dnsmasq: improve init script

 * fix restart in LuCI (inherited umask was to restrictive)
 * make directory of hosts-file (!= /tmp) accessible in ujail

Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init
index 3250b2179b501b3f29735fc456acdfd64e12d858..19135af1c2de227e31f543763173cffa222b70f2 100644 (file)
--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -829,12 +829,14 @@ dnsmasq_start()
        CONFIGFILE_TMP="${CONFIGFILE}.$$"
        HOSTFILE="${BASEHOSTFILE}.${cfg}"
        HOSTFILE_TMP="${HOSTFILE}.$$"
+       HOSTFILE_DIR="$(dirname "$HOSTFILE")"
        BASEDHCPSTAMPFILE_CFG="${BASEDHCPSTAMPFILE}.${cfg}"
 
        # before we can call xappend
+       umask u=rwx,g=rx,o=rx
        mkdir -p /var/run/dnsmasq/
        mkdir -p $(dirname $CONFIGFILE)
-       mkdir -p $(dirname $HOSTFILE)
+       mkdir -p "$HOSTFILE_DIR"
        mkdir -p /var/lib/misc
        chown dnsmasq:dnsmasq /var/run/dnsmasq
 
@@ -1154,6 +1156,7 @@ dnsmasq_start()
        procd_add_jail_mount $EXTRA_MOUNT $RFC6761FILE $TRUSTANCHORSFILE
        procd_add_jail_mount $dnsmasqconffile $dnsmasqconfdir $resolvdir $user_dhcpscript
        procd_add_jail_mount /etc/passwd /etc/group /etc/TZ /etc/hosts /etc/ethers
+       [ "$HOSTFILE_DIR" != "/tmp" ] && procd_add_jail_mount "$HOSTFILE_DIR"
        procd_add_jail_mount_rw /var/run/dnsmasq/ $leasefile
 
        procd_close_instance