
16 | - Correct make dist
17 | 
18 | Overview of changes in nmutils-20241215
19 | =======================================
20 | 
21 | ***BREAKING CHANGE:***
22 |  - package installs now look for config in /etc/nmutils by default
23 |    (/etc/nmutils/conf still used for 'make install' installs)
24 | 
25 | Other significant changes:
26 | - Rewrite of `08-ipv6-prefix` adding:
27 |   - `dhcpcd` dhcp client support
28 |     - adds RFC6603 prefix exclude support
29 |     - supports RA DNS assignments
30 |  - ipv6.method=ignore full ipv6 management
31 |     - required for dhcpcd client support
32 |     - `rdisc6` may be needed for default maintenance
33 |     - `resolvectl` or `resolvconf` needed for DNS handling
34 |   - many config changes may now be made with `nmcli device reapply`
35 |   - dhcp client monitoring to recover from lockups/bugs in client
36 |   - DNS server routes added
37 |   - Source-based prefix routes supporting multiple WANs without
38 |     firewall rules
39 |   - Unreachable routes for unassigned prefix subnets
40 |   - Configurable route metrics (DNS routes or SADR routes)
41 |   - Gateway monitoring and active restoration
42 |   - Subnet deprecation when gateway lost (after short timeout), WAN
43 |     down, or via external trigger (see "deprecate" command)
44 |   - DAD detection of generated addresses, and address retry
45 |   - fallback dhclient-script support if requested
46 |   - monitor and dhcp client daemons managed with systemctl
47 |   - `08-ipv6-prefix` may now be run directly, commands include
48 |     - `deprecate` for creating/releasing multiple independent
49 |       prefix deprecation "locks"
50 |     - `status` to display current WAN/LAN stats
51 |     - `help` to display full documentation
52 |   - extensive tests for all core features
53 | - Addition of `96-interface-action` to complement `dispatcher_action`
54 |   - systemctl action independent of state-file creation/removal
55 |   - is-enable may be ignored (great for startup after iface up)
56 |   - actions enabled by config file presence (no creating dispatchers)
57 |   with simpler config and additional features.
58 | - `meson` patch and install (supporting relocation). Package 
59 |   installation can be easily masked by non-package install for
60 |   temporary overrides of source/config for testing/evaluation.
61 | - Makefile supporing:
62 |   - `make help` to explain targets
63 |   - `make install` and `make uninstall`
64 |   - `make dist` for source tar
65 |   - `make tarball` for patched install tar
66 |   - `make srpm` and `make rpm` for package creation
67 | - Test suite expanded to include:
68 |   - `nmcli-mock` supporting state modification (updates)
69 |   - `dummy-mock` generalized to support most "fake binaries" via symlinks
70 |   - `ip-mock` added support for link, route and monitor.  Much better
71 |     ipv6 prefix support
72 |   - Many tests for added functionlity (now over 1400!)
73 |     - new functions
74 | 	- `dhcpcd` client
75 | 	- ipv6.method=ignore
76 | - general-functions updated with many new functions
77 |   - general hashing
78 |   - ip monitor support for watching address/route changes
79 |   - ipv6 prefix compression
80 |   - ip route functions
81 |   - many new tests
82 |   - re-licensed LGPLv3
83 | 


--------------------------------------------------------------------------------
/GNUmakefile:
--------------------------------------------------------------------------------
  1 | #
  2 | # GNU Makefile to:
  3 | #   - create 'dist' source tarball
  4 | #   - install/uninstall nmutils (requires meson/ninja)
  5 | #   - create patched 'tarball' for direct install
  6 | #   - create SRPM (requires rpmbuild)
  7 | #   - build RPM (requires mock)
  8 | #
  9 | # 'make help' for options
 10 | #
 11 | 
 12 | prefix := /usr
 13 | 
 14 | SED := sed
 15 | TAR := tar
 16 | MESON := meson
 17 | NINJA := ninja
 18 | RPMBUILD := rpmbuild
 19 | MOCK := mock
 20 | 
 21 | TMPDIR := ./tmp
 22 | 
 23 | V := 0
 24 | VB_0 := @
 25 | VB := $(VB_$(V))
 26 | 
 27 | # official version in meson.build
 28 | VERSION := $(shell $(SED) -E -n "/^.*[[:space:],]*version[[:space:]]*:[[:space:]]*'([^']+)'.*$$/{s//\\1/p;q;}" meson.build || :)
 29 | ifeq ($(VERSION),)
 30 |   $(error Unable to extract version from meson.build)
 31 | endif
 32 | 
 33 | PACKAGE := nmutils
 34 | DISTDIR := $(PACKAGE)
 35 | DISTNAME := $(PACKAGE)-$(VERSION)
 36 | TARBALL := $(DISTNAME).tgz
 37 | DIST := $(DISTNAME).tar.gz
 38 | 
 39 | .SUFFIXES:
 40 | 
 41 | .PHONY: Makefile all
 42 | all: build
 43 | 
 44 | .PHONY: help
 45 | help:
 46 | 	@echo "Usage: make <target> [ <variable>=<value>... ]"
 47 | 	@echo "<target> may be:"
 48 | 	@echo "   help - show this help"
 49 | 	@echo "   all (default) - configure (uses MESON_FLAGS)"
 50 | 	@echo "   install - install files (DESTDIR=<dir> honored)"
 51 | 	@echo "   uninstall - uninstall files (DESTDIR honored)"
 52 | 	@echo "   tarball - create patched $(TARBALL) (uses MESON_FLAGS) "
 53 | 	@echo "   dist - create $(DIST) with source files"
 54 | 	@echo "   srpm - create SRPM for building"
 55 | 	@echo "   rpm - build rpm using mock"
 56 | 	@echo "   check - run all tests"
 57 | 	@echo
 58 | 	@echo "<variable> may be (with defaults):"
 59 | 	@echo "  prefix=$(prefix)"
 60 | 	@echo "  MESON_FLAGS=<any of the following>"
 61 | 	@echo "    -Dpkg=false         - =true for packaged install"
 62 | 	@echo "    -Dnmlibdir=/usr/lib - NetworkManager system libdir"
 63 | 	@echo "    -Drunstatedir=/run  - runtime state dir"
 64 | 	@echo "    -Dselinuxtype=auto  - SELinux type (auto-detected)"
 65 | 	@echo "    -Dunitdir=auto      - systemd unit dir (auto-detected)"
 66 | 
 67 | # order-only test for commands
 68 | .SUFFIXES: .cmd
 69 | %.cmd:
 70 | 	$(VB)for cmd in $*; do \
 71 | 	 type >/dev/null 2>/dev/null "$$cmd" || \
 72 | 	 { echo "$$cmd not found (please install first)"; exit 1; } \
 73 | 	done
 74 | 
 75 | build/build.ninja: | $(MESON).cmd $(NINJA).cmd
 76 | 	@echo $(MESON) setup --prefix="$(prefix)" $(MESON_FLAGS) build
 77 | 	$(VB)$(MESON) setup --prefix="$(prefix)" $(MESON_FLAGS) build || { \
 78 | 	 rm -rf build; false; }
 79 | 
 80 | .PHONY: build
 81 | build: build/build.ninja
 82 | 	$(MESON) compile -C build
 83 | 
 84 | .PHONY: install
 85 | install: build
 86 | 	DESTDIR="$(DESTDIR)" $(MESON) install -C build
 87 | 
 88 | .PHONY: uninstall
 89 | uninstall: build
 90 | 	cd build && DESTDIR="$(DESTDIR)" $(NINJA) uninstall
 91 | 	$(VB)if command >/dev/null -v semodule; then \
 92 | 	  echo semodule -r nmutils && semodule -r nmutils; \
 93 | 	 else :; fi
 94 | 
 95 | .PHONY: dist
 96 | dist: clean
 97 | 	$(VB)if [ -n "$$($(TAR) --version | grep GNU)" ]; then \
 98 | 	 $(TAR) czf "$(DIST)" --exclude "$(DIST)" --transform "s/^[.]/$(DISTDIR)/S" ./* ./.gitignore; \
 99 | 	else \
100 | 	 $(TAR) czf "$(DIST)" --exclude "$(DIST)" -s "/^[.]/$(DISTDIR)/S" ./* ./.gitignore; \
101 | 	fi
102 | 	@echo "Source tar created: $(DIST)"
103 | 
104 | .PHONY: srpm
105 | srpm: DISTDIR=$(DISTNAME)
106 | srpm: dist | $(RPMBUILD).cmd
107 | 	$(VB)mkdir "$(TMPDIR)" && mv "$(DIST)" "$(TMPDIR)"
108 | 	$(VB)$(SED) -E -e 's/(Version:[[:space:]]+).*$$/\1$(VERSION)/'\
109 | 	 -e 's/(Name:[[:space:]]+).*$$/\1$(PACKAGE)/' \
110 | 	 nmutils.spec > "$(TMPDIR)/$(PACKAGE).spec"
111 | 	$(RPMBUILD) -D "_topdir $(TMPDIR)" -D "_sourcedir $(TMPDIR)"\
112 | 	 -D "_rpmdir $(TMPDIR)" -D "_specdir $(TMPDIR)"\
113 | 	 -D "_builddir $(TMPDIR)" -D "_srcrpmdir ." -D "srpm 1" \
114 | 	 -bs "$(TMPDIR)/$(PACKAGE).spec"
115 | 	$(VB)rm -rf "$(TMPDIR)"
116 | 
117 | .PHONY: rpm
118 | rpm: srpm | $(MOCK).cmd
119 | 	$(MOCK) $(MOCK_FLAGS) $(PACKAGE)-$(VERSION)-*.src.rpm
120 | 
121 | .PHONY: tarball
122 | tarball: DESTDIR=root
123 | tarball: clean install
124 | 	$(VB)$(TAR) czf $(TARBALL) -C build/root .
125 | 	@echo "Install tar created: $(TARBALL)"
126 | 	$(VB)rm -rf build/root
127 | 
128 | .PHONY: check
129 | check:
130 | 	$(MAKE) -C test
131 | 
132 | .PHONY: clean
133 | clean:
134 | 	-make -C selinux clean V=$(V)
135 | 	make -C test clean V=$(V)
136 | 	$(VB)rm -f *.tar.gz *.tgz *.src.rpm
137 | 	$(VB)rm -rf build "$(TMPDIR)"
138 | 


--------------------------------------------------------------------------------
/nmutils.spec:
--------------------------------------------------------------------------------
  1 | # SPDX-License-Identifier: GPL-3.0-or-later
  2 | #
  3 | # Copyright (C) 2022-24 Scott Shambarger, Kenneth Porter
  4 | #
  5 | %bcond_without selinux
  6 | %bcond_with    test
  7 | 
  8 | %global selinuxtype targeted
  9 | 
 10 | %if 0%{?srpm}
 11 | %undefine dist
 12 | %endif
 13 | 
 14 | Name:           nmutils
 15 | Version:        devel
 16 | Release:        1%{?dist}
 17 | Summary:        Network Manager Utility Scripts
 18 | BuildArch:      noarch
 19 | 
 20 | License:        GPL-3.0-or-later AND LGPL-3.0-or-later
 21 | URL:            https://github.com/sshambar/nmutils
 22 | Source0:        https://github.com/sshambar/nmutils/archive/%{version}/%{name}-%{version}.tar.gz
 23 | Requires:       NetworkManager
 24 | Requires:       iproute
 25 | Requires:       procps-ng
 26 | Requires:       systemd >= 236
 27 | Recommends:     bind-utils
 28 | Recommends:     util-linux-core
 29 | Recommends:     ndisc6
 30 | Recommends:     dhcp-client
 31 | Suggests:       dhcpcd
 32 | Suggests:       radvd
 33 | BuildRequires:  make
 34 | BuildRequires:  meson
 35 | %if %{with selinux}
 36 | Requires:       (%{name}-selinux if selinux-policy-%{selinuxtype})
 37 | %endif
 38 | BuildRequires:  systemd-rpm-macros
 39 | %{?systemd_ordering}
 40 | 
 41 | %description
 42 | A collection of BASH based utility scripts and support functions for
 43 | use with Gnome's NetworkManager dispatcher.
 44 | 
 45 | %if %{with selinux}
 46 | %package selinux
 47 | Summary:        Selinux policy module
 48 | BuildArch:      noarch
 49 | License:        GPL-3.0-or-later
 50 | BuildRequires:  make
 51 | BuildRequires:  bzip2
 52 | BuildRequires:  selinux-policy-devel
 53 | %{?selinux_requires}
 54 | Requires:       selinux-policy-%{selinuxtype}
 55 | Requires(post): selinux-policy-%{selinuxtype}
 56 | 
 57 | %description selinux
 58 | Install nmutils-selinux to ensure your system contains the SELinux policy
 59 | required for dhcp clients to run 08-ipv6-prefix, manage radvd and
 60 | perform DDNS operations.
 61 | %endif
 62 | 
 63 | %prep
 64 | %autosetup
 65 | 
 66 | %build
 67 | %meson \
 68 |   -Dselinuxtype=%{?with_selinux:%{selinuxtype}} \
 69 |   -Dunitdir=%{_unitdir} \
 70 |   -Dnmlibdir=/usr/lib \
 71 |   -Drunstatedir=%{_runstatedir} \
 72 |   -Dpkg=true
 73 | 
 74 | %meson_build
 75 | 
 76 | %check
 77 | %if %{with test}
 78 | %meson_test
 79 | %endif
 80 | 
 81 | %install
 82 | %meson_install \
 83 |   --tags base
 84 | 
 85 | %if %{with selinux}
 86 | %meson_install \
 87 |   --tags selinux
 88 | %endif
 89 | 
 90 | %preun
 91 | if [[ $1 -eq 0 ]] && command -v systemctl >/dev/null; then
 92 |   # Package removal, not upgrade
 93 |   # disable service/timers (systemd macros don't handled templated units well)
 94 |   if systemctl is-enabled ddns-onboot@.service ddns-onboot@.timer >/dev/null; then
 95 |     systemctl --no-reload disable ddns-onboot@
 96 |   fi
 97 | fi
 98 | 
 99 | %files
100 | %license LICENSE
101 | %license LICENSE.LGPLv3
102 | %doc README.md examples
103 | %{_prefix}/lib/NetworkManager/dispatcher.d/*
104 | %{_datadir}/nmutils
105 | %config %{_sysconfdir}/nmutils
106 | %{_unitdir}/*
107 | 
108 | %if %{with selinux}
109 | 
110 | %pre selinux
111 | %selinux_relabel_pre -s %{selinuxtype}
112 | 
113 | %post selinux
114 | %selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/nmutils.pp.bz2 || :
115 | 
116 | %postun selinux
117 | if [ $1 -eq 0 ]; then
118 |   # Package removal, not upgrade
119 |   %selinux_modules_uninstall -s %{selinuxtype} nmutils || :
120 | fi
121 | 
122 | %posttrans selinux
123 | %selinux_relabel_post -s %{selinuxtype} || :
124 | 
125 | %files selinux
126 | %license LICENSE
127 | %attr(0644,root,root) %{_datadir}/selinux/packages/%{selinuxtype}/nmutils.pp.bz2
128 | %ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/nmutils
129 | %endif
130 | 
131 | %changelog
132 | * Fri Apr 18 2025 Scott Shambarger <devel at shambarger.net> 20250418-1
133 | - Added config command to 08-ipv6-prefix and 09-ddns with supporting
134 |   functions
135 | 
136 | * Mon Dec 16 2024 Scott Shambarger <devel at shambarger.net> 20241216-1
137 | - Release 20241216
138 | 
139 | * Thu Nov 28 2024 Scott Shambarger <devel at shambarger.net> 20241126-1
140 | - Updated for meson build
141 | - Config for package now in /etc/nmutils
142 | 
143 | * Tue Jun 21 2022 Scott Shambarger <devel at shambarger.net> 20220621-1
144 | - Moved script libraries to datadir, handle instanced systemd files
145 | - Added SELinux subpackage
146 | 
147 | * Mon May 16 2022 Kenneth Porter <shiva.nmutilsspec at sewingwitch.com> 20220516-1
148 | - Initial spec file
149 | 


--------------------------------------------------------------------------------
/etc/nmutils/ipv6_utils.sh:
--------------------------------------------------------------------------------
  1 | #! /bin/bash
  2 | #
  3 | # Calculate IPv6 address segments entirely in bash
  4 | #
  5 | # Based loosely on wg-ip (https://github.com/chmduquesne/wg-ip)
  6 | #
  7 | # IPv6 definitions from https://en.wikipedia.org/wiki/IPv6_address
  8 | #
  9 | # Frank Crawford - <frank@crawford.emu.id.au> - 31-Jul-2021
 10 | #
 11 | # Functions:
 12 | # expand_ipv6 $ip
 13 | # - expand out IPv6 ($ip) address with all digits
 14 | # compress_ipv6 $ip
 15 | # - returns compressed IPv6 address ($ip) under the form recommended by RFC5952
 16 | # ipv6_prefix $ip $subnet
 17 | # - extract the IPv6 routing prefix from $ip with subnet length $subnet
 18 | # ipv6_subnetid $ip $subnet $fmt
 19 | # - extract the local subnet ID from unicast address ($ip) with optional $fmt
 20 | # ipv6_interface $ip
 21 | # - IPv6 host or interface part of address ($ip)
 22 | # ipv6_split_mask $ip/$mask
 23 | # - returns 2 values $ip and $mask
 24 | # is_ipv6 $ip
 25 | # - tests if address ($ip) is a valid IPv6 in either the expanded form
 26 | #   or the compressed one
 27 | # ipv6_type $ip
 28 | # - return IPv6 address ($ip) category
 29 | 
 30 | # helper to convert hex to dec (portable version)
 31 | hex2dec() {
 32 |     [ "$1" != "" ] && printf "%d" "$(( 0x$1 ))"
 33 | }
 34 | 
 35 | # convert ipv6 to lowercase
 36 | # inspired by https://stackoverflow.com/a/51573758/14179001
 37 | lowercase_ipv6() { # <ipv6-address> - echoes result
 38 |     local lcs="abcdef" ucs="ABCDEF"
 39 |     local result="${1-}" uchar uoffset
 40 | 
 41 |     while [[ "$result" =~ ([A-F]) ]]; do
 42 |         uchar="${BASH_REMATCH[1]}"
 43 |         uoffset="${ucs%%${uchar}*}"
 44 |         result="${result//${uchar}/${lcs:${#uoffset}:1}}"
 45 |     done
 46 | 
 47 |   echo -n "$result"
 48 | }
 49 | 
 50 | # expand an IPv6 address
 51 | expand_ipv6() {
 52 |     local ip=$(lowercase_ipv6 ${1:-::1})
 53 | 
 54 |     # prepend 0 if we start with :
 55 |     [[ "$ip" =~ ^: ]] && ip="0${ip}"
 56 | 
 57 |     # expand ::
 58 |     if [[ "$ip" =~ :: ]]; then
 59 |         local colons=${ip//[^:]/}
 60 |         local missing=':::::::::'
 61 |         missing=${missing/$colons/}
 62 |         local expanded=${missing//:/:0}
 63 |         ip=${ip/::/$expanded}
 64 |     fi
 65 | 
 66 |     local blocks=${ip//[^0-9a-f]/ }
 67 |     set $blocks
 68 | 
 69 |     printf "%04x:%04x:%04x:%04x:%04x:%04x:%04x:%04x\n" \
 70 |         $(hex2dec $1) \
 71 |         $(hex2dec $2) \
 72 |         $(hex2dec $3) \
 73 |         $(hex2dec $4) \
 74 |         $(hex2dec $5) \
 75 |         $(hex2dec $6) \
 76 |         $(hex2dec $7) \
 77 |         $(hex2dec $8)
 78 | }
 79 | 
 80 | # returns a compressed IPv6 address under the form recommended by RFC5952
 81 | compress_ipv6() {
 82 |     local ip=$(expand_ipv6 $1)
 83 | 
 84 |     local blocks=${ip//[^0-9a-f]/ }
 85 |     set $blocks
 86 | 
 87 |     # compress leading zeros
 88 |     ip=$(printf "%x:%x:%x:%x:%x:%x:%x:%x\n" \
 89 |         $(hex2dec $1) \
 90 |         $(hex2dec $2) \
 91 |         $(hex2dec $3) \
 92 |         $(hex2dec $4) \
 93 |         $(hex2dec $5) \
 94 |         $(hex2dec $6) \
 95 |         $(hex2dec $7) \
 96 |         $(hex2dec $8)
 97 |     )
 98 | 
 99 |     # prepend : for easier matching
100 |     ip=:$ip
101 | 
102 |     # :: must compress the longest chain
103 |     local pattern
104 |     for pattern in :0:0:0:0:0:0:0:0 \
105 |             :0:0:0:0:0:0:0 \
106 |             :0:0:0:0:0:0 \
107 |             :0:0:0:0:0 \
108 |             :0:0:0:0 \
109 |             :0:0:0 \
110 |             :0:0; do
111 |         if [[ "$ip" =~ $pattern ]]; then
112 |             ip=${ip/$pattern/::}
113 |             # if the substitution occured before the end, we have :::
114 |             ip=${ip/:::/::}
115 |             break # only one substitution
116 |         fi
117 |     done
118 | 
119 |     # remove prepending : if necessary
120 |     [[ "$ip" =~ ^:[^:] ]] && ip=${ip/#:/}
121 | 
122 |     echo -n $ip
123 | }
124 | 
125 | # extract the IPv6 routing prefix
126 | ipv6_prefix() {
127 |     local prefix=$(expand_ipv6 $1)
128 |     local subnet=${2:-64}
129 | 
130 |     local nibble=''
131 | 
132 |     (( $subnet > 64 )) && subnet=64
133 | 
134 |     if (( $subnet % 16 )); then
135 | 	nibble=$(printf "%04x" "$(( 0x${prefix:($subnet/16)*5:4} & ~((1<<(16-$subnet%16))-1) ))")
136 |     fi
137 | 
138 |     compress_ipv6 "${prefix:0:($subnet/16)*5}${nibble}::"
139 | }
140 | 
141 | # extract the local subnet ID
142 | ipv6_subnetid() {
143 |     local ip=$(expand_ipv6 $1)
144 |     local subnet=${2:-64}
145 |     local fmt="${3:-%x}"
146 | 
147 |     local len=$(( 64-$subnet ))
148 | 
149 |     if (( $len < 0 || $len > 16 )); then
150 | 	# Not really valid for non-route entries
151 | 	echo -n '-'
152 |     else
153 |         ip=${ip//:/}
154 |         printf "$fmt" "$(( 0x${ip:14:2} & ((1<<$len)-1) ))"
155 |     fi
156 | }
157 | 
158 | # IPv6 host or interface part of address
159 | ipv6_interface() {
160 |     local ip=$(expand_ipv6 $1)
161 | 
162 |     compress_ipv6 "::${ip:20}"
163 | }
164 | 
165 | # split into two parts, the address and the mask
166 | ipv6_split_mask() {
167 |     local ip=${1:-::/0}
168 | 
169 |     set ${ip/\// }
170 | 
171 |     echo -n $1 ${2:-128}
172 | }
173 | 
174 | # a valid IPv6 in either the expanded form or the compressed one
175 | is_ipv6() {
176 |     local orig=$(lowercase_ipv6 $1)
177 |     local expanded="$(expand_ipv6 $orig)"
178 |     [ "$orig" = "$expanded" ] && return 0
179 |     local compressed="$(compress_ipv6 $expanded)"
180 |     [ "$orig" = "$compressed" ] && return 0
181 |     return 1
182 | }
183 | 
184 | # return IPv6 address category
185 | ipv6_type() {
186 |     local ip=$(lowercase_ipv6 $1)
187 | 
188 |     if [[ $(ipv6_prefix $ip 10) == 'fe80::' ]]; then
189 | 	echo -n 'Link-local'
190 |     elif [[ $(ipv6_prefix $ip 10) == 'fec0::' ]]; then
191 | 	echo -n 'Site-local (deprecated)'
192 |     elif [[ $(ipv6_prefix $ip 16) == '2002::' ]]; then
193 | 	echo -n '6to4'
194 |     elif [[ $(ipv6_prefix $ip 16) == '3ffe::' ]]; then
195 | 	echo -n '6bone (returned)'
196 |     elif [[ $(ipv6_prefix $ip 32) == '2001::' ]]; then
197 | 	echo -n 'Teredo tunneling'
198 |     else
199 | 	case $(ipv6_prefix $ip 8) in
200 | 	::) echo 'Special' ;;
201 | 	fc00::) echo -n 'Global ULA' ;;
202 | 	fd00::) echo -n 'Local ULA' ;;
203 | 	ff00::) echo -n 'Multicast' ;;
204 | 	f?00::) echo -n 'Invalid' ;;
205 | 	*) echo -n 'Unicast' ;;
206 | 	esac
207 |     fi
208 | }
209 | 


--------------------------------------------------------------------------------
/test/conf/nmg_xtest:
--------------------------------------------------------------------------------
  1 | # vim:set ft=sh et sw=2 ts=2:
  2 | #
  3 | # Common config/functions for tests using xtest_setup
  4 | #
  5 | # Loads shtest_setup, xtest_setup, and sets restrictive environment
  6 | # (eg. PATH='', IFS=-).  xwrap function captures nmg logs, and stderr,
  7 | # and registers both as 1st/2nd shtest::check_reg_files (for ftest[2])
  8 | #
  9 | # To use:
 10 | #   - source this file
 11 | #   - define "xmain()" - return !0 on failure
 12 | #   - call xstart "$@"
 13 | #
 14 | # Provided functions:
 15 | #
 16 | #   xwrap <cmd> [ <args>... ]
 17 | #     Captures nmg logging to $XLOG, stderr to $XERR
 18 | #
 19 | #   xwrap2 <tag> <cmd> [ <args>...]
 20 | #     Same as xwrap, but calls shtest::prefix "<cmd>(<tag>) - " first
 21 | #
 22 | #   xret <tag> <ref> [ <desc> ]
 23 | #     Same as shtest::check_result, but calls shtest::prefix " - " after
 24 | #
 25 | #   xrm <file> ...
 26 | #     Removes <file>s using command -p to avoid PATH
 27 | #
 28 | #   xread_value <retvar> (<stdin)
 29 | #     Reads stdin into <retvar> (verbatim, but strips final newline)
 30 | #
 31 | #   xread_value2 <retvar> (<stdin)
 32 | #     Reads stdin into <retvar> (verbatim, but adds final newline)
 33 | #
 34 | #   xload_script <file> [ <args>... ]
 35 | #     Parse-tests, and sources <file> with <args>, calling xtest::fail with
 36 | #     feedback if it exits.
 37 | #
 38 | #   xstart [ <args>... ]
 39 | #     Main entry, returns result of xmain
 40 | #
 41 | # shellcheck shell=bash disable=SC1090,SC2123
 42 | 
 43 | TEST_CONF=${TEST_CONF-${TEST_ROOT-.}/conf}
 44 | . "${TEST_CONF}/shtest_setup" ||
 45 |   { echo >&2 "Unable to source shtest_setup"; exit 1; }
 46 | 
 47 | shtest::clean_env -strict TEST*
 48 | 
 49 | # reload common.conf
 50 | TEST_COMMON=${TEST_COMMON:-conf/common.conf}
 51 | { [[ -r ${TEST_COMMON} ]] && . "${TEST_COMMON}"; } ||
 52 |   { echo >&2 "Unable to load ${TEST_COMMON}"; exit 2; }
 53 | 
 54 | { [[ ${XTEST_SETUP} ]] && . "${XTEST_SETUP}"; } ||
 55 |   { echo >&2 "Unable to load xtest_setup"; exit 2; }
 56 | 
 57 | [[ $EUID == 0 ]] && xtest::fail "Never run as root!"
 58 | 
 59 | # need output directory
 60 | [[ $TEST_OUT && -d $TEST_OUT ]] || xtest::fail "\$TEST_OUT is unset/missing!"
 61 | 
 62 | NMG_XTEST_BASE=${0##*/}
 63 | XLOG="$TEST_OUT/${NMG_XTEST_BASE}.log"
 64 | XERR="$TEST_OUT/${NMG_XTEST_BASE}.err"
 65 | unset NMG_XTEST_BASE
 66 | 
 67 | xwrap() { # <cmd> [ <args>... ]
 68 |   local _xcmd=${1-}
 69 |   [[ ${_xcmd} ]] || xtest::fail "xwrap: missing <cmd>"
 70 |   shift
 71 |   "${_xcmd}" &>"${XERR}" 4>"${XLOG}" "$@"
 72 | }
 73 | 
 74 | xwrap2() { # <tag> <func> [ <args>... ]
 75 |   local _xtag=${1-} _xcmd=${2-}
 76 |   [[ ${_xcmd} ]] || xtest::fail "xwrap: missing <cmd>"
 77 |   shtest::prefix "${_xcmd}(${_xtag}) - "
 78 |   shift 2
 79 |   "${_xcmd}" &>"${XERR}" 4>"${XLOG}" "$@"
 80 | }
 81 | 
 82 | xret() {
 83 |   shtest::check_result "$@"
 84 |   shtest::prefix " - "
 85 | }
 86 | 
 87 | xrm() {
 88 |   local f
 89 |   for f in "$@"; do [[ $f ]] && command -p rm -f "$f"; done
 90 |   return 0
 91 | }
 92 | 
 93 | # read stdin, strips trailing newline
 94 | xread_value() {
 95 |   # <retvar> < stdin
 96 |   local IFS
 97 |   read -r -d '' "$1" || :
 98 | }
 99 | 
100 | xread_value2() {
101 |   # <retvar> < stdin
102 |   local IFS=-
103 |   read -r -d '' "$1" || :
104 | }
105 | 
106 | xcat() {
107 |   # < stdin
108 |   local REPLY
109 |   read -r -d '' || printf '%s' "${REPLY}"
110 | }
111 | 
112 | xnmg::_onexit() { # <rc>
113 |   local rc=${1:-?}
114 | 
115 |   [[ ${XERR-} && ${XLOG-} ]] || return 0
116 | 
117 |   [[ -e ${XERR} || -e ${XLOG} ]] && {
118 |     shtest::alert "Tests did not complete: exit ${rc}"
119 | 
120 |     # early exit (exit, unbound etc) would leave these files, show them
121 |     [[ -s ${XERR} ]] && {
122 |       shtest::alert "==== stdout / stderr ==="
123 |       shtest::alert "$(< "${XERR}")"
124 |     }
125 |     [[ -s ${XLOG} ]] && {
126 |       shtest::alert "==== nmg log ===="
127 |       shtest::alert "$(< "${XLOG}")"
128 |     }
129 |   }
130 | 
131 |   # cleanup
132 |   xrm "${XERR}" "${XLOG}"
133 |   return 0
134 | }
135 | 
136 | xnmg::_xload_check() {
137 |   local xrc="exit 0" IFS
138 | 
139 |   [[ -s ${XERR}-flag ]] &&
140 |     { read -r -d '' xrc || :; } 2>/dev/null < "${XERR}-flag"
141 |   xrm "${XERR}-flag"
142 | 
143 |   # everything work?
144 |   [[ ${xrc} == "result 0" && ! -s ${XLOG} && ! -s ${XERR} ]] && return 0
145 | 
146 |   # nope, cleanup and fail
147 |   shtest::cleanup
148 | 
149 |   # avoid unexpected exit warning if no errors
150 |   [[ -s ${XLOG} ]] || xrm "${XLOG}"
151 |   [[ -s ${XERR} ]] || xrm "${XERR}"
152 | 
153 |   [[ ${xrc} == "result 0" ]] && xrc="output/log"
154 | 
155 |   xtest::fail "  Loading '$1' failed (${xrc})"
156 | }
157 | 
158 | xload_script() {
159 |   # <file> [ <args>... ]
160 | 
161 |   [[ -z ${1-} ]] && return 0
162 | 
163 |   shtest::title "Loading script"
164 | 
165 |   # ensure includes pass parse test
166 |   shtest::parse "$1" || shtest::fatal
167 | 
168 |   xrm "${XERR}-flag"
169 |   ( # check for exit/errors
170 |     shtest::reset
171 |     shtest::strict off
172 |     xwrap source "$@"
173 |     echo >"${XERR}-flag" "result $?"
174 |     shtest::cleanup
175 |   ) || echo >"${XERR}-flag" "exit $?"
176 | 
177 |   xnmg::_xload_check "$1"
178 | 
179 |   # load script in current subshell
180 |   xwrap source "$@"
181 |   shtest::strict_failed && shtest::fatal "Loading ${1##*/} failed strict test"
182 | 
183 |   shtest::log "  Script ${1##*/} loaded"
184 | 
185 |   # reset PATH
186 |   PATH=''
187 | }
188 | 
189 | xstart() {
190 |   # restrict use of external commands (except those defined in config)
191 |   local PATH=''
192 | 
193 |   # less noise
194 |   local -x NMG_TAG=''
195 | 
196 |   # fd 4 used for logger
197 |   local -x nmg_log_stderr=4
198 |   exec 4>&2
199 | 
200 |   # redirect MOCK_ECHO to log
201 |   local -x MOCK_ECHO_FD=${nmg_log_stderr}
202 | 
203 |   (
204 |     shtest::add_onexit xnmg::_onexit
205 | 
206 |     shtest::reg_file "$XLOG"
207 |     shtest::reg_file "$XERR"
208 | 
209 |     local IFS=-
210 | 
211 |     shtest::global_whitelist "xwrap" "xwrap2"
212 | 
213 |     xtest::parse_options "$@"
214 | 
215 |     xmain "$@"
216 |     local rc=$?
217 | 
218 |     [[ ${IFS} == - ]] || {
219 |       xtest::err "Error: IFS was modified (now '${IFS-}')"
220 |       rc=1
221 |     }
222 |     xrm "${XERR}" "${XLOG}"
223 |     shtest::cleanup
224 | 
225 |     return ${rc}
226 |   )
227 |   local rc=$?
228 | 
229 |   xnmg::_onexit "${rc}"
230 |   exec 4>&-
231 | 
232 |   shtest::cleanup
233 | 
234 |   return ${rc}
235 | }
236 | 
237 | # Local Variables:
238 | # mode: sh
239 | # sh-basic-offset: 2
240 | # sh-indentation: 2
241 | # indent-tabs-mode: nil
242 | # End:
243 | 


--------------------------------------------------------------------------------
/etc/NetworkManager/dispatcher.d/96-interface-action:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
  3 | # vim:set ft=sh et sw=2 ts=2:
  4 | # SPDX-License-Identifier: GPL-3.0-or-later
  5 | #
  6 | # Copyright (C) 2024 Scott Shambarger
  7 | #
  8 | # 96-interface-action v1.0.0 - service restart on interface change
  9 | # Author: Scott Shambarger <devel@shambarger.net>
 10 | #
 11 | # Instructions for use:
 12 | #
 13 | #   Put this script in /etc/NetworkManager/dispatcher.d (or wherever
 14 | #   your distro has these files).
 15 | #
 16 | #   Create a configuration file NMCONF/ifa##-<service>-<interface>.conf
 17 | #   where ## is a 2-digit ordering number, <service> is the target
 18 | #   systemd service, and <interface> is the interface to act upon.
 19 | #
 20 | #   The following may be used below for <action>:
 21 | #
 22 | #     UP       - on interface up
 23 | #     DOWN     - on interface down
 24 | #     PRE_DOWN - before interface down (blocks interface down)
 25 | #     CHANGE   - any DHCP IPv4 address change
 26 | #     CHANGE6  - any DHCP IPv6 address change
 27 | #
 28 | # Required:
 29 | #
 30 | #   NMUTILS/general-functions - shared functions (see docs in file)
 31 | #   systemctl - used to manage <service>
 32 | #
 33 | # Config options are:
 34 | #
 35 | #   IGNORE_ENABLED - Any value causes any RESTART_* or "on" commands to
 36 | #     ignore whether service is enabled.
 37 | #
 38 | #   CMD_<action>=<command> - contains the systemctl unit-command for <service>
 39 | #     applied in response to interface <action>.  Additionally, the following
 40 | #     aliases may be used for <command>:
 41 | #
 42 | #        on   - reload-or-restart
 43 | #        off  - stop
 44 | #        noop - <no action>
 45 | #
 46 | #   STATE_FILE=<filename> - file created containing value of RESTART_<action>
 47 | #     before service command, and removed if STOP_<action> has value
 48 | #     (may be used for conditional multi-interface service starts on boot).
 49 | #
 50 | #   RESTART_<action>=<data> - contents of STATE_FILE created on <action>.
 51 | #     Additionally, if CMD_<action> is unset/empty, the default service
 52 | #     command "on" is applied (use "noop" for no action)
 53 | #
 54 | #   STOP_<action>=<anything> - Any value causes STATE_FILE to be
 55 | #     removed on <action>.  Additionally, if CMD_<action> is unset/empty,
 56 | #     the default service command "off" is applied ("noop" for no action).
 57 | #
 58 | # shellcheck disable=SC1090,SC2317
 59 | interface=${1-}
 60 | action=${2-}
 61 | 
 62 | # set NMUTILS early, and allow environment to override
 63 | NMUTILS=${NMUTILS:-/etc/nmutils}
 64 | SYSTEMCTL=${SYSTEMCTL:-systemctl}
 65 | 
 66 | ########## SCRIPT START
 67 | 
 68 | NMG_TAG=${NMG_TAG-nm-ifa}
 69 | NMG_REQUIRED="1.7.0"
 70 | 
 71 | # load general-functions
 72 | NMG=${NMG:-${NMUTILS}/general-functions}
 73 | { [[ -r ${NMG} ]] && . "${NMG}"; } || {
 74 |   echo 1>&2 "Unable to load $NMG" && exit 2; }
 75 | 
 76 | [[ ${NMG_VERSION} ]] || {
 77 |   nmg_err "${0##*/} requires NMG ${NMG_REQUIRED}"; exit 2; }
 78 | 
 79 | # IFA_CONFIG_PAT must include @ORDER@, @SERVICE@ and @INTERFACE@
 80 | IFA_CONFIG_PAT="${IFA_CONFIG_PAT:-${NMCONF}/ifa@ORDER@-@SERVICE@-@INTERFACE@.conf}"
 81 | 
 82 | svc_action() {
 83 |   # <command> <restart-value> <stop-value>
 84 |   local command=$1 restart=$2 stop=$3 type
 85 | 
 86 |   # create any restart file
 87 |   [[ ${STATE_FILE-} ]] && {
 88 |     if [[ ${restart} ]]; then
 89 |       nmg_write "${STATE_FILE}" "${restart}"
 90 |     elif [[ ${stop} ]]; then
 91 |       [[ -f ${STATE_FILE} ]] && nmg_remove "${STATE_FILE}"
 92 |     fi
 93 |   }
 94 | 
 95 |   [[ ${command} ]] || {
 96 |     # get default command
 97 |     if [[ ${restart} ]]; then
 98 |       command=on
 99 |     elif [[ ${stop} ]]; then
100 |       command=off
101 |     fi
102 |   }
103 | 
104 |   # map aliases
105 |   case ${command} in
106 |     ''|noop) return 0 ;;
107 |     on) command=reload-or-restart ;;
108 |     off) command=stop ;;
109 |   esac
110 | 
111 |   case ${command} in
112 |     start|reload|restart|try-restart|reload-or-restart|try-reload-or-restart)
113 |       if [[ ${IGNORE_ENABLED-} ]]; then
114 |         nmg::saferun type "nolog" "${SYSTEMCTL}" show --property Type \
115 |                      "${SVC_UNIT}" || :
116 |         [[ ${type#Type=} ]] || return 0
117 |       else
118 |         nmg::saferun "" "nolog" "${SYSTEMCTL}" -q is-enabled "${SVC_UNIT}" ||
119 |           return 0
120 |       fi
121 |       ;;
122 |     stop)
123 |       nmg::saferun "" "nolog" "${SYSTEMCTL}" -q is-active "${SVC_UNIT}" ||
124 |         return 0
125 |       ;;
126 |   esac
127 | 
128 |   nmg_info "Interface ${interface} ${action}: ${command} ${SVC_UNIT}"
129 | 
130 |   nmg_cmd "${SYSTEMCTL}" "${command}" "${SVC_UNIT}" || :
131 | }
132 | 
133 | read_ifa_config() {
134 |   # <file>
135 |   local file=$1
136 | 
137 |   unset CMD_UP CMD_DOWN CMD_PRE_DOWN CMD_CHANGE CMD_CHANGE6
138 |   unset RESTART_UP RESTART_DOWN RESTART_PRE_DOWN RESTART_CHANGE RESTART_CHANGE6
139 |   unset STOP_UP STOP_DOWN STOP_PRE_DOWN STOP_CHANGE STOP_CHANGE6
140 |   unset STATE_FILE IGNORE_ENABLED
141 | 
142 |   nmg_read_config "${file}"
143 | }
144 | 
145 | handle_config() {
146 |   read_ifa_config "${SVC_CONFIG}" || return 0
147 | 
148 |   nmg_need_progs_env SYSTEMCTL || return 0
149 | 
150 |   case "${action}" in
151 |     up)
152 |       svc_action "${CMD_UP-}" "${RESTART_UP-}" "${STOP_UP-}"
153 |       ;;
154 |     down)
155 |       svc_action "${CMD_DOWN-}" "${RESTART_DOWN-}" "${STOP_DOWN-}"
156 |       ;;
157 |     pre-down)
158 |       svc_action "${CMD_PRE_DOWN-}" "${RESTART_PRE_DOWN-}" "${STOP_PRE_DOWN-}"
159 |       ;;
160 |     dhcp4-change)
161 |       svc_action "${CMD_CHANGE-}" "${RESTART_CHANGE-}" "${STOP_CHANGE-}"
162 |       ;;
163 |     dhcp6-change)
164 |       svc_action "${CMD_CHANGE6-}" "${RESTART_CHANGE6-}" "${STOP_CHANGE6-}"
165 |       ;;
166 |   esac
167 | }
168 | 
169 | handle_ifd() {
170 |   SVC_CONFIG="${NMCONF}/${IFD_CONFIG}"
171 |   SVC_UNIT=${IFD_UNIT}
172 |   handle_config
173 | }
174 | 
175 | handle_match() {
176 |   # <file> ##-<service>
177 |   local SVC_CONFIG=$1 service=$2
178 | 
179 |   # check dispatcher name format for ##-ifd-service
180 |   [[ ${service} =~ ^[0-9][0-9]-(.+)$ ]] || {
181 |     nmg_err "Invalid interface-action config name: ${SVC_CONFIG}" && return 0
182 |   }
183 |   # used in svc_action
184 |   local SVC_UNIT=${service#*-}
185 | 
186 |   handle_config
187 | }
188 | 
189 | handle_action() {
190 |   nmg::foreach_filematch "${IFA_CONFIG_PAT//@INTERFACE@/${interface}}" \
191 |                          "@ORDER@-@SERVICE@" handle_match "${interface}"
192 | }
193 | 
194 | if [[ ${IFD_CONFIG} && ${IFD_UNIT} ]]; then
195 |   # dispatcher_action sourced us
196 |   handle_ifd
197 | elif [[ ${interface} && ${action} ]]; then
198 |   handle_action
199 | fi
200 | 
201 | exit 0
202 | 


--------------------------------------------------------------------------------
/meson.build:
--------------------------------------------------------------------------------
  1 | # SPDX-License-Identifier: LGPL-3.0-or-later
  2 | 
  3 | #meson setup --prefix=/usr -Dpkg=true build
  4 | #meson install --destdir=destdir -C build
  5 | 
  6 | project('nmutils', version: '20250418', license: 'GPL-3.0-or-later',
  7 | 	default_options: [ 'sysconfdir=/etc' ],
  8 | 	meson_version: '>=0.62.0') # test() verbose
  9 | 
 10 | # get options
 11 | nm_prefix = get_option('prefix')
 12 | nm_name = meson.project_name()
 13 | nm_sysconfdir = nm_prefix / get_option('sysconfdir')
 14 | nm_unitdir = get_option('unitdir')
 15 | nm_rundir = get_option('runstatedir')
 16 | nm_selinuxtype = get_option('selinuxtype')
 17 | nm_datadir = nm_prefix / get_option('datadir')
 18 | nm_nmlibdir = get_option('nmlibdir')
 19 | nm_ispkg = get_option('pkg')
 20 | 
 21 | # get auto SELinux from config
 22 | seconfig = '/etc/selinux/config'
 23 | semake = '/usr/share/selinux/devel/Makefile'
 24 | 
 25 | sed_cmd = find_program('sed')
 26 | fs = import('fs')
 27 | 
 28 | if nm_nmlibdir == ''
 29 |   if fs.is_dir(nm_prefix / 'lib/NetworkManager/dispatcher.d')
 30 |     nm_nmlibdir = nm_prefix / 'lib'
 31 |   else
 32 |     nm_nmlibdir = '/usr/lib'
 33 |   endif
 34 | endif
 35 | 
 36 | if nm_ispkg
 37 |   nm_pkgconfdir = nm_sysconfdir / nm_name
 38 | else
 39 |   nm_pkgconfdir = nm_sysconfdir / nm_name / 'conf'
 40 | endif
 41 | 
 42 | # systemd units may be disabled with -Dunitdir=no
 43 | install_units = (nm_unitdir != '')
 44 | if install_units and nm_unitdir == 'auto'
 45 |   if nm_ispkg
 46 |     systemd_dep = dependency('systemd', method: 'pkg-config', required: false)
 47 |     if systemd_dep.found()
 48 |       nm_unitdir = systemd_dep.get_variable(pkgconfig: 'systemdsystemunitdir')
 49 |     elif fs.is_dir('/usr/lib/systemd/system')
 50 |       nm_unitdir = '/usr/lib/systemd/system'
 51 |     endif
 52 |   elif fs.is_dir('/etc/systemd/system')
 53 |     nm_unitdir = '/etc/systemd/system'
 54 |   endif
 55 |   install_units = (nm_unitdir != 'auto')
 56 | endif
 57 | 
 58 | install_selinux = (nm_selinuxtype != '')
 59 | if install_selinux and nm_selinuxtype == 'auto'
 60 |   nm_selinuxtype = ''
 61 |   if fs.is_file(seconfig) and fs.is_file(semake)
 62 |     seconfig_type = run_command(sed_cmd, '-E', '-n',
 63 | 				'/^SELINUXTYPE=(.*)$/{s//\\1/p;q;}', seconfig,
 64 | 				check: true)
 65 |     nm_selinuxtype = seconfig_type.stdout().strip()
 66 |   endif
 67 |   install_selinux = (nm_selinuxtype != '')
 68 | endif
 69 | 
 70 | if install_selinux
 71 |   if nm_ispkg
 72 |     sepkgdir = nm_datadir / 'selinux/packages' / nm_selinuxtype
 73 |   else
 74 |     sepkgdir = '/etc/selinux' / nm_selinuxtype / 'packages'
 75 |   endif
 76 |   assert(fs.is_file(semake),
 77 | 	 'selinuxtype set, but selinux-policy-devel package not installed')
 78 | endif
 79 | 
 80 | # packages have different locations for scripts
 81 | if nm_ispkg
 82 |   nm_pkglibdir = nm_nmlibdir / 'NetworkManager/dispatcher.d'
 83 |   nm_pkgdatadir = nm_datadir / nm_name
 84 | else
 85 |   nm_pkglibdir = nm_sysconfdir / 'NetworkManager/dispatcher.d'
 86 |   nm_pkgdatadir = nm_sysconfdir / nm_name
 87 | endif
 88 | 
 89 | install_sets = [
 90 |   [
 91 |     'etc/nmutils',
 92 |     nm_pkgdatadir,
 93 |     'rw-r--r--',
 94 |     [
 95 |       'general-functions',
 96 |       'ddns-functions',
 97 |       'ipv6_utils.sh',
 98 |       'dispatcher_action',
 99 |     ]
100 |   ],
101 |   [
102 |     'etc/NetworkManager/dispatcher.d',
103 |     nm_pkglibdir,
104 |     'rwxr-xr-x',
105 |     [
106 |       '08-ipv6-prefix',
107 |       '09-ddns',
108 |       '90-transmission',
109 |       '95-radvd-gen',
110 |       '96-interface-action',
111 |     ]
112 |   ],
113 | ]
114 | 
115 | if install_units
116 |   install_sets += [
117 |     [
118 |       'etc/systemd/system',
119 |       nm_unitdir,
120 |       'rw-r--r--',
121 |       [
122 | 	'ddns-onboot@.service',
123 | 	'ddns-onboot@.timer',
124 |       ],
125 |     ],
126 |   ]
127 | endif
128 | 
129 | patch_cmd = [
130 |   sed_cmd, '-e', 's|/etc/nmutils|' + nm_pkgdatadir + '|g',
131 |   '-e', 's|' + nm_pkgdatadir + '/conf|' + nm_pkgconfdir + '|g',
132 |   '-e', 's|/etc/NetworkManager|' + nm_sysconfdir + '/NetworkManager|g',
133 |   '-e', 's|' + nm_sysconfdir + '/NetworkManager/dispatcher.d|' +
134 | 	nm_pkglibdir + '|g',
135 |   '-e', 's|' + nm_pkglibdir + '/##-ifd|' + nm_sysconfdir +
136 | 	'/NetworkManager/dispatcher.d/##-ifd' + '|g',
137 |   '-e', 's|/run/|' + nm_rundir + '/|g',
138 |   '@INPUT@',
139 | ]
140 | 
141 | sepatch_cmd = [
142 |   sed_cmd,
143 |   '-e', 's|^/usr/lib/|' + nm_nmlibdir + '/|g',
144 |   '-e', 's|^/etc/|' + nm_sysconfdir + '/|g',
145 |   '@INPUT@',
146 | ]
147 | 
148 | selinux_files =  [
149 |   'nmutils.fc',
150 |   'nmutils.te',
151 | ]
152 | #
153 | # INSTALL
154 | #
155 | foreach p: install_sets
156 |   foreach tgt: p[3]
157 |     custom_target(command: patch_cmd, capture: true, input: p[0] / tgt,
158 | 		  output: tgt, install: true, install_dir: p[1],
159 | 		  install_mode: p[2], install_tag: 'base')
160 |   endforeach
161 | endforeach
162 | 
163 | install_emptydir(nm_pkgconfdir, install_tag: 'base')
164 | predown_symlinks = [
165 |   '08-ipv6-prefix',
166 |   '96-interface-action',
167 | ]
168 | foreach p: predown_symlinks
169 |   install_symlink(p, install_dir: nm_pkglibdir / 'pre-down.d',
170 | 		  install_tag: 'base', pointing_to: '..' / p)
171 | endforeach
172 | 
173 | if install_selinux
174 | 
175 |   sedeps = []
176 |   foreach p: selinux_files
177 |     sedeps += custom_target(command: sepatch_cmd, capture: true,
178 | 			    input: 'selinux' / p, output: p)
179 |   endforeach
180 | 
181 |   custom_target(command: [ find_program('make'), '-f',
182 | 			   meson.current_source_dir() / 'selinux/GNUmakefile',
183 | 			   'VPATH=.', 'nmutils.pp.bz2' ],
184 | 		depends: sedeps, output: 'nmutils.pp.bz2', install: true,
185 | 		install_dir: sepkgdir, install_tag: 'selinux')
186 |   meson.add_install_script(find_program('semodule'), '-s', nm_selinuxtype,
187 | 			   '-i', sepkgdir / 'nmutils.pp.bz2',
188 | 			   install_tag: 'selinux', skip_if_destdir: true)
189 | endif
190 | 
191 | #
192 | # TESTS
193 | #
194 | testdir = meson.current_source_dir() / 'test'
195 | builddir = meson.current_build_dir()
196 | 
197 | test_files = [
198 |   'general-test',
199 |   'ddns-test',
200 |   'nm-ddns-test',
201 |   'ipv6-prefix-addr-test',
202 |   'ipv6-prefix-nm-test',
203 |   'ipv6-prefix-dhclient-test',
204 |   'ipv6-prefix-dhcpcd-test',
205 | ]
206 | 
207 | test_env = [
208 |   'TEST_NMUTILS=' + builddir,
209 |   'TEST_NMDIR=' + builddir,
210 |   'TEST_OUT=' + builddir / 'results',
211 |   'TEST_RUNDIR=' + builddir / 'run/nmutils',
212 | ]
213 | 
214 | foreach p: test_files
215 |   test(p, find_program(p, dirs: testdir), args: [ 'strict', 'verbose' ],
216 |        env: test_env, is_parallel: false, verbose: true, workdir: testdir)
217 | endforeach
218 | 
219 | radvd_tests = [
220 |   'radvd-test-1',
221 |   'radvd-test-2',
222 |   'radvd-test-3',
223 |   'radvd-test-4',
224 | ]
225 | 
226 | make_cmd = find_program('make')
227 | foreach p: radvd_tests
228 |   test(p, make_cmd, args: [ p ], env: test_env, is_parallel: false,
229 |        workdir: testdir)
230 | endforeach
231 | 


--------------------------------------------------------------------------------
/test/conf/xtest_setup:
--------------------------------------------------------------------------------
  1 | # -*- mode: sh; sh-shell: bash; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
  2 | # vim:set ft=sh et sw=2 ts=2:
  3 | # SPDX-License-Identifier: LGPL-3.0-or-later
  4 | #
  5 | # Copyright (C) 2021-24 Scott Shambarger
  6 | #
  7 | # xtest_setup v1.2.2 - shtest suite in a box
  8 | # Author: Scott Shambarger <devel@shambarger.net>
  9 | #
 10 | # Instructions to use:
 11 | #
 12 | #   Place this file in same directory as shtest_setup, and source
 13 | #   it from your test script.
 14 | #
 15 | #   Define your tests in functions named: 'xtest::group<#>::<name>'
 16 | #   where <name> is available for running a group of tests,
 17 | #   and group<#> orders the tests when run.  All xtest::group* functions
 18 | #   are whitelisted so functions can fail in them in strict mode.
 19 | #
 20 | #   As handling traps is "tricky", functions named 'xtest::onexit*'
 21 | #   which will be called if xtest::run_tests does not complete
 22 | #   (eg. premature exit in a test)
 23 | #
 24 | #   Register files, setup global whitelists etc, and then call
 25 | #   'xtest::run_tests' to do all the work
 26 | #
 27 | # Provides:
 28 | #
 29 | #   xtest::err <msg>
 30 | #
 31 | #     Echo to stderr
 32 | #
 33 | #   xtest::fail <msg>
 34 | #
 35 | #     Echo err and exit 1
 36 | #
 37 | #   xtest::no_env_tests
 38 | #
 39 | #     Call to disable default environment tests
 40 | #
 41 | #   xtest::run_tests <title> [ <args> ]
 42 | #
 43 | #     Parses command-line <args>, runs requested tests and creates
 44 | #     summary report with <title>, and resets.
 45 | #
 46 | #   xtest::parse_options [ <args> ]
 47 | #
 48 | #     Parses command-line <args> for logging modes/strict flags
 49 | #
 50 | # Shortcuts:
 51 | #
 52 | #   xtest::reg_test <id> <expect1> <desc> =>
 53 | #                  shtest::check_reg_files <id> <desc> <expect1>
 54 | #
 55 | #     Checks <expect1> against 1st registered file, others expected
 56 | #     to be empty
 57 | #
 58 | #   xtest::reg_test2 <id> <log> <stderr/out> <desc> =>
 59 | #                  shtest::check_reg_files <id> <desc> <log> <stderr/out>
 60 | #
 61 | #     Checks <expect1> <expect2> against 1st/2nd registered files,
 62 | #     others expected to be empty.
 63 | #
 64 | # Aliases
 65 | #
 66 | #   xtest => shtest::check_result
 67 | #   vtest => shtest::check_var
 68 | #   atest => shtest::check_array
 69 | #   ltest => shtest::check_value
 70 | #   ftest => xtest::reg_test
 71 | #   ftest2 => xtest::reg_test2
 72 | #
 73 | # shellcheck shell=bash disable=SC1091,SC2034
 74 | 
 75 | _XTEST_ENV_TESTS=1
 76 | 
 77 | xtest::err() {
 78 |   echo >&2 "$*"
 79 | }
 80 | 
 81 | xtest::fail() {
 82 |   xtest::err "$*"
 83 |   exit 1
 84 | }
 85 | 
 86 | . "${BASH_SOURCE[0]%/*}/shtest_setup" ||
 87 |   xtest::fail "Unable to source shtest_setup"
 88 | 
 89 | xtest::reg_test() { # <id> <ref> <desc>
 90 |   # LOG matches <ref>, ERR should be empty...
 91 |   shtest::check_reg_files "${1-}" "${3-}" "${2-}"
 92 | }
 93 | 
 94 | xtest::reg_test2() { # <id> <ref> <stderr/out> <desc>
 95 |   # LOG matches <ref>, ERR matches <err>
 96 |   shtest::check_reg_files "${1-}" "${4-}" "${2-}" "${3-}"
 97 | }
 98 | 
 99 | # make tests easier to add
100 | shopt -s expand_aliases
101 | alias xtest='shtest::check_result'
102 | alias vtest='shtest::check_var'
103 | alias atest='shtest::check_array'
104 | alias ltest='shtest::check_value'
105 | alias ftest='xtest::reg_test'
106 | alias ftest2='xtest::reg_test2'
107 | 
108 | xtest::_usage() { # <modes>
109 |   local mode modes=()
110 |   xtest::err "Usage: ${0##*/} <options>"
111 |   xtest::err "  <options> include:"
112 |   xtest::err "    help - show help"
113 |   xtest::err "    verbose - always show test descriptions"
114 |   xtest::err "    quiet - show summary only"
115 |   xtest::err "    strict - enable -eEu bash option"
116 |   xtest::err "    trace - enable backtrace on error"
117 |   xtest::err "    all - run all tests (default)"
118 |   xtest::err "    +<id/pattern> - show test <id/pattern(*|?)> (may be repeated)"
119 |   for mode in "$@"; do modes+=("${mode#xtest::group*::}"); done
120 |   xtest::err "    ${modes[*]} - include these groups"
121 |   shtest::cleanup
122 |   exit 1
123 | }
124 | 
125 | xtest::parse_options() { # <args>...
126 |   local arg
127 | 
128 |   for arg in "$@"; do
129 |     case ${arg} in
130 |       strict)
131 |         shtest::strict
132 |         shtest::global_whitelist "xtest::group*"
133 |         ;;
134 |       trace) shtest::trace ;;
135 |       verbose) shtest::verbose ;;
136 |       quiet) shtest::quiet ;;
137 |       help) xtest::_parse_args _help ;;
138 |     esac
139 |   done
140 |   return 0
141 | }
142 | 
143 | # sets _reqs, _all
144 | xtest::_parse_args() { # <args>...
145 |   local _arg IFS; unset IFS
146 | 
147 |   { read -r -a _all -d '' || :; } \
148 |     <<< "$(compgen -A function xtest::group | command -p sort)"
149 | 
150 |   xtest::parse_options "$@"
151 | 
152 |   for _arg in "$@"; do
153 |     if [[ "${_all[*]}" =~ (^| )(xtest::group.::"$_arg")($| ) ]]; then
154 |       _reqs+=("${BASH_REMATCH[2]}")
155 |     else
156 |       case ${_arg} in
157 |         strict|trace|verbose|quiet|all) : ;;
158 |         +*)
159 |           _arg=${_arg#+}; [[ ${_arg} ]] || xtest::_usage "${_all[@]}"
160 |           shtest::add_focus "${_arg}"
161 |           ;;
162 |         _help)
163 |           xtest::_usage "${_all[@]}"
164 |           ;;
165 |         *)
166 |           xtest::err "Unknown option: ${_arg}"
167 |           xtest::_usage "${_all[@]}"
168 |           ;;
169 |       esac
170 |     fi
171 |   done
172 | 
173 |   return 0
174 | }
175 | 
176 | xtest::no_env_tests() {
177 |   _XTEST_ENV_TESTS=''
178 | }
179 | 
180 | xtest::_prerun() {
181 |   local cmd clist=() IFS; unset IFS
182 |   { read -r -a clist -d '' || :; } <<< "$(compgen -A function xtest::onexit || :)"
183 |   for cmd in ${clist[@]+"${clist[@]}"}; do
184 |     shtest::add_onexit "${cmd}"
185 |   done
186 |   return 0
187 | }
188 | 
189 | xtest::_postrun() {
190 |   local cmd clist=() IFS; unset IFS
191 |   { read -r -a clist -d '' || :; } <<< "$(compgen -A function xtest::onexit || :)"
192 |   for cmd in ${clist[@]+"${clist[@]}"}; do
193 |     shtest::remove_onexit "${cmd}"
194 |   done
195 |   return 0
196 | }
197 | 
198 | xtest::run_tests() { # <title> <args>...
199 |   local _xtest_title=${1-} _xtest_env _xtest_cmd _all _reqs=()
200 |   shift || set --
201 | 
202 |   xtest::_parse_args "$@"
203 | 
204 |   xtest::_prerun
205 | 
206 |   # minimal environment
207 |   set -- "${_reqs[@]:-${_all[@]}}"
208 |   unset _reqs _all
209 | 
210 |   for _xtest_cmd in "$@"; do
211 |     [[ ${_XTEST_ENV_TESTS} ]] && shtest::save_env _xtest_env
212 |     "${_xtest_cmd}"
213 |     shtest::prefix
214 |     [[ ${_XTEST_ENV_TESTS} ]] && {
215 |       shtest::check_env "env-${_xtest_cmd##*:}" \
216 |                         _xtest_env "check config environment"
217 |     }
218 |   done
219 | 
220 |   xtest::_postrun
221 | 
222 |   local rc=0
223 |   shtest::summary_report "${_xtest_title}" || {
224 |     rc=$?
225 |     shtest::log "To display one test, use \"+<id/pattern>\" (repeatable)"
226 |   }
227 | 
228 |   shtest::reset
229 | 
230 |   return ${rc}
231 | }
232 | 


--------------------------------------------------------------------------------
/test/bin/dig-mock:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
  3 | # vim:set ft=sh et sw=2 ts=2:
  4 | # SPDX-License-Identifier: GPL-3.0-or-later
  5 | #
  6 | # Copyright (C) 2021 Scott Shambarger
  7 | #
  8 | # dig-mock - dig command replacement for testing
  9 | # Author: Scott Shambarger <devel@shambarger.net>
 10 | #
 11 | VERSION=0.3.1
 12 | 
 13 | VERBOSE='' RREC='' HOSTS=() BRIEF='' SERVER='' HEADER=''
 14 | 
 15 | # default name state file
 16 | DIG_MOCK_NAMES=${DIG_MOCK_NAMES:-conf/dig-mock-names}
 17 | 
 18 | # used to trigger failure
 19 | DIG_MOCK_FAIL=${DIG_MOCK_FAIL-}
 20 | 
 21 | err() {
 22 |   local IFS; unset IFS
 23 |   printf >&2 "%s\n" "$*"
 24 | }
 25 | 
 26 | fail() {
 27 |   local -i rc=0
 28 |   [[ $1 != 0 ]] && { printf 2>/dev/null -v rc "%d" "$1" || rc=1; }
 29 |   shift
 30 |   [[ $1 ]] && { if [[ $rc == 0 ]]; then echo "$@"; else err "$@"; fi; }
 31 |   exit "$rc"
 32 | }
 33 | 
 34 | verbose() { [[ $VERBOSE ]] && err "$@"; }
 35 | 
 36 | usage() {
 37 |   echo "Usage: ${0##*/} [@server] [q-type] {q-opt} host"
 38 |   echo "Where: q-type  is one of (a,aaaa,ns,...)"
 39 |   echo "       q-opt is one of:"
 40 |   echo "             -q name (specify query name)"
 41 |   echo "             -t type (specify query type)"
 42 |   echo "             -<any>  (Ignored)"
 43 |   echo "             +short  (Display only short form of answer)"
 44 |   echo "             +<any>  (Ignored)"
 45 |   echo "       @server       (only match entries for \$SERVER)"
 46 |   echo "       -d            (show debug messages)"
 47 |   echo "       -h            (print help and exit)"
 48 |   echo "       -v            (print version and exit)"
 49 |   echo "       +fail[=rc]    (mock failure)"
 50 |   echo "All matches done against \"${DIG_MOCK_NAMES}\""
 51 | }
 52 | 
 53 | # inspired by https://stackoverflow.com/a/51573758/14179001
 54 | caseadj() { # <retvar> <string> <from> <to>
 55 |   local _r="${2-}" _i
 56 |   for ((_i=0; _i<${#3}; _i++)); do _r=${_r//${3:$_i:1}/${4:$_i:1}}; done
 57 |   printf -v "$1" "%s" "$_r"
 58 | }
 59 | lowercase() { # <retvar> <string>
 60 |   caseadj "$1" "${2-}" "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz"
 61 | }
 62 | uppercase() { # <retvar> <string>
 63 |   caseadj "$1" "${2-}" "abcdefghijklmnopqrstuvwxyz" "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
 64 | }
 65 | 
 66 | display_item() { # <fqdn> <ttl> <rrec> <value>
 67 |   local IFS; unset IFS
 68 |   printf "%-23s %-7d IN      %-7s %s\n" "${1%.}." "${@:2:3}"
 69 | }
 70 | 
 71 | display_header() { # answer
 72 |   [[ ${HEADER} || ${BRIEF} ]] && return 0
 73 |   HEADER=${1:-ANSWER}
 74 |   echo "; <<>> DiG-mock ${VERSION} <<>> ${ARGS}"
 75 |   echo ";; global options: +cmd"
 76 | 
 77 |   echo ";; QUESTION SECTION:"
 78 |   display_item ";${HOST}" "" "${RREC}"
 79 |   echo
 80 |   echo ";; ${HEADER} SECTION:"
 81 | }
 82 | 
 83 | display_result() { # <fqdn> <ttl> <rrec> <value>
 84 |   [[ ${BRIEF} ]] && { echo "$4"; return 0; }
 85 |   display_header
 86 |   display_item "$@"
 87 | }
 88 | 
 89 | display_nxdomain() {
 90 |   local host domain
 91 |   [[ ${BRIEF} ]] && return 0
 92 |   display_header "AUTHORITY"
 93 |   if [[ ${HOST} =~ [^.]+\..+$ ]]; then
 94 |     host=${HOST%.*.*}
 95 |   else
 96 |     host=${HOST%.*}
 97 |   fi
 98 |   domain=${HOST#"${host}".}
 99 |   display_item "${domain}" 10800 SOA "a.root-servers.net."
100 | }
101 | 
102 | match_query() { # <server> <fqdn> <ttl> <rrec> <value>
103 |   local server=$1 fqdn=$2 rrec=$4
104 | 
105 |   verbose "matching" "$@"
106 |   [[ ${SERVER} && ${server} ]] && {
107 |     [[ ${SERVER} == "${server}" ]] || return 1; }
108 |   shift
109 |   [[ ${RREC} == "${rrec}" ]] || return 1
110 |   [[ ${HOST} == "${fqdn}" ]] || return 1
111 |   display_result "$@"
112 | }
113 | 
114 | # Name state file format:
115 | #   $SERVER <server>
116 | #   $ORIGIN <domain>
117 | #   $TTL <secs>
118 | #   [ <name> ] <rrec> <value>
119 | 
120 | do_query() { # <filename>
121 |   local file=$1 IFS='' line found='' ttl=3600 lineno=0
122 |   local name='' rrec='' domain='' server='' value=''
123 | 
124 |   [[ -f ${file} ]] || fail 1 "State file $file not found"
125 | 
126 |   while read -r line || [[ ${line} ]]; do
127 |     ((lineno++)) || :
128 |     [[ ${line} =~ ^# ]] && continue
129 |     unset IFS
130 |     # shellcheck disable=SC2086
131 |     set -- $line
132 |     IFS=''
133 |     if [[ ${3-} ]] && ! [[ ${line} =~ ^[[:space:]] ]]; then
134 |       # <name> <rrec> <value>
135 |       lowercase name "$1"
136 |       uppercase rrec "$2"
137 |       unset IFS; value=${*:3}; IFS=''
138 |     elif [[ ${2-} ]]; then
139 |       case $1 in
140 |         \$ORIGIN) lowercase domain "${2%.}" ;;
141 |         \$SERVER) lowercase server "@$2" ;;
142 |         \$TTL) ttl=$2 ;;
143 |         *)
144 |           [[ ${name} ]] || fail 1 "State file ${file}#${lineno}: missing <name>"
145 |           uppercase rrec "$1"
146 |           unset IFS; value=${*:2}; IFS=''
147 |           ;;
148 |       esac
149 |     elif [[ ${1-} ]]; then
150 |       fail 1 "State file ${file}#${lineno}: invalid format"
151 |     fi
152 |     [[ ${name} && ${rrec} && ${value} ]] && {
153 |       # always return lowercase AAAA
154 |       [[ ${rrec} == "AAAA" ]] && lowercase value "${value}"
155 |       match_query "${server}" "${name}${domain:+.${domain}}" \
156 |                   "${ttl}" "${rrec}" "${value}" && found=1
157 |       value=''
158 |     }
159 |   done < "${file}"
160 |   [[ ${found} ]] || display_nxdomain
161 |   return 0
162 | }
163 | 
164 | is_rrec() { # <arg>
165 |   local rrec
166 |   uppercase rrec "$1"
167 |   case ${rrec} in
168 |     A|AAAA|NS|SOA|CNAME|MX|HINFO|MINFO|TXT|PTR) return 0 ;;
169 |   esac
170 |   return 1
171 | }
172 | 
173 | parse_args() {
174 |   local arg nextarg='' IFS; unset IFS
175 |   ARGS="$*" # keep for header
176 |   for arg in "$@"; do
177 |     [[ ${arg} ]] || err "dig: '' is not a legal name (unexpected end of input)"
178 |     [[ ${nextarg} ]] && {
179 |       case ${nextarg} in
180 |         RREC) if is_rrec "${arg}"; then
181 |                 uppercase RREC "${arg}"
182 |               else
183 |                 err ";; Warning, ignoring invalid type $arg"
184 |               fi ;;
185 |         HOST)
186 |           lowercase arg "${arg%.}."
187 |           HOSTS+=("${arg}") ;;
188 |       esac
189 |       nextarg=''
190 |       continue
191 |     }
192 |     case ${arg} in
193 |       -d) VERBOSE=1 ;;
194 |       -h) usage; exit 0 ;;
195 |       -q) nextarg=HOST ;;
196 |       -t) nextarg=RREC ;;
197 |       -v) err "${0##*/} ${VERSION}"; exit 0 ;;
198 |       +short) BRIEF=1 ;;
199 |       +fail=*) DIG_MOCK_FAIL=${arg#+fail=} ;;
200 |       +fail) DIG_MOCK_FAIL=1 ;;
201 |       +*|-*) : ;;
202 |       @*) lowercase SERVER "${arg}" ;;
203 |       *)
204 |         if is_rrec "${arg}"; then
205 |           uppercase RREC "${arg}"
206 |         else
207 |           lowercase arg "${arg%.}"
208 |           HOSTS+=("${arg}")
209 |         fi ;;
210 |     esac
211 |   done
212 |   [[ ${#HOSTS[*]} != 0 || ${RREC} ]] || RREC=NS
213 |   RREC=${RREC:-A}
214 |   [[ ${#HOSTS[*]} != 0 ]] || HOSTS=(".")
215 |   return 0
216 | }
217 | 
218 | [[ ${MOCK_DEBUG} ]] && { err "${0##*/}" "$@"; VERBOSE=1; }
219 | 
220 | parse_args "$@"
221 | 
222 | [[ ${DIG_MOCK_FAIL-} || ${DIG_MOCK_OUTPUT-} ]] && {
223 |   args='' arg=''; for arg in "$@"; do args+="${args:+ }'${arg}'"; done
224 |   fail "${DIG_MOCK_FAIL:-0}" \
225 |        "${DIG_MOCK_OUTPUT+${DIG_MOCK_OUTPUT/@ARGS@/${args}}}"
226 | }
227 | 
228 | verbose "Using state file: ${file}"
229 | 
230 | for HOST in "${HOSTS[@]}"; do
231 |   HEADER=''
232 |   verbose "looking up ${RREC} record ${HOST}"
233 |   do_query "${DIG_MOCK_NAMES}"
234 | done
235 | 


--------------------------------------------------------------------------------
/etc/NetworkManager/dispatcher.d/90-transmission:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
  3 | # vim:set ft=sh et sw=2 ts=2:
  4 | # SPDX-License-Identifier: GPL-3.0-or-later
  5 | #
  6 | # Copyright (C) 2015-2022 Scott Shambarger
  7 | #
  8 | # 90-transmission v1.1.2 - Transmission dispatcher script
  9 | # Author: Scott Shambarger <devel@shambarger.net>
 10 | #
 11 | # This script sets transmissions bind address to the public IP
 12 | # address of the desired interface (required until transmission supports
 13 | # binding to devices).  The script will update transmission's
 14 | # configuration and then start transmission on interface up,
 15 | # and stop transmission on interface down.
 16 | #
 17 | # Instructions for use:
 18 | #
 19 | #   Put this script in /etc/NetworkManager/dispatcher.d (or wherever
 20 | #   your distro has these files)
 21 | #
 22 | # Requires:
 23 | #
 24 | #   NMUTILS/general-functions - shared functions
 25 | #
 26 | # Global overrides (put in NMCONF/general.conf)
 27 | #
 28 | #   TR_CONFIG (default: NMCONF/transmission-${interface}.conf}) - existance
 29 | #     of this file identifies the interface transmission should bind to.
 30 | #
 31 | # Config settings (put in TR_CONFIG)
 32 | #
 33 | #   TR_STATE (default: /run/transmission-configured) - state file
 34 | #     created when transmission settings have been configured
 35 | #
 36 | #   TR_HOME (default: transmission user home directory)
 37 | #     default transmission user's home dir (used for default TR_SETTINGS)
 38 | #
 39 | #   TR_SETTINGS (default: "$TR_HOME/.config/transmission-daemon/settings.json")
 40 | #     default location of transmission settings file
 41 | #
 42 | #   TR_UNIT (default: transmission-daemon) - default transmission
 43 | #     systemd service name
 44 | #
 45 | #   TR_IGNORE_V4 (default: empty) - non-empty, ipv4 is ignored
 46 | #
 47 | #   TR_PRIVATE_V4 (default: empty) - non-empty, allow private ipv4 addrs
 48 | #
 49 | #   TR_IGNORE_V6 (default: empty) - non-empty, ipv6 is ignored
 50 | #
 51 | #   TR_PRIVATE_V6 (default: empty) - non-empty, allow private ipv6 addrs
 52 | #
 53 | # State file:
 54 | #
 55 | #   /run/transmission-configured
 56 | #
 57 | # shellcheck disable=SC1090
 58 | 
 59 | interface=$1
 60 | action=$2
 61 | 
 62 | # for logging
 63 | # shellcheck disable=SC2034
 64 | NMG_TAG="trans-cfg"
 65 | 
 66 | # set NMUTILS early, and allow environment to override
 67 | NMUTILS=${NMUTILS:-/etc/nmutils}
 68 | 
 69 | ########## State location
 70 | 
 71 | TR_STATE="/run/transmission-configured"
 72 | 
 73 | ########## Default paths
 74 | 
 75 | # Default transmission user's home dir
 76 | TR_HOME=~transmission
 77 | # Default transmission settings file
 78 | TR_SETTINGS="${TR_HOME}/.config/transmission-daemon/settings.json"
 79 | # Default transmission service name
 80 | TR_UNIT="transmission-daemon"
 81 | # default: no private ip
 82 | TR_PRIVATE_V4=''
 83 | TR_PRIVATE_V6=''
 84 | # default: don't ignore addrs
 85 | TR_IGNORE_V4=''
 86 | TR_IGNORE_V6=''
 87 | 
 88 | ########## SCRIPT START
 89 | 
 90 | # anything for us to do?
 91 | [[ ${interface} && ${action} ]] || exit 0
 92 | 
 93 | # load general-functions
 94 | NMG=${NMG:-${NMUTILS}/general-functions}
 95 | { [[ -r ${NMG} ]] && . "${NMG}"; } || {
 96 |   echo 1>&2 "Unable to load $NMG" && exit 2; }
 97 | 
 98 | ########## Config location default (if unset)
 99 | TR_CONFIG=${TR_CONFIG:-${NMCONF}/transmission-${interface}.conf}
100 | 
101 | # see if we're configured for this interface
102 | nmg_read_config "${TR_CONFIG}" || exit 0
103 | 
104 | # if no settings yet, bail
105 | [[ -w ${TR_SETTINGS} ]] || exit 0
106 | 
107 | function get_addr4() { # <varname>
108 | 
109 |   local idx vname addr priv_ok=''
110 | 
111 |   [[ ${IP4_NUM_ADDRESSES:-0} == 0 ]] && return 0
112 |   [[ ${TR_IGNORE_V4} ]] && return 0
113 |   [[ ${TR_PRIVATE_V4} ]] && priv_ok=1
114 | 
115 |   vname=$1
116 |   [[ ${!vname} ]] && return 0
117 | 
118 |   # choose first public address
119 |   for (( idx=0; idx < IP4_NUM_ADDRESSES; idx++ )); do
120 |     vname="IP4_ADDRESS_${idx}"
121 |     addr=${!vname%%/*}
122 |     # check addr (remove netmask and gateway)
123 |     nmg_check_ip4_addr "${addr}" "${priv_ok}" || continue
124 | 
125 |     if nmg::query_ips "" "nolog" 4 "${interface}" "^${addr}" \
126 |                       "scope global tentative"; then
127 |       nmg_debug "Address ${addr} still tentative"
128 |     elif nmg::query_ips "" "nolog" 4 "${interface}" "^${addr}" \
129 |                         "scope global"; then
130 |       nmg_debug "Selecting ${addr}"
131 |       printf -v "$1" "%s" "${addr}"
132 |       return 0
133 |     fi
134 |   done
135 | 
136 |   # still waiting...
137 |   return 1
138 | }
139 | 
140 | function get_addr6() { # <varname>
141 | 
142 |   local idx vname addr priv_ok=''
143 | 
144 |   [[ ${IP6_NUM_ADDRESSES:-0} == 0 ]] && return 0
145 |   [[ ${TR_IGNORE_V6} ]] && return 0
146 |   [[ ${TR_PRIVATE_V6} ]] && priv_ok=1
147 | 
148 |   # if addr selected... skip loop
149 |   vname=$1
150 |   [[ ${!vname} ]] && return 0
151 | 
152 |   # choose first allowed address
153 |   for (( idx=0; idx < IP6_NUM_ADDRESSES; idx++ )); do
154 |     vname="IP6_ADDRESS_${idx}"
155 |     addr=${!vname%%/*}
156 |     # check addr (remove netmask and gateway)
157 |     nmg_check_ip6_addr "${addr}" "${priv_ok}" || continue
158 | 
159 |     if nmg::query_ips "" "nolog" 6 "${interface}" "^${addr}" \
160 |                       "scope global tentative"; then
161 |       nmg_debug "Address ${addr} still tentative"
162 |     elif nmg::query_ips "" "nolog" 6 "${interface}" "^${addr}" \
163 |                         "scope global"; then
164 |       nmg_debug "Selecting ${addr}"
165 |       printf -v "$1" "%s" "${addr}"
166 |       return 0
167 |     fi
168 |   done
169 | 
170 |   # still waiting...
171 |   return 1
172 | }
173 | 
174 | function tr_stop() {
175 | 
176 |   # stop daemon (to write settings)
177 |   /bin/systemctl stop "${TR_UNIT}"
178 |   nmg_remove "${TR_STATE}"
179 | }
180 | 
181 | function tr_start() {
182 | 
183 |   local addr4='' addr6='' change=''
184 | 
185 |   /bin/systemctl 2>/dev/null -q is-enabled "${TR_UNIT}" || return 0
186 | 
187 |   # loop over all addresses until one passes DAD, or 2.5sec timeout
188 |   for (( cnt=0; cnt<=5; cnt++ )); do
189 |     # get addresses
190 |     [[ $cnt -ne 0 ]] && sleep 0.5
191 |     get_addr4 "addr4" && get_addr6 "addr6" && break
192 |   done
193 | 
194 |   [[ ${addr4} || ${addr6} ]] || return 0
195 | 
196 |   # check if any changes
197 |   if [[ ${addr4} ]]; then
198 |     grep -q "\"bind-address-ipv4\":[[:space:]]*\"${addr4}\"" "${TR_SETTINGS}" || change=1
199 |   fi
200 |   if [[ ${addr6} ]]; then
201 |     grep -q "\"bind-address-ipv6\":[[:space:]]*\"${addr6}\"" "${TR_SETTINGS}" || change=1
202 |   fi
203 | 
204 |   if [[ ${change} ]]; then
205 | 
206 |     nmg_debug "Updating settings and restarting daemon"
207 | 
208 |     # stop transmission so it doesn't overwrite setting changes
209 |     tr_stop
210 | 
211 |     # edit file in place
212 |     if [[ ${addr4} ]]; then
213 |       sed -i "s|\(.*\"bind-address-ipv4\":\).*|\1 \"${addr4}\",|" "${TR_SETTINGS}" || return 0
214 |     fi
215 |     if [[ ${addr6} ]]; then
216 |       sed -i "s|\(.*\"bind-address-ipv6\":\).*|\1 \"${addr6}\",|" "${TR_SETTINGS}" || return 0
217 |       if grep -q "\"rpc-bind-address\":[[:space:]]*\"0.0.0.0\"" "${TR_SETTINGS}"; then
218 |         # add rpc-bind-address=:: if 0.0.0.0 to enable ipv6
219 |         sed -i "s|\(.*\"rpc-bind-address\":\).*|\1 \"::\",|" "${TR_SETTINGS}" || return 0
220 |       fi
221 |     fi
222 |   fi
223 | 
224 |   nmg_write "${TR_STATE}"
225 |   /bin/systemctl start "${TR_UNIT}"
226 | }
227 | 
228 | nmg_debug "interface: ${interface} action: ${action}"
229 | 
230 | case "${action}" in
231 |   up|dhcp4-change|dhcp6-change) tr_start ;;
232 |   down) tr_stop ;;
233 | esac
234 | 


--------------------------------------------------------------------------------
/LICENSE.LGPLv3:
--------------------------------------------------------------------------------
  1 |                    GNU LESSER GENERAL PUBLIC LICENSE
  2 |                        Version 3, 29 June 2007
  3 | 
  4 |  Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
  5 |  Everyone is permitted to copy and distribute verbatim copies
  6 |  of this license document, but changing it is not allowed.
  7 | 
  8 | 
  9 |   This version of the GNU Lesser General Public License incorporates
 10 | the terms and conditions of version 3 of the GNU General Public
 11 | License, supplemented by the additional permissions listed below.
 12 | 
 13 |   0. Additional Definitions.
 14 | 
 15 |   As used herein, "this License" refers to version 3 of the GNU Lesser
 16 | General Public License, and the "GNU GPL" refers to version 3 of the GNU
 17 | General Public License.
 18 | 
 19 |   "The Library" refers to a covered work governed by this License,
 20 | other than an Application or a Combined Work as defined below.
 21 | 
 22 |   An "Application" is any work that makes use of an interface provided
 23 | by the Library, but which is not otherwise based on the Library.
 24 | Defining a subclass of a class defined by the Library is deemed a mode
 25 | of using an interface provided by the Library.
 26 | 
 27 |   A "Combined Work" is a work produced by combining or linking an
 28 | Application with the Library.  The particular version of the Library
 29 | with which the Combined Work was made is also called the "Linked
 30 | Version".
 31 | 
 32 |   The "Minimal Corresponding Source" for a Combined Work means the
 33 | Corresponding Source for the Combined Work, excluding any source code
 34 | for portions of the Combined Work that, considered in isolation, are
 35 | based on the Application, and not on the Linked Version.
 36 | 
 37 |   The "Corresponding Application Code" for a Combined Work means the
 38 | object code and/or source code for the Application, including any data
 39 | and utility programs needed for reproducing the Combined Work from the
 40 | Application, but excluding the System Libraries of the Combined Work.
 41 | 
 42 |   1. Exception to Section 3 of the GNU GPL.
 43 | 
 44 |   You may convey a covered work under sections 3 and 4 of this License
 45 | without being bound by section 3 of the GNU GPL.
 46 | 
 47 |   2. Conveying Modified Versions.
 48 | 
 49 |   If you modify a copy of the Library, and, in your modifications, a
 50 | facility refers to a function or data to be supplied by an Application
 51 | that uses the facility (other than as an argument passed when the
 52 | facility is invoked), then you may convey a copy of the modified
 53 | version:
 54 | 
 55 |    a) under this License, provided that you make a good faith effort to
 56 |    ensure that, in the event an Application does not supply the
 57 |    function or data, the facility still operates, and performs
 58 |    whatever part of its purpose remains meaningful, or
 59 | 
 60 |    b) under the GNU GPL, with none of the additional permissions of
 61 |    this License applicable to that copy.
 62 | 
 63 |   3. Object Code Incorporating Material from Library Header Files.
 64 | 
 65 |   The object code form of an Application may incorporate material from
 66 | a header file that is part of the Library.  You may convey such object
 67 | code under terms of your choice, provided that, if the incorporated
 68 | material is not limited to numerical parameters, data structure
 69 | layouts and accessors, or small macros, inline functions and templates
 70 | (ten or fewer lines in length), you do both of the following:
 71 | 
 72 |    a) Give prominent notice with each copy of the object code that the
 73 |    Library is used in it and that the Library and its use are
 74 |    covered by this License.
 75 | 
 76 |    b) Accompany the object code with a copy of the GNU GPL and this license
 77 |    document.
 78 | 
 79 |   4. Combined Works.
 80 | 
 81 |   You may convey a Combined Work under terms of your choice that,
 82 | taken together, effectively do not restrict modification of the
 83 | portions of the Library contained in the Combined Work and reverse
 84 | engineering for debugging such modifications, if you also do each of
 85 | the following:
 86 | 
 87 |    a) Give prominent notice with each copy of the Combined Work that
 88 |    the Library is used in it and that the Library and its use are
 89 |    covered by this License.
 90 | 
 91 |    b) Accompany the Combined Work with a copy of the GNU GPL and this license
 92 |    document.
 93 | 
 94 |    c) For a Combined Work that displays copyright notices during
 95 |    execution, include the copyright notice for the Library among
 96 |    these notices, as well as a reference directing the user to the
 97 |    copies of the GNU GPL and this license document.
 98 | 
 99 |    d) Do one of the following:
100 | 
101 |        0) Convey the Minimal Corresponding Source under the terms of this
102 |        License, and the Corresponding Application Code in a form
103 |        suitable for, and under terms that permit, the user to
104 |        recombine or relink the Application with a modified version of
105 |        the Linked Version to produce a modified Combined Work, in the
106 |        manner specified by section 6 of the GNU GPL for conveying
107 |        Corresponding Source.
108 | 
109 |        1) Use a suitable shared library mechanism for linking with the
110 |        Library.  A suitable mechanism is one that (a) uses at run time
111 |        a copy of the Library already present on the user's computer
112 |        system, and (b) will operate properly with a modified version
113 |        of the Library that is interface-compatible with the Linked
114 |        Version.
115 | 
116 |    e) Provide Installation Information, but only if you would otherwise
117 |    be required to provide such information under section 6 of the
118 |    GNU GPL, and only to the extent that such information is
119 |    necessary to install and execute a modified version of the
120 |    Combined Work produced by recombining or relinking the
121 |    Application with a modified version of the Linked Version. (If
122 |    you use option 4d0, the Installation Information must accompany
123 |    the Minimal Corresponding Source and Corresponding Application
124 |    Code. If you use option 4d1, you must provide the Installation
125 |    Information in the manner specified by section 6 of the GNU GPL
126 |    for conveying Corresponding Source.)
127 | 
128 |   5. Combined Libraries.
129 | 
130 |   You may place library facilities that are a work based on the
131 | Library side by side in a single library together with other library
132 | facilities that are not Applications and are not covered by this
133 | License, and convey such a combined library under terms of your
134 | choice, if you do both of the following:
135 | 
136 |    a) Accompany the combined library with a copy of the same work based
137 |    on the Library, uncombined with any other library facilities,
138 |    conveyed under the terms of this License.
139 | 
140 |    b) Give prominent notice with the combined library that part of it
141 |    is a work based on the Library, and explaining where to find the
142 |    accompanying uncombined form of the same work.
143 | 
144 |   6. Revised Versions of the GNU Lesser General Public License.
145 | 
146 |   The Free Software Foundation may publish revised and/or new versions
147 | of the GNU Lesser General Public License from time to time. Such new
148 | versions will be similar in spirit to the present version, but may
149 | differ in detail to address new problems or concerns.
150 | 
151 |   Each version is given a distinguishing version number. If the
152 | Library as you received it specifies that a certain numbered version
153 | of the GNU Lesser General Public License "or any later version"
154 | applies to it, you have the option of following the terms and
155 | conditions either of that published version or of any later version
156 | published by the Free Software Foundation. If the Library as you
157 | received it does not specify a version number of the GNU Lesser
158 | General Public License, you may choose any version of the GNU Lesser
159 | General Public License ever published by the Free Software Foundation.
160 | 
161 |   If the Library as you received it specifies that a proxy can decide
162 | whether future versions of the GNU Lesser General Public License shall
163 | apply, that proxy's public statement of acceptance of any version is
164 | permanent authorization for you to choose that version for the
165 | Library.
166 | 


--------------------------------------------------------------------------------
/etc/NetworkManager/dispatcher.d/09-ddns:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
  3 | # vim:set ft=sh et sw=2 ts=2:
  4 | # SPDX-License-Identifier: GPL-3.0-or-later
  5 | #
  6 | # Copyright (C) 2014-2025 Scott Shambarger
  7 | #
  8 | # 09-ddns v1.5.0 - NetworkManager dispatch for ipv4 Dynamic DNS updates
  9 | # Author: Scott Shambarger <devel@shambarger.net>
 10 | #
 11 | # Instructions for use:
 12 | #
 13 | #   Put this script in /etc/NetworkManager/dispatcher.d (or wherever
 14 | #   your distro has these files)
 15 | #
 16 | #   The settings are discussed in NMUTILS/ddns-functions.
 17 | #
 18 | #   NOTE: By default, A and AAAA records use the global addresses
 19 | #   on an interface (see DDNS_RREC_<rrec>_PRIVATE to also consider
 20 | #   private addresses), so only set DDNS_RREC_A_VALUE or
 21 | #   DDNS_RREC_AAAA_VALUE if you wish to overrides those values
 22 | #   with static ones.
 23 | #
 24 | # Requires:
 25 | #
 26 | #   NMUTILS/ddns-functions - dynamic DNS functions
 27 | #   NMUTILS/general-functions - shared functions
 28 | #
 29 | # External features:
 30 | #
 31 | #   This script may be used directly for a few key features.  The following
 32 | #   parameters may be passed to the script to perform these features.
 33 | #
 34 | #   help - show these instructions and config variables docs in a pager
 35 | #
 36 | #   config [ -a ] [ <INTERFACE>... ] - show configuration (of <INTERFACE>...)
 37 | #     If "-a" supplied, unset/empty variables with defaults are displayed.
 38 | #
 39 | # Config location:
 40 | #
 41 | #   NMCONF/ddns-<interface>.conf (see $NMUTILS/ddns-functions for settings)
 42 | #
 43 | # State file:
 44 | #
 45 | #   DDNS_STATE_DIR/ddns-<interface>-<rrec>.state
 46 | #
 47 | # shellcheck disable=SC1090,SC2153
 48 | 
 49 | ########## SCRIPT START
 50 | 
 51 | # for logging
 52 | NMG_TAG=${NMG_TAG:-nmddns}
 53 | [[ -z ${NM_DISPATCHER_ACTION-} && -z ${NMDDNSH_ACTION-} ]] && {
 54 |   # run from shell, log to stderr
 55 |   # shellcheck disable=SC2034
 56 |   [[ ${LOGNAME-} ]] && nmg_log_stderr=1
 57 |   [[ $1 =~ ^help|-h|config$ ]] && _NMG_IGNORE_PROGS=1
 58 | }
 59 | 
 60 | # set NMUTILS early, and allow environment to override
 61 | NMUTILS=${NMUTILS:-/etc/nmutils}
 62 | 
 63 | # shellcheck disable=SC2034
 64 | NMDDNS_REQUIRED="1.6.0"
 65 | 
 66 | # load ddns-functions
 67 | NMDDNS=${NMDDNS:-${NMUTILS}/ddns-functions}
 68 | { [[ -r ${NMDDNS} ]] && . "${NMDDNS}"; } || {
 69 |   echo 1>&2 "Unable to load ${NMDDNS} (set \$NMUTILS to it's dir)" && exit 2; }
 70 | 
 71 | [[ ${NMDDNS_VERSION} ]] || {
 72 |   nmg_err "${0##*/} requires NMDDNS v${NMDDNS_REQUIRED}+"; exit 2; }
 73 | 
 74 | ddns_nm_action() {
 75 |   # <interface> <action>
 76 |   local interface=$1 action=$2
 77 |   local config=${NMDDNS_CONFIG_PAT/@MATCH@/${interface}}
 78 | 
 79 |   nmddns_read_config "${config}" || return 0
 80 | 
 81 |   # run from NM
 82 |   nmg_debug "interface: ${interface} action: ${action}"
 83 | 
 84 |   [[ -e ${DDNS_STATE_DIR} ]] || {
 85 |     [[ ${NM_DISPATCHER_ACTION} ]] || {
 86 |       nmg_err "STATE_DIR ${DDNS_STATE_DIR} missing; run from\
 87 |  NetworkManager as dispatcher to create with correct permissions!"
 88 |       return 1
 89 |     }
 90 |     nmg_cmd mkdir -p "${DDNS_STATE_DIR}" || return
 91 |   }
 92 | 
 93 |   # use current ips on interface
 94 |   local addr="!${interface}"
 95 |   local state_pat=${NMDDNS_STATE_PAT/@MATCH@/${interface}}
 96 | 
 97 |   case ${action} in
 98 |     up|down)
 99 |       [[ ${action} == up ]] || addr=''
100 |       nmddns_spawn_update_all "${action}" "${config}" "${addr}" "${addr}" \
101 |                               "${state_pat}"
102 |       ;;
103 |     dhcp4-change)
104 |       nmddns_spawn_update "${config}" "A" "${addr}" "${state_pat}"
105 |       ;;
106 |     dhcp6-change)
107 |       nmddns_spawn_update "${config}" "AAAA" "${addr}" "${state_pat}"
108 |       ;;
109 |   esac
110 | 
111 |   return 0
112 | }
113 | 
114 | ddns_helper_action() {
115 |   local rc=0
116 | 
117 |   nmg_debug "ACTION: ${NMDDNSH_ACTION}"
118 | 
119 |   nmddns_required_config "${NMDDNSH_CONFIG-}"
120 | 
121 |   case ${NMDDNSH_ACTION} in
122 |     update)
123 |       nmddns_update "${NMDDNSH_RREC-}" "${NMDDNSH_VALUE-}" \
124 |                     "${NMDDNSH_STATE-}" || rc=$?
125 |       ;;
126 |     up|down)
127 |       nmddns_update_all "${NMDDNSH_ACTION}" "${NMDDNSH_ADDR4-}" \
128 |                         "${NMDDNSH_ADDR6-}" "${NMDDNSH_STATE-}" || rc=$?
129 |       ;;
130 |     *)
131 |       nmg_err "${0##*/} Unknown helper action ${NMDDNSH_ACTION}"
132 |       rc=1
133 |       ;;
134 |   esac
135 | 
136 |   # ignore server unreachable
137 |   (( rc == 25 )) && rc=0
138 | 
139 |   return ${rc}
140 | }
141 | 
142 | function ddns_interface_rrec() {
143 |   # <match> <rrec>
144 |   local match=$1 rrec=$2 value='' rc=0
145 | 
146 |   # get state file pattern (used for per-config overrides)
147 |   local state=${NMDDNS_STATE_PAT/@MATCH@-@RREC@/${match}-${rrec}}
148 | 
149 |   # get interface from match
150 |   local intf=${match%-from-*}
151 | 
152 |   if [[ -e ${state} ]] && nmg::read value "" "${state}"; then
153 | 
154 |     # strip newline...
155 |     value=${value%%$'\n'*}
156 | 
157 |     if [[ ${value} ]]; then
158 |       # if ip-addresses, verify on interface
159 |       if [[ ${rrec} =~ ^(A|AAAA)$ && ! ${value} =~ ^[!].+$ ]]; then
160 |         # get values that are valid on <intf>, remove addrs if down
161 |         local avail=() avals=() newvals=() tval
162 | 
163 |         # cleanup supplied values
164 |         nmg::lowercase value "${value}"
165 |         nmg::array avals "," "${value}"
166 | 
167 |         if [[ ${rrec} == A ]]; then
168 |           nmddns::get_A_addrs avail "${intf}" \
169 |                               "${DDNS_RREC_A_PRIVATE-}" || :
170 |         else
171 |           nmddns::get_AAAA_addrs avail "${intf}" \
172 |                                  "${DDNS_RREC_AAAA_PRIVATE-}" || :
173 |         fi
174 | 
175 |         # find intersection with available addrs
176 |         for value in ${avals[@]+"${avals[@]}"}; do
177 |           # strip any /prefix
178 |           value=${value%%/*}
179 |           for tval in ${avail[@]+"${avail[@]}"}; do
180 |             [[ ${tval} == "${value}" ]] && { newvals+=("${value}"); break; }
181 |           done
182 |         done
183 |         nmg::array_join value "," "${newvals[@]-}"
184 |       fi
185 |     fi
186 |   fi
187 | 
188 |   nmddns_update "${rrec}" "${value}" || rc=$?
189 | 
190 |   # ignore server unreachable
191 |   (( rc == 25 )) && rc=0
192 | 
193 |   return ${rc}
194 | }
195 | 
196 | ddns_rep() { Report+="$1"$'\n'; }
197 | 
198 | ddns_config_intf() { # <file> <match> [ <interface> ]
199 |   local file=$1 match=$2 intf=${3-} out
200 |   match=${match%-from-*}
201 |   [[ ${match} ]] || return 0
202 |   shift 2
203 |   [[ ${intf} && ${intf} != "${match}" ]] && return 0
204 |   [[ ${match} != "${Intf}" ]] && {
205 |     Intf=${match}; ddns_rep $'\n'"Interface ${Intf}"
206 |   }
207 |   if nmddns_read_config "${file}"; then
208 |     # shellcheck disable=SC2059
209 |     ddns_rep "  DDNS config \"${file}\""
210 |     nmddns_get_config out "${Fmt}    %s=%s\n"
211 |     Report+="${out}"
212 |   else
213 |     out="not found"
214 |     [[ -e ${file} ]] && out="invalid"
215 |     ddns_rep "  DDNS config \"${file}\" ($out)"
216 |   fi
217 |   nmddns_reset_config
218 | }
219 | 
220 | ddns_config() {
221 |   # [ -a ] [ <intf>... ]
222 |   local Report='' Fmt='' Intf='' out intf
223 |   # shellcheck disable=SC2034
224 |   nmg_show_debug=''
225 | 
226 |   [[ ${1-} == "-a" ]] && { shift; Fmt="%-"; }
227 |   Report+="Global config \"${NMCONF}/general.conf\""$'\n'
228 |   nmg::get_config "out" "${Fmt}  %s=%s\n"
229 |   Report+="${out}"
230 |   nmddns_get_globals "out" "${Fmt}  %s=%s\n"
231 |   Report+="${out}"
232 | 
233 |   if [[ ${1-} ]]; then
234 |     for intf in "$@"; do
235 |       nmg::foreach_filematch "${NMDDNS_CONFIG_PAT}" "@MATCH@" \
236 |                              ddns_config_intf "${intf}"
237 |       [[ ${intf} == "${Intf}" ]] ||
238 |         ddns_rep $'\n'"Interface ${intf} not configured"
239 |     done
240 |   else
241 |     nmg::foreach_filematch "${NMDDNS_CONFIG_PAT}" "@MATCH@" \
242 |                            ddns_config_intf
243 |   fi
244 | 
245 |   printf "%s" "${Report}"
246 | }
247 | 
248 | ddns_help() {
249 |   local out dout
250 |   nmg::load_comment "${BASH_SOURCE[0]}" out 09-ddns "^# State file" || exit
251 |   nmg::load_comment "${NMDDNS}" dout "^# Global Over" "NOTE:\\ exec" || exit
252 |   out+=${dout/, see nmddns_read_config() above/}
253 |   [[ ${PAGER} ]] || {
254 |     for PAGER in less more cat; do
255 |       command >/dev/null -v "${PAGER}" && break
256 |     done
257 |   }
258 |   [[ ${PAGER} != cat ]] && { printf %s "${out}" | "${PAGER}"; return; }
259 |   printf %s "${out}"
260 | }
261 | 
262 | ddns_direct_cb() {
263 |   # <file> <match> [ <interface> ]
264 |   local config=$1 match=$2 intf=${3-} name rrec
265 | 
266 |   [[ ${match} ]] || return 0
267 | 
268 |   # if we have an interface, make sure we filter for it
269 |   [[ ${intf} && ${intf} != "${match%-from-*}" ]] && return 0
270 | 
271 |   # load DDNS config
272 |   nmddns_read_config "${config}" || return 0
273 | 
274 |   for name in "${!DDNS_RREC_@}"; do
275 |     [[ ${name} =~ _NAME$ ]] || continue
276 |     name=${name#DDNS_RREC_}
277 |     rrec=${name%_NAME}
278 |     [[ ${rrec} ]] || continue
279 |     ddns_interface_rrec "${match}" "${rrec}"
280 |   done
281 | 
282 |   return 0
283 | }
284 | 
285 | ddns_command() {
286 |   # [ <command> | <interface> ] [ <interface> ]
287 |   case $1 in
288 |     config)
289 |       shift
290 |       ddns_config "$@"
291 |       ;;
292 |     help|-h)
293 |       ddns_help
294 |       ;;
295 |     *)
296 |       [[ ${1-} == direct ]] && shift
297 |       nmg_debug "DIRECT: ${1-}"
298 | 
299 |       nmg::foreach_filematch "${NMDDNS_CONFIG_PAT}" "@MATCH@" \
300 |                              ddns_direct_cb "$@"
301 |       ;;
302 |   esac
303 | }
304 | 
305 | if [[ ${1-} && ${NM_DISPATCHER_ACTION-} ]]; then
306 | 
307 |   case ${NM_DISPATCHER_ACTION} in
308 |     up|down|dhcp4-change|dhcp6-change)
309 |       ddns_nm_action "$1" "${NM_DISPATCHER_ACTION}" || exit
310 |       ;;
311 |   esac
312 | elif [[ ${NMDDNSH_ACTION-} ]]; then
313 | 
314 |   # called from ddns-functions
315 |   ddns_helper_action || exit
316 | 
317 | elif [[ -z ${NM_DISPATCHER_ACTION-} ]]; then
318 | 
319 |   # called from boot script/command-line
320 |   ddns_command "$@"
321 | fi
322 | : # for loading in tests
323 | 


--------------------------------------------------------------------------------
/test/nm-ddns-test:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: t; -*-
  3 | # vim:set ft=sh sw=2 ts=2:
  4 | # SPDX-License-Identifier: GPL-3.0-or-later
  5 | #
  6 | # Test suite for 09-ddns
  7 | #
  8 | # shellcheck disable=SC2034,SC1090,SC2123
  9 | 
 10 | NMG_XTEST=${NMG_XTEST:-conf/nmg_xtest}
 11 | { [[ -r ${NMG_XTEST} ]] && . "${NMG_XTEST}"; } ||
 12 |   { echo >&2 "Unable to load ${NMG_XTEST}"; exit 2; }
 13 | 
 14 | xtest::onexit::action() {
 15 |   [[ ${NMDDNS_STATE_PAT-} ]] || return 0
 16 |   xrm "${NMDDNS_STATE_PAT/@MATCH@-@RREC@/eth0-A}"
 17 |   xrm "${NMDDNS_STATE_PAT/@MATCH@-@RREC@/eth0-AAAA}"
 18 | }
 19 | 
 20 | xtest::group3::action() {
 21 | 
 22 |   shtest::title "ddns_nm_action tests (action group)"
 23 | 
 24 |   local out state1 state2
 25 | 
 26 |   # Test NM up/down/dhcp*-change dispatcher actions
 27 | 
 28 |   # Uses conf/nm-ddns-eth0.conf
 29 |   # Addresses are pulled from bin/ip-mock (dev eth0)
 30 | 
 31 |   state1=${NMDDNS_STATE_PAT/@MATCH@-@RREC@/eth0-A}
 32 |   state2=${NMDDNS_STATE_PAT/@MATCH@-@RREC@/eth0-AAAA}
 33 | 
 34 |   xrm "$state1" "$state2"
 35 | 
 36 |   xwrap2 "up" ddns_nm_action eth0 up
 37 |   xret A1 t "returns true"
 38 |   xread_value out <<-EOF
 39 | 	Setting dns.example.test AAAA to\
 40 |  2001:db8:871a:28c1::1,2001:db8:4860:4860::8888
 41 | 	nsupdate '-t' '2'
 42 | 	server 127.0.0.1
 43 | 	zone example.test
 44 | 	update delete dns.example.test AAAA
 45 | 	update add dns.example.test 600 AAAA 2001:db8:871a:28c1::1
 46 | 	update add dns.example.test 600 AAAA 2001:db8:4860:4860::8888
 47 | 	send
 48 | 	Setting dns.example.test A to 192.168.66.4
 49 | 	nsupdate '-t' '2'
 50 | 	server 127.0.0.1
 51 | 	zone example.test
 52 | 	update delete dns.example.test A
 53 | 	update add dns.example.test 600 A 192.168.66.4
 54 | 	send
 55 | 	EOF
 56 |   ftest A1f "$out" "adds to dns"
 57 |   shtest::check_file A1i "$state1" "!eth0" "creates A dns state"
 58 |   shtest::check_file A1j "$state2" "!eth0" "creates AAAA dns state"
 59 | 
 60 |   xwrap2 "down" ddns_nm_action eth0 down
 61 |   xret A2 t "returns true"
 62 |   xread_value out <<-EOF
 63 | 	Removing dns.example.test AAAA
 64 | 	nsupdate '-t' '2'
 65 | 	server 127.0.0.1
 66 | 	zone example.test
 67 | 	update delete dns.example.test AAAA
 68 | 	send
 69 | 	Removing dns.example.test A
 70 | 	nsupdate '-t' '2'
 71 | 	server 127.0.0.1
 72 | 	zone example.test
 73 | 	update delete dns.example.test A
 74 | 	send
 75 | 	EOF
 76 |   ftest A2f "$out" "removes from dns"
 77 |   [[ -e $state1 ]]
 78 |   xtest A2i f "removes A dns state"
 79 |   [[ -e $state2 ]]
 80 |   xtest A2j f "removes AAAA dns state"
 81 | 
 82 |   xwrap2 "dhcp4-change" ddns_nm_action eth0 dhcp4-change
 83 |   xret A3 t "returns true"
 84 |   xread_value out <<-EOF
 85 | 	Setting dns.example.test A to 192.168.66.4
 86 | 	nsupdate '-t' '2'
 87 | 	server 127.0.0.1
 88 | 	zone example.test
 89 | 	update delete dns.example.test A
 90 | 	update add dns.example.test 600 A 192.168.66.4
 91 | 	send
 92 | 	EOF
 93 |   ftest A3f "$out" "adds to dns"
 94 |   shtest::check_file A3i "$state1" "!eth0" "creates A dns state"
 95 |   [[ -e $state2 ]]
 96 |   xtest A3j f "does not create AAAA dns state"
 97 | 
 98 |   xwrap2 "dhcp6-change" ddns_nm_action eth0 dhcp6-change
 99 |   xret A4 t "returns true"
100 |   xread_value out <<-EOF
101 | 	Setting dns.example.test AAAA to\
102 |  2001:db8:871a:28c1::1,2001:db8:4860:4860::8888
103 | 	nsupdate '-t' '2'
104 | 	server 127.0.0.1
105 | 	zone example.test
106 | 	update delete dns.example.test AAAA
107 | 	update add dns.example.test 600 AAAA 2001:db8:871a:28c1::1
108 | 	update add dns.example.test 600 AAAA 2001:db8:4860:4860::8888
109 | 	send
110 | 	EOF
111 |   ftest A4f "$out" "adds to dns"
112 |   shtest::check_file A4i "$state1" "!eth0" "leaves A dns state"
113 |   shtest::check_file A4j "$state2" "!eth0" "creates AAAA dns state"
114 | 
115 |   nmddns_reset_config
116 |   xtest::onexit::action
117 | }
118 | 
119 | xtest::onexit::command() {
120 |   # remove helper tmpfiles
121 |   [[ ${NMDDNS_STATE_PAT-} ]] || return 0
122 |   xrm "${NMDDNS_STATE_PAT/@MATCH@-@RREC@/eth0-A}"
123 |   xrm "${NMDDNS_STATE_PAT/@MATCH@-@RREC@/eth0-AAAA}"
124 |   xrm "${NMDDNS_STATE_PAT/@MATCH@-@RREC@/br1-from-xxx-AAAA}"
125 | }
126 | 
127 | xtest::group5::command() {
128 | 
129 |   local out state0 state1 state2
130 | 
131 |   shtest::title "ddns_command tests (command group)"
132 | 
133 |   #
134 |   # direct command tests
135 |   #
136 | 
137 |   # Test running 09-ddns directly (as from boot script), and test
138 |   # deferred dns updates using state files created by NM actions.
139 | 
140 |   # config is nm-ddns-XXXX.conf
141 | 
142 |   state0="${NMDDNS_STATE_PAT/@MATCH@-@RREC@/eth0-A}"
143 |   state1="${NMDDNS_STATE_PAT/@MATCH@-@RREC@/eth0-AAAA}"
144 |   state2="${NMDDNS_STATE_PAT/@MATCH@-@RREC@/br1-from-xxx-AAAA}"
145 | 
146 |   xrm "$state0" "$state1" "$state2"
147 | 
148 |   echo "!eth0" > "$state0"
149 |   echo "2001:db8:871a:28c1::1" > "$state1"
150 |   echo "2001:db8:200:2:32fb:93c5:555:1,2001:db8:100:2:32fb:93c5:555:1" > "$state2"
151 | 
152 |   xwrap2 "direct <new ip4, 2 curr ip6>" ddns_command direct
153 |   xret C1 t "returns true"
154 |   xread_value out <<-EOF
155 | 	Setting dns.example.test A to 192.168.66.4
156 | 	nsupdate '-t' '10'
157 | 	server 127.0.0.1
158 | 	zone example.test
159 | 	update delete dns.example.test A
160 | 	update add dns.example.test 600 A 192.168.66.4
161 | 	send
162 | 	EOF
163 |   ftest C1f "$out" "updates ip4"
164 | 
165 |   echo "198.51.100.2" > "$state0"
166 |   echo "!eth0" > "$state1"
167 |   echo "2001:db8:200:2:32fb:93c5:555:1" > "$state2"
168 | 
169 |   xwrap2 "direct <stale ip4, selected ip6>" ddns_command direct
170 |   xret C2 t "returns true"
171 |   xread_value out <<-EOF
172 | 	Setting dns2.example.test AAAA to 2001:db8:200:2:32fb:93c5:555:1
173 | 	nsupdate '-t' '10'
174 | 	server 127.0.0.1
175 | 	zone example.test
176 | 	update delete dns2.example.test AAAA
177 | 	update add dns2.example.test 600 AAAA 2001:db8:200:2:32fb:93c5:555:1
178 | 	send
179 | 	Setting dns.example.test AAAA to\
180 |  2001:db8:871a:28c1::1,2001:db8:4860:4860::8888
181 | 	nsupdate '-t' '10'
182 | 	server 127.0.0.1
183 | 	zone example.test
184 | 	update delete dns.example.test AAAA
185 | 	update add dns.example.test 600 AAAA 2001:db8:871a:28c1::1
186 | 	update add dns.example.test 600 AAAA 2001:db8:4860:4860::8888
187 | 	send
188 | 	Removing dns.example.test A
189 | 	nsupdate '-t' '10'
190 | 	server 127.0.0.1
191 | 	zone example.test
192 | 	update delete dns.example.test A
193 | 	send
194 | 	EOF
195 |   ftest C2f "$out" "sets 1 ddns2, removes ip4"
196 | 
197 |   xrm "$state0" "$state2"
198 | 
199 |   xwrap2 "direct <eth0 only state>" ddns_command direct
200 |   xret C3 t "returns true"
201 |   xread_value out <<-EOF
202 | 	Removing dns2.example.test AAAA
203 | 	nsupdate '-t' '10'
204 | 	server 127.0.0.1
205 | 	zone example.test
206 | 	update delete dns2.example.test AAAA
207 | 	send
208 | 	Setting dns.example.test AAAA to\
209 |  2001:db8:871a:28c1::1,2001:db8:4860:4860::8888
210 | 	nsupdate '-t' '10'
211 | 	server 127.0.0.1
212 | 	zone example.test
213 | 	update delete dns.example.test AAAA
214 | 	update add dns.example.test 600 AAAA 2001:db8:871a:28c1::1
215 | 	update add dns.example.test 600 AAAA 2001:db8:4860:4860::8888
216 | 	send
217 | 	Removing dns.example.test A
218 | 	nsupdate '-t' '10'
219 | 	server 127.0.0.1
220 | 	zone example.test
221 | 	update delete dns.example.test A
222 | 	send
223 | 	EOF
224 |   ftest C3f "$out" "updates ip4, removes ddns2"
225 | 
226 |   echo "2001:db8:200:2:32fb:93c5:555:1" > "$state2"
227 | 
228 |   # Test direct for only a single interface
229 | 
230 |   xwrap2 "direct br1" ddns_command direct br1
231 |   xret C11 t "returns true"
232 |   xread_value out <<-EOF
233 | 	Setting dns2.example.test AAAA to 2001:db8:200:2:32fb:93c5:555:1
234 | 	nsupdate '-t' '10'
235 | 	server 127.0.0.1
236 | 	zone example.test
237 | 	update delete dns2.example.test AAAA
238 | 	update add dns2.example.test 600 AAAA 2001:db8:200:2:32fb:93c5:555:1
239 | 	send
240 | 	EOF
241 |   ftest C11f "$out" "updates ip4, removes ddns2"
242 | 
243 |   #
244 |   # config command tests
245 |   #
246 | 
247 |   xwrap2 "<no args>" ddns_command config
248 |   xret C21 t "returns true"
249 |   xread_value out <<-EOF
250 | 	Global config "${NMCONF}/general.conf"
251 | 	  nmg_log_stderr="4"
252 | 	  NMUTILS="${NMUTILS}"
253 | 	  NMCONF="${NMCONF}"
254 | 	  NMG_RADVD="radvd-missing"
255 | 	  DDNS_GLOBAL_DIG_OPTIONS="+time=1 +retry=2"
256 | 
257 | 	Interface br1
258 | 	  DDNS config "${NMCONF}/nm-ddns-br1-from-xxx.conf"
259 | 	    DDNS_ZONE="example.test"
260 | 	    DDNS_LOCKFILE="${NMCONF}/nm-ddns-br1-from-xxx.conf"
261 | 	    DDNS_RREC_AAAA_NAME="dns2.example.test"
262 | 
263 | 	Interface eth0
264 | 	  DDNS config "${NMCONF}/nm-ddns-eth0.conf"
265 | 	    DDNS_ZONE="example.test"
266 | 	    DDNS_LOCKFILE="${NMCONF}/nm-ddns-eth0.conf"
267 | 	    DDNS_RREC_AAAA_NAME="dns.example.test"
268 | 	    DDNS_RREC_A_NAME="dns.example.test"
269 | 	    DDNS_RREC_A_PRIVATE="1"
270 | 	EOF
271 |   ftest2 C21f "" "$out" "no log, displays config"
272 | 
273 |   xwrap2 "-a br1" ddns_command config -a br1
274 |   xret C22 t "returns true"
275 |   xread_value out <<-EOF
276 | 	Global config "${NMCONF}/general.conf"
277 | 	  nmg_show_debug=""
278 | 	  nmg_log_stderr="4"
279 | 	  NMG_TAG=""
280 | 	  NMUTILS="${NMUTILS}"
281 | 	  NMCONF="${NMCONF}"
282 | 	  NMG_RADVD_TRIGGER=""
283 | 	  NMG_RADVD_TRIGGER_ARGS=""
284 | 	  NMG_RADVD="radvd-missing"
285 | 	  NMG_RADVD_PID="/run/radvd/radvd.pid"
286 | 	  NMG_LOGGER_USEID=""
287 | 	  NMG_DAEMON_CGROUP="/sys/fs/cgroup/system.slice/NetworkManager.service/cgroup.procs"
288 | 	  DDNS_GLOBAL_LOCKFILE=""
289 | 	  DDNS_GLOBAL_FLOCK_TIMEOUT="15"
290 | 	  DDNS_GLOBAL_DIG_TIMEOUT="3"
291 | 	  DDNS_GLOBAL_DIG_RETRIES="2"
292 | 	  DDNS_GLOBAL_DIG_OPTIONS="+time=1 +retry=2"
293 | 	  DDNS_GLOBAL_NSUPDATE_TIMEOUT="10"
294 | 	  DDNS_GLOBAL_NSUPDATE_OPTIONS=""
295 | 
296 | 	Interface br1
297 | 	  DDNS config "${NMCONF}/nm-ddns-br1-from-xxx.conf"
298 | 	    DDNS_ZONE="example.test"
299 | 	    DDNS_SERVER=""
300 | 	    DDNS_TTL=""
301 | 	    DDNS_FLOCK_TIMEOUT="15"
302 | 	    DDNS_DIG_TIMEOUT="3"
303 | 	    DDNS_DIG_RETRIES="2"
304 | 	    DDNS_DIG_OPTIONS="+time=1 +retry=2"
305 | 	    DDNS_NSUPDATE_TIMEOUT="10"
306 | 	    DDNS_NSUPDATE_OPTIONS=""
307 | 	    DDNS_LOCKFILE="${NMCONF}/nm-ddns-br1-from-xxx.conf"
308 | 	    DDNS_RREC_AAAA_NAME="dns2.example.test"
309 | 	EOF
310 |   ftest2 C22f "" "$out" "no log, displays config with defaults for br1"
311 | 
312 |   nmddns_reset_config
313 |   xtest::onexit::command
314 | }
315 | 
316 | xmain() {
317 |   # disable helper so we get nsupdate results
318 |   local TEST_DDNS_HELPER=''
319 | 
320 |   [[ $NMCONF ]] || xtest::fail "NMCONF must be set!"
321 |   [[ $RUNDIR ]] || xtest::fail "RUNDIR must be set!"
322 | 
323 |   # out custom test config
324 |   local NMDDNS_CONFIG_PAT="$NMCONF/nm-ddns-@MATCH@.conf"
325 |   local NMDDNS_STATE_PAT="$RUNDIR/nm-ddns-@MATCH@-@RREC@.state"
326 | 
327 |   # don't mimic cmdline
328 |   unset LOGNAME
329 | 
330 |   xload_script "${TEST_NMDIR}/09-ddns"
331 | 
332 |   xtest::run_tests "09-ddns Test Summary" "$@"
333 | }
334 | 
335 | xstart "$@"
336 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | 
  2 | Network Manager Utility Scripts
  3 | ================================
  4 | [![License: GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0)
  5 | [![License: LGPL v3](https://img.shields.io/badge/License-LGPL_v3-blue.svg)](https://www.gnu.org/licenses/lgpl-3.0)
  6 | 
  7 | A collection of BASH based utility scripts and support functions for
  8 | use as [NetworkManager](https://networkmanager.dev/) dispatchers.
  9 | 
 10 | - [Included Dispatch Scripts](#included-dispatch-scripts)
 11 | - [IPv6 Prefix Delegation](#ipv6-prefix-delegation)
 12 | - [Setup](#setup)
 13 |   - [Installation](#installation)
 14 |   - [Configuration](#configuration)
 15 |   - [Examples](#examples)
 16 |   - [Troubleshooting](#troubleshooting)
 17 | - [Support Functions](#support-functions)
 18 |   - [Usage](#usage)
 19 | - [Documentation](#documentation)
 20 | - [SELinux](#selinux)
 21 | - [Test Suite](#test-suite)
 22 | - [Support](#support)
 23 | - [License](#license)
 24 | 
 25 | Included Dispatch Scripts
 26 | -------------------------
 27 | 
 28 | - `08-ipv6-prefix` - **IPv6 Prefix Delegation** <br/>
 29 |  The dispatch script will spawn a DHCP client to request an IPv6
 30 |  prefix (as well as WAN address), and then assign sub-prefixes from
 31 |  the delegated prefix to the LAN interfaces.
 32 |  Simple configuration allows fully automatic behavior,
 33 |  but can be configured to fully control sub-prefix and address
 34 |  creation by interface.  Also supports Dynamic DNS based on prefix
 35 |  assignment similar to the interface state DNS script below.
 36 | 
 37 | - `09-ddns` - **Dynamic DNS** <br/>
 38 |  The dispatch script will use `nsupdate` to set or clear DNS entries
 39 |  based on interface state.  Supports address assignment to A or AAAA
 40 |  records (with fallback values), and assignment of other records
 41 |  (such as CNAME or TXT) individually configurable for each interface.
 42 |  
 43 | - `95-radvd-gen` - **radvd.conf Generation** <br/>
 44 |  The dispatch script will create `/etc/radvd.conf` based on the
 45 |  prefixes assigned to interfaces defined in the template
 46 |  `/etc/NetworkManager/radvd.conf.templ`
 47 | 
 48 | - `96-interface-action` - **Interface action to Service action** <br/>
 49 |  Performs systemctl actions on designated services based on interface
 50 |  state changes (up, down, pre-down, dhcp-change etc).
 51 | 
 52 | IPv6 Prefix Delegation
 53 | ----------------------
 54 | 
 55 | The prefix delegation feature supports multiple address/prefix delegations
 56 | from multiple upstream DHCP servers to multiple LAN interfaces.
 57 | Features include
 58 | 
 59 | - address, prefix and route lifetimes
 60 | - DDNS update hooks
 61 | - both `dhclient` or `dhcpcd` DHCP client support
 62 | - flexible route metrics
 63 | - DHCP client monitoring with restart on stalls/failures
 64 | - DHCP client command options or config file overrides
 65 | 
 66 | WAN (dhcp server) interface supports
 67 | 
 68 | - duplicate address detection (with DHCP declines)
 69 | - default route monitoring and maintenance using `rdisc6` or linux kernel
 70 | - static address, DNS or domain search assignments
 71 | - DNS server routes to source WAN (if needed)
 72 | - Legacy dhclient-script as option
 73 | 
 74 | LAN (delegated sub-prefixes) interfaces support
 75 | 
 76 | - per-LAN subnet prefix-size and "subnet #" pre-allocation
 77 | - radvd hooks
 78 | - prefix delegation size hints
 79 | - high-metric unreachable route for unassigned delegated prefixes
 80 | - [RFC6603](https://datatracker.ietf.org/doc/html/rfc6603) DHCP Prefix
 81 |   Exclude support (requires `dhcpcd`)
 82 | - [RFC8678](https://datatracker.ietf.org/doc/html/rfc8678) IPV6
 83 |   Multihoming Support:
 84 |   - source-based default routes created/maintained for each delegated
 85 |     prefix to it source WAN supporting multiple upstream WANs without
 86 | 	policy-routing
 87 |   - NMG_RADVD_TRIGGER assigned to `95-radvd-gen` supports fast router
 88 |     deprecation when all routable WANs are offline
 89 |   - delegated subnets quickly deprecated using radvd when:
 90 |     - WAN down
 91 |     - WAN default route lost
 92 |     - any external trigger (via script command, see "help")
 93 | 
 94 | There are 2 NetworkManager ipv6 connection methods supported
 95 | 
 96 | 1. **ipv6.method: ignore**
 97 |    - supports `dhcpcd` or `dhclient`
 98 |    - uses `resolvectl` or `resolvconf` for DNS management
 99 |    - WAN addresses/routes have lifetimes
100 |    - when using `dhcpcd` (which requires `rdisc6`):
101 |      - supports DNS via Router Advertisements
102 |      - supports prefix-exclude option
103 | 2. **ipv6.method: link-local**
104 |    - addresses and DNS managed with NetworkManager, but require
105 |     "device reapply" (done automatically)
106 |    - requires `rdisc6` for default route management (unless never-default=yes)
107 |    - not compatible with `dhcpcd` (or prefix-exclude)
108 |    - WAN addresses/routes lack lifetimes (addresses cannot be deprecated)
109 | 
110 | Setup
111 | -----
112 | 
113 | ### Installation
114 | 
115 | Automated install requires GNU `make` and `meson`.  There are two
116 | independent modes of installation: ***packaged*** or ***development***.  Both
117 | modes can be installed simultaneously, but ***development*** installs
118 | completely mask ***packaged***; both have independent config directories.
119 | Type `make help` for a list of supported "targets"
120 | 
121 | #### Prerequisites
122 | 
123 | - [NetworkManager](https://networkmanager.dev/)
124 | - [bash](http://www.gnu.org/software/bash/)
125 | - required command-line tools: `pgrep` `ip`
126 | - optional: `logger` `radvd` `dig` `nsupdate` `flock`
127 | - required for `08-ipv6-prefix`: `nmcli` `systemd` `dhclient` or `dhcpcd`
128 | - optional for `08-ipv6-prefix`: `rdisc6` `resolvectl` `resolvconf`
129 | 
130 | #### Development Installation
131 | 
132 | ```
133 | $ make
134 | $ sudo make install
135 | ```
136 | - Installs to `/etc/nmutils` and `/etc/NetworkManager/dispatcher.d`
137 | - Configuration in `/etc/nmutils/conf`
138 | - Removal: `$ sudo make uninstall`
139 | 
140 | #### Packaged Installation
141 | 
142 | ```
143 | $ make MESON_FLAGS='-Dpkg=true'
144 | $ sudo make install
145 | ```
146 | - Installs to `/usr/share/nmutils` and `/usr/lib/NetworkManager/dispatcher.d`
147 | - Configuration in `/etc/nmutils`
148 | - Removal: `$ sudo make uninstall`
149 | 
150 | Alternatively, if `rpmbuild` and `mock` are installed
151 | ```
152 | $ make rpm
153 | ```
154 | will create a source rpm (`make srpm`), then use mock to build rpms
155 | that can be installed on any rpm-based system.
156 | 
157 | ### Configuration
158 | 
159 | Configuration files should be placed in `/etc/nmutils/conf`
160 | (development) or `/etc/nmutils` (packaged) - henceforth referred to
161 | as "NMCONF"
162 | 
163 | #### IPv6 Prefix Delegation Configuration
164 | 
165 | All configuration for prefix delegation is documented in the file
166 | `etc/NetworkManager/dispatcher.d/08-ipv6-prefix`.  Basic prefix
167 | delegation is enabled as simply setting ***ipv6.method*** to
168 | "link-local" or "ignore", and creating a configuration file for
169 | the WAN interface the prefix will be queried on
170 | 
171 | `NMCONF/ipv6-prefix-<WAN>.conf`
172 | ```
173 | WAN_LAN_INTFS="<LAN1> <LAN2>..."
174 | ```
175 | 
176 | Where `<WAN>` and `<LAN#>` should be replaced by the interface names (eth0
177 | etc).
178 | 
179 | Optional per-LAN configuration can be set in the optional files, eg
180 | 
181 | `NMCONF/ipv6-prefix-<LAN>-from-<WAN>.conf`
182 | ```
183 | # trigger the radvd.conf generation script
184 | NMG_RADVD_TRIGGER="/etc/NetworkManager/dispatcher.d/95-radvd-gen"
185 | ```
186 | 
187 | There are many additional configuraion options.  The script may
188 | be run directly supporting a few additional features
189 | ```
190 | # display full documentation, explaining all config options
191 | $ ./08-ipv6-prefix help
192 | 
193 | # prints configuration of all interfaces (or <interface>s if given)
194 | # "-a" includes unset/empty configuration with defaults
195 | $ ./08-ipv6-prefix config [ -a ] [ <interface>... ]
196 | 
197 | # prints runtime status of all interfaces (or <interface> if given)
198 | $ ./08-ipv6-prefix status [ <interface> ]
199 | 
200 | # manually deprecate <wan> with tag <who> (w/o <reason> removes dep.)
201 | $ ./08-ipv6-prefix deprecate <wan> <who> [ <reason> ] 
202 | ```
203 | 
204 | More sample configurations can be found in the `examples` directory.
205 | 
206 | #### Dynamic DNS Configuration
207 | 
208 | DNS configuration is documented in `etc/nmutils/ddns-functions`.
209 | The `etc/NetworkManager/dispatcher.d/09-ddns` dispatcher script
210 | enables the DDNS features, eg
211 | 
212 | `NMCONF/ddns-<WAN>.conf`
213 | ```
214 | DDNS_ZONE=example.net.
215 | DDNS_RREC_A_NAME=wan.example.net.
216 | ```
217 | 
218 | which would set the `A` record for wan.example.net to the public
219 | IPv4 addresses on `<WAN>` when it's up, and remove the record when the
220 | interface is down.
221 | 
222 | Again, there are many more configuration options in the documentation,
223 | including fallback addresses, setting TXT, CNAME, AAAA values,
224 | assignment of IPv6 prefix addresses assigned by `08-ipv6-prefix`, and
225 | configuration for locks and `nsupdate` keys.  Configuration for
226 | DDNS addresses assigned by `08-ipv6-prefix` are placed in
227 | 
228 | `NMCONF/ddns-<WAN>-from-<WAN>.conf` - for WAN addresses
229 | 
230 | `NMCONF/ddns-<LAN>-from-<WAN>.conf` - for LAN delegated addresses from WAN
231 | 
232 | Optionally, the systemd service files `ddns-onboot@.service` and 
233 | `ddns-onboot@.timer` can be installed, and enabled with
234 | ```
235 | $ systemctl daemon-reload
236 | $ systemctl enable ddns-onboot@<INTERFACE>.timer
237 | ```
238 | to perform late boot DDNS setup that may not have been possible during
239 | system boot.
240 | 
241 | There are many additional configuraion options.  The script may
242 | be run directly supporting a few additional features
243 | ```
244 | # display full documentation, explaining all config options
245 | $ ./09-ddns help
246 | 
247 | # prints configuration of all interfaces (or <interface>s if given)
248 | # "-a" includes unset/empty configuration with defaults
249 | $ ./09-ddns config [ -a ] [ <interface>... ]
250 | ```
251 | 
252 | ### Examples
253 | 
254 | There are extensive configuration examples in the source under
255 | `examples/simple` and `examples/complex`.  In addition, refer
256 | to the [Documentation](#documentation) to see complete descriptions of all
257 | the configuration options (there are **lots**).
258 | 
259 | ### Troubleshooting
260 | 
261 | By default, the scripts log minimal informational messages to syslog
262 | under the daemon facility (info and error).  To track down problems,
263 | verbose debug messages may be enabled by adding the file
264 | `NMCONF/general.conf` containing
265 | ```
266 | nmg_show_debug=1
267 | ```
268 | 
269 | Debug messages are logged as daemon.debug, so your syslog daemon
270 | should be configured to direct those messages someplace useful.
271 | Logging may be sent to stderr by setting `nmg_log_stderr=1` to
272 | ease tracing any problems.
273 | 
274 | In addition, the `test` directory in the source includes "mock"
275 | programs that can be used to simulate many programs such as
276 | `nmcli`, `ip`, `dig` and `dhclient` and others (see the documentation
277 | in those scripts for details).  NOTE: configuration in
278 | the `test` directory is located in `test/conf`
279 | 
280 | Support Functions
281 | -----------------
282 | 
283 | The included support scripts `general-functions` and `ddns-functions`
284 | offer an extensive and well tested set of BASH functions which can be
285 | useful in creating additional dispatch scripts.  They include:
286 | 
287 | - Logging functions
288 | - Configuration (optionally required) file parsing
289 | - File creation/removal with error reporting
290 | - Command/daemon execution with output capture
291 | - Hex-decimal number conversion
292 | - IPv4/IPv6 address query and assignment with error handling
293 | - IPv6 network and host prefix creation and address creation
294 | - Full configuration of all paths, prefixes and configuration
295 |   locations
296 | - Extensive debugging hooks to ease development with scripts,
297 |   including stderr logging redirect and dry-run command execution.
298 | - nsupdate-based Dynamic DNS (optionally asynchronous) and serialized
299 |   with locking
300 | 
301 | ### Usage
302 | 
303 | To use the support functions in your own dispatch scripts, just
304 | include them; for example add the following to the start of
305 | your script (set default $NMUTILS based on install location)
306 | 
307 | ```
308 | NMUTILS="${NMUTILS:-/etc/nmutils}"
309 | NMG="${NMG:-$NMUTILS/general-functions}"
310 | [ -f "$NMG" -a -r "$NMG" ] && . "$NMG" || {
311 |   echo >&2 "Unable to load $NMG" && exit 2; }
312 | ```
313 | 
314 | Functions can be fully customized, either by setting file-local
315 | defaults before including them, or creating a global configuration
316 | file to set new defaults for all scripts (default:
317 | `NMCONF/general.conf`).  All customization variables and
318 | their defaults are documented in the scripts.
319 | 
320 | Documentation
321 | -------------
322 | 
323 | Each script fully documents all the functions it provides at the
324 | beginning of the script.  To see the list of supported functions and
325 | configuration settings, please refer to the following files:
326 | 
327 | - General utility functions:
328 | `etc/nmutils/general-functions`
329 | 
330 | - Dynamic DNS utility functions: 
331 | `etc/nmutils/ddns-functions`
332 | 
333 | The following utility scripts only document configuration, as they
334 | are are just executed by NetworkManager:
335 | 
336 | - IPv6 Prefix Delegation trigger script: 
337 | `etc/NetworkManager/dispatcher.d/08-ipv6-prefix`
338 | 
339 | - Dynamic DNS trigger script:
340 | `etc/NetworkManager/dispatcher.d/09-ddns`
341 | 
342 | - radvd.conf generation script:
343 | `etc/NetworkManager/dispatcher.d/95-radvd-gen`
344 | 
345 | - general action to service trigger script:
346 | `etc/NetworkManager/dispatcher.d/96-interface-action`
347 | 
348 | - Transmission config generation script:
349 | `etc/NetworkManager/dispatcher.d/90-transmission`
350 | 
351 | SELinux
352 | -------
353 | 
354 | A source module for SELinux is provided in the selinux directory.
355 | The module provides rules allowing `08-ipv6-prefix` to manage the
356 | dhcp client, manage radvd and perform DDNS functions. 
357 | `sudo make -C selinux install` will build and install the module
358 | (`selinux-policy-devel` is required)
359 | 
360 | Test Suite
361 | ----------
362 | 
363 | A complete test suite with over 1400 tests for all documented
364 | functions, and most of the utility scripts can be found in the
365 | `test` directory.  To run all tests (with detailed reporting), 
366 | simply run `make check`.
367 | 
368 | Support
369 | -------
370 | 
371 | nmutils is hosted at
372 | [github.com/sshambar/nmutils](https://github.com/sshambar/nmutils).
373 | Please feel free to comment or send pull requests if you find
374 | bugs or want to contribute new features.
375 | 
376 | I can be reached via email at:
377 | "Scott Shambarger" `<devel [at] shambarger [dot] net>`
378 | 
379 | License
380 | -------
381 | 
382 | nmutils is licensed under the GPLv3 and LGPLv3 (for library scripts)
383 | 


--------------------------------------------------------------------------------
/test/ipv6-prefix-addr-test:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: t -*-
  3 | # vim:set ft=sh sw=2 ts=2:
  4 | # SPDX-License-Identifier: GPL-3.0-or-later
  5 | #
  6 | # Test suite for 08-ipv6-prefix
  7 | #   - tests address/prefix functions
  8 | #
  9 | # shellcheck disable=SC2034,SC1090,SC2123
 10 | 
 11 | NMG_XTEST=${NMG_XTEST:-conf/nmg_xtest}
 12 | { [[ -r ${NMG_XTEST} ]] && . "${NMG_XTEST}"; } ||
 13 |   { echo >&2 "Unable to load ${NMG_XTEST}"; exit 2; }
 14 | 
 15 | xtest_settime() {
 16 |   # <new-time>
 17 |   EPOCHREALTIME=${1-}
 18 | }
 19 | 
 20 | # checks each environment <var> contains $RUNDIR
 21 | xtest_check_statevars() {
 22 |   # <test-id> <var>...
 23 |   local id=$1 var
 24 |   shift
 25 |   for var in "$@"; do
 26 |     [[ ${!var-} ]] || shtest::fatal "Test $id: variable $var missing value"
 27 |     [[ ${!var} =~ $RUNDIR ]] ||
 28 |       shtest::fatal "Test $id: variable $var missing \$RUNDIR"
 29 |   done
 30 |   xret "$id" t "checking STATE_PAT variables"
 31 | }
 32 | 
 33 | xtest::group1::life() {
 34 | 
 35 |   shtest::title "Lifetime Function Tests (life group)"
 36 | 
 37 |   local var base_time
 38 | 
 39 |   base_time=1234567
 40 |   xtest_settime "${base_time}"
 41 | 
 42 |   var='bogus'
 43 | 
 44 |   xwrap2 "0" ipv6_calc_life var "0" "${base_time}"
 45 |   xret S1 t "returns true"
 46 |   vtest S1v "0" "sets retvar to 0"
 47 |   ftest S1f "" "should not log"
 48 | 
 49 |   xwrap2 "<max-int> 0" ipv6_calc_life var 4294967295 "0"
 50 |   xret S2 t "returns true"
 51 |   vtest S2v "forever" "sets retvar to forever"
 52 | 
 53 |   xwrap2 "0 <max-int>" ipv6_calc_life var "0" "4294967295"
 54 |   xret S3 1 "returns 1"
 55 |   ftest S3f "" "should not log"
 56 | 
 57 |   xtest_settime $((base_time + 100))
 58 | 
 59 |   xwrap2 "300 <time-100>" ipv6_calc_life var "300" "${base_time}"
 60 |   xret S4 t "returns true"
 61 |   vtest S4v "200" "should return 200"
 62 | 
 63 |   xwrap2 "50 <time-100>" ipv6_calc_life var "50" "${base_time}"
 64 |   xret S5 t "returns true"
 65 |   vtest S5v "0" "should return 0"
 66 | 
 67 |   xtest_settime
 68 |   # shellcheck disable=SC2317
 69 |   test_fail() { return 1; }
 70 |   local NMG_DATE=test_fail
 71 | 
 72 |   xwrap2 "<failed-time>" ipv6_calc_life var "0" "0"
 73 |   xret S6 1 "returns 1"
 74 | 
 75 |   return 0
 76 | }
 77 | 
 78 | xtest::onexit::prefix() {
 79 |   [[ -d $RUNDIR ]] || return 0
 80 |   command -p rm -f "$RUNDIR/"*"-addr"
 81 | }
 82 | 
 83 | xtest::group1::prefix() {
 84 | 
 85 |   shtest::title "Prefix Function Tests (prefix group)"
 86 | 
 87 |   local aref=() Lans=() Reserved=() Assigned=() out var var2
 88 | 
 89 |   xwrap2 "0/64 0/64" ipv6_site_overlap 0 64 0/64
 90 |   xret P1 t "returns true"
 91 |   ftest P1f "" "no output"
 92 |   xwrap2 "2/64 1/63" ipv6_site_overlap 2 64 1/63
 93 |   xret P2 t "returns true"
 94 |   xwrap2 "1/64 1/64" ipv6_site_overlap 1 64 1/63
 95 |   xret P3 f "returns false"
 96 |   xwrap2 "2/64 1/63" ipv6_site_overlap 2 64 1/63
 97 |   xret P4 t "returns true"
 98 |   xwrap2 "4/64 1/62" ipv6_site_overlap 4 64 1/62
 99 |   xret P5 t "returns true"
100 |   xwrap2 "7/64 1/62" ipv6_site_overlap 7 64 1/62
101 |   xret P6 t "returns true"
102 |   xwrap2 "7/64 4/62" ipv6_site_overlap 7 64 4/62
103 |   xret P7 f "returns false"
104 | 
105 |   xwrap2 "br0 56" ipv6_lan_node_load_config "br0" "56"
106 |   xret P21 t "returns true"
107 |   ftest P21f "" "does not log"
108 |   aref=("br0 63 auto 0")
109 |   atest P21l Lans aref "sets Lans"
110 |   aref=("0/63")
111 |   atest P21r Reserved aref "sets Reserved"
112 | 
113 |   xwrap2 "br1 56" ipv6_lan_node_load_config "br1" "56"
114 |   xret P22 t "returns true"
115 |   ftest P22f "" "does not log"
116 |   aref=("br0 63 auto 0" "br1 64 auto 2")
117 |   atest P22l Lans aref "adds to Lans"
118 |   aref=("0/63" "2/64")
119 |   atest P22r Reserved aref "adds to Reserved"
120 | 
121 |   Lans=() Reserved=()
122 |   xwrap2 "br0 64" ipv6_lan_node_load_config "br0" "64"
123 |   xret P23 t "returns true"
124 |   ftest P23f "br0 not configured, LAN_PREFIX_LEN 63 < available 64" \
125 |         "log info"
126 |   aref=("br0")
127 |   atest P23l Lans aref "sets Lans"
128 |   aref=()
129 |   atest P23r Reserved aref "doesn't set Reserved"
130 | 
131 |   # create temp config file
132 |   local LAN_CONFIG_PAT="$RUNDIR/ipv6-prefix-@LAN@-from-@WAN@.conf-addr"
133 |   local cfile=${LAN_CONFIG_PAT/@LAN@-from-@WAN@/brx-from-${interface}}
134 |   xrm "$cfile"
135 |   echo "LAN_SITE=bogus" > "$cfile"
136 | 
137 |   Lans=() Reserved=()
138 | 
139 |   xwrap2 "<bad-site>" ipv6_lan_node_load_config "brx" "64"
140 |   xret P24 t "returns true"
141 |   xread_value out <<-EOF
142 | 	ERR: nmg::2dec: invalid <value> '0xbogus'
143 | 	ERR: brx config error, invalid LAN_SITE 'bogus'
144 | 	EOF
145 |   ftest P24f "$out" "log error"
146 |   aref=("brx")
147 |   atest P24l Lans aref "sets Lans"
148 |   aref=()
149 |   atest P24r Reserved aref "doesn't set Reserved"
150 | 
151 |   echo "LAN_PREFIX_LEN=0" > "$cfile"
152 |   Lans=() Reserved=()
153 | 
154 |   xwrap2 "<bad-plen>" ipv6_lan_node_load_config "brx" "64"
155 |   xret P25 t "returns true"
156 |   ftest P25f "ERR: brx config error, invalid LAN_PREFIX_LEN '0'" "log error"
157 |   aref=("brx")
158 |   atest P25l Lans aref "sets Lans"
159 |   aref=()
160 |   atest P25r Reserved aref "doesn't set Reserved"
161 | 
162 |   echo "LAN_PREFIX_LEN=128" > "$cfile"
163 |   Lans=() Reserved=()
164 | 
165 |   xwrap2 "<128 plen>" ipv6_lan_node_load_config "brx" "64"
166 |   xret P26 t "returns true"
167 |   ftest P26f "" "does not log"
168 |   aref=("brx 128 auto 0")
169 |   atest P26l Lans aref "sets Lans"
170 |   aref=()
171 |   atest P26r Reserved aref "doesn't set Reserved"
172 | 
173 |   echo "LAN_PREFIX_LEN=63"$'\n'"LAN_SITE=7" > "$cfile"
174 |   Lans=() Reserved=()
175 | 
176 |   xwrap2 "<site 7> 61" ipv6_lan_node_load_config "brx" "61"
177 |   xret P27 t "returns true"
178 |   ftest P27f "" "does not log"
179 |   aref=("brx 63 auto 3")
180 |   atest P27l Lans aref "sets Lans (site 3)"
181 |   aref=("3/63")
182 |   atest P27r Reserved aref "sets Reserved"
183 | 
184 |   Lans=() Reserved=()
185 | 
186 |   xwrap2 "<site 7> 63" ipv6_lan_node_load_config "brx" "63"
187 |   xret P28 t "returns true"
188 |   ftest P28f "" "does not log"
189 |   aref=("brx 63 auto 0")
190 |   atest P28l Lans aref "sets Lans (site 0)"
191 |   aref=("0/63")
192 |   atest P28r Reserved aref "sets Reserved"
193 | 
194 |   var="bogus"
195 |   xwrap2 "64 64 0/64" ipv6_find_freesite var 64 64 "0/64"
196 |   xret P31 f "returns false"
197 |   ftest P31f "" "does not log"
198 |   vtest P31v "bogus" "does not set retvar"
199 | 
200 |   xwrap2 "64 64" ipv6_find_freesite var 64 64
201 |   xret P32 t "returns true"
202 |   vtest P32v "0" "sets retvar 0"
203 | 
204 |   xwrap2 "62 64 <2-63>" ipv6_find_freesite var 62 64 "0/63" "1/63"
205 |   xret P33 f "returns false"
206 | 
207 |   xwrap2 "62 64 <1 63>" ipv6_find_freesite var 62 64 "0/63"
208 |   xret P34 t "returns true"
209 |   vtest P34v "2" "sets retvar 2"
210 | 
211 |   xwrap2 "62 64 <'1' free>" ipv6_find_freesite var 62 64 "1/63" "0/64"
212 |   xret P35 t "returns true"
213 |   vtest P35v "1" "sets retvar 1"
214 | 
215 |   xwrap2 "62 64 <'3' free>" ipv6_find_freesite var 62 64 "0/63" "2/64"
216 |   xret P36 t "returns true"
217 |   vtest P36v "3" "sets retvar 3"
218 | 
219 |   xwrap2 "64 64 <empty>" ipv6_find_freesite var 64 64 "" ""
220 |   xret P37 t "returns true"
221 |   vtest P37v "0" "sets retvar 0"
222 | 
223 |   Assigned=() Reserved=("0/63")
224 | 
225 |   xwrap2 "62 64 <0/63 reserved>" ipv6_find_autosite var 62 64
226 |   xret P41 t "returns true"
227 |   vtest P41v "2" "sets retvar 2 (avoids reserved)"
228 | 
229 |   Assigned=("0/63" "2/64") Reserved=("3/64")
230 | 
231 |   xwrap2 "62 64 <0/63 2/64 used, 3/64 reserved>" ipv6_find_autosite var 62 64
232 |   xret P42 t "returns true"
233 |   vtest P42v "3" "sets retvar 3 (uses reserved)"
234 | 
235 |   Assigned=() Reserved=()
236 | 
237 |   xwrap2 "62 63" ipv6_find_autosite var 62 63
238 |   xret P43 t "returns true"
239 |   vtest P43v "0" "sets retvar 0"
240 | 
241 |   Assigned=("0/63") Reserved=() var="bogus"
242 | 
243 |   xwrap2 "63 64 <used 63>" ipv6_find_autosite var 63 64
244 |   xret P44 f "returns false"
245 |   vtest P44v "bogus" "does not set retvar"
246 |   ftest P44f "" "does not log"
247 | 
248 |   Assigned=("2/64") Reserved=("0/63") var='' var2=''
249 | 
250 |   xwrap2 "<reserved 0/63>" ipv6_lan_node_calc var var2 \
251 | 	 "2001:db8:33::/63" br0 63 auto 0
252 |   xret P51 t "returns true"
253 |   vtest P51v "2001:db8:33::32fb:93c5:6555:845a/63" "sets address"
254 |   ltest P51s "var2" "0/63" "sets site 0/63"
255 |   ftest P51f "" "does not log"
256 |   aref=("2/64" "0/63")
257 |   atest P51a Assigned aref "appends to Assigned"
258 | 
259 |   Assigned=("0/63" "2/64") Reserved=("0/63" "1/63") var='orig' var2='orig'
260 | 
261 |   xwrap2 "<unavail pfx>" ipv6_lan_node_calc var var2 \
262 | 	 "2001:db8:33::/63" br0 63 auto 1
263 |   xret P52 t "returns true"
264 |   vtest P52v "" "clears addr"
265 |   ltest P52s "var2" "" "clears site"
266 |   ftest P52f "br0 cannot be configured, no /63 prefixes available" "logs info"
267 | 
268 |   Assigned=("1/63") Reserved=("1/63" "2/64") var='' var2=''
269 | 
270 |   xwrap2 "<unavail reserved 2/64>" ipv6_lan_node_calc var var2 \
271 | 	 "2001:db8:33::/63" br0 64 auto 2
272 |   xret P53 t "returns true"
273 |   vtest P53v "2001:db8:33::32fb:93c5:6555:845a/64" "set address"
274 |   ltest P53s "var2" "0/64" "sets site 0/64"
275 |   ftest P53f "" "does not log"
276 | 
277 |   Assigned=("0/63") Reserved=("0/63" "2/64") var='' var2=''
278 | 
279 |   xwrap2 "<autosite>" ipv6_lan_node_calc var var2 \
280 | 	 "2001:db8:33::/62" br0 64 auto auto
281 |   xret P54 t "returns true"
282 |   vtest P54v "2001:db8:33:3:32fb:93c5:6555:845a/64" "set address"
283 |   ltest P54s "var2" "3/64" "sets site 3/64"
284 |   ftest P54f "" "does not log"
285 | 
286 |   Assigned=("0/63" "3/64") Reserved=("0/63" "2/64") var='' var2=''
287 | 
288 |   xwrap2 "<autosite, only reserved>" ipv6_lan_node_calc var var2 \
289 | 	 "2001:db8:33::/62" br0 64 auto auto
290 |   xret P55 t "returns true"
291 |   vtest P55v "2001:db8:33:2:32fb:93c5:6555:845a/64" "set retvar to reserved"
292 |   ltest P55s "var2" "2/64" "sets site 2/64"
293 |   ftest P55f "" "does not log"
294 | 
295 |   Assigned=("0/63" "3/64" "2/64") var="orig" var2="orig"
296 | 
297 |   xwrap2 "<autosite, unavail>" ipv6_lan_node_calc var var2 \
298 | 	  "2001:db8:33::/62" br0 64 auto auto
299 |   xret P56 t "returns true"
300 |   vtest P56v "" "clears address"
301 |   ltest P56s "var2" "" "clears site"
302 |   ftest P56f "br0 cannot be configured, no /64 prefixes available" "logs info"
303 | 
304 |   #
305 |   # TEST: exclude 0/64, host_site 1
306 |   #
307 |   Assigned=("0/64" "1/64" "3/64") Reserved=("2/64") var="orig" var2="orig"
308 |   local Exclude="0/64"
309 | 
310 |   xwrap2 "<host exclude/64>" ipv6_lan_node_calc var var2 \
311 | 	  "2001:db8:33::/62" br0 128 auto 1
312 |   xret P60 t "returns true"
313 |   vtest P60v "2001:db8:33:1::1c48/128" "sets address"
314 |   ltest P60s "var2" "1/128" "sets site"
315 |   ftest P60f "" "does not log"
316 | 
317 |   #
318 |   # TEST: prefix/64 exclude 1/65, host_site 0
319 |   #
320 |   Assigned=("0/65") Reserved=("2/64") var="orig" var2="orig"
321 |   local Exclude="0/65"
322 | 
323 |   xwrap2 "<host exclude 0/65>" ipv6_lan_node_calc var var2 \
324 | 	  "2001:db8:33::/64" br0 128 auto 0
325 |   xret P61 t "returns true"
326 |   vtest P61v "2001:db8:33:0:8000::1c48/128" "sets address avoiding exclude"
327 |   ltest P61s "var2" "0/128" "sets site"
328 |   ftest P61f "" "does not log"
329 | 
330 |   #
331 |   # TEST: prefix/64 exclude 1/65, host_site 0
332 |   #
333 |   Assigned=("1/65") Reserved=("2/64") var="orig" var2="orig"
334 |   local Exclude="1/65"
335 | 
336 |   xwrap2 "<host exclude 1/65>" ipv6_lan_node_calc var var2 \
337 | 	  "2001:db8:33::/64" br0 128 auto 0
338 |   xret P62 t "returns true"
339 |   vtest P62v "2001:db8:33::1c48/128" "sets address avoiding exclude"
340 |   ltest P62s "var2" "0/128" "sets site"
341 |   ftest P62f "" "does not log"
342 | 
343 |   xtest::onexit::prefix
344 |   ipv6_lan_clear_config
345 | }
346 | 
347 | xtest::onexit::addr() {
348 |   [[ -d $RUNDIR ]] || return 0
349 |   command -p rm -f "$RUNDIR/"*"-addr"
350 | }
351 | 
352 | xtest::group2::addr() {
353 | 
354 |   shtest::title "LAN Address Tests (addr group)"
355 | 
356 |   xtest_check_statevars A0 LAN_STATE_PAT
357 | 
358 |   # rename for easy cleanup
359 |   local LAN_STATE_PAT="${LAN_STATE_PAT}-addr"
360 |   local FORWARDING_PAT="$RUNDIR/forwarding-@NODE@-addr"
361 | 
362 |   local state1 sfile1
363 |   sfile1=${LAN_STATE_PAT/@LAN@-from-@ID@-@WAN@/br0-from-1122-wan0}
364 |   state1=${FORWARDING_PAT/@NODE@/br0}
365 | 
366 |   # test variables
367 |   local out state Forwarding=1
368 | 
369 |   # reset
370 |   xtest::onexit::addr
371 | 
372 |   printf '' >"$state1"
373 | 
374 |   ipv6_init_globals
375 | 
376 |   xwrap2 "<addr>" ipv6_lan_add_addr br0 "inet6:2001:db8:100::1/64" "$state1"
377 |   xret A1 t "returns true"
378 |   xread_value out <<-EOF
379 | 	Adding 2001:db8:100::1/64 to br0
380 | 	ip '-6' 'addr' 'add' '2001:db8:100::1/64' 'dev' 'br0'
381 | 	EOF
382 |   ftest A1f "$out" "adds address"
383 |   shtest::check_file A1w "$state1" "1" "writes 1 to forwarding file"
384 |   ltest A1r "RADVD_TRIGGER" "1" "Sets RADVD_TRIGGER"
385 | 
386 |   # cleanup
387 |   Forwarding=0
388 |   xtest::onexit::addr
389 | 
390 |   xtest_settime 3060
391 | 
392 |   xread_value state <<-EOF
393 | 	inet6:2001:db8:100::1/64
394 | 	valid-life:240
395 | 	pref-life:120
396 | 	life-start:3000
397 | 	EOF
398 |   echo "$state" > "$sfile1"
399 | 
400 |   ipv6_init_globals
401 | 
402 |   xwrap2 "<addr> <lifetimes set>" ipv6_lan_add_addr br0 "$state" "$sfile1"
403 |   xret A2 t "returns true"
404 |   xread_value out <<-EOF
405 | 	Adding 2001:db8:100::1/64 to br0
406 | 	ip '-6' 'addr' 'replace' '2001:db8:100::1/64' 'dev' 'br0'\
407 |  'valid_lft' '180' 'preferred_lft' '60'
408 | 	EOF
409 |   ftest A2f "$out" "adds address with lifetimes"
410 |   shtest::check_file A2w "$sfile1" "$state" "keeps state file"
411 |   ltest A2r "RADVD_TRIGGER" "1" "Sets RADVD_TRIGGER"
412 | 
413 |   xtest_settime 3300
414 | 
415 |   ipv6_init_globals
416 | 
417 |   xwrap2 "<addr> <expired lifetimes>" ipv6_lan_add_addr br0 "$state" "$sfile1"
418 |   xret A3 f "returns false"
419 |   ftest A3f "" "does not add address"
420 |   ltest A3r "RADVD_TRIGGER" "" "Does not set RADVD_TRIGGER"
421 |   [[ -e $sfile1 ]]
422 |   xtest A3w f "removes state file"
423 | 
424 |   xcat > "$sfile1" <<-EOF
425 | 	inet6:fdc0:4455:b240::1/64
426 | 	valid-life:240
427 | 	pref-life:120
428 | 	life-start:3000
429 | 	EOF
430 | 
431 |   ipv6_init_globals
432 | 
433 |   xwrap2 "<addr>" ipv6_lan_node_remove "$sfile1" br0
434 |   xret A11 t "returns true"
435 |   xread_value out <<-EOF
436 | 	Removing fdc0:4455:b240::1/64 from br0
437 | 	ip '-6' 'addr' 'del' 'fdc0:4455:b240::1/64' 'dev' 'br0'
438 | 	EOF
439 |   ftest A11f "$out" "removes address"
440 |   ltest A11r "RADVD_TRIGGER" "1" "Sets RADVD_TRIGGER"
441 |   [[ -e $sfile1 ]]
442 |   xtest A11w f "removes state file"
443 | 
444 |   xwrap2 "br0" ipv6_lan_read_config br0
445 |   xret A21 t "returns true"
446 |   ltest A21a "LAN_SITE" "ab80" "sets LAN_SITE"
447 |   ltest A21b "LAN_PREFIX_LEN" "63" "sets LAN_PREFIX_LEN"
448 |   [[ ${LAN_NODE-unset} == unset ]]
449 |   xtest A21c t "LAN_NODE should be unset"
450 | 
451 |   ipv6_lan_clear_config
452 |   xtest::onexit::addr
453 | }
454 | 
455 | xmain() {
456 | 
457 |   # don't mimic cmdline
458 |   unset LOGNAME
459 | 
460 |   local TEST_FILE="${TEST_NMDIR}/08-ipv6-prefix"
461 |   xload_script "${TEST_FILE}"
462 | 
463 |   # load wan config
464 |   local interface=wan0
465 | 
466 |   xtest::run_tests "ipv6-prefix-addr-test Summary" "$@"
467 |   local rc=$?
468 | 
469 |   nmddns_cleanup
470 | 
471 |   return $rc
472 | }
473 | 
474 | xstart "$@"
475 | 


--------------------------------------------------------------------------------
/etc/nmutils/ddns-functions:
--------------------------------------------------------------------------------
  1 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: nil; -*-
  2 | # vim:set ft=sh et sw=2 ts=2:
  3 | # SPDX-License-Identifier: LGPL-3.0-or-later
  4 | #
  5 | # Copyright (C) 2014-2025 Scott Shambarger
  6 | #
  7 | # NMDDNS - Dynamic DNS functions scripts can include and use
  8 | # Author: Scott Shambarger <devel@shambarger.net>
  9 | #
 10 | # Instructions for use:
 11 | #
 12 | #   Setup a few constants in your NetworkManager dispatcher script, and
 13 | #   include this file, here's an example:
 14 | #
 15 | #       # optional, for logging
 16 | #       NMG_TAG="ddns"
 17 | #
 18 | #       # set NMUTILS early, and allow environment to override
 19 | #       NMUTILS=${NMUTILS:-/etc/nmutils}
 20 | #
 21 | #       # optional min-version required
 22 | #       NMDDNS_REQUIRED="1.3.7"
 23 | #
 24 | #       NMDDNS=${NMDDNS:-${NMUTILS}/ddns-functions}
 25 | #       { [[ -r ${NMDDNS} ]] && . "${NMDDNS}"; } || NMDDNS=''
 26 | #
 27 | #   Use of NM* variables above is optional (NMDDNS here indicates
 28 | #   nmddns_* functions were loaded), but the above allows easy
 29 | #   overrides from the environment (and easy testing).  You may also
 30 | #   want to customize some settings in NMCONF/general.conf (see
 31 | #   "Global overrides" below)
 32 | #
 33 | # Requires:
 34 | #
 35 | #   NMUTILS/general-functions - shared functions
 36 | #   nsupdate - for DNS updates
 37 | #   dig - for DNS queries
 38 | #
 39 | # Supported, but optional:
 40 | #
 41 | #   09-ddns - asynchronous DDNS helper- place "HELPER" in
 42 | #             /etc/NetworkManager/dispatcher.d (or set NMDDNS_DHELPER
 43 | #             in NMG's general.conf)
 44 | #   flock - used for locking
 45 | #
 46 | # Dynamic DNS Functions:
 47 | #
 48 | #   nmddns_read_config <config-file>
 49 | #
 50 | #     Reset config setting (including for all resource records) and
 51 | #     read <config-file>. Return 1 if not found, 2 if DDNS_ZONE not set.
 52 | #
 53 | #   nmddns_required_config <config-file>
 54 | #
 55 | #     Same as nmddns_read_config but exit 0 if not found/required element
 56 | #     missing, or exit with error if other error.
 57 | #
 58 | #   nmddns_reset_config
 59 | #
 60 | #     Unset all config environment
 61 | #
 62 | #   nmddns_get_config <retvar> [ <fmt> ]
 63 | #
 64 | #     Sets <retvar> with DDNS config using nmg::print_env
 65 | #
 66 | #   nmddns_cleanup
 67 | #
 68 | #     Unset all loaded environment
 69 | #
 70 | #   nmddns_get_globals <retvar> [ <fmt> ]
 71 | #
 72 | #     Sets <retvar> with global DDNS config using nmg::print_env
 73 | #
 74 | #   nmddns::get_A_addrs <retarr> <interface> [ <private-ok> ]
 75 | #
 76 | #     Sets <retarr> to all global ipv4 addresses on <interface> that
 77 | #     pass <private-ok> (see nmg_check_ip4_addr).  Fails if
 78 | #     nmg::query_ips does.
 79 | #
 80 | #   nmddns::get_AAAA_addrs <retvar> <interface> [ <private-ok> ]
 81 | #
 82 | #     As get_A_addrs above, but for ipv6 addresses that also pass DAD.
 83 | #
 84 | #   nmddns_update <rrec> [ <value> [ <state-pat> ] ]
 85 | #
 86 | #     Set DNS resource record <rrec> to <value>, or if <value> empty,
 87 | #     set to the fallback value if not empty (see below), or remove
 88 | #     the record (DDNS_* values should be set).  If supplied,
 89 | #     <value> is expected to be in RDATA format appropriate for <rrec>.
 90 | #     If provided, <state-pat> must contain the string "@RREC@" and
 91 | #     is used to save <value> and override value assigned later by 09-ddns.
 92 | #     Returns any errors from nsupdate.
 93 | #
 94 | #     SPECIAL CASE: for A/AAAA records, values containing "," are handled
 95 | #     as multiple (comma-separated) address records (see _LISTSEP below for
 96 | #     multiple records of other types).
 97 | #
 98 | #     SPECIAL CASE: for A/AAAA records, values of "!<interface>" will
 99 | #     use nmddns::get_<A|AAAA>_addrs to query current ips on <interface>.
100 | #
101 | #   nmddns_spawn_update <config-file> <rrec> [ <value> [ <state-pat> ] ]
102 | #
103 | #     Checks if <rrec> defined in <config-file>, and if so spawns HELPER
104 | #     to call nmddns_update asynchronously.  If HELPER not found, calls
105 | #     nmddns_update directly with reduced timeouts.
106 | #
107 | #   nmddns_update_all <"up" | "down"> [ <ip4-addr> <ip6-addr> [ <state-pat> ] ]
108 | #
109 | #     Updates for all configured DDNS names (DDNS_* values should be set),
110 | #     using <ip4-addr> for A and <ip6-addr> for AAAA (if respective
111 | #     DDNS_RREC_*_VALUEs don't override).  Returns any errors from nsupdate.
112 | #     See nmddns_update for special A/AAAA values and use of <state-pat>.
113 | #
114 | #   nmddns_spawn_update_all <"up" | "down"> <config-file>
115 | #                          [ <ip4-addr> <ip6-addr> [ <state-pat> ] ]
116 | #
117 | #     Spawn HELPER to call nmddns_update_all asynchronously, or read
118 | #     <config-file> and call it directly if HELPER not found.
119 | #
120 | # Configuration Settings (set before including this file)
121 | #
122 | #   Any general-functions configuration, eg. NMUTILS/NMCONF
123 | #
124 | #   NMDDNS_REQUIRED (optional) - minimum required NMDDNS_VERSION
125 | #
126 | # Global Overrides (put in NMCONF/general.conf)
127 | #
128 | #  "@MATCH@" can be <interface>, or <interface>-from-<something>
129 | #
130 | #   NMDDNS_CONFIG_PAT (default: "NMCONF/ddns-@MATCH@.conf")
131 | #       Value must contain a single "@MATCH@"
132 | #       See "Config Settings" below for file contents.
133 | #
134 | #   DDNS_STATE_DIR (default: "$RUNDIR", or "/run/nmutils" if unset)
135 | #
136 | #   NMDDNS_STATE_PAT (default: "DDNS_STATE_DIR/ddns-@MATCH@-@RREC@.state")
137 | #       Value must contain a single "@MATCH@-@RREC@" and is used by
138 | #       09-ddns for per-@RREC@ overrides for @MATCH@ config.
139 | #       (use with nmddns_update)
140 | #
141 | #   DDNS_GLOBAL_LOCKFILE (optional) - flock lockfile used to prevent
142 | #       races between query and set of records.  Overrides use of config
143 | #       file with this file for all locking (useful to serialize all DNS
144 | #       updates).
145 | #
146 | #   DDNS_GLOBAL_FLOCK_TIMEOUT (default: 15) - flock timeout in seconds
147 | #
148 | #   DDNS_GLOBAL_DIG_TIMEOUT (default: 3) - DNS query (dig) timeout
149 | #
150 | #   DDNS_GLOBAL_DIG_RETRIES (default: 2) - DNS query (dig) retries
151 | #
152 | #   DDNS_GLOBAL_DIG_OPTIONS (optional) - options for dig, to have
153 | #       it use TCP ("+tcp") or a keyfile
154 | #       (eg "-k /etc/Kexample.net.+157+12345.private")
155 | #
156 | #   DDNS_GLOBAL_NSUPDATE_TIMEOUT (default: 10) - nsupdate timeout in seconds
157 | #
158 | #   DDNS_GLOBAL_NSUPDATE_OPTIONS (optional) - options for nsupdate, to have
159 | #       it use TCP ("-v") or a keyfile
160 | #       (eg "-k /etc/Kexample.net.+157+12345.private")
161 | #
162 | # Config Settings (put in <config-file>, see nmddns_read_config() above):
163 | #
164 | #   DDNS_ZONE (required) - zone to update
165 | #
166 | #   DDNS_RREC_<rrec>_NAME (one per <rrec>) - name to update for <rrec> record
167 | #       (<rrec> is A, AAAA, CNAME, TXT etc).  This is generally a
168 | #       domain or host name, but can be any valid DNS name.
169 | #
170 | #   DDNS_RREC_<rrec>_VALUE (optional) -  use this value when interface is up.
171 | #       If empty, then DDNS_RREC_<rrec>_FALLBACK is used.  If set to "*"
172 | #       (an asterisk), then FALLBACK is ignored, and the <rrec> is removed
173 | #       when the interface is up.
174 | #
175 | #   DDNS_RREC_<rrec>_FALLBACK (optional) - value to use if a record would
176 | #       otherwise be removed (empty value); useful to set a value when
177 | #       interface is down, or an global address is not yet available
178 | #       on an interface.
179 | #
180 | #   DDNS_RREC_<rrec>_PRIVATE (optional) - for A/AAAA only, allow private
181 | #       interface addresses to be used (otherwise would use FALLBACK)
182 | #
183 | #   DDNS_RREC_<rrec>_LISTSEP (optional) - for non-A/AAAA records,
184 | #       handles <value> and *_VALUEs as multiple records separated by
185 | #       this variable's value.
186 | #
187 | #   DDNS_DIG_TIMEOUT (optional) - override global DNS query (dig) timeout
188 | #
189 | #   DDNS_DIG_RETRIES (optional) - override global DNS query (dig) retries
190 | #
191 | #   DDNS_DIG_OPTIONS (optional) - override global dig options
192 | #
193 | #   DDNS_NSUPDATE_TIMEOUT (optional) - override global nsupdate timeout
194 | #
195 | #   DDNS_NSUPDATE_OPTIONS (optional) - override global nsupdate options
196 | #
197 | #   DDNS_SERVER (default: 127.0.0.1) - dns server to update
198 | #
199 | #   DDNS_TTL (default: 600) - ttl of entry
200 | #
201 | #   DDNS_FLOCK_TIMEOUT (optional) - override global flock timeout
202 | #
203 | #   DDNS_LOCKFILE (optional) - flock lockfile used to prevent races between
204 | #       query and update.  Defaults to config file itself.  Set to empty
205 | #       in a config file to disable locking for just that file.
206 | #
207 | # NOTE: executable paths (see below) may be overriden if needed.
208 | #
209 | # Globals
210 | #
211 | #   NMDDNS_VERSION - current file version
212 | #
213 | # shellcheck shell=bash disable=SC1090
214 | 
215 | [[ ${NMDDNS_VERSION-} ]] || declare -r NMDDNS_VERSION="1.6.0"
216 | 
217 | # set default paths if missing
218 | NMUTILS=${NMUTILS:-/etc/nmutils}
219 | 
220 | ########## Global Defaults (customize in $NMCONF/general.conf)
221 | 
222 | DDNS_STATE_DIR=${RUNDIR:-/run/nmutils}
223 | 
224 | ########## Support Programs
225 | 
226 | NMDDNS_DHELPER=${NMDDNS_DHELPER:-/etc/NetworkManager/dispatcher.d/09-ddns}
227 | NMDDNS_DIG=${NMDDNS_DIG:-dig}
228 | NMDDNS_NSUPDATE=${NMDDNS_NSUPDATE:-nsupdate}
229 | 
230 | # set NMDDNS_FLOCK to empty to disable all locking
231 | NMDDNS_FLOCK=${NMDDNS_FLOCK:-flock}
232 | 
233 | ########## SCRIPT START
234 | 
235 | # load general-functions
236 | NMG=${NMG:-${NMUTILS}/general-functions}
237 | # save any existing NMG_REQUIRED (checked later)
238 | NMDDNS_NMG_REQ=${NMG_REQUIRED-}
239 | NMG_REQUIRED="1.8.0"
240 | { [[ -r ${NMG} ]] && . "${NMG}"; } || {
241 |   echo 1>&2 "Unable to load ${NMG}"; NMG=''; }
242 | 
243 | ########## Config Locations (defaults for HELPER)
244 | 
245 | NMDDNS_CONFIG_PAT=${NMDDNS_CONFIG_PAT:-${NMCONF}/ddns-@MATCH@.conf}
246 | NMDDNS_STATE_PAT=${NMDDNS_STATE_PAT:-${DDNS_STATE_DIR}/ddns-@MATCH@-@RREC@.state}
247 | 
248 | # private
249 | nmddns::_loaded() {
250 | 
251 |   # test if general-functions loaded..
252 |   [[ ${NMG} ]] || {
253 |     # exit, as any fallback will fail to load NMG anyway
254 |     exit 2
255 |   }
256 | 
257 |   if [[ ${NMDDNS_NMG_REQ} ]]; then
258 |     NMG_REQUIRED=${NMDDNS_NMG_REQ}
259 |     if ! nmg::require_version "${NMG_VERSION}" "${NMG_REQUIRED}"; then
260 |       nmg_err "${BASH_SOURCE[0]}: NMG_VERSION=${NMG_VERSION} < NMG_REQUIRED=${NMG_REQUIRED}"
261 |       return 1
262 |     fi
263 |   fi
264 |   if [[ ${NMDDNS_REQUIRED-} ]] &&
265 |        ! nmg::require_version "${NMDDNS_VERSION}" "${NMDDNS_REQUIRED}"; then
266 |     nmg_err "${BASH_SOURCE[0]}: NMDDNS_VERSION=${NMDDNS_VERSION} < NMDDNS_REQUIRED=${NMDDNS_REQUIRED}"
267 |     return 1
268 |   fi
269 | 
270 |   # test required programs
271 |   nmg_need_progs_env NMDDNS_DIG NMDDNS_NSUPDATE || return
272 | }
273 | 
274 | # internal
275 | nmddns::_short_timeouts() {
276 |   # fast timeouts with no background HELPER is available
277 |   DDNS_DIG_TIMEOUT=1
278 |   DDNS_DIG_RETRIES=0
279 |   DDNS_NSUPDATE_TIMEOUT=2
280 |   DDNS_FLOCK_TIMEOUT=1
281 | }
282 | 
283 | # internal
284 | nmddns::_update() {
285 |   # <name> <rrec> <value>
286 |   local ddns_name=$1 ddns_rrec=$2 ddns_value=$3 cur_value name sep
287 | 
288 |   DDNS_SERVER=${DDNS_SERVER:-127.0.0.1}
289 | 
290 |   # check if server already has correct entry
291 |   nmg_debug "Looking up current ${ddns_rrec} on server ${DDNS_SERVER}"
292 | 
293 |   local qtime=${DDNS_DIG_TIMEOUT:-${DDNS_GLOBAL_DIG_TIMEOUT:-3}}
294 |   local qretry=${DDNS_DIG_RETRIES:-${DDNS_GLOBAL_DIG_RETRIES:-2}}
295 |   local qopts=${DDNS_DIG_OPTIONS:-${DDNS_GLOBAL_DIG_OPTIONS-}}
296 |   # shellcheck disable=SC2086
297 |   if ! nmg::run cur_value "" "${NMDDNS_DIG}" "@${DDNS_SERVER}" \
298 |        +short +retry="${qretry}" +time="${qtime}" ${qopts} \
299 |        "${ddns_rrec}" "${ddns_name}"; then
300 |     if [[ ${ddns_value} ]]; then
301 |       nmg_err "Update ${ddns_name} ${ddns_rrec} to ${ddns_value} failed"
302 |     else
303 |       nmg_err "Removal of ${ddns_name} ${ddns_rrec} failed"
304 |     fi
305 |     return 25
306 |   fi
307 | 
308 |   name="DDNS_RREC_${ddns_rrec}_LISTSEP"; sep=${!name:-}
309 | 
310 |   [[ ${ddns_rrec} =~ ^(A|AAAA)$ ]] && sep=","
311 | 
312 |   if [[ ${sep} ]]; then
313 |     # shellcheck disable=SC2034
314 |     local acur=() anew=()
315 |     nmg::array acur $'\n' "${cur_value}"
316 |     nmg::array anew "${sep}" "${ddns_value}"
317 |     if nmg::array_match_values acur anew; then
318 |       nmg_debug "${ddns_name} ${ddns_rrec} entry current: ${ddns_value}"
319 |       return
320 |     fi
321 |   elif [[ ${cur_value} == "${ddns_value}" ]]; then
322 |     nmg_debug "${ddns_name} ${ddns_rrec} entry current: ${ddns_value}"
323 |     return
324 |   fi
325 | 
326 |   nmg_debug "Old ${ddns_name} ${ddns_rrec} value: ${cur_value}"
327 |   local ddns_cmd='' items=()
328 |   if [[ ${ddns_value} ]]; then
329 |     nmg_info "Setting ${ddns_name} ${ddns_rrec} to ${ddns_value}"
330 |     if [[ ${sep} ]]; then
331 |       nmg::array items "${sep}" "${ddns_value}"
332 |       for ddns_value in "${items[@]}"; do
333 |         ddns_cmd+="update add ${ddns_name} ${DDNS_TTL:-600} ${ddns_rrec} ${ddns_value}"$'\n'
334 |       done
335 |     else
336 |       ddns_cmd="update add ${ddns_name} ${DDNS_TTL:-600} ${ddns_rrec} ${ddns_value}"$'\n'
337 |     fi
338 |   else
339 |     nmg_info "Removing ${ddns_name} ${ddns_rrec}"
340 |   fi
341 | 
342 |   # update the entry (15 sec timeout)
343 |   local timeout=${DDNS_NSUPDATE_TIMEOUT:-${DDNS_GLOBAL_NSUPDATE_TIMEOUT:-10}}
344 |   local options=${DDNS_NSUPDATE_OPTIONS:-${DDNS_GLOBAL_NSUPDATE_OPTIONS-}}
345 |   # shellcheck disable=SC2086
346 |   nmg_cmd "${NMDDNS_NSUPDATE}" -t "${timeout}" ${options} <<- EOF
347 | 	server ${DDNS_SERVER}
348 | 	zone ${DDNS_ZONE}
349 | 	update delete ${ddns_name} ${ddns_rrec}
350 | 	${ddns_cmd}send
351 | 	EOF
352 |   local rc=$?
353 |   [[ ${rc} != 0 ]] && nmg_err "DNS update to server ${DDNS_SERVER} failed for ${ddns_name} ${ddns_rrec}"
354 | 
355 |   return ${rc}
356 | }
357 | 
358 | _nmddns_conf_env=(
359 |   DDNS_ZONE DDNS_SERVER DDNS_TTL
360 |   'DDNS_FLOCK_TIMEOUT="'"${DDNS_GLOBAL_FLOCK_TIMEOUT:-15}"'"'
361 |   'DDNS_DIG_TIMEOUT="'"${DDNS_GLOBAL_DIG_TIMEOUT:-3}"'"'
362 |   'DDNS_DIG_RETRIES="'"${DDNS_GLOBAL_DIG_RETRIES:-2}"'"'
363 |   'DDNS_DIG_OPTIONS="'"${DDNS_GLOBAL_DIG_OPTIONS-}"'"'
364 |   'DDNS_NSUPDATE_TIMEOUT="'"${DDNS_GLOBAL_NSUPDATE_TIMEOUT:-10}"'"'
365 |   'DDNS_NSUPDATE_OPTIONS="'"${DDNS_GLOBAL_NSUPDATE_OPTIONS-}"'"'
366 |   'DDNS_LOCKFILE="'"${DDNS_GLOBAL_LOCKFILE-}"'"'
367 | )
368 | 
369 | nmddns_reset_config() {
370 |   nmg::unset_env "${!DDNS_RREC_@}" "${_nmddns_conf_env[@]}"
371 | }
372 | 
373 | nmddns_read_config() {
374 |   # <config-file>
375 |   local config=${1-}
376 | 
377 |   # clear config
378 |   nmddns_reset_config
379 | 
380 |   # lockfile defaults to config-file (as it will exist if used)
381 |   DDNS_LOCKFILE=${DDNS_GLOBAL_LOCKFILE-${config}}
382 | 
383 |   # read config if any
384 |   nmg_read_config "${config}" || return
385 | 
386 |   # check required elements
387 |   [[ ${DDNS_ZONE-} ]] || return 2
388 | }
389 | 
390 | _nmddns_gconf_env=(
391 |   DDNS_GLOBAL_LOCKFILE 'DDNS_GLOBAL_FLOCK_TIMEOUT="15"'
392 |   'DDNS_GLOBAL_DIG_TIMEOUT="3"' 'DDNS_GLOBAL_DIG_RETRIES="2"'
393 |   DDNS_GLOBAL_DIG_OPTIONS 'DDNS_GLOBAL_NSUPDATE_TIMEOUT="10"'
394 |   DDNS_GLOBAL_NSUPDATE_OPTIONS
395 | )
396 | 
397 | nmddns_cleanup() {
398 |   nmddns_reset_config
399 |   nmg::unset_env "${_nmddns_gconf_env[@]}"
400 | }
401 | 
402 | nmddns_get_config() { # <retvar> [ <fmt> ]
403 |   [[ ${1-} ]] || { nmg_err "nmddns_get_config: missing <retvar>"; return 3; }
404 |   nmg::print_env "$1" "${2-}" "${_nmddns_conf_env[@]}" "${!DDNS_RREC_@}"
405 | }
406 | 
407 | nmddns_get_globals() { # <retvar> [ <fmt> ]
408 |   [[ ${1-} ]] || { nmg_err "nmddns_get_globals: missing <retvar>"; return 3; }
409 |   nmg::print_env "$1" "${2-}" "${_nmddns_gconf_env[@]}"
410 | }
411 | 
412 | nmddns_required_config() {
413 |   # <config-file>
414 |   local rc=0
415 |   nmddns_read_config "${1-}" || rc=$?
416 | 
417 |   # 1 means no file, just exit 0
418 |   (( rc == 1 )) && exit 0
419 |   # any other error, exit with it
420 |   (( rc != 0 )) && exit ${rc}
421 |   # no errors, continue...
422 |   return 0
423 | }
424 | 
425 | # Sets _rlist arrays to all active <ip-ver> addresses on <intf>
426 | # If <priv> not empty, allow private addresses
427 | nmddns::_query_addrs() { # fails if <intf> empty or query_ips fails
428 |   # <ip-ver> <intf> <priv>
429 |   local ver=$1 intf=$2 priv=$3 addr addrp alist=()
430 | 
431 |   [[ ${intf} ]] || return
432 | 
433 |   # query addresses with properties
434 |   nmg::query_ips alist "nolog" "${ver}p" "${intf}" || return
435 | 
436 |   for addrp in ${alist[@]+"${alist[@]}"}; do
437 |     # strip /<subnet>
438 |     addr=${addrp%%/*}
439 |     if [[ ${ver} == 4 ]]; then
440 |       nmg_check_ip4_addr "${addr}" "${priv}" || continue
441 |     else
442 |       nmg_check_ip6_addr "${addr}" "${priv}" || continue
443 |       [[ ${addrp} =~ (^| )dadfailed($| ) ]] && continue
444 |       [[ ${addrp} =~ (^| )tentative($| ) ]] && {
445 |         nmg::wait_dad6 "${intf}" "${addrp%% *}" || continue
446 |       }
447 |     fi
448 |     _rlist+=("${addr}")
449 |   done
450 | 
451 |   return 0
452 | }
453 | 
454 | # sets <retarr> with all valid dns ip4 address on <intf>
455 | nmddns::get_A_addrs() { # returns err if query_ips fails
456 |   # <retarr> <intf> [ <priv> ]
457 |   local _rlist=() _rc=0
458 |   nmddns::_query_addrs 4 "${2-}" "${3-}" || _rc=$?
459 |   [[ ${1-} ]] && nmg::array_copy "$1" "_rlist"
460 |   return ${_rc}
461 | }
462 | 
463 | # sets <retarr> with all valid dns ip4 address on <intf>
464 | nmddns::get_AAAA_addrs() { # returns err if query_ips fails
465 |   # <retarr> <intf> [ <priv> ]
466 |   local _rlist=() _rc=0
467 |   nmddns::_query_addrs 6 "${2-}" "${3-}" || _rc=$?
468 |   [[ ${1-} ]] && nmg::array_copy "$1" "_rlist"
469 |   return ${_rc}
470 | }
471 | 
472 | nmddns_update() {
473 |   # <rrec> [<value> [<state-pat>]]
474 |   local rrec=${1-} value=${2-} state_pat=${3-} name ddns_name state
475 |   local new_value priv_ok timeout avalue=() anew=() addr
476 | 
477 |   [[ ${rrec} ]] || {
478 |     nmg_err "nmddns_update: missing <rrec>"; return 1; }
479 | 
480 |   # are we configured to update this <rrec>?
481 |   name="DDNS_RREC_${rrec}_NAME"; ddns_name=${!name-}
482 |   [[ ${ddns_name} ]] || return 0
483 | 
484 |   # check config
485 |   [[ ${DDNS_ZONE-} ]] || {
486 |     nmg_err "Missing required DDNS_ZONE config"; return 5; }
487 | 
488 |   [[ ${state_pat} && ! ${state_pat} =~ @RREC@ ]] && {
489 |     nmg_err "nmddns_update: <state-pat> must contain '@RREC@'"
490 |     state_pat=''
491 |   }
492 | 
493 |   state=${state_pat/@RREC@/${rrec}}
494 | 
495 |   if [[ ${value} ]]; then
496 | 
497 |     # set state if requested
498 |     [[ ${state} ]] && { nmg_write "${state}" "${value}"$'\n' || :; }
499 | 
500 |     if [[ ${rrec} =~ ^(A|AAAA)$ ]]; then
501 | 
502 |       # check for !<interface> value
503 |       if [[ ${value} =~ ^[!].+$ ]]; then
504 |         # if interface down, remove addrs
505 |         if [[ ${rrec} == A ]]; then
506 |           nmddns::get_A_addrs anew "${value#!}" \
507 |                               "${DDNS_RREC_A_PRIVATE-}" || :
508 |         else
509 |           nmddns::get_AAAA_addrs anew "${value#!}" \
510 |                                  "${DDNS_RREC_AAAA_PRIVATE-}"|| :
511 |         fi
512 |       else
513 |         nmg::lowercase value "${value}"
514 |         nmg::array anew "," "${value}"
515 |       fi
516 |       # strip any "/<prefix>"
517 |       for addr in ${anew[@]+"${anew[@]}"}; do avalue+=("${addr%%/*}"); done
518 |       nmg::array_join value "," "${avalue[@]-}"
519 |     fi
520 | 
521 |     # use DDNS_RREC_*_VALUE, or $value if not set/empty
522 |     name="DDNS_RREC_${rrec}_VALUE"; new_value=${!name:-${value}}
523 | 
524 |     if [[ ${rrec} =~ ^(A|AAAA)$ ]]; then
525 |       # SPECIAL CASE: if A or AAAA (without _VALUE override), make
526 |       # sure new value is valid
527 |       nmg::lowercase new_value "${new_value}"
528 |       nmg::array anew "," "${new_value}"
529 |       # if list new_value == value (no override), check values are valid
530 |       if nmg::array_match_values avalue anew; then
531 |         name="DDNS_RREC_${rrec}_PRIVATE"; priv_ok=${!name-}
532 |         anew=()
533 |         for addr in ${avalue[@]+"${avalue[@]}"}; do
534 |           if [[ ${rrec} == A ]]; then
535 | 	    nmg_check_ip4_addr "${addr}" "${priv_ok}" && anew+=("${addr}")
536 |           else
537 | 	    nmg_check_ip6_addr "${addr}" "${priv_ok}" && anew+=("${addr}")
538 |           fi
539 |         done
540 |         # update new_value with only checked values
541 |         nmg::array_join new_value "," "${anew[@]-}"
542 |       fi
543 |     fi
544 | 
545 |     # use fallback (if any) if <new_value> empty
546 |     [[ ${new_value} ]] || {
547 |       name="DDNS_RREC_${rrec}_FALLBACK"; new_value=${!name-}; }
548 | 
549 |     # new_value of * means remove entry on set (ignoring fallback)
550 |     [[ ${new_value} == "*" ]] && value='' || value=${new_value}
551 |   else
552 | 
553 |     # remove state if requested
554 |     [[ ${state} ]] && nmg_remove "${state}"
555 | 
556 |     # clearing value, use fallback (if any)
557 |     name="DDNS_RREC_${rrec}_FALLBACK"; value=${!name-}
558 |   fi
559 | 
560 |   if [[ -f ${DDNS_LOCKFILE-} ]] &&
561 |        command &>/dev/null -v "${NMDDNS_FLOCK}"; then
562 |     timeout=${DDNS_FLOCK_TIMEOUT:-${DDNS_GLOBAL_FLOCK_TIMEOUT:-15}}
563 |     ("${NMDDNS_FLOCK}" -w "${timeout}" 9 || {
564 |        nmg_err "Timeout getting DDNS lock for ${rrec}"; exit 1; }
565 |      nmddns::_update "${ddns_name}" "${rrec}" "${value}"
566 |     ) 9<"${DDNS_LOCKFILE}" || return
567 |   else
568 |     # no locking
569 |     [[ ${DDNS_LOCKFILE-} ]] && nmg_info "Locking not available for DDNS"
570 |     nmddns::_update "${ddns_name}" "${rrec}" "${value}" || return
571 |   fi
572 |   return 0
573 | }
574 | 
575 | nmddns::_daemon_helper() { # return 1 if helper unavail or daemonize fails
576 |   # <action> <config> [ <state> ]
577 |   [[ ${NMDDNS_DHELPER-} ]] || return 1
578 | 
579 |   # export helper action
580 |   local -x NMDDNSH_ACTION=$1 NMDDNSH_CONFIG=$2 NMDDNSH_STATE=${3-}
581 | 
582 |   nmg_daemon "${NMDDNS_DHELPER}" || return
583 | }
584 | 
585 | nmddns_spawn_update() {
586 |   # <config-file> <rrec> [<value> [<state-pat>]]
587 |   local config=${1-} rrec=${2-} name ddns_name
588 | 
589 |   [[ ${config} ]] || {
590 |     nmg_err "nmddns_spawn_update: <config-file> requires a value"
591 |     return 1
592 |   }
593 | 
594 |   [[ ${rrec} ]] || {
595 |     nmg_err "nmddns_spawn_update: <rrec> must be a RREC name"
596 |     return 1
597 |   }
598 | 
599 |   # check if config exists
600 |   nmddns_read_config "${config}" || return 0
601 | 
602 |   # check if name configured
603 |   name="DDNS_RREC_${rrec}_NAME"; ddns_name=${!name-}
604 |   [[ ${ddns_name} ]] || return 0
605 | 
606 |   # we have a valid config, spawn the HELPER
607 |   local -x NMDDNSH_RREC=${rrec} NMDDNSH_VALUE=${3-}
608 | 
609 |   nmddns::_daemon_helper update "${config}" "${4-}" && return 0
610 | 
611 |   # make timeouts much faster, or NetworkManager will kill us
612 |   nmddns::_short_timeouts
613 | 
614 |   # HELPER not found, or can't be started, update directly.
615 |   shift 1
616 |   nmddns_update "$@"
617 | }
618 | 
619 | nmddns_update_all() {
620 |   # <"up"|"down"> [ <ip4-addr> <ip6-addr> [ <state-pat> ] ]
621 |   local action=$1 addr4=${2-} addr6=${3-} state_pat=${4-}
622 |   local name rrec value rc=0
623 | 
624 |   for name in "${!DDNS_RREC_@}"; do
625 | 
626 |     # DDNS_RREC_<rrec>_NAME is required
627 |     [[ ${name} =~ _NAME$ ]] || continue
628 | 
629 |     # parse rrec
630 |     name=${name#DDNS_RREC_}
631 |     rrec=${name%_NAME}
632 |     [[ ${rrec} ]] || continue
633 | 
634 |     case ${action} in
635 |       up)
636 | 	# special case values for A and AAAA
637 | 	case ${rrec} in
638 | 	  A) value=${addr4} ;;
639 | 	  AAAA) value=${addr6} ;;
640 | 	  *) name="DDNS_RREC_${rrec}_VALUE"; value=${!name-} ;;
641 | 	esac
642 | 	;;
643 |       down) value='' ;;
644 |       *)
645 | 	nmg_err "nmddns_update_all: <action> must be 'up' or 'down'"
646 | 	return 1
647 | 	;;
648 |     esac
649 | 
650 |     # perform update
651 |     nmddns_update "${rrec}" "${value}" "${state_pat}" || rc=$?
652 |   done
653 | 
654 |   return ${rc}
655 | }
656 | 
657 | nmddns_spawn_update_all() {
658 |   # <"up"|"down"> <config-file> [ <ip4-addr> <ip6-addr> [ <state-pat> ] ]
659 |   local action=${1-} config=${2-}
660 | 
661 |   [[ ${action} =~ ^(up|down)$ ]] || {
662 |     nmg_err "nmddns_spawn_update_all: <action> must be 'up' of 'down'"
663 |     return 1
664 |   }
665 | 
666 |   [[ ${config} ]] || {
667 |     nmg_err "nmddns_spawn_update_all: <config-file> requires a value"
668 |     return 1
669 |   }
670 | 
671 |   # check if config exists
672 |   nmddns_read_config "${config}" || return 0
673 | 
674 |   # check if any names configured
675 |   local name name_found=''
676 |   for name in "${!DDNS_RREC_@}"; do
677 |     # DDNS_RREC_<rrec>_NAME is required
678 |     [[ ${name} =~ _NAME$ ]] && name_found=1 && break
679 |   done
680 |   [[ ${name_found} ]] || return 0
681 | 
682 |   # we have a valid config, spawn the HELPER
683 |   local -x NMDDNSH_ADDR4=${3-} NMDDNSH_ADDR6=${4-}
684 | 
685 |   nmddns::_daemon_helper "${action}" "${config}" "${5-}" && return 0
686 | 
687 |   # make timeouts much faster, or NetworkManager will kill us
688 |   nmddns::_short_timeouts
689 | 
690 |   # HELPER not found, or can't be started, update directly.
691 |   shift 2
692 |   nmddns_update_all "${action}" "$@"
693 | }
694 | 
695 | # last, to fail load if any missing components
696 | nmddns::_loaded
697 | 


--------------------------------------------------------------------------------
/test/ddns-test:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # -*- mode: sh; sh-basic-offset: 2; indent-tabs-mode: t; -*-
  3 | # vim:set ft=sh sw=2 ts=2:
  4 | # SPDX-License-Identifier: GPL-3.0-or-later
  5 | #
  6 | # Test suite for ddns-functions
  7 | #
  8 | # shellcheck disable=SC2034,SC1090,SC2123
  9 | 
 10 | NMG_XTEST=${NMG_XTEST:-conf/nmg_xtest}
 11 | { [[ -r ${NMG_XTEST} ]] && . "${NMG_XTEST}"; } ||
 12 |   { echo >&2 "Unable to load ${NMG_XTEST}"; exit 2; }
 13 | 
 14 | # min-version for tests
 15 | NMDDNS_REQUIRED="1.6.0"
 16 | 
 17 | xtest::group1::addr() {
 18 | 
 19 |   local avar=() aref=() anull=()
 20 | 
 21 |   shtest::title "Address Function Tests (addr group)"
 22 | 
 23 |   # Test A/AAAA ip query functions
 24 | 
 25 |   xwrap2 "0" nmddns::get_A_addrs avar "wan0"
 26 |   xret A1 t "returns true"
 27 |   atest A1a avar anull "sets var empty"
 28 |   ftest A1f "" "does not log"
 29 | 
 30 |   xwrap2 "1 priv" nmddns::get_A_addrs avar "eth0"
 31 |   xret A2 t "returns true"
 32 |   atest A2a avar anull "sets var empty"
 33 |   ftest A2f "" "does not log"
 34 | 
 35 |   xwrap2 "1 priv allowed" nmddns::get_A_addrs avar "eth0" 1
 36 |   xret A3 t "returns true"
 37 |   aref=("192.168.66.4")
 38 |   atest A3a avar aref "sets address"
 39 |   ftest A3f "" "does not log"
 40 | 
 41 |   xwrap2 "2 priv" nmddns::get_A_addrs avar "eth2"
 42 |   xret A4 t "returns true"
 43 |   atest A4a avar anull "sets var empty"
 44 |   ftest A4f "" "does not log"
 45 | 
 46 |   xwrap2 "2 priv allowed" nmddns::get_A_addrs avar "eth2" 1
 47 |   xret A5 t "returns true"
 48 |   aref=("10.1.10.12" "10.2.10.12")
 49 |   atest A5a avar aref "sets addresses"
 50 |   ftest A5f "" "does not log"
 51 | 
 52 |   xwrap2 "0" nmddns::get_AAAA_addrs avar "lo"
 53 |   xret A11 t "returns true"
 54 |   atest A11v avar anull "sets var empty"
 55 |   ftest A11f "" "does not log"
 56 | 
 57 |   xwrap2 "1 priv" nmddns::get_AAAA_addrs avar "br0"
 58 |   xret A12 t "returns true"
 59 |   aref=("2001:db8:100:0:32fb:93c5:6555:845a"
 60 | 	"2001:db8:200:0:32fb:93c5:6555:845a"
 61 | 	"2001:db8:200:4:32fb:93c5:6555:845a")
 62 |   atest A12a avar aref "sets var public address"
 63 |   ftest A12f "" "does not log"
 64 | 
 65 |   xwrap2 "1 priv allowed" nmddns::get_AAAA_addrs avar "br0" 1
 66 |   xret A13 t "returns true"
 67 |   aref=("fdc0:4455:b240::1"
 68 | 	"2001:db8:100:0:32fb:93c5:6555:845a"
 69 | 	"2001:db8:200:0:32fb:93c5:6555:845a"
 70 | 	"2001:db8:200:4:32fb:93c5:6555:845a")
 71 |   atest A13a avar aref "sets address"
 72 |   ftest A13f "" "does not log"
 73 | 
 74 |   xwrap2 "2 pub" nmddns::get_AAAA_addrs avar "eth0"
 75 |   xret A14 t "returns true"
 76 |   aref=("2001:db8:871a:28c1::1" "2001:db8:4860:4860::8888")
 77 |   atest A14a avar aref  "sets addresses"
 78 |   ftest A14f "" "does not log"
 79 | 
 80 |   nmddns_reset_config
 81 | }
 82 | 
 83 | xtest::onexit::config() {
 84 |   [[ ${TEST_OUT-} ]] || return 0
 85 |   xrm "$TEST_OUT/test.conf"
 86 | }
 87 | 
 88 | xtest::group2::config() {
 89 | 
 90 |   shtest::title "Config Tests (config group)"
 91 | 
 92 |   xwrap2 "<no args>" nmddns_read_config
 93 |   xret C1 f "returns false"
 94 |   ftest C1f "" "does not log"
 95 | 
 96 |   xrm "$XNOFILE"
 97 | 
 98 |   xwrap2 "<no conf>" nmddns_read_config "$XNOFILE"
 99 |   xret C2 f "returns false"
100 |   ftest C2f "" "does not log"
101 | 
102 |   local cnf="$TEST_OUT/test.conf"
103 |   printf "" >>"$cnf"
104 | 
105 |   xwrap2 "<empty conf>" nmddns_read_config "$cnf"
106 |   xret C3 2 "returns 2"
107 |   ftest C3f "" "does not log"
108 | 
109 |   xwrap2 "<empty conf>" nmddns_read_config "${NMDDNS_CONFIG_PAT/@MATCH@/eth1}"
110 |   xret C4 t "returns true"
111 |   ftest C4f "" "does not log"
112 |   ltest C4x DDNS_ZONE "home.test" "DDNS_ZONE set"
113 |   ltest C4y DDNS_RREC_A_NAME "gateway.home.test" "DDNS_RREC_A_NAME set"
114 | 
115 |   shtest::prefix "nmg_reset_config - "
116 |   xwrap nmddns_reset_config
117 |   xret C5 t "returns true"
118 |   [[ ${DDNS_ZONE-unset} == "unset" ]]
119 |   xtest C5x t "DDNS_ZONE unset"
120 |   [[ ${DDNS_RREC_A_NAME-unset} == "unset" ]]
121 |   xtest C5y t "DDNS_RREC_A_NAME unset"
122 | 
123 |   xwrap2 "<no args>" nmddns_get_globals
124 |   xret C10 3 "returns 3"
125 |   ftest C10f "ERR: nmddns_get_globals: missing <retvar>" "logs error"
126 | 
127 |   local var=xx out
128 |   xwrap2 "var" nmddns_get_globals var
129 |   xret C11 t "returns true"
130 |   xread_value2 out <<-EOF
131 | 	DDNS_GLOBAL_DIG_OPTIONS="+time=1 +retry=2"
132 | 	EOF
133 |   vtest C11v "$out" "sets var"
134 | 
135 |   unset DDNS_GLOBAL_NSUPDATE_TIMEOUT DDNS_GLOBAL_NSUPDATE_OPTIONS
136 | 
137 |   xwrap2 "var <fmt>" nmddns_get_globals var "%-%s:%s\n"
138 |   xret C12 t "returns true"
139 |   xread_value2 out <<-EOF
140 | 	DDNS_GLOBAL_LOCKFILE:""
141 | 	DDNS_GLOBAL_FLOCK_TIMEOUT:"15"
142 | 	DDNS_GLOBAL_DIG_TIMEOUT:"3"
143 | 	DDNS_GLOBAL_DIG_RETRIES:"2"
144 | 	DDNS_GLOBAL_DIG_OPTIONS:"+time=1 +retry=2"
145 | 	DDNS_GLOBAL_NSUPDATE_TIMEOUT:"10"
146 | 	DDNS_GLOBAL_NSUPDATE_OPTIONS:""
147 | 	EOF
148 |   vtest C12v "$out" "sets var <fmt> w/o unset"
149 | 
150 |   xwrap2 "<no args>" nmddns_get_config
151 |   xret C20 3 "returns 3"
152 |   ftest C20f "ERR: nmddns_get_config: missing <retvar>" "logs error"
153 | 
154 |   DDNS_ZONE="example.com" DDNS_RREC_AAAA_NAME="host.example.com"
155 | 
156 |   var=xx
157 |   xwrap2 "var" nmddns_get_config var
158 |   xret C21 t "returns true"
159 |   xread_value2 out <<-EOF
160 | 	DDNS_ZONE="example.com"
161 | 	DDNS_RREC_AAAA_NAME="host.example.com"
162 | 	EOF
163 |   vtest C21v "$out" "sets var with defaults"
164 | 
165 |   xwrap2 "var <fmt>" nmddns_get_config var "%-%s=%s,"
166 |   xret C22 t "returns true"
167 |   out='DDNS_ZONE="example.com",DDNS_SERVER="",DDNS_TTL="",'
168 |   out+='DDNS_FLOCK_TIMEOUT="15",DDNS_DIG_TIMEOUT="3",DDNS_DIG_RETRIES="2",'
169 |   out+='DDNS_DIG_OPTIONS="+time=1 +retry=2",DDNS_NSUPDATE_TIMEOUT="10",'
170 |   out+='DDNS_NSUPDATE_OPTIONS="",DDNS_LOCKFILE="",'
171 |   out+='DDNS_RREC_AAAA_NAME="host.example.com",'
172 |   vtest C22v "$out" "sets var with config using <fmt>"
173 | 
174 |   nmddns_reset_config
175 |   xtest::onexit::config
176 | }
177 | 
178 | xtest::onexit::ddns() {
179 |   # remove ddns tmpfiles
180 |   [[ ${TEST_OUT-} ]] || return 0
181 |   xrm "$TEST_OUT/ddns-state A"
182 |   xrm "$TEST_OUT/ddns-state AAAA"
183 |   xrm "$TEST_OUT/ddns-state"
184 |   xrm "$TEST_OUT/ddns-test.sh"
185 | }
186 | 
187 | xtest::group3::ddns() {
188 |   local out xpat xstate cnf
189 | 
190 |   # don't use helper until we're ready
191 |   local NMDDNS_DHELPER
192 |   unset NMDDNS_DHELPER
193 | 
194 |   shtest::title "nmddns tests (ddns group)"
195 | 
196 |   # Call nmddns_update directly with various RRECs, A/AAAA are
197 |   # validated for format (not against interface)
198 | 
199 |   DDNS_ZONE=example.test DDNS_RREC_A_NAME=www.example.test
200 | 
201 |   xwrap2 "<remove A>" nmddns_update A
202 |   xret D1 t "returns true"
203 |   xread_value out <<-EOF
204 | 	Removing www.example.test A
205 | 	nsupdate '-t' '10'
206 | 	server 127.0.0.1
207 | 	zone example.test
208 | 	update delete www.example.test A
209 | 	send
210 | 	EOF
211 |   ftest D1f "$out" "logs and removes A"
212 | 
213 |   export DIG_MOCK_FAIL=5
214 | 
215 |   xwrap2 "<dig fail 5>" nmddns_update A
216 |   xret D2 25 "returns 25"
217 |   xread_value out <<-EOF
218 | 	ERR: FAIL(5) ${NMDDNS_DIG} @127.0.0.1 +short +retry=2 +time=3\
219 |  +time=1 +retry=2 A www.example.test
220 | 	ERR: Removal of www.example.test A failed
221 | 	EOF
222 |   ftest D2f "$out" "logs error"
223 |   unset DIG_MOCK_FAIL
224 | 
225 |   local -x DUMMY_MOCK_FAIL_nsupdate_mock=5
226 | 
227 |   xwrap2 "<nsupdate fail 5>" nmddns_update A
228 |   xret D3 5 "returns 5"
229 |   xread_value out <<-EOF
230 | 	Removing www.example.test A
231 | 	nsupdate '-t' '10'
232 | 	server 127.0.0.1
233 | 	zone example.test
234 | 	update delete www.example.test A
235 | 	send
236 | 	ERR: FAIL(5) ${NMDDNS_NSUPDATE} -t 10
237 | 	ERR: DNS update to server 127.0.0.1 failed for www.example.test A
238 | 	EOF
239 |   ftest D3f "$out" "logs error"
240 | 
241 |   unset DUMMY_MOCK_FAIL_nsupdate_mock
242 | 
243 |   xwrap2 "A <private>" nmddns_update A 192.168.55.1
244 |   xret D4 t "returns true"
245 |   xread_value out <<-EOF
246 | 	Removing www.example.test A
247 | 	nsupdate '-t' '10'
248 | 	server 127.0.0.1
249 | 	zone example.test
250 | 	update delete www.example.test A
251 | 	send
252 | 	EOF
253 |   ftest D4f "$out" "logs and removes A"
254 | 
255 |   DDNS_RREC_A_FALLBACK=203.0.113.8
256 | 
257 |   xwrap2 "A <private/FALLBACK>" nmddns_update A 192.168.55.1/24
258 |   xret D5 t "returns true"
259 |   xread_value out <<-EOF
260 | 	Setting www.example.test A to 203.0.113.8
261 | 	nsupdate '-t' '10'
262 | 	server 127.0.0.1
263 | 	zone example.test
264 | 	update delete www.example.test A
265 | 	update add www.example.test 600 A 203.0.113.8
266 | 	send
267 | 	EOF
268 |   ftest D5f "$out" "logs and sets A to fallback"
269 |   unset DDNS_RREC_A_FALLBACK
270 | 
271 |   DDNS_RREC_A_PRIVATE=1
272 |   xpat="$TEST_OUT/ddns-state @RREC@"
273 |   xstate=${xpat//@RREC@/A}
274 |   xrm "$xstate"
275 | 
276 |   xwrap2 "A <private/PRIVATE=1>" nmddns_update A 192.168.55.1/24 "$xpat"
277 |   xret D6 t "returns true"
278 |   xread_value out <<-EOF
279 | 	Setting www.example.test A to 192.168.55.1
280 | 	nsupdate '-t' '10'
281 | 	server 127.0.0.1
282 | 	zone example.test
283 | 	update delete www.example.test A
284 | 	update add www.example.test 600 A 192.168.55.1
285 | 	send
286 | 	EOF
287 |   ftest D6f "$out" "logs and sets A (no plen)"
288 |   shtest::check_file D6s "$xstate" "192.168.55.1/24" \
289 |                      "generates state file (with plen)"
290 |   xrm "$xstate"
291 | 
292 |   xstate="$TEST_OUT/ddns-state"
293 |   xrm "$xstate"
294 | 
295 |   # pass bad pattern to test error log
296 |   xwrap2 "<bad state-pat>" nmddns_update A "" "$xstate"
297 |   xret D7 t "returns true"
298 |   xread_value out <<-EOF
299 | 	ERR: nmddns_update: <state-pat> must contain '@RREC@'
300 | 	Removing www.example.test A
301 | 	nsupdate '-t' '10'
302 | 	server 127.0.0.1
303 | 	zone example.test
304 | 	update delete www.example.test A
305 | 	send
306 | 	EOF
307 |   ftest D7f "$out" "logs error and performs action"
308 |   [[ -f $xstate ]]
309 |   xtest D7s f "should not create state file"
310 |   xrm "$xstate"
311 | 
312 |   xwrap nmddns_update
313 |   xret D8 f "(<no args>) returns false"
314 |   ftest D8f "ERR: nmddns_update: missing <rrec>" "logs error"
315 | 
316 |   unset DDNS_ZONE
317 | 
318 |   xwrap2 "A <unset ZONE>" nmddns_update A
319 |   xret D9 5 "returns 5"
320 |   ftest D9f "ERR: Missing required DDNS_ZONE config" "logs error"
321 | 
322 |   unset DDNS_RREC_A_NAME
323 | 
324 |   xwrap2 "A <unset NAME>" nmddns_update A
325 |   xret D10 t "returns true"
326 |   ftest D10f "" "does not log"
327 | 
328 |   DDNS_ZONE=example.test DDNS_RREC_A_NAME=www.example.test
329 |   DDNS_RREC_A_VALUE="*"
330 | 
331 |   xwrap2 "A <VALUE=*>" nmddns_update A 203.0.113.10
332 |   xret D11 t "returns true"
333 |   xread_value out <<-EOF
334 | 	Removing www.example.test A
335 | 	nsupdate '-t' '10'
336 | 	server 127.0.0.1
337 | 	zone example.test
338 | 	update delete www.example.test A
339 | 	send
340 | 	EOF
341 |   ftest D11f "$out" "logs and removes A"
342 | 
343 |   unset DDNS_RREC_A_VALUE
344 | 
345 |   xwrap2 "A <pub>" nmddns_update A 203.0.113.10
346 |   xret D12 t "returns true"
347 |   xread_value out <<-EOF
348 | 	Setting www.example.test A to 203.0.113.10
349 | 	nsupdate '-t' '10'
350 | 	server 127.0.0.1
351 | 	zone example.test
352 | 	update delete www.example.test A
353 | 	update add www.example.test 600 A 203.0.113.10
354 | 	send
355 | 	EOF
356 |   ftest D12f "$out" "logs and adds A"
357 | 
358 |   xwrap2 "A <2 pub>" nmddns_update A "203.0.113.10,203.0.113.20"
359 |   xret D13 t "returns true"
360 |   xread_value out <<-EOF
361 | 	Setting www.example.test A to 203.0.113.10,203.0.113.20
362 | 	nsupdate '-t' '10'
363 | 	server 127.0.0.1
364 | 	zone example.test
365 | 	update delete www.example.test A
366 | 	update add www.example.test 600 A 203.0.113.10
367 | 	update add www.example.test 600 A 203.0.113.20
368 | 	send
369 | 	EOF
370 |   ftest D13f "$out" "logs and adds both A records"
371 | 
372 |   xwrap2 "A <2 match>" nmddns_update A "203.0.113.4,192.0.2.8"
373 |   xret D14 t "returns true"
374 |   ftest D14f "" "does not log"
375 | 
376 |   DDNS_RREC_TXT_NAME=mail.example.test
377 |   DDNS_RREC_TXT_LISTSEP=:
378 | 
379 |   xwrap2 "TXT <2 new vals>" nmddns_update TXT \
380 |          "\"some value\":\"another value\""
381 |   xret D15 t "returns true"
382 |   xread_value out <<-EOF
383 | 	Setting mail.example.test TXT to "some value":"another value"
384 | 	nsupdate '-t' '10'
385 | 	server 127.0.0.1
386 | 	zone example.test
387 | 	update delete mail.example.test TXT
388 | 	update add mail.example.test 600 TXT "some value"
389 | 	update add mail.example.test 600 TXT "another value"
390 | 	send
391 | 	EOF
392 |   ftest D15f "$out" "logs and adds both TXT records"
393 | 
394 |   xwrap2 "TXT <2 old vals>" nmddns_update TXT \
395 |          "\"some value\":\"v=spf1 mx ~all\""
396 |   xret D16 t "returns true"
397 |   ftest D16f "" "does not log"
398 | 
399 |   xstate=${xpat//@RREC@/A}
400 |   xrm "$xstate"
401 | 
402 |   # This tests !<interface> value, which pulls addresses from the
403 |   # interface.
404 | 
405 |   # ip-mock has 10.1.10.12,10.2.10.12 on eth2
406 | 
407 |   xwrap2 "A <eth2>" nmddns_update A "!eth2" "$xpat"
408 |   xret D17 t "returns true"
409 |   xread_value out <<-EOF
410 | 	Setting www.example.test A to 10.1.10.12,10.2.10.12
411 | 	nsupdate '-t' '10'
412 | 	server 127.0.0.1
413 | 	zone example.test
414 | 	update delete www.example.test A
415 | 	update add www.example.test 600 A 10.1.10.12
416 | 	update add www.example.test 600 A 10.2.10.12
417 | 	send
418 | 	EOF
419 |   ftest D17f "$out" "logs and adds both A records"
420 |   shtest::check_file D17s "$xstate" "!eth2" "generates state file (intf)"
421 |   xrm "$xstate"
422 | 
423 |   DDNS_RREC_AAAA_NAME=www.example.test
424 |   xstate=${xpat//@RREC@/AAAA}
425 |   xrm "$xstate"
426 | 
427 |   # ip-mock has 2001:db8:1::1(tentative) on eth2
428 |   xwrap2 "AAAA <eth2 tentative>" nmddns_update AAAA "!eth2" "$xpat"
429 |   xret D18 t "returns true"
430 |   xread_value out <<-EOF
431 | 	Removing www.example.test AAAA
432 | 	nsupdate '-t' '10'
433 | 	server 127.0.0.1
434 | 	zone example.test
435 | 	update delete www.example.test AAAA
436 | 	send
437 | 	EOF
438 |   ftest D18f "$out" "logs and removes AAAA records"
439 |   shtest::check_file D18s "$xstate" "!eth2" "generates state file (intf)"
440 |   xrm "$xstate"
441 | 
442 |   # ip-mock has 2001:db8:5::1(dadfailed) on eth3
443 |   xwrap2 "AAAA <eth3 dadfail>" nmddns_update AAAA "!eth3" "$xpat"
444 |   xret D19 t "returns true"
445 |   xread_value out <<-EOF
446 | 	Removing www.example.test AAAA
447 | 	nsupdate '-t' '10'
448 | 	server 127.0.0.1
449 | 	zone example.test
450 | 	update delete www.example.test AAAA
451 | 	send
452 | 	EOF
453 |   ftest D19f "$out" "logs and removes AAAA records"
454 |   shtest::check_file D19s "$xstate" "!eth3" "generates state file (intf)"
455 |   xrm "$xstate"
456 | 
457 |   nmddns_reset_config
458 | 
459 |   shtest::prefix "nmddns_update_all"
460 | 
461 |   # multi-update with overrides
462 |   DDNS_ZONE=example.test DDNS_RREC_AAAA_NAME=ipv6.example.test
463 |   DDNS_RREC_MX_NAME=www.example.test DDNS_RREC_MX_VALUE="5 mx.example.test."
464 |   DDNS_RREC_MX_FALLBACK="10 backup.example.test."
465 |   DDNS_RREC_A_NAME=www.example.test DDNS_RREC_A_VALUE="203.0.113.4"
466 |   DDNS_TTL=300
467 | 
468 |   xwrap2 "<up multi>" nmddns_update_all up 203.0.113.8 2001:db8:1000:2000::1/64
469 |   xret D21 t "returns true"
470 |   xread_value out <<-EOF
471 | 	Setting ipv6.example.test AAAA to 2001:db8:1000:2000::1
472 | 	nsupdate '-t' '10'
473 | 	server 127.0.0.1
474 | 	zone example.test
475 | 	update delete ipv6.example.test AAAA
476 | 	update add ipv6.example.test 300 AAAA 2001:db8:1000:2000::1
477 | 	send
478 | 	Setting www.example.test A to 203.0.113.4
479 | 	nsupdate '-t' '10'
480 | 	server 127.0.0.1
481 | 	zone example.test
482 | 	update delete www.example.test A
483 | 	update add www.example.test 300 A 203.0.113.4
484 | 	send
485 | 	Setting www.example.test MX to 5 mx.example.test.
486 | 	nsupdate '-t' '10'
487 | 	server 127.0.0.1
488 | 	zone example.test
489 | 	update delete www.example.test MX
490 | 	update add www.example.test 300 MX 5 mx.example.test.
491 | 	send
492 | 	EOF
493 |   ftest D21f "$out" "performs actions"
494 | 
495 |   DDNS_NSUPDATE_TIMEOUT=5
496 | 
497 |   xwrap2 "<down multi>" nmddns_update_all down
498 |   xret D22 t "returns true"
499 |   xread_value out <<-EOF
500 | 	Removing ipv6.example.test AAAA
501 | 	nsupdate '-t' '5'
502 | 	server 127.0.0.1
503 | 	zone example.test
504 | 	update delete ipv6.example.test AAAA
505 | 	send
506 | 	Removing www.example.test A
507 | 	nsupdate '-t' '5'
508 | 	server 127.0.0.1
509 | 	zone example.test
510 | 	update delete www.example.test A
511 | 	send
512 | 	Setting www.example.test MX to 10 backup.example.test.
513 | 	nsupdate '-t' '5'
514 | 	server 127.0.0.1
515 | 	zone example.test
516 | 	update delete www.example.test MX
517 | 	update add www.example.test 300 MX 10 backup.example.test.
518 | 	send
519 | 	EOF
520 |   ftest D22f "$out" "performs actions"
521 | 
522 |   shtest::prefix "nmddns_spawn_update"
523 | 
524 |   # Test the attempted use of the helper script, which is disabled
525 |   # to force fallback
526 | 
527 |   xrm "$XNOFILE"
528 | 
529 |   xwrap2 "<no conf>" nmddns_spawn_update "$XNOFILE" "A"
530 |   xret D31 t "returns true"
531 |   ftest D31f "" "does not log"
532 | 
533 |   cnf="$TEST_CONF/test-ddns.conf"
534 |   xpat="$TEST_OUT/ddns-state @RREC@"
535 |   xstate=${xpat//@RREC@/A}
536 | 
537 |   xrm "$xstate"
538 |   printf "" >>"$xstate"
539 | 
540 |   xwrap2 "<no rrec>" nmddns_spawn_update "$cnf" "" "" "$xpat"
541 |   xret D32 f "returns false"
542 |   ftest D32f "ERR: nmddns_spawn_update: <rrec> must be a RREC name" \
543 |         "logs error"
544 |   [[ -f $xstate ]]
545 |   xtest D32s t "leaves state file"
546 | 
547 |   printf "" >>"$xstate"
548 | 
549 |   xwrap2 "<remove A, no helper>" nmddns_spawn_update "$cnf" A "" "$xpat"
550 |   xret D33 t "returns true"
551 |   [[ -e $xstate ]]
552 |   xtest D33s f "removes state file"
553 |   xrm "$xstate"
554 |   xread_value out <<-EOF
555 | 	Removing www.example.test A
556 | 	nsupdate '-t' '2'
557 | 	server 127.0.0.1
558 | 	zone example.test
559 | 	update delete www.example.test A
560 | 	send
561 | 	EOF
562 |   ftest D33f "$out" "logs error, removes A rrec"
563 | 
564 |   # Test the use of the helper script, which is replaced with
565 |   # a test script
566 | 
567 |   xstate="$TEST_OUT/ddns-test.sh"
568 |   xrm "$XFILE"
569 |   xcat >"$XFILE" <<-EOF
570 | 	#!/bin/bash
571 | 	echo >"$xstate" "action=\$NMDDNSH_ACTION"
572 | 	EOF
573 |   command -p chmod +x "$XFILE"
574 |   NMDDNS_DHELPER=$XFILE
575 | 
576 |   xwrap2 "<remove A, helper>" nmddns_spawn_update "$cnf" A "" "$xpat"
577 |   xret D34 t "returns true"
578 |   ftest D34f "" "does not log"
579 |   shtest::last_check_ok && wait $!
580 |   shtest::check_file D34o "$xstate" "action=update" "runs helper"
581 |   xrm "$XFILE" "$xstate"
582 | 
583 |   shtest::prefix "nmddns_spawn_update_all"
584 | 
585 |   unset NMDDNS_DHELPER
586 | 
587 |   xwrap2 "up" nmddns_spawn_update_all up "$cnf"
588 |   xret D41 t "returns true"
589 |   xread_value out <<-EOF
590 |   	Removing www.example.test A
591 | 	nsupdate '-t' '2'
592 | 	server 127.0.0.1
593 | 	zone example.test
594 | 	update delete www.example.test A
595 | 	send
596 | 	EOF
597 |   ftest D41f "${out}" "removes current entry"
598 | 
599 |   nmddns_cleanup
600 | 
601 |   xtest::onexit::ddns
602 | }
603 | 
604 | xtest::onexit::helper() {
605 |   [[ ${TEST_OUT-} ]] || return 0
606 |   xrm "$TEST_OUT/ddnsh-state A"
607 |   xrm "$TEST_OUT/ddnsh-state AAAA"
608 |   xrm "$TEST_OUT/ddnsh-state TXT"
609 | }
610 | 
611 | xtest::group4::helper() {
612 | 
613 |   local out
614 | 
615 |   shtest::title "09-ddns helper tests (helper group)"
616 | 
617 |   # Spawns real helper in various modes
618 | 
619 |   xwrap nmg_need_progs "${NMDDNS_DHELPER}"
620 |   xret H0 t "${NMDDNS_DHELPER} is runnable"
621 |   shtest::last_check_ok || return 0
622 | 
623 |   local cnf="$TEST_CONF/testweb-ddns.conf"
624 |   local xpat="$TEST_OUT/ddnsh-state @RREC@"
625 |   local state1=${xpat//@RREC@/A} state2=${xpat//@RREC@/AAAA}
626 |   local state3=${xpat//@RREC@/TXT}
627 | 
628 |   xwrap2 "up <multi-addrs>" nmddns_spawn_update_all up "$cnf" \
629 | 	 "203.0.113.55,203.0.113.56,192.168.4.1" \
630 | 	 "fdc0:4455:8700::1,2001:db8:8700:2000::1" "$xpat"
631 |   xret H1 t "returns true"
632 |   # wait for background process to finish
633 |   shtest::last_check_ok && wait $!
634 |   xread_value out <<-EOF
635 | 	Setting web.example.test AAAA to 2001:db8:8700:2000::1
636 | 	nsupdate '-t' '10'
637 | 	server 127.0.0.1
638 | 	zone example.test
639 | 	update delete web.example.test AAAA
640 | 	update add web.example.test 600 AAAA 2001:db8:8700:2000::1
641 | 	send
642 | 	Setting web.example.test A to 203.0.113.55,203.0.113.56
643 | 	nsupdate '-t' '10'
644 | 	server 127.0.0.1
645 | 	zone example.test
646 | 	update delete web.example.test A
647 | 	update add web.example.test 600 A 203.0.113.55
648 | 	update add web.example.test 600 A 203.0.113.56
649 | 	send
650 | 	Setting web.example.test TXT to replacement txt
651 | 	nsupdate '-t' '10'
652 | 	server 127.0.0.1
653 | 	zone example.test
654 | 	update delete web.example.test TXT
655 | 	update add web.example.test 600 TXT replacement txt
656 | 	send
657 | 	EOF
658 |   ftest H1f "$out" "logs and adds A/AAAA/TXT records"
659 |   shtest::check_file H1i "$state1" "203.0.113.55,203.0.113.56,192.168.4.1" \
660 | 		     "creates A state file"
661 |   shtest::check_file H1j "$state2" "fdc0:4455:8700::1,2001:db8:8700:2000::1" \
662 | 		     "creates AAAA state file"
663 | 
664 |   xwrap2 "up <no addrs>" nmddns_spawn_update_all up "$cnf" "" "" "$xpat"
665 |   xret H2 t "returns true"
666 |   shtest::last_check_ok && wait $!
667 |   xread_value out <<-EOF
668 | 	Removing web.example.test AAAA
669 | 	nsupdate '-t' '10'
670 | 	server 127.0.0.1
671 | 	zone example.test
672 | 	update delete web.example.test AAAA
673 | 	send
674 | 	Removing web.example.test A
675 | 	nsupdate '-t' '10'
676 | 	server 127.0.0.1
677 | 	zone example.test
678 | 	update delete web.example.test A
679 | 	send
680 | 	Setting web.example.test TXT to replacement txt
681 | 	nsupdate '-t' '10'
682 | 	server 127.0.0.1
683 | 	zone example.test
684 | 	update delete web.example.test TXT
685 | 	update add web.example.test 600 TXT replacement txt
686 | 	send
687 | 	EOF
688 |   ftest H2f "$out" "logs and removes A/AAAA records, sets TXT"
689 |   [[ -e $state1 ]]
690 |   xtest H2i f "removes A state file"
691 |   [[ -e $state2 ]]
692 |   xtest H2j f "removes AAAA state file"
693 | 
694 |   echo "203.0.113.55" >"$state1"
695 |   echo "2001:db8:8700:2000::1" >"$state2"
696 | 
697 |   xwrap2 "down" nmddns_spawn_update_all down "$cnf" "" "" "$xpat"
698 |   xret H3 t "returns true"
699 |   shtest::last_check_ok && wait $!
700 |   xread_value out <<-EOF
701 | 	Removing web.example.test AAAA
702 | 	nsupdate '-t' '10'
703 | 	server 127.0.0.1
704 | 	zone example.test
705 | 	update delete web.example.test AAAA
706 | 	send
707 | 	Removing web.example.test A
708 | 	nsupdate '-t' '10'
709 | 	server 127.0.0.1
710 | 	zone example.test
711 | 	update delete web.example.test A
712 | 	send
713 | 	Removing web.example.test TXT
714 | 	nsupdate '-t' '10'
715 | 	server 127.0.0.1
716 | 	zone example.test
717 | 	update delete web.example.test TXT
718 | 	send
719 | 	EOF
720 |   ftest H3f "$out" "logs and removes all records"
721 |   [[ -e $state1 ]]
722 |   xtest H3i f "removes A state file"
723 |   [[ -e $state2 ]]
724 |   xtest H3j f "removes AAAA state file"
725 |   [[ -e $state3 ]]
726 |   xtest H3k f "removes TXT state file"
727 | 
728 |   xwrap2 "up <multi-addrs>" nmddns_spawn_update "$cnf" A \
729 | 	 "203.0.113.75,203.0.113.76" "$xpat"
730 |   xret H11 t "returns true"
731 |   # wait for background process to finish
732 |   shtest::last_check_ok && wait $!
733 |   xread_value out <<-EOF
734 | 	Setting web.example.test A to 203.0.113.75,203.0.113.76
735 | 	nsupdate '-t' '10'
736 | 	server 127.0.0.1
737 | 	zone example.test
738 | 	update delete web.example.test A
739 | 	update add web.example.test 600 A 203.0.113.75
740 | 	update add web.example.test 600 A 203.0.113.76
741 | 	send
742 | 	EOF
743 |   ftest H11f "$out" "logs and adds A records"
744 |   shtest::check_file H11i "$state1" "203.0.113.75,203.0.113.76" \
745 | 		     "creates A state file"
746 | 
747 |   xwrap2 "up <multi-addrs>" nmddns_spawn_update "$cnf" TXT "new value" "$xpat"
748 |   xret H12 t "returns true"
749 |   # wait for background process to finish
750 |   shtest::last_check_ok && wait $!
751 |   xread_value out <<-EOF
752 | 	Setting web.example.test TXT to replacement txt
753 | 	nsupdate '-t' '10'
754 | 	server 127.0.0.1
755 | 	zone example.test
756 | 	update delete web.example.test TXT
757 | 	update add web.example.test 600 TXT replacement txt
758 | 	send
759 | 	EOF
760 |   ftest H12f "$out" "logs and adds override TXT record"
761 |   shtest::check_file H12k "$state3" "new value" "creates TXT state file"
762 | 
763 |   nmddns_reset_config
764 |   xtest::onexit::helper
765 | }
766 | 
767 | test_version() {
768 |   local NMG_REQUIRED="99.0.0" nmg_log_stderr=1
769 | 
770 |   shtest::title "Check version requirements"
771 | 
772 |   shtest::whitelist source
773 | 
774 |   (source 2>/dev/null "${TEST_FILE}") &&
775 |     xtest::fail "  FATAL: ${TEST_FILE} loaded when\
776 |  NMG_REQUIRED=${NMG_REQUIRED}"
777 | 
778 |   unset NMG_REQUIRED
779 |   local NMDDNS_REQUIRED="99.0.0"
780 | 
781 |   (source 2>/dev/null "${TEST_FILE}") &&
782 |     xtest::fail "FATAL: ${TEST_FILE} loaded when\
783 |  NMDDNS_REQUIRED=${NMDDNS_REQUIRED}"
784 | 
785 |   shtest::reset_state
786 | 
787 |   shtest::log "  Version enforcement working"
788 | }
789 | 
790 | xtest::onexit() {
791 |   xrm "${XFILE-}"
792 | }
793 | 
794 | xmain() { # <args>
795 |   local XNOFILE="$TEST_OUT/no-file" XFILE="$TEST_OUT/ddns file"
796 |   local TEST_FILE="${TEST_NMUTILS}/ddns-functions"
797 | 
798 |   xload_script "${TEST_FILE}"
799 | 
800 |   test_version
801 | 
802 |   xtest::run_tests "ddns-functions Test Summary" "$@"
803 |   local rc=$?
804 | 
805 |   xtest::onexit
806 | 
807 |   return $rc
808 | }
809 | 
810 | xstart "$@"
811 | 


--------------------------------------------------------------------------------