Set DNS server with resolvconf-admin if installed

to do not need root.
juga0 · Sep 18, 2017 · fc26111 · fc26111
1 parent 4a3554d
commit fc26111
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 11 deletions.
diff --git a/dhcpcanon/constants.py b/dhcpcanon/constants.py
@@ -210,3 +210,4 @@
 LEASE_PATH = '/var/lib/dhcp/dhcpcanon.leases'
 CONF_PATH = '/etc/dhcp/dhcpcanon.conf'
 RESOLVCONF = '/sbin/resolvconf'
+RESOLVCONF_ADMIN = '/usr/bin/resolvconf-admin'
diff --git a/dhcpcanon/netutils.py b/dhcpcanon/netutils.py
@@ -9,7 +9,7 @@
 from pyroute2 import IPRoute
 from pyroute2.netlink import NetlinkError
 
-from .constants import RESOLVCONF
+from .constants import RESOLVCONF, RESOLVCONF_ADMIN
 
 logger = logging.getLogger(__name__)
 
@@ -47,14 +47,83 @@ def set_net(lease):
     else:
         logger.debug('Default gateway set to %s', lease.router)
     ipr.close()
-    cmd = [RESOLVCONF, '-a', lease.interface]
-    proc = subprocess.Popen(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE,
-                            stderr=subprocess.PIPE)
-    stdin = '\n'.join(['nameserver ' + nm for nm in lease.name_server.split()])
-    stdin = str.encode(stdin)
+    set_dns()
+
+
+def set_dns(lease):
+    if os.path.exists(RESOLVCONF_ADMIN):
+        cmd = [RESOLVCONF_ADMIN, 'add' lease.interface, lease.name_server]
+        proc = subprocess.Popen(cmd, stdout=subprocess.PIPE,
+                                stderr=subprocess.PIPE)
+        try:
+            (stdout, stderr) = proc.communicate()
+        except TypeError as e:
+            logger.error(e)
+        return
+    # TODO: check systemd-resolved
+    if os.path.exists(RESOLVCONF):
+        cmd = [RESOLVCONF, '-a', lease.interface]
+        proc = subprocess.Popen(cmd, stdin=subprocess.PIPE,
+                                tdout=subprocess.PIPE, stderr=subprocess.PIPE)
+        stdin = '\n'.join(['nameserver ' + nm for nm in
+                           lease.name_server.split()])
+        stdin = str.encode(stdin)
+        try:
+            (stdout, stderr) = proc.communicate(stdin)
+        except TypeError as e:
+            logger.error(e)
+        logger.debug('result %s, stdout %s, stderr %s', proc.returncode,
+                     stdout, stderr)
+
+
+def systemd_resolved_status():
+    # NOTE: not used currently
+    from dbus import SystemBus, SessionBus
+    bus = SystemBus()
+    systemd = bus.get_object('org.freedesktop.systemd1',
+                             '/org/freedesktop/systemd1')
+    manager = Interface(systemd,
+                        dbus_interface='org.freedesktop.systemd1.Manager')
+    unit = manager.LoadUnit('sytemd-resolved.service')
+    proxy = bus.get_object('org.freedesktop.systemd1', str(unit))
+    resolved = Interface(proxy, dbus_interface='org.freedesktop.systemd1.Unit')
+    r = proxy.Get('org.freedesktop.systemd1.Unit',
+                  'ActiveState',
+                  dbus_interface='org.freedesktop.DBus.Properties')
+
+
+def systemd_resolved_status():
+    # NOTE: not used currently
+    from pydbus import SystemBus
+    bus = SystemBus()
+    systemd = bus.get('org.freedesktop.systemd1')
+    unit = systemd.LoadUnit('sytemd-resolved.service')
+    resolved = bus.get('.systemd1', unit[0])
+    resolved.Get('org.freedesktop.systemd1.Unit', 'ActiveState')
+
+
+def systemd_resolved_start():
+    # NOTE: not used currently
+    from pydbus import SystemBus
+    bus = SystemBus()
+    systemd = bus.get(".systemd1")
     try:
-        (stdout, stderr) = proc.communicate(stdin)
-    except TypeError as e:
-        logger.error(e)
-    logger.debug('result %s, stdout %s, stderr %s', proc.returncode, stdout,
-                 stderr)
+        systemd.StartUnit("systemd-resolved.service", "fail")
+    except:
+        # g-io-error-quark: GDBus.Error:org.freedesktop.systemd1.NoSuchUnit:
+        # Unit foo.service not found. (36)
+        logger.error("Could not start systemd-resolved")
+
+
+def systemd_resolved_get_dns():
+    # busctl introspect org.freedesktop.resolve1
+    # /org/freedesktop/resolve1/link/_35 |grep DNS
+    pass
+
+
+def systemd_resolved_set_dns():
+    # ip l
+    # busctl call org.freedesktop.resolve1
+    # /org/freedesktop/resolve1 org.freedesktop.resolve1.Manager
+    # SetLinkDNS 'ia(iay)' 5 1 2 4 8 8 8 8
+    pass
diff --git a/docs/source/install.rst b/docs/source/install.rst
@@ -14,6 +14,11 @@ It can be installed with a package manager or in command line::
 The main script will be installed in ``/sbin/dhcpcanon``, a systemd service
 will be enabled and run by default, so there is no need to run anything manually.
 
+**Important**: when running ``dhcpcanon`` the hardware address
+(`MAC <https://en.wikipedia.org/wiki/MAC_address>`__) should be randomized.
+You can use `macchanger <https://github.com/alobbs/macchanger>`__,
+`macouflage <https://github.com/subgraph/macouflage>`__ or other.
+
 Installation from source code
 ==============================
 
@@ -50,6 +55,11 @@ Note however that without systemd ``dhcpcanon`` will need to be run with root
 privileges, while the systemd service drop ``dhcpcanon`` root privileges and
 only keeps the required network capabilities.
 
+You would also need to install 
+`resolvconf-admin <https://github.com/dkg/resolvoconf-admin'`_
+to be able to run it as non root user and set up DNS servers provided by the DHCP server.
+It will be possible to set up DNS servers with ``systemd`` too soon.
+
 An alternative to do not run ``dhcpcanon`` with root privileges nor systemd,
 is to use `ambient-rs wrapper <https://github.com/infinity0/ambient-rs>`
 and run::