openresolv/resolvconf.8.in at master · NetworkConfiguration/openresolv · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
.\" Copyright (c) 2007-2025 Roy Marples
.\" All rights reserved
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd June 26, 2025
.Dt RESOLVCONF 8
.Os
.Sh NAME
.Nm resolvconf
.Nd a framework for managing multiple DNS configurations
.Sh SYNOPSIS
.Nm
.Fl I
.Nm
.Op Fl m Ar metric
.Op Fl p
.Op Fl x
.Fl a Ar key
.No < Ns Pa file
.Nm
.Fl C Ar pattern
.Nm
.Fl c Ar pattern
.Nm
.Op Fl f
.Fl d Ar key
.Nm
.Op Fl x
.Fl iLlp Ar pattern
.Nm
.Fl u
.Nm
.Fl Fl version
.Sh DESCRIPTION
.Nm
manages
.Xr resolv.conf 5
files from multiple sources, such as DHCP and VPN clients.
Traditionally, the host runs just one client and that updates
.Pa /etc/resolv.conf .
More modern systems frequently have wired and wireless interfaces and there is
no guarantee both are on the same network.
With the advent of VPN and other
types of networking daemons, many things now contend for the contents of
.Pa /etc/resolv.conf .
.Pp
.Nm
solves this by letting the daemon send their
.Xr resolv.conf 5
file to
.Nm
via
.Xr stdin 4
with the argument
.Fl a Ar key
instead of the filesystem.
.Nm
then updates
.Pa /etc/resolv.conf
as it thinks best.
If
.Pa /etc/resolv.conf
already exists and the top line does not match the expected signature,
then
.Nm
will refuse to update it unless the
.Fl u
update command is given.
When a local resolver other than libc is installed, such as
.Xr dnsmasq 8
or
.Xr named 8 ,
then
.Nm
will supply files that the resolver should be configured to include.
.Pp
At it's heart,
.Nm
is a key/value store for
.Pa resolv.conf
files.
Each entry must have a unique
.Ar key
and should be expressed as
.Sy interface.protocol
so that it's easy to tell from where the
.Pa resolv.conf
file came from.
This also allows using pattern matching such as
.Sy interface.*
to match all protocols running on the interface.
For example, a modern system will likely run DHCP, RA and DHCPv6
which could be from separate programs or one program running
many protocols.
However, this is not a fixed requirement,
.Nm
will work with any key name and it should be treated as an opaque value
outside of
.Nm .
.Pp
.Nm
can mark a
.Pa resolv.conf
as private and optionally non-searchable.
This means that the name servers listed in that
.Pa resolv.conf
are only used for queries against the domain/search listed in the same file
and if non-searchable then the domain/search listed are
excluded from the global search list defined in
.Pa /etc/resolv.conf .
This only works when a local resolver other than libc is installed.
See
.Xr resolvconf.conf 5
for how to configure
.Nm
to use a local name server and how to remove the private marking.
.Pp
.Nm
can mark a
.Pa resolv.conf
as exclusive.
Only the latest exclusive key is used for processing, otherwise all are.
.Pp
When a configuration source goes away,
such as an interface going down or a VPN stopping,
it should then call
.Nm
with
.Fl d Ar key
arguments to clean up the
.Pa resolv.conf
it added previously.
For systems that support the concept of persisting configuration when
the source is suspended,
such as the carrier going down,
then it should instead call
.Nm
with
.Fl C Ar key
arguments to deprecate the entry
.Fl c Ar key
to activate the entry when it comes back again.
This only affects the order in which the
.Pa resolv.conf
entries are processed.
.Pp
Here are some options for the above commands:
.Bl -tag -width pattern_opt
.It Fl f
Ignore non existent
.Pa resolv.conf
entries.
Only really useful for deleting.
.It Fl m Ar metric
Set the metric of the
.Pa resolv.conf
entry  when adding it, default of 0.
Lower metrics take precedence.
This affects the default order of entires when listed.
.It Fl p Op Ar pattern
Marks the
.Pa resolv.conf
as private if the
.Fl a
command is given, otherwise
.Pa resolv.conf
entries having their key matching
.Ar pattern
are listed.
If an extra
.Fl p
is given then the
.Pa resolv.conf
is marked as non-searchable as well.
.It Fl x
Mark the
.Pa resolv.conf
as exclusive when adding, otherwise only use the latest exclusive key.
.El
.Pp
.Nm
has some more commands for general usage:
.Bl -tag -width pattern_opt
.It Fl i Op Ar pattern
List the keys stored, optionally matching
.Ar pattern ,
we have
.Pa resolv.conf
files for.
If the
.Fl L
option is given first, then the keys will be list post-processed.
.It Fl L Op Ar pattern
List the
.Pa resolv.conf
files we have,
post-processed by the
.Xr resolvconf.conf 5
configuration.
If
.Ar pattern
is specified then we list the files for the keys which match it.
.It Fl l Op Ar pattern
List the
.Pa resolv.conf
files we have.
If
.Ar pattern
is specified then we list the files for the keys which match it.
that match it.
.It Fl u
Force
.Nm
to update all its subscribers.
.Nm
does not update the subscribers when adding a resolv.conf that matches
what it already has for that key.
.It Fl Fl version
Echo the resolvconf version to
.Em stdout .
.El
.Pp
.Nm
also has some commands designed to be used by its subscribers and
system startup:
.Bl -tag -width pattern_opt
.It Fl I
Initialise the state directory
.Pa @VARDIR@ .
This should be called after the base state directory has either been
cleaned out or mounted as a memory backed filesystem during the
initial boot sequence before any daemon has the chance to call
.Nm .
.It Fl R
Echo the command used to restart a service.
.It Fl r Ar service
If the
.Ar service
is running then restart it.
If the service does not exist or is not running then zero is returned,
otherwise the result of restarting the service.
.It Fl v
Echo variables DOMAINS, SEARCH and NAMESERVERS so that the subscriber can
configure the resolver easily.
.It Fl V
Same as
.Fl v
except that only the information configured in
.Xr resolvconf.conf 5
is set.
.El
.Sh RESOLV.CONF ORDERING
For
.Nm
to work effectively, it has to process the
.Pa resolv.conf
entries in the correct order.
.Nm
first processes keys from the
.Sy key_order
list, then entries without a metric and that match the
.Sy dynamic_order
list, then entries with a metric in order and finally the rest in
the operating systems lexical order.
See
.Xr resolvconf.conf 5
for details on these lists.
.Sh PROTOCOLS
Here are some suggested protocol tags to use for each
.Pa resolv.conf
.Bl -tag -width pattern_opt
.It dhcp
Dynamic Host Configuration Protocol.
.It ppp
Point-to-Point Protocol.
.It ra
IPv6 Router Advertisement.
.It dhcp6
Dynamic Host Configuration Protocol, version 6.
.El
.Sh IMPLEMENTATION NOTES
If a subscriber has the executable bit then it is executed otherwise it is
assumed to be a shell script and sourced into the current environment in a
subshell.
This is done so that subscribers can remain fast, but are also not limited
to the shell language.
.Pp
Portable subscribers should not use anything outside of
.Pa /bin
and
.Pa /sbin
because
.Pa /usr
and others may not be available when booting.
Also, it would be unwise to assume any shell specific features.
.Sh ENVIRONMENT
.Bl -ohang
.It Va IF_METRIC
If the
.Fl m
option is not present then we use
.Va IF_METRIC
for the metric.
.It Va IF_PRIVATE
Marks the
.Pa resolv.conf
as private.
.It Va IF_NOSEARCH
Marks the
.Pa resolv.conf
as non-searchable.
.It Va IF_EXCLUSIVE
Marks the
.Pa resolv.conf
as exclusive.
.El
.Sh FILES
.Bl -ohang
.It Pa /etc/resolv.conf.bak
Backup file of the original resolv.conf.
.It Pa @SYSCONFDIR@/resolvconf.conf
Configuration file for
.Nm .
.It Pa @LIBEXECDIR@
Directory of subscribers which are run every time
.Nm
adds, deletes or updates.
.It Pa @LIBEXECDIR@/libc.d
Directory of subscribers which are run after the libc subscriber is run.
.It Pa @VARDIR@
State directory for
.Nm .
.El
.Sh NOTES
Domain labels are assumed to be in ASCII and are converted to lower case
to avoid duplicate zones when given differing case from different sources.
.Pp
When running a local resolver other than libc, you will need to configure it
to include files that
.Nm
will generate.
You should consult
.Xr resolvconf.conf 5
for instructions on how to configure your resolver.
.Sh SEE ALSO
.Xr resolver 3 ,
.Xr stdin 4 ,
.Xr resolv.conf 5 ,
.Xr resolvconf.conf 5
.Sh HISTORY
This implementation of
.Nm
is called openresolv and is fully command line compatible with Debian's
resolvconf, as written by Thomas Hood.
.Sh AUTHORS
.An Roy Marples Aq Mt roy@marples.name
.Sh BUGS
Please report them to
.Lk http://roy.marples.name/projects/openresolv