summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--man/systemd.network.xml23
-rw-r--r--src/network/networkd-link.c46
-rw-r--r--src/network/networkd-manager.c9
-rw-r--r--src/network/networkd-network-gperf.gperf6
-rw-r--r--src/network/networkd-network.c10
-rw-r--r--src/network/networkd-network.h14
6 files changed, 75 insertions, 33 deletions
diff --git a/man/systemd.network.xml b/man/systemd.network.xml
index be88d66072..f88751b672 100644
--- a/man/systemd.network.xml
+++ b/man/systemd.network.xml
@@ -717,15 +717,20 @@
<varlistentry>
<term><varname>UseDomains=</varname></term>
<listitem>
- <para>When true (not the default), the domain name
- received from the DHCP server will be used for DNS
- resolution over this link. When a name cannot be resolved
- as specified, the domain name will be used a suffix and
- name resolution of that will be attempted.</para>
-
- <para>This corresponds to the <option>domain</option>
- option in <citerefentry project='man-pages'><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
- and should not be enabled on untrusted networks.</para>
+ <para>Takes a boolean argument, or a the special value <literal>route</literal>. When true, the domain name
+ received from the DHCP server will be used as DNS search domain over this link, similar to the effect of
+ the <option>Domains=</option> setting. If set to <literal>route</literal>, the domain name received from
+ the DHCP server will be used for routing DNS queries only, but not for searching, similar to the effect of
+ the <option>Domains=</option> setting when the argument is prefixed with <literal>~</literal>. Defaults to
+ false.</para>
+
+ <para>It is recommended to enable this option only on trusted networks, as setting this affects resolution
+ of all host names, in particular to single-label names. It is generally safer to use the supplied domain
+ only as routing domain, rather than as search domain, in order to not have it affect local resolution of
+ single-label names.</para>
+
+ <para>When set to true, this setting corresponds to the <option>domain</option> option in <citerefentry
+ project='man-pages'><refentrytitle>resolv.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
index b0e0c4f9e7..bf13544dbc 100644
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -2731,6 +2731,8 @@ int link_save(Link *link) {
if (link->network) {
bool space;
sd_dhcp6_lease *dhcp6_lease = NULL;
+ const char *dhcp_domainname = NULL;
+ char **dhcp6_domains = NULL;
if (link->dhcp6_client) {
r = sd_dhcp6_client_get_lease(link->dhcp6_client, &dhcp6_lease);
@@ -2807,34 +2809,42 @@ int link_save(Link *link) {
fputc('\n', f);
- fputs("DOMAINS=", f);
- fputstrv(f, link->network->search_domains, NULL, &space);
-
- if (link->network->dhcp_use_domains &&
- link->dhcp_lease) {
- const char *domainname;
+ if (link->network->dhcp_use_domains != DHCP_USE_DOMAINS_NO) {
+ if (link->dhcp_lease)
+ (void) sd_dhcp_lease_get_domainname(link->dhcp_lease, &dhcp_domainname);
- r = sd_dhcp_lease_get_domainname(link->dhcp_lease, &domainname);
- if (r >= 0) {
- if (space)
- fputc(' ', f);
- fputs(domainname, f);
- space = true;
- }
+ if (dhcp6_lease)
+ (void) sd_dhcp6_lease_get_domains(dhcp6_lease, &dhcp6_domains);
}
- if (link->network->dhcp_use_domains && dhcp6_lease) {
- char **domains;
+ fputs("DOMAINS=", f);
+ fputstrv(f, link->network->search_domains, NULL, &space);
- r = sd_dhcp6_lease_get_domains(dhcp6_lease, &domains);
- if (r >= 0)
- fputstrv(f, domains, NULL, &space);
+ if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_YES && dhcp_domainname) {
+ if (space)
+ fputc(' ', f);
+ fputs(dhcp_domainname, f);
+ space = true;
}
+ if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_YES && dhcp6_domains)
+ fputstrv(f, dhcp6_domains, NULL, &space);
+
fputc('\n', f);
fputs("ROUTE_DOMAINS=", f);
fputstrv(f, link->network->route_domains, NULL, NULL);
+
+ if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_ROUTE && dhcp_domainname) {
+ if (space)
+ fputc(' ', f);
+ fputs(dhcp_domainname, f);
+ space = true;
+ }
+
+ if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_ROUTE && dhcp6_domains)
+ fputstrv(f, dhcp6_domains, NULL, &space);
+
fputc('\n', f);
fprintf(f, "LLMNR=%s\n",
diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c
index 0701dd02dd..723a92b5b8 100644
--- a/src/network/networkd-manager.c
+++ b/src/network/networkd-manager.c
@@ -916,12 +916,17 @@ static int manager_save(Manager *m) {
return r;
}
- if (link->network->dhcp_use_domains) {
+ if (link->network->dhcp_use_domains != DHCP_USE_DOMAINS_NO) {
const char *domainname;
r = sd_dhcp_lease_get_domainname(link->dhcp_lease, &domainname);
if (r >= 0) {
- r = ordered_set_put_strdup(search_domains, domainname);
+
+ if (link->network->dhcp_use_domains == DHCP_USE_DOMAINS_YES)
+ r = ordered_set_put_strdup(search_domains, domainname);
+ else
+ r = ordered_set_put_strdup(route_domains, domainname);
+
if (r < 0)
return r;
} else if (r != -ENODATA)
diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf
index 89b28196dc..409df1709f 100644
--- a/src/network/networkd-network-gperf.gperf
+++ b/src/network/networkd-network-gperf.gperf
@@ -72,7 +72,7 @@ DHCP.UseDNS, config_parse_bool,
DHCP.UseNTP, config_parse_bool, 0, offsetof(Network, dhcp_use_ntp)
DHCP.UseMTU, config_parse_bool, 0, offsetof(Network, dhcp_use_mtu)
DHCP.UseHostname, config_parse_bool, 0, offsetof(Network, dhcp_use_hostname)
-DHCP.UseDomains, config_parse_bool, 0, offsetof(Network, dhcp_use_domains)
+DHCP.UseDomains, config_parse_dhcp_use_domains, 0, offsetof(Network, dhcp_use_domains)
DHCP.UseRoutes, config_parse_bool, 0, offsetof(Network, dhcp_use_routes)
DHCP.SendHostname, config_parse_bool, 0, offsetof(Network, dhcp_send_hostname)
DHCP.Hostname, config_parse_hostname, 0, offsetof(Network, dhcp_hostname)
@@ -104,6 +104,6 @@ Network.IPv4LL, config_parse_ipv4ll,
DHCPv4.UseDNS, config_parse_bool, 0, offsetof(Network, dhcp_use_dns)
DHCPv4.UseMTU, config_parse_bool, 0, offsetof(Network, dhcp_use_mtu)
DHCPv4.UseHostname, config_parse_bool, 0, offsetof(Network, dhcp_use_hostname)
-DHCP.UseDomainName, config_parse_bool, 0, offsetof(Network, dhcp_use_domains)
-DHCPv4.UseDomainName, config_parse_bool, 0, offsetof(Network, dhcp_use_domains)
+DHCP.UseDomainName, config_parse_dhcp_use_domains, 0, offsetof(Network, dhcp_use_domains)
+DHCPv4.UseDomainName, config_parse_dhcp_use_domains, 0, offsetof(Network, dhcp_use_domains)
DHCPv4.CriticalConnection, config_parse_bool, 0, offsetof(Network, dhcp_critical)
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 2a28ff2f47..e1a811129d 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -1005,3 +1005,13 @@ int config_parse_dnssec_negative_trust_anchors(
return 0;
}
+
+DEFINE_CONFIG_PARSE_ENUM(config_parse_dhcp_use_domains, dhcp_use_domains, DHCPUseDomains, "Failed to parse DHCP use domains setting");
+
+static const char* const dhcp_use_domains_table[_DHCP_USE_DOMAINS_MAX] = {
+ [DHCP_USE_DOMAINS_NO] = "no",
+ [DHCP_USE_DOMAINS_ROUTE] = "route",
+ [DHCP_USE_DOMAINS_YES] = "yes",
+};
+
+DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dhcp_use_domains, DHCPUseDomains, DHCP_USE_DOMAINS_YES);
diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h
index c8e705f237..626dfbd40a 100644
--- a/src/network/networkd-network.h
+++ b/src/network/networkd-network.h
@@ -52,6 +52,14 @@ typedef enum IPv6PrivacyExtensions {
_IPV6_PRIVACY_EXTENSIONS_INVALID = -1,
} IPv6PrivacyExtensions;
+typedef enum DHCPUseDomains {
+ DHCP_USE_DOMAINS_NO,
+ DHCP_USE_DOMAINS_YES,
+ DHCP_USE_DOMAINS_ROUTE,
+ _DHCP_USE_DOMAINS_MAX,
+ _DHCP_USE_DOMAINS_INVALID = -1,
+} DHCPUseDomains;
+
struct Network {
Manager *manager;
@@ -84,7 +92,7 @@ struct Network {
bool dhcp_use_ntp;
bool dhcp_use_mtu;
bool dhcp_use_hostname;
- bool dhcp_use_domains;
+ DHCPUseDomains dhcp_use_domains;
bool dhcp_send_hostname;
bool dhcp_broadcast;
bool dhcp_critical;
@@ -174,6 +182,7 @@ int config_parse_timezone(const char *unit, const char *filename, unsigned line,
int config_parse_dhcp_server_dns(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_dhcp_server_ntp(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_dnssec_negative_trust_anchors(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
+int config_parse_dhcp_use_domains(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
/* Legacy IPv4LL support */
int config_parse_ipv4ll(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
@@ -187,3 +196,6 @@ int network_object_find(sd_bus *bus, const char *path, const char *interface, vo
const char* ipv6_privacy_extensions_to_string(IPv6PrivacyExtensions i) _const_;
IPv6PrivacyExtensions ipv6_privacy_extensions_from_string(const char *s) _pure_;
+
+const char* dhcp_use_domains_to_string(DHCPUseDomains p) _const_;
+DHCPUseDomains dhcp_use_domains_from_string(const char *s) _pure_;