Merge pull request #4318 from pi-hole/release/v5.4

Pi-hole core v5.4
2025-01-03 04:30:55 +00:00 · 2021-09-11 22:17:43 +01:00 · 2021-09-11 22:17:43 +01:00 · 2673c2c072
commit 2673c2c072
parent 4736e03108 e393048488
39 changed files with 553 additions and 602 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -10,7 +10,7 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        distro: [debian_9, debian_10, ubuntu_16, ubuntu_18, ubuntu_20, centos_7, centos_8, fedora_32, fedora_33]
+        distro: [debian_9, debian_10, debian_11, ubuntu_16, ubuntu_18, ubuntu_20, ubuntu_21, centos_7, centos_8, fedora_32, fedora_33]
    env:
      DISTRO: ${{matrix.distro}}
    steps:
--- a/README.md
+++ b/README.md
@ -50,6 +50,8 @@ sudo bash basic-install.sh
 wget -O basic-install.sh https://install.pi-hole.net
 sudo bash basic-install.sh
 ```
 ### Method 3: Using Docker to deploy Pi-hole
 Please refer to the [Pi-hole docker repo](https://github.com/pi-hole/docker-pi-hole) to use the Official Docker Images.
 ## [Post-install: Make your network take advantage of Pi-hole](https://docs.pi-hole.net/main/post-install/)
--- a/advanced/06-rfc6761.conf
+++ b/advanced/06-rfc6761.conf
@ -0,0 +1,41 @@
 # Pi-hole: A black hole for Internet advertisements
 # (c) 2021 Pi-hole, LLC (https://pi-hole.net)
 # Network-wide ad blocking via your own hardware.
 #
 # RFC 6761 config file for Pi-hole
 #
 # This file is copyright under the latest version of the EUPL.
 # Please see LICENSE file for your rights under this license.
 ###############################################################################
 #      FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE.      #
 # ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
 #                                                                             #
 #             CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE                #
 #                    WITHIN /etc/dnsmasq.d/yourname.conf                      #
 ###############################################################################
 # RFC 6761: Caching DNS servers SHOULD recognize
 #     test, localhost, invalid
 # names as special and SHOULD NOT attempt to look up NS records for them, or
 # otherwise query authoritative DNS servers in an attempt to resolve these
 # names.
 server=/test/
 server=/localhost/
 server=/invalid/
 # The same RFC requests something similar for
 #     16.172.in-addr.arpa.  22.172.in-addr.arpa.  27.172.in-addr.arpa.
 #     17.172.in-addr.arpa.  30.172.in-addr.arpa.  28.172.in-addr.arpa.
 #     18.172.in-addr.arpa.  23.172.in-addr.arpa.  29.172.in-addr.arpa.
 #     19.172.in-addr.arpa.  24.172.in-addr.arpa.  31.172.in-addr.arpa.
 #     20.172.in-addr.arpa.  25.172.in-addr.arpa.  168.192.in-addr.arpa.
 # Pi-hole implements this via the dnsmasq option "bogus-priv" (see
 # 01-pihole.conf) because this also covers IPv6.
 # OpenWRT furthermore blocks    bind, local, onion    domains
 # see https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=package/network/services/dnsmasq/files/rfc6761.conf;hb=HEAD
 # and https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
 # We do not include the ".local" rule ourselves, see https://github.com/pi-hole/pi-hole/pull/4282#discussion_r689112972
 server=/bind/
 server=/onion/
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@ -498,10 +498,6 @@ chronoFunc() {
        printFunc " RAM usage: " "$ram_perc%" "$ram_info"
        printFunc " HDD usage: " "$disk_perc" "$disk_info"
        if [[ "$scr_lines" -gt 17 ]] && [[ "$chrono_width" != "small" ]]; then
            printFunc "  LAN addr: " "${IPV4_ADDRESS/\/*/}" "$lan_info"
        fi
        if [[ "$DHCP_ACTIVE" == "true" ]]; then
            printFunc "DHCP usage: " "$ph_dhcp_percent%" "$dhcp_info"
        fi
--- a/advanced/Scripts/piholeCheckout.sh
+++ b/advanced/Scripts/piholeCheckout.sh
@ -166,12 +166,15 @@ checkout() {
        checkout_pull_branch "${webInterfaceDir}" "${2}"
    elif [[ "${1}" == "ftl" ]] ; then
        local path
        local oldbranch
        path="${2}/${binary}"
        oldbranch="$(pihole-FTL -b)"
        if check_download_exists "$path"; then
            echo "  ${TICK} Branch ${2} exists"
            echo "${2}" > /etc/pihole/ftlbranch
            chmod 644 /etc/pihole/ftlbranch
            echo -e "  ${INFO} Switching to branch: \"${2}\" from \"${oldbranch}\""
            FTLinstall "${binary}"
            restart_service pihole-FTL
            enable_service pihole-FTL
--- a/advanced/Scripts/piholeDebug.sh
+++ b/advanced/Scripts/piholeDebug.sh
@ -56,11 +56,6 @@ FAQ_BAD_ADDRESS="${COL_CYAN}https://discourse.pi-hole.net/t/why-do-i-see-bad-add
 # Other URLs we may use
 FORUMS_URL="${COL_CYAN}https://discourse.pi-hole.net${COL_NC}"
 TRICORDER_CONTEST="${COL_CYAN}https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/${COL_NC}"
 # Port numbers used for uploading the debug log
 TRICORDER_NC_PORT_NUMBER=9999
 TRICORDER_SSL_PORT_NUMBER=9998
 # Directories required by Pi-hole
 # https://discourse.pi-hole.net/t/what-files-does-pi-hole-use/1684
@ -78,15 +73,12 @@ HTML_DIRECTORY="/var/www/html"
 WEB_GIT_DIRECTORY="${HTML_DIRECTORY}/admin"
 #BLOCK_PAGE_DIRECTORY="${HTML_DIRECTORY}/pihole"
 SHM_DIRECTORY="/dev/shm"
 ETC="/etc"
 # Files required by Pi-hole
 # https://discourse.pi-hole.net/t/what-files-does-pi-hole-use/1684
 PIHOLE_CRON_FILE="${CRON_D_DIRECTORY}/pihole"
 PIHOLE_DNS_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/01-pihole.conf"
 PIHOLE_DHCP_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/02-pihole-dhcp.conf"
 PIHOLE_WILDCARD_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/03-wildcard.conf"
 WEB_SERVER_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/lighttpd.conf"
 WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf"
@ -141,6 +133,9 @@ PIHOLE_FTL_LOG="$(get_ftl_conf_value "LOGFILE" "${LOG_DIRECTORY}/pihole-FTL.log"
 PIHOLE_WEB_SERVER_ACCESS_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/access.log"
 PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log"
 RESOLVCONF="${ETC}/resolv.conf"
 DNSMASQ_CONF="${ETC}/dnsmasq.conf"
 # An array of operating system "pretty names" that we officially support
 # We can loop through the array at any time to see if it matches a value
 #SUPPORTED_OS=("Raspbian" "Ubuntu" "Fedora" "Debian" "CentOS")
@ -165,9 +160,6 @@ PIHOLE_PROCESSES=( "lighttpd" "pihole-FTL" )
 # Store the required directories in an array so it can be parsed through
 REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
 "${PIHOLE_DNS_CONFIG_FILE}"
 "${PIHOLE_DHCP_CONFIG_FILE}"
 "${PIHOLE_WILDCARD_CONFIG_FILE}"
 "${WEB_SERVER_CONFIG_FILE}"
 "${WEB_SERVER_CUSTOM_CONFIG_FILE}"
 "${PIHOLE_INSTALL_LOG_FILE}"
@ -185,7 +177,9 @@ REQUIRED_FILES=("${PIHOLE_CRON_FILE}"
 "${PIHOLE_DEBUG_LOG}"
 "${PIHOLE_FTL_LOG}"
 "${PIHOLE_WEB_SERVER_ACCESS_LOG_FILE}"
-"${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}")
+"${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}"
 "${RESOLVCONF}"
 "${DNSMASQ_CONF}")
 DISCLAIMER="This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.
@ -235,6 +229,7 @@ copy_to_debug_log() {
 }
 initialize_debug() {
    local system_uptime
    # Clear the screen so the debug log is readable
    clear
    show_disclaimer
@ -242,6 +237,10 @@ initialize_debug() {
    log_write "${COL_PURPLE}*** [ INITIALIZING ]${COL_NC}"
    # Timestamp the start of the log
    log_write "${INFO} $(date "+%Y-%m-%d:%H:%M:%S") debug log has been initialized."
    # Uptime of the system
    # credits to https://stackoverflow.com/questions/28353409/bash-format-uptime-to-show-days-hours-minutes
    system_uptime=$(uptime | awk -F'( |,|:)+' '{if ($7=="min") m=$6; else {if ($7~/^day/){if ($9=="min") {d=$6;m=$8} else {d=$6;h=$8;m=$9}} else {h=$6;m=$7}}} {print d+0,"days,",h+0,"hours,",m+0,"minutes"}')
    log_write "${INFO} System has been running for ${system_uptime}"
 }
 # This is a function for visually displaying the current test that is being run.
@ -410,12 +409,12 @@ os_check() {
    # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
    # and determines whether or not the script is running on one of those systems
    local remote_os_domain valid_os valid_version detected_os detected_version cmdResult digReturnCode response
-    remote_os_domain="versions.pi-hole.net"
+    remote_os_domain=${OS_CHECK_DOMAIN_NAME:-"versions.pi-hole.net"}
    detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
    detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
-    cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
+    cmdResult="$(dig +short -t txt "${remote_os_domain}" @ns1.pi-hole.net 2>&1; echo $?)"
    #Get the return code of the previous command (last line)
    digReturnCode="${cmdResult##*$'\n'}"
@ -605,38 +604,6 @@ parse_locale() {
    parse_file "${pihole_locale}"
 }
 does_ip_match_setup_vars() {
    # Check for IPv4 or 6
    local protocol="${1}"
    # IP address to check for
    local ip_address="${2}"
    # See what IP is in the setupVars.conf file
    local setup_vars_ip
    setup_vars_ip=$(< ${PIHOLE_SETUP_VARS_FILE} grep IPV"${protocol}"_ADDRESS | cut -d '=' -f2)
    # If it's an IPv6 address
    if [[ "${protocol}" == "6" ]]; then
        # Strip off the / (CIDR notation)
        if [[ "${ip_address%/*}" == "${setup_vars_ip%/*}" ]]; then
            # if it matches, show it in green
            log_write "   ${COL_GREEN}${ip_address%/*}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}"
        else
            # otherwise show it in red with an FAQ URL
            log_write "   ${COL_RED}${ip_address%/*}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})"
        fi
    else
        # if the protocol isn't 6, it's 4 so no need to strip the CIDR notation
        # since it exists in the setupVars.conf that way
        if [[ "${ip_address}" == "${setup_vars_ip}" ]]; then
            # show in green if it matches
            log_write "   ${COL_GREEN}${ip_address}${COL_NC} matches the IP found in ${PIHOLE_SETUP_VARS_FILE}"
        else
            # otherwise show it in red
            log_write "   ${COL_RED}${ip_address}${COL_NC} does not match the IP found in ${PIHOLE_SETUP_VARS_FILE} (${FAQ_ULA})"
        fi
    fi
 }
 detect_ip_addresses() {
    # First argument should be a 4 or a 6
    local protocol=${1}
@ -653,8 +620,7 @@ detect_ip_addresses() {
        log_write "${TICK} IPv${protocol} address(es) bound to the ${PIHOLE_INTERFACE} interface:"
        # Since there may be more than one IP address, store them in an array
        for i in "${!ip_addr_list[@]}"; do
-            # For each one in the list, print it out
+            log_write "    ${ip_addr_list[$i]}"
            does_ip_match_setup_vars "${protocol}" "${ip_addr_list[$i]}"
        done
        # Print a blank line just for formatting
        log_write ""
@ -663,13 +629,6 @@ detect_ip_addresses() {
        log_write "${CROSS} ${COL_RED}No IPv${protocol} address(es) found on the ${PIHOLE_INTERFACE}${COL_NC} interface.\\n"
        return 1
    fi
    # If the protocol is v6
    if [[ "${protocol}" == "6" ]]; then
        # let the user know that as long as there is one green address, things should be ok
        log_write "   ^ Please note that you may have more than one IP address listed."
        log_write "   As long as one of them is green, and it matches what is in ${PIHOLE_SETUP_VARS_FILE}, there is no need for concern.\\n"
        log_write "   The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.\\n"
    fi
 }
 ping_ipv4_or_ipv6() {
@ -859,13 +818,13 @@ dig_at() {
    # Store the arguments as variables with names
    local protocol="${1}"
    local IP="${2}"
    echo_current_diagnostic "Name resolution (IPv${protocol}) using a random blocked domain and a known ad-serving domain"
    # Set more local variables
    # We need to test name resolution locally, via Pi-hole, and via a public resolver
    local local_dig
    local pihole_dig
    local remote_dig
    local interfaces
    local addresses
    # Use a static domain that we know has IPv4 and IPv6 to avoid false positives
    # Sometimes the randomly chosen domains don't use IPv6, or something else is wrong with them
    local remote_url="doubleclick.com"
@ -874,15 +833,15 @@ dig_at() {
    if [[ ${protocol} == "6" ]]; then
        # Set the IPv6 variables and record type
        local local_address="::1"
        local pihole_address="${IP}"
        local remote_address="2001:4860:4860::8888"
        local sed_selector="inet6"
        local record_type="AAAA"
    # Otherwise, it should be 4
    else
        # so use the IPv4 values
        local local_address="127.0.0.1"
        local pihole_address="${IP}"
        local remote_address="8.8.8.8"
        local sed_selector="inet"
        local record_type="A"
    fi
@ -892,32 +851,55 @@ dig_at() {
    local random_url
    random_url=$(sqlite3 "${PIHOLE_GRAVITY_DB_FILE}" "SELECT domain FROM vw_gravity ORDER BY RANDOM() LIMIT 1")
    # First, do a dig on localhost to see if Pi-hole can use itself to block a domain
    if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then
        # If it can, show success
        log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} via ${COL_CYAN}localhost$COL_NC (${local_address})"
    else
        # Otherwise, show a failure
        log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}localhost${COL_NC} (${local_address})"
    fi
    # Next we need to check if Pi-hole can resolve a domain when the query is sent to it's IP address
    # This better emulates how clients will interact with Pi-hole as opposed to above where Pi-hole is
    # just asing itself locally
-    # The default timeouts and tries are reduced in case the DNS server isn't working, so the user isn't waiting for too long
+    # The default timeouts and tries are reduced in case the DNS server isn't working, so the user isn't
    # waiting for too long
    #
    # Turn off history expansion such that the "!" in the sed command cannot do silly things
    set +H
    # Get interfaces
    # sed logic breakdown:
    #     / master /d;
    #          Removes all interfaces that are slaves of others (e.g. virtual docker interfaces)
    #     /UP/!d;
    #          Removes all interfaces which are not UP
    #     s/^[0-9]*: //g;
    #          Removes interface index
    #     s/: <.*//g;
    #          Removes everything after the interface name
    interfaces="$(ip link show | sed "/ master /d;/UP/!d;s/^[0-9]*: //g;s/: <.*//g;")"
-    # If Pi-hole can dig itself from it's IP (not the loopback address)
+    while IFS= read -r iface ; do
-    if pihole_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @"${pihole_address}" +short "${record_type}"); then
+        # Get addresses of current interface
-        # show a success
+        # sed logic breakdown:
-        log_write "${TICK} ${random_url} ${COL_GREEN}is ${pihole_dig}${COL_NC} via ${COL_CYAN}Pi-hole${COL_NC} (${pihole_address})"
+        #     /inet(|6) /!d;
-    else
+        #          Removes all lines from ip a that do not contain either "inet " or "inet6 "
-        # Otherwise, show a failure
+        #     s/^.*inet(|6) //g;
-        log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} via ${COL_RED}Pi-hole${COL_NC} (${pihole_address})"
+        #          Removes all leading whitespace as well as the "inet " or "inet6 " string
-    fi
+        #     s/\/.*$//g;
        #          Removes CIDR and everything thereafter (e.g., scope properties)
        addresses="$(ip address show dev "${iface}" | sed "/${sed_selector} /!d;s/^.*${sed_selector} //g;s/\/.*$//g;")"
        if [ -n "${addresses}" ]; then
          while IFS= read -r local_address ; do
              # Check if Pi-hole can use itself to block a domain
              if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @"${local_address}" +short "${record_type}"); then
                  # If it can, show success
                  log_write "${TICK} ${random_url} ${COL_GREEN}is ${local_dig}${COL_NC} on ${COL_CYAN}${iface}${COL_NC} (${COL_CYAN}${local_address}${COL_NC})"
              else
                  # Otherwise, show a failure
                  log_write "${CROSS} ${COL_RED}Failed to resolve${COL_NC} ${random_url} on ${COL_RED}${iface}${COL_NC} (${COL_RED}${local_address}${COL_NC})"
              fi
          done <<< "${addresses}"
        else
          log_write "${TICK} No IPv${protocol} address available on ${COL_CYAN}${iface}${COL_NC}"
        fi
    done <<< "${interfaces}"
    # Finally, we need to make sure legitimate queries can out to the Internet using an external, public DNS server
    # We are using the static remote_url here instead of a random one because we know it works with IPv4 and IPv6
-    if remote_dig=$(dig +tries=1 +time=2 -"${protocol}" "${remote_url}" @${remote_address} +short "${record_type}" | head -n1); then
+    if remote_dig=$(dig +tries=1 +time=2 -"${protocol}" "${remote_url}" @"${remote_address}" +short "${record_type}" | head -n1); then
        # If successful, the real IP of the domain will be returned instead of Pi-hole's IP
        log_write "${TICK} ${remote_url} ${COL_GREEN}is ${remote_dig}${COL_NC} via ${COL_CYAN}a remote, public DNS server${COL_NC} (${remote_address})"
    else
@ -1032,7 +1014,7 @@ parse_file() {
    local file_lines
    # For each line in the file,
    for file_lines in "${file_info[@]}"; do
-        if [[ ! -z "${file_lines}" ]]; then
+        if [[ -n "${file_lines}" ]]; then
            # don't include the Web password hash
            [[ "${file_lines}" =~ ^\#.*$  || ! "${file_lines}" || "${file_lines}" == "WEBPASSWORD="* ]] && continue
            # otherwise, display the lines of the file
@ -1046,12 +1028,8 @@ parse_file() {
 check_name_resolution() {
    # Check name resolution from localhost, Pi-hole's IP, and Google's name severs
    # using the function we created earlier
-    dig_at 4 "${IPV4_ADDRESS%/*}"
+    dig_at 4
-    # If IPv6 enabled,
+    dig_at 6
    if [[ "${IPV6_ADDRESS}" ]]; then
        # check resolution
        dig_at 6 "${IPV6_ADDRESS%/*}"
    fi
 }
 # This function can check a directory exists
@ -1094,13 +1072,17 @@ list_files_in_dir() {
            :
        elif [[ "${dir_to_parse}" == "${SHM_DIRECTORY}" ]]; then
            # SHM file - we do not want to see the content, but we want to see the files and their sizes
-            log_write "$(ls -ld "${dir_to_parse}"/"${each_file}")"
+            log_write "$(ls -lhd "${dir_to_parse}"/"${each_file}")"
        elif [[ "${dir_to_parse}" == "${DNSMASQ_D_DIRECTORY}" ]]; then
            # in case of the dnsmasq directory inlcuede all files in the debug output
            log_write "\\n${COL_GREEN}$(ls -lhd "${dir_to_parse}"/"${each_file}")${COL_NC}"
            make_array_from_file "${dir_to_parse}/${each_file}"
        else
            # Then, parse the file's content into an array so each line can be analyzed if need be
            for i in "${!REQUIRED_FILES[@]}"; do
                if [[ "${dir_to_parse}/${each_file}" == "${REQUIRED_FILES[$i]}" ]]; then
                    # display the filename
-                    log_write "\\n${COL_GREEN}$(ls -ld "${dir_to_parse}"/"${each_file}")${COL_NC}"
+                    log_write "\\n${COL_GREEN}$(ls -lhd "${dir_to_parse}"/"${each_file}")${COL_NC}"
                    # Check if the file we want to view has a limit (because sometimes we just need a little bit of info from the file, not the entire thing)
                    case "${dir_to_parse}/${each_file}" in
                        # If it's Web server error log, give the first and last 25 lines
@ -1139,6 +1121,7 @@ show_content_of_pihole_files() {
    show_content_of_files_in_dir "${WEB_SERVER_LOG_DIRECTORY}"
    show_content_of_files_in_dir "${LOG_DIRECTORY}"
    show_content_of_files_in_dir "${SHM_DIRECTORY}"
    show_content_of_files_in_dir "${ETC}"
 }
 head_tail_log() {
@ -1239,11 +1222,11 @@ show_groups() {
 }
 show_adlists() {
-    show_db_entries "Adlists" "SELECT id,CASE enabled WHEN '0' THEN '   0' WHEN '1' THEN '      1' ELSE enabled END enabled,GROUP_CONCAT(adlist_by_group.group_id) group_ids,address,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM adlist LEFT JOIN adlist_by_group ON adlist.id = adlist_by_group.adlist_id GROUP BY id;" "4 7 12 100 19 19 50"
+    show_db_entries "Adlists" "SELECT id,CASE enabled WHEN '0' THEN '   0' WHEN '1' THEN '      1' ELSE enabled END enabled,GROUP_CONCAT(adlist_by_group.group_id) group_ids,address,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM adlist LEFT JOIN adlist_by_group ON adlist.id = adlist_by_group.adlist_id GROUP BY id;" "5 7 12 100 19 19 50"
 }
 show_domainlist() {
-    show_db_entries "Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)" "SELECT id,CASE type WHEN '0' THEN '0   ' WHEN '1' THEN ' 1  ' WHEN '2' THEN '  2 ' WHEN '3' THEN '   3' ELSE type END type,CASE enabled WHEN '0' THEN '   0' WHEN '1' THEN '      1' ELSE enabled END enabled,GROUP_CONCAT(domainlist_by_group.group_id) group_ids,domain,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM domainlist LEFT JOIN domainlist_by_group ON domainlist.id = domainlist_by_group.domainlist_id GROUP BY id;" "4 4 7 12 100 19 19 50"
+    show_db_entries "Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)" "SELECT id,CASE type WHEN '0' THEN '0   ' WHEN '1' THEN ' 1  ' WHEN '2' THEN '  2 ' WHEN '3' THEN '   3' ELSE type END type,CASE enabled WHEN '0' THEN '   0' WHEN '1' THEN '      1' ELSE enabled END enabled,GROUP_CONCAT(domainlist_by_group.group_id) group_ids,domain,datetime(date_added,'unixepoch','localtime') date_added,datetime(date_modified,'unixepoch','localtime') date_modified,comment FROM domainlist LEFT JOIN domainlist_by_group ON domainlist.id = domainlist_by_group.domainlist_id GROUP BY id;" "5 4 7 12 100 19 19 50"
 }
 show_clients() {
@ -1281,77 +1264,88 @@ analyze_gravity_list() {
    IFS="$OLD_IFS"
 }
-analyze_pihole_log() {
+obfuscated_pihole_log() {
-    echo_current_diagnostic "Pi-hole log"
+  local pihole_log=("$@")
-    local head_line
+  local line
-    # Put the current Internal Field Separator into another variable so it can be restored later
+  local error_to_check_for
-    OLD_IFS="$IFS"
+  local line_to_obfuscate
-    # Get the lines that are in the file(s) and store them in an array for parsing later
+  local obfuscated_line
-    IFS=$'\r\n'
+  for line in "${pihole_log[@]}"; do
-    local pihole_log_permissions
+      # A common error in the pihole.log is when there is a non-hosts formatted file
-    pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}")
+      # that the DNS server is attempting to read.  Since it's not formatted
-    log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}"
+      # correctly, there will be an entry for "bad address at line n"
-    local pihole_log_head=()
+      # So we can check for that here and highlight it in red so the user can see it easily
-    mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG})
+      error_to_check_for=$(echo "${line}" | grep 'bad address at')
-    log_write "   ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}"
+      # Some users may not want to have the domains they visit sent to us
-    local error_to_check_for
+      # To that end, we check for lines in the log that would contain a domain name
-    local line_to_obfuscate
+      line_to_obfuscate=$(echo "${line}" | grep ': query\|: forwarded\|: reply')
-    local obfuscated_line
+      # If the variable contains a value, it found an error in the log
-    for head_line in "${pihole_log_head[@]}"; do
+      if [[ -n ${error_to_check_for} ]]; then
-        # A common error in the pihole.log is when there is a non-hosts formatted file
+          # So we can print it in red to make it visible to the user
-        # that the DNS server is attempting to read.  Since it's not formatted
+          log_write "   ${CROSS} ${COL_RED}${line}${COL_NC} (${FAQ_BAD_ADDRESS})"
-        # correctly, there will be an entry for "bad address at line n"
+      else
-        # So we can check for that here and highlight it in red so the user can see it easily
+          # If the variable does not a value (the current default behavior), so do not obfuscate anything
-        error_to_check_for=$(echo "${head_line}" | grep 'bad address at')
+          if [[ -z ${OBFUSCATE} ]]; then
-        # Some users may not want to have the domains they visit sent to us
+              log_write "   ${line}"
-        # To that end, we check for lines in the log that would contain a domain name
+          # Othwerise, a flag was passed to this command to obfuscate domains in the log
-        line_to_obfuscate=$(echo "${head_line}" | grep ': query\|: forwarded\|: reply')
+          else
-        # If the variable contains a value, it found an error in the log
+              # So first check if there are domains in the log that should be obfuscated
-        if [[ -n ${error_to_check_for} ]]; then
+              if [[ -n ${line_to_obfuscate} ]]; then
-            # So we can print it in red to make it visible to the user
+                  # If there are, we need to use awk to replace only the domain name (the 6th field in the log)
-            log_write "   ${CROSS} ${COL_RED}${head_line}${COL_NC} (${FAQ_BAD_ADDRESS})"
+                  # so we substitute the domain for the placeholder value
-        else
+                  obfuscated_line=$(echo "${line_to_obfuscate}" | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}')
-            # If the variable does not a value (the current default behavior), so do not obfuscate anything
+                  log_write "   ${obfuscated_line}"
-            if [[ -z ${OBFUSCATE} ]]; then
+              else
-                log_write "   ${head_line}"
+                  log_write "   ${line}"
-            # Othwerise, a flag was passed to this command to obfuscate domains in the log
+              fi
-            else
+          fi
-                # So first check if there are domains in the log that should be obfuscated
+      fi
-                if [[ -n ${line_to_obfuscate} ]]; then
+  done
                    # If there are, we need to use awk to replace only the domain name (the 6th field in the log)
                    # so we substitute the domain for the placeholder value
                    obfuscated_line=$(echo "${line_to_obfuscate}" | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}')
                    log_write "   ${obfuscated_line}"
                else
                    log_write "   ${head_line}"
                fi
            fi
        fi
    done
    log_write ""
    # Set the IFS back to what it was
    IFS="$OLD_IFS"
 }
-tricorder_use_nc_or_curl() {
+analyze_pihole_log() {
-    # Users can submit their debug logs using nc (unencrypted) or curl (encrypted) if available
+  echo_current_diagnostic "Pi-hole log"
-    # Check for curl first since encryption is a good thing
+  local pihole_log_head=()
-    if command -v curl &> /dev/null; then
+  local pihole_log_tail=()
-        # If the command exists,
+  local pihole_log_permissions
-        log_write "    * Using ${COL_GREEN}curl${COL_NC} for transmission."
+  local logging_enabled
-        # transmit he log via TLS and store the token returned in a variable
+
-        tricorder_token=$(curl --silent --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net:${TRICORDER_SSL_PORT_NUMBER})
+  logging_enabled=$(grep -c "^log-queries" /etc/dnsmasq.d/01-pihole.conf)
-        if [ -z "${tricorder_token}" ]; then
+  if [[ "${logging_enabled}" == "0" ]]; then
-         # curl failed, fallback to nc
+      # Inform user that logging has been disabled and pihole.log does not contain queries
-         log_write "    * ${COL_GREEN}curl${COL_NC} failed, falling back to ${COL_YELLOW}netcat${COL_NC} for transmission."
+      log_write "${INFO} Query logging is disabled"
-         tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
+      log_write ""
  fi
  # Put the current Internal Field Separator into another variable so it can be restored later
  OLD_IFS="$IFS"
  # Get the lines that are in the file(s) and store them in an array for parsing later
  IFS=$'\r\n'
  pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}")
  log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}"
  mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG})
  log_write "   ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}"
  obfuscated_pihole_log "${pihole_log_head[@]}"
  log_write ""
  mapfile -t pihole_log_tail < <(tail -n 20 ${PIHOLE_LOG})
  log_write "   ${COL_CYAN}-----tail of $(basename ${PIHOLE_LOG})------${COL_NC}"
  obfuscated_pihole_log "${pihole_log_tail[@]}"
  log_write ""
  # Set the IFS back to what it was
  IFS="$OLD_IFS"
 }
 curl_to_tricorder() {
    # Users can submit their debug logs using curl (encrypted)
    log_write "    * Using ${COL_GREEN}curl${COL_NC} for transmission."
    # transmit the log via TLS and store the token returned in a variable
    tricorder_token=$(curl --silent --fail --show-error --upload-file ${PIHOLE_DEBUG_LOG} https://tricorder.pi-hole.net 2>&1)
    if [[ "${tricorder_token}" != "https://tricorder.pi-hole.net/"* ]]; then
        log_write "    * ${COL_GREEN}curl${COL_NC} failed, contact Pi-hole support for assistance."
        # Log curl error (if available)
        if [ -n "${tricorder_token}" ]; then
            log_write "    * Error message: ${COL_RED}${tricorder_token}${COL_NC}\\n"
            tricorder_token=""
        fi
    # Otherwise,
    else
        # use net cat
        log_write "${INFO} Using ${COL_YELLOW}netcat${COL_NC} for transmission."
        # Save the token returned by our server in a variable
        tricorder_token=$(< ${PIHOLE_DEBUG_LOG} nc tricorder.pi-hole.net ${TRICORDER_NC_PORT_NUMBER})
    fi
 }
@ -1370,14 +1364,13 @@ upload_to_tricorder() {
    # Provide information on what they should do with their token
    log_write "    * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only."
-    log_write "    * For more information, see: ${TRICORDER_CONTEST}"
+
    log_write "    * If available, we'll use openssl to upload the log, otherwise it will fall back to netcat."
    # If pihole -d is running automatically (usually through the dashboard)
    if [[ "${AUTOMATED}" ]]; then
        # let the user know
        log_write "${INFO} Debug script running in automated mode"
        # and then decide again which tool to use to submit it
-        tricorder_use_nc_or_curl
+        curl_to_tricorder
        # If we're not running in automated mode,
    else
        echo ""
@ -1386,7 +1379,7 @@ upload_to_tricorder() {
        read -r -p "[?] Would you like to upload the log? [y/N] " response
        case ${response} in
            # If they say yes, run our function for uploading the log
-            [yY][eE][sS]|[yY]) tricorder_use_nc_or_curl;;
+            [yY][eE][sS]|[yY]) curl_to_tricorder;;
            # If they choose no, just exit out of the script
            *) log_write "    * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n    * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit;
        esac
@ -1397,15 +1390,15 @@ upload_to_tricorder() {
        # Again, try to make this visually striking so the user realizes they need to do something with this information
        # Namely, provide the Pi-hole devs with the token
        log_write ""
-        log_write "${COL_PURPLE}***********************************${COL_NC}"
+        log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
-        log_write "${COL_PURPLE}***********************************${COL_NC}"
+        log_write "${COL_PURPLE}*****************************************************************${COL_NC}\\n"
        log_write "${TICK} Your debug token is: ${COL_GREEN}${tricorder_token}${COL_NC}"
-        log_write "${COL_PURPLE}***********************************${COL_NC}"
+        log_write "${INFO}${COL_RED} Logs are deleted 48 hours after upload.${COL_NC}\\n"
-        log_write "${COL_PURPLE}***********************************${COL_NC}"
+        log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
        log_write "${COL_PURPLE}*****************************************************************${COL_NC}"
        log_write ""
-        log_write "   * Provide the token above to the Pi-hole team for assistance at"
+        log_write "   * Provide the token above to the Pi-hole team for assistance at ${FORUMS_URL}"
-        log_write "   * ${FORUMS_URL}"
+
        log_write "   * Your log will self-destruct on our server after ${COL_RED}48 hours${COL_NC}."
    # If no token was generated
    else
        # Show an error and some help instructions
--- a/advanced/Scripts/piholeLogFlush.sh
+++ b/advanced/Scripts/piholeLogFlush.sh
@ -11,6 +11,11 @@
 colfile="/opt/pihole/COL_TABLE"
 source ${colfile}
 # In case we're running at the same time as a system logrotate, use a
 # separate logrotate state file to prevent stepping on each other's
 # toes.
 STATEFILE="/var/lib/logrotate/pihole"
 # Determine database location
 # Obtain DBFILE=... setting from pihole-FTL.db
 # Constructed to return nothing when
@ -32,7 +37,7 @@ if [[ "$@" == *"once"* ]]; then
    # Nightly logrotation
    if command -v /usr/sbin/logrotate >/dev/null; then
        # Logrotate once
-        /usr/sbin/logrotate --force /etc/pihole/logrotate
+        /usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate
    else
        # Copy pihole.log over to pihole.log.1
        # and empty out pihole.log
@ -47,8 +52,8 @@ else
    # Manual flushing
    if command -v /usr/sbin/logrotate >/dev/null; then
        # Logrotate twice to move all data out of sight of FTL
-        /usr/sbin/logrotate --force /etc/pihole/logrotate; sleep 3
+        /usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate; sleep 3
-        /usr/sbin/logrotate --force /etc/pihole/logrotate
+        /usr/sbin/logrotate --force --state "${STATEFILE}" /etc/pihole/logrotate
    else
        # Flush both pihole.log and pihole.log.1 (if existing)
        echo " " > /var/log/pihole.log
--- a/advanced/Scripts/version.sh
+++ b/advanced/Scripts/version.sh
@ -153,7 +153,7 @@ versionOutput() {
    if [[ -n "$current" ]] && [[ -n "$latest" ]]; then
        output="${1^} version is $branch$current (Latest: $latest)"
    elif [[ -n "$current" ]] && [[ -z "$latest" ]]; then
-        output="Current ${1^} version is $branch$current."
+        output="Current ${1^} version is $branch$current"
    elif [[ -z "$current" ]] && [[ -n "$latest" ]]; then
        output="Latest ${1^} version is $latest"
    elif [[ "$curHash" == "N/A" ]] || [[ "$latHash" == "N/A" ]]; then
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@ -44,7 +44,8 @@ Options:
  -e, email           Set an administrative contact address for the Block Page
  -h, --help          Show this help dialog
  -i, interface       Specify dnsmasq's interface listening behavior
-  -l, privacylevel    Set privacy level (0 = lowest, 3 = highest)"
+  -l, privacylevel    Set privacy level (0 = lowest, 3 = highest)
  -t, teleporter      Backup configuration as an archive"
    exit 0
 }
@ -53,7 +54,7 @@ add_setting() {
 }
 delete_setting() {
-    sed -i "/${1}/d" "${setupVars}"
+    sed -i "/^${1}/d" "${setupVars}"
 }
 change_setting() {
@ -66,7 +67,7 @@ addFTLsetting() {
 }
 deleteFTLsetting() {
-    sed -i "/${1}/d" "${FTLconf}"
+    sed -i "/^${1}/d" "${FTLconf}"
 }
 changeFTLsetting() {
@ -83,7 +84,7 @@ add_dnsmasq_setting() {
 }
 delete_dnsmasq_setting() {
-    sed -i "/${1}/d" "${dnsmasqconfig}"
+    sed -i "/^${1}/d" "${dnsmasqconfig}"
 }
 SetTemperatureUnit() {
@ -266,17 +267,22 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423
        delete_setting "CONDITIONAL_FORWARDING_IP"
    fi
    delete_dnsmasq_setting "rev-server"
    if [[ "${REV_SERVER}" == true ]]; then
        add_dnsmasq_setting "rev-server=${REV_SERVER_CIDR},${REV_SERVER_TARGET}"
        if [ -n "${REV_SERVER_DOMAIN}" ]; then
            # Forward local domain names to the CF target, too
            add_dnsmasq_setting "server=/${REV_SERVER_DOMAIN}/${REV_SERVER_TARGET}"
        fi
    fi
-    # Prevent Firefox from automatically switching over to DNS-over-HTTPS
+        if [[ "${DNS_FQDN_REQUIRED}" != true ]]; then
-    # This follows https://support.mozilla.org/en-US/kb/configuring-networks-disable-dns-over-https
+            # Forward unqualified names to the CF target only when the "never
-    # (sourced 7th September 2019)
+            # forward non-FQDN" option is unticked
-    add_dnsmasq_setting "server=/use-application-dns.net/"
+            add_dnsmasq_setting "server=//${REV_SERVER_TARGET}"
        fi
    fi
    # We need to process DHCP settings here as well to account for possible
    # changes in the non-FQDN forwarding. This cannot be done in 01-pihole.conf
@ -426,7 +432,7 @@ dhcp-leasefile=/etc/pihole/dhcp.leases
        echo "#quiet-dhcp6
 #enable-ra
 dhcp-option=option6:dns-server,[::]
-dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac,${leasetime}
+dhcp-range=::100,::1ff,constructor:${interface},ra-names,slaac,64,3600
 ra-param=*,0,0
 " >> "${dhcpconfig}"
    fi
@ -716,7 +722,7 @@ RemoveCustomDNSAddress() {
    host="${args[3]}"
    if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
-        sed -i "/${ip} ${host}/d" "${dnscustomfile}"
+        sed -i "/^${ip} ${host}$/d" "${dnscustomfile}"
    else
        echo -e "  ${CROSS} Invalid IP has been passed"
        exit 1
@ -748,7 +754,7 @@ RemoveCustomCNAMERecord() {
    if [[ -n "${validDomain}" ]]; then
        validTarget="$(checkDomain "${target}")"
        if [[ -n "${validDomain}" ]]; then
-            sed -i "/cname=${validDomain},${validTarget}/d" "${dnscustomcnamefile}"
+            sed -i "/cname=${validDomain},${validTarget}$/d" "${dnscustomcnamefile}"
        else
            echo "  ${CROSS} Invalid Target Passed!"
            exit 1
--- a/advanced/Templates/pihole-FTL.service
+++ b/advanced/Templates/pihole-FTL.service
@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/usr/bin/env sh
 ### BEGIN INIT INFO
 # Provides:          pihole-FTL
 # Required-Start:    $remote_fs $syslog $network
@ -9,11 +9,8 @@
 # Description:       Enable service provided by pihole-FTL daemon
 ### END INIT INFO
 FTLUSER=pihole
 PIDFILE=/run/pihole-FTL.pid
 is_running() {
-    pgrep -o "pihole-FTL" > /dev/null 2>&1
+  pgrep -xo "pihole-FTL" > /dev/null
 }
@ -23,27 +20,18 @@ start() {
    echo "pihole-FTL is already running"
  else
    # Touch files to ensure they exist (create if non-existing, preserve if existing)
-    touch /var/log/pihole-FTL.log /var/log/pihole.log
+    mkdir -pm 0755 /run/pihole
-    touch /run/pihole-FTL.pid /run/pihole-FTL.port
+    touch /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases
    touch /etc/pihole/dhcp.leases
    mkdir -p /run/pihole
    mkdir -p /var/log/pihole
    chown pihole:pihole /run/pihole /var/log/pihole
    # Remove possible leftovers from previous pihole-FTL processes
    rm -f /dev/shm/FTL-* 2> /dev/null
    rm /run/pihole/FTL.sock 2> /dev/null
    # Ensure that permissions are set so that pihole-FTL can edit all necessary files
-    chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port
+    chown pihole:pihole /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /run/pihole /etc/pihole
-    chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases 2> /dev/null
+    chmod 0644 /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole-FTL.log /var/log/pihole.log /etc/pihole/dhcp.leases /etc/pihole/macvendor.db
    chown pihole:pihole /var/log/pihole-FTL.log /var/log/pihole.log
    chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
    # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
-    chown pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db 2> /dev/null
+    chown -f pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db /etc/pihole/macvendor.db
-    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE+eip "$(which pihole-FTL)"; then
+    if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip "/usr/bin/pihole-FTL"; then
-      su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"
+      su -s /bin/sh -c "/usr/bin/pihole-FTL" pihole
    else
      echo "Warning: Starting pihole-FTL as root because setting capabilities is not supported on this system"
-      pihole-FTL
+      /usr/bin/pihole-FTL
    fi
    echo
  fi
@ -52,20 +40,20 @@ start() {
 # Stop the service
 stop() {
  if is_running; then
-    pkill -o pihole-FTL
+    pkill -xo "pihole-FTL"
-    for i in {1..5}; do
+    for i in 1 2 3 4 5; do
      if ! is_running; then
        break
      fi
-      echo -n "."
+      printf "."
      sleep 1
    done
    echo
    if is_running; then
      echo "Not stopped; may still be shutting down or shutdown may have failed, killing now"
-      pkill -o -9 pihole-FTL
+      pkill -xo -9 "pihole-FTL"
      exit 1
    else
      echo "Stopped"
@ -73,6 +61,8 @@ stop() {
  else
    echo "Not running"
  fi
  # Cleanup
  rm -f /run/pihole/FTL.sock /dev/shm/FTL-*
  echo
 }
@ -101,7 +91,7 @@ case "$1" in
        start
        ;;
  *)
-        echo $"Usage: $0 {start|stop|restart|reload|status}"
+        echo "Usage: $0 {start|stop|restart|reload|status}"
        exit 1
 esac
--- a/advanced/Templates/pihole.cron
+++ b/advanced/Templates/pihole.cron
@ -26,7 +26,7 @@
 #          parameter "quiet": don't print messages
 00 00   * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole flush once quiet
-@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
+@reboot root /usr/sbin/logrotate --state /var/lib/logrotate/pihole /etc/pihole/logrotate
 # Pi-hole: Grab local version and branch every 10 minutes
 */10 *  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker local
--- a/advanced/index.php
+++ b/advanced/index.php
@ -73,12 +73,12 @@ if ($serverName === "pi.hole"
            <meta charset='utf-8'>
            $viewPort
            <title>● $serverName</title>
-            <link rel='stylesheet' href='pihole/blockingpage.css'>
+            <link rel='stylesheet' href='/pihole/blockingpage.css'>
-            <link rel='shortcut icon' href='admin/img/favicons/favicon.ico' type='image/x-icon'>
+            <link rel='shortcut icon' href='/admin/img/favicons/favicon.ico' type='image/x-icon'>
        </head>
        <body id='splashpage'>
            <div id="pihole_card">
-              <img src='admin/img/logo.svg' alt='Pi-hole logo' id="pihole_logo_splash" />
+              <img src='/admin/img/logo.svg' alt='Pi-hole logo' id="pihole_logo_splash" />
              <p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
              <a href='/admin'>Did you mean to go to the admin panel?</a>
            </div>
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@ -20,7 +20,6 @@ server.modules = (
    "mod_accesslog",
    "mod_auth",
    "mod_expire",
    "mod_compress",
    "mod_redirect",
    "mod_setenv",
    "mod_rewrite"
@ -41,26 +40,6 @@ index-file.names            = ( "index.php", "index.html", "index.lighttpd.html"
 url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 compress.cache-dir = "/var/cache/lighttpd/compress/"
 compress.filetype  = (
    "application/json",
    "application/vnd.ms-fontobject",
    "application/xml",
    "font/eot",
    "font/opentype",
    "font/otf",
    "font/ttf",
    "image/bmp",
    "image/svg+xml",
    "image/vnd.microsoft.icon",
    "image/x-icon",
    "text/css",
    "text/html",
    "text/javascript",
    "text/plain",
    "text/xml"
 )
 mimetype.assign = (
    ".ico"   => "image/x-icon",
    ".jpeg"  => "image/jpeg",
@ -99,11 +78,6 @@ $HTTP["url"] =~ "^/admin/" {
        "X-Pi-hole" => "The Pi-hole Web interface is working!",
        "X-Frame-Options" => "DENY"
    )
    $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
        # Allow Block Page access to local fonts
        setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
    }
 }
 # Block . files from being served, such as .git, .github, .gitignore
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@ -21,7 +21,6 @@ server.modules = (
    "mod_expire",
    "mod_fastcgi",
    "mod_accesslog",
    "mod_compress",
    "mod_redirect",
    "mod_setenv",
    "mod_rewrite"
@ -42,26 +41,6 @@ index-file.names            = ( "index.php", "index.html", "index.lighttpd.html"
 url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
 compress.cache-dir = "/var/cache/lighttpd/compress/"
 compress.filetype  = (
    "application/json",
    "application/vnd.ms-fontobject",
    "application/xml",
    "font/eot",
    "font/opentype",
    "font/otf",
    "font/ttf",
    "image/bmp",
    "image/svg+xml",
    "image/vnd.microsoft.icon",
    "image/x-icon",
    "text/css",
    "text/html",
    "text/javascript",
    "text/plain",
    "text/xml"
 )
 mimetype.assign = (
    ".ico"   => "image/x-icon",
    ".jpeg"  => "image/jpeg",
@ -107,11 +86,6 @@ $HTTP["url"] =~ "^/admin/" {
        "X-Pi-hole" => "The Pi-hole Web interface is working!",
        "X-Frame-Options" => "DENY"
    )
    $HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
        # Allow Block Page access to local fonts
        setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
    }
 }
 # Block . files from being served, such as .git, .github, .gitignore
--- a/install/basic-install.sh
+++ b/install/basic-install.sh
@ -94,24 +94,9 @@ if [ -z "${USER}" ]; then
  USER="$(id -un)"
 fi
-
+# whiptail dialog dimensions: 20 rows and 70 chars width assures to fit on small screens and is known to hold all content.
-# Check if we are running on a real terminal and find the rows and columns
+r=20
-# If there is no real terminal, we will default to 80x24
+c=70
 if [ -t 0 ] ; then
  screen_size=$(stty size)
 else
  screen_size="24 80"
 fi
 # Determine terminal rows and columns by parsing screen_size
 printf -v rows '%d' "${screen_size%% *}"
 printf -v columns '%d' "${screen_size##* }"
 # Divide by two so the dialogs take up half of the screen, which looks nice.
 r=$(( rows / 2 ))
 c=$(( columns / 2 ))
 # Unless the screen is tiny
 r=$(( r < 20 ? 20 : r ))
 c=$(( c < 70 ? 70 : c ))
 ######## Undocumented Flags. Shhh ########
 # These are undocumented flags; some of which we can use when repairing an installation
@ -186,12 +171,12 @@ os_check() {
        # This function gets a list of supported OS versions from a TXT record at versions.pi-hole.net
        # and determines whether or not the script is running on one of those systems
        local remote_os_domain valid_os valid_version valid_response detected_os detected_version display_warning cmdResult digReturnCode response
-        remote_os_domain="versions.pi-hole.net"
+        remote_os_domain=${OS_CHECK_DOMAIN_NAME:-"versions.pi-hole.net"}
        detected_os=$(grep "\bID\b" /etc/os-release | cut -d '=' -f2 | tr -d '"')
        detected_version=$(grep VERSION_ID /etc/os-release | cut -d '=' -f2 | tr -d '"')
-        cmdResult="$(dig +short -t txt ${remote_os_domain} @ns1.pi-hole.net 2>&1; echo $?)"
+        cmdResult="$(dig +short -t txt "${remote_os_domain}" @ns1.pi-hole.net 2>&1; echo $?)"
        # Gets the return code of the previous command (last line)
        digReturnCode="${cmdResult##*$'\n'}"
@ -276,7 +261,7 @@ os_check() {
 }
 # Compatibility
-distro_check() {
+package_manager_detect() {
 # If apt-get is installed, then we know it's part of the Debian family
 if is_command apt-get ; then
    # Set some global variables here
@ -288,21 +273,6 @@ if is_command apt-get ; then
    PKG_INSTALL=("${PKG_MANAGER}" -qq --no-install-recommends install)
    # grep -c will return 1 if there are no matches. This is an acceptable condition, so we OR TRUE to prevent set -e exiting the script.
    PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
    # Some distros vary slightly so these fixes for dependencies may apply
    # on Ubuntu 18.04.1 LTS we need to add the universe repository to gain access to dhcpcd5
    APT_SOURCES="/etc/apt/sources.list"
    if awk 'BEGIN{a=1;b=0}/bionic main/{a=0}/bionic.*universe/{b=1}END{exit a + b}' ${APT_SOURCES}; then
        if ! whiptail --defaultno --title "Dependencies Require Update to Allowed Repositories" --yesno "Would you like to enable 'universe' repository?\\n\\nThis repository is required by the following packages:\\n\\n- dhcpcd5" "${r}" "${c}"; then
            printf "  %b Aborting installation: Dependencies could not be installed.\\n" "${CROSS}"
            exit 1
        else
            printf "  %b Enabling universe package repository for Ubuntu Bionic\\n" "${INFO}"
            cp -p ${APT_SOURCES} ${APT_SOURCES}.backup # Backup current repo list
            printf "  %b Backed up current configuration to %s\\n" "${TICK}" "${APT_SOURCES}.backup"
            add-apt-repository universe
            printf "  %b Enabled %s\\n" "${TICK}" "'universe' repository"
        fi
    fi
    # Update package cache. This is required already here to assure apt-cache calls have package lists available.
    update_package_cache || exit 1
    # Debian 7 doesn't have iproute2 so check if it's available first
@ -354,13 +324,19 @@ if is_command apt-get ; then
        printf "  %b Aborting installation: No SQLite PHP module was found in APT repository.\\n" "${CROSS}"
        exit 1
    fi
    # Packages required to perfom the os_check (stored as an array)
    OS_CHECK_DEPS=(grep dnsutils)
    # Packages required to run this install script (stored as an array)
-    INSTALLER_DEPS=(dhcpcd5 git "${iproute_pkg}" whiptail dnsutils)
+    INSTALLER_DEPS=(git "${iproute_pkg}" whiptail)
    # Packages required to run Pi-hole (stored as an array)
-    PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data libcap2)
+    PIHOLE_DEPS=(cron curl iputils-ping lsof netcat psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2)
    # Packages required for the Web admin interface (stored as an array)
    # It's useful to separate this from Pi-hole, since the two repos are also setup separately
-    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-json" "${phpVer}-intl")
+    PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-${phpSqlite}" "${phpVer}-xml" "${phpVer}-intl")
    # Prior to PHP8.0, JSON functionality is provided as dedicated module, required by Pi-hole AdminLTE: https://www.php.net/manual/json.installation.php
    if [[ "${phpInsNewer}" != true || "${phpInsMajor}" -lt 8 ]]; then
        PIHOLE_WEB_DEPS+=("${phpVer}-json")
    fi
    # The Web server user,
    LIGHTTPD_USER="www-data"
    # group,
@ -396,7 +372,8 @@ elif is_command rpm ; then
    # These variable names match the ones in the Debian family. See above for an explanation of what they are for.
    PKG_INSTALL=("${PKG_MANAGER}" install -y)
    PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
-    INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig bind-utils)
+    OS_CHECK_DEPS=(grep bind-utils)
    INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig)
    PIHOLE_DEPS=(cronie curl findutils nmap-ncat sudo unzip libidn2 psmisc sqlite libcap lsof)
    PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl)
    LIGHTTPD_USER="lighttpd"
@ -688,9 +665,17 @@ welcomeDialogs() {
    whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations:  https://pi-hole.net/donate/" "${r}" "${c}"
    # Explain the need for a static address
-    whiptail --msgbox --backtitle "Initiating network interface" --title "Static IP Needed" "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.
+    if whiptail --defaultno --backtitle "Initiating network interface" --title "Static IP Needed" --yesno "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly.
-In the next section, you can choose to use your current network settings (DHCP) or to manually edit them." "${r}" "${c}"
+IMPORTANT: If you have not already done so, you must ensure that this device has a static IP. Either through DHCP reservation, or by manually assigning one. Depending on your operating system, there are many ways to achieve this.
 Choose yes to indicate that you have understood this message, and wish to continue" "${r}" "${c}"; then
 #Nothing to do, continue
  echo
 else
  printf "  %b Installer exited at static IP message.\\n" "${INFO}"
  exit 1
 fi
 }
 # A function that lets the user pick an interface to use with Pi-hole
@ -843,8 +828,11 @@ use4andor6() {
    if [[ "${useIPv4}" ]]; then
        # Run our function to get the information we need
        find_IPv4_information
-        getStaticIPv4Settings
+        if [[ -f "/etc/dhcpcd.conf" ]]; then
-        setStaticIPv4
+            # configure networking via dhcpcd
            getStaticIPv4Settings
            setDHCPCD
        fi
    fi
    # If IPv6 is to be used,
    if [[ "${useIPv6}" ]]; then
@ -929,93 +917,6 @@ setDHCPCD() {
    fi
 }
 # Configure networking ifcfg-xxxx file found at /etc/sysconfig/network-scripts/
 # This function requires the full path of an ifcfg file passed as an argument
 setIFCFG() {
    # Local, named variables
    local IFCFG_FILE
    local IPADDR
    local CIDR
    IFCFG_FILE=$1
    printf -v IPADDR "%s" "${IPV4_ADDRESS%%/*}"
    # Check if the desired IP is already set
    if grep -Eq "${IPADDR}(\\b|\\/)" "${IFCFG_FILE}"; then
        printf "  %b Static IP already configured\\n" "${INFO}"
    else
        # Otherwise, put the IP in variables without the CIDR notation
        printf -v CIDR "%s" "${IPV4_ADDRESS##*/}"
        # Backup existing interface configuration:
        cp -p "${IFCFG_FILE}" "${IFCFG_FILE}".pihole.orig
        # Build Interface configuration file using the GLOBAL variables we have
        {
        echo "# Configured via Pi-hole installer"
        echo "DEVICE=$PIHOLE_INTERFACE"
        echo "BOOTPROTO=none"
        echo "ONBOOT=yes"
        echo "IPADDR=$IPADDR"
        echo "PREFIX=$CIDR"
        echo "GATEWAY=$IPv4gw"
        echo "DNS1=$PIHOLE_DNS_1"
        echo "DNS2=$PIHOLE_DNS_2"
        echo "USERCTL=no"
        }> "${IFCFG_FILE}"
        chmod 644 "${IFCFG_FILE}"
        chown root:root "${IFCFG_FILE}"
        # Use ip to immediately set the new address
        ip addr replace dev "${PIHOLE_INTERFACE}" "${IPV4_ADDRESS}"
        # If NetworkMangler command line interface exists and ready to mangle,
        if is_command nmcli && nmcli general status &> /dev/null; then
            # Tell NetworkManagler to read our new sysconfig file
            nmcli con load "${IFCFG_FILE}" > /dev/null
        fi
        # Show a warning that the user may need to restart
        printf "  %b Set IP address to %s\\n  You may need to restart after the install is complete\\n" "${TICK}" "${IPV4_ADDRESS%%/*}"
    fi
 }
 setStaticIPv4() {
    # Local, named variables
    local IFCFG_FILE
    local CONNECTION_NAME
    # If a static interface is already configured, we are done.
    if [[ -r "/etc/sysconfig/network/ifcfg-${PIHOLE_INTERFACE}" ]]; then
        if grep -q '^BOOTPROTO=.static.' "/etc/sysconfig/network/ifcfg-${PIHOLE_INTERFACE}"; then
            return 0
        fi
    fi
    # For the Debian family, if dhcpcd.conf exists then we can just configure using DHCPD.
    if [[ -f "/etc/dhcpcd.conf" ]]; then
        setDHCPCD
        return 0
    fi
    # If a DHCPCD config file was not found, check for an ifcfg config file based on the interface name
    if [[ -f "/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE}" ]];then
        # If it exists, then we can configure using IFCFG
        IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE}
        setIFCFG "${IFCFG_FILE}"
        return 0
    fi
    # If an ifcfg config does not exists for the interface name, search for one based on the connection name via network manager
    if is_command nmcli && nmcli general status &> /dev/null; then
        CONNECTION_NAME=$(nmcli dev show "${PIHOLE_INTERFACE}" | grep 'GENERAL.CONNECTION' | cut -d: -f2 | sed 's/^System//' | xargs | tr ' ' '_')
        IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${CONNECTION_NAME}
        if [[ -f "${IFCFG_FILE}" ]];then
            # If it exists,
            setIFCFG "${IFCFG_FILE}"
            return 0
        else
            printf "  %b Warning: sysconfig network script not found. Creating ${IFCFG_FILE}\\n" "${INFO}"
            touch "${IFCFG_FILE}"
            setIFCFG "${IFCFG_FILE}"
            return 0
        fi
    fi
    # If previous conditions failed, show an error and exit
    printf "  %b Warning: Unable to locate configuration file to set static IPv4 address\\n" "${INFO}"
    exit 1
 }
 # Check an IP address to see if it is a valid one
 valid_ip() {
    # Local, named variables
@ -1331,8 +1232,10 @@ version_check_dnsmasq() {
    local dnsmasq_pihole_id_string="addn-hosts=/etc/pihole/gravity.list"
    local dnsmasq_pihole_id_string2="# Dnsmasq config for Pi-hole's FTLDNS"
    local dnsmasq_original_config="${PI_HOLE_LOCAL_REPO}/advanced/dnsmasq.conf.original"
-    local dnsmasq_pihole_01_snippet="${PI_HOLE_LOCAL_REPO}/advanced/01-pihole.conf"
+    local dnsmasq_pihole_01_source="${PI_HOLE_LOCAL_REPO}/advanced/01-pihole.conf"
-    local dnsmasq_pihole_01_location="/etc/dnsmasq.d/01-pihole.conf"
+    local dnsmasq_pihole_01_target="/etc/dnsmasq.d/01-pihole.conf"
    local dnsmasq_rfc6761_06_source="${PI_HOLE_LOCAL_REPO}/advanced/06-rfc6761.conf"
    local dnsmasq_rfc6761_06_target="/etc/dnsmasq.d/06-rfc6761.conf"
    # If the dnsmasq config file exists
    if [[ -f "${dnsmasq_conf}" ]]; then
@ -1361,44 +1264,48 @@ version_check_dnsmasq() {
        printf "%b  %b No dnsmasq.conf found... restoring default dnsmasq.conf...\\n" "${OVER}"  "${TICK}"
    fi
-    printf "  %b Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf..." "${INFO}"
+    printf "  %b Installing %s..." "${INFO}" "${dnsmasq_pihole_01_target}"
    # Check to see if dnsmasq directory exists (it may not due to being a fresh install and dnsmasq no longer being a dependency)
    if [[ ! -d "/etc/dnsmasq.d"  ]];then
        install -d -m 755 "/etc/dnsmasq.d"
    fi
    # Copy the new Pi-hole DNS config file into the dnsmasq.d directory
-    install -D -m 644 -T "${dnsmasq_pihole_01_snippet}" "${dnsmasq_pihole_01_location}"
+    install -D -m 644 -T "${dnsmasq_pihole_01_source}" "${dnsmasq_pihole_01_target}"
-    printf "%b  %b Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf\\n" "${OVER}"  "${TICK}"
+    printf "%b  %b Installed %s\n" "${OVER}"  "${TICK}" "${dnsmasq_pihole_01_target}"
    # Replace our placeholder values with the GLOBAL DNS variables that we populated earlier
    # First, swap in the interface to listen on,
-    sed -i "s/@INT@/$PIHOLE_INTERFACE/" "${dnsmasq_pihole_01_location}"
+    sed -i "s/@INT@/$PIHOLE_INTERFACE/" "${dnsmasq_pihole_01_target}"
    if [[ "${PIHOLE_DNS_1}" != "" ]]; then
        # then swap in the primary DNS server.
-        sed -i "s/@DNS1@/$PIHOLE_DNS_1/" "${dnsmasq_pihole_01_location}"
+        sed -i "s/@DNS1@/$PIHOLE_DNS_1/" "${dnsmasq_pihole_01_target}"
    else
        # Otherwise, remove the line which sets DNS1.
-        sed -i '/^server=@DNS1@/d' "${dnsmasq_pihole_01_location}"
+        sed -i '/^server=@DNS1@/d' "${dnsmasq_pihole_01_target}"
    fi
    # Ditto if DNS2 is not empty
    if [[ "${PIHOLE_DNS_2}" != "" ]]; then
-        sed -i "s/@DNS2@/$PIHOLE_DNS_2/" "${dnsmasq_pihole_01_location}"
+        sed -i "s/@DNS2@/$PIHOLE_DNS_2/" "${dnsmasq_pihole_01_target}"
    else
-        sed -i '/^server=@DNS2@/d' "${dnsmasq_pihole_01_location}"
+        sed -i '/^server=@DNS2@/d' "${dnsmasq_pihole_01_target}"
    fi
 	# Set the cache size
-	sed -i "s/@CACHE_SIZE@/$CACHE_SIZE/" ${dnsmasq_pihole_01_location}
+	sed -i "s/@CACHE_SIZE@/$CACHE_SIZE/" "${dnsmasq_pihole_01_target}"
    sed -i 's/^#conf-dir=\/etc\/dnsmasq.d$/conf-dir=\/etc\/dnsmasq.d/' "${dnsmasq_conf}"
    # If the user does not want to enable logging,
    if [[ "${QUERY_LOGGING}" == false ]] ; then
        # disable it by commenting out the directive in the DNS config file
-        sed -i 's/^log-queries/#log-queries/' "${dnsmasq_pihole_01_location}"
+        sed -i 's/^log-queries/#log-queries/' "${dnsmasq_pihole_01_target}"
    else
        # Otherwise, enable it by uncommenting the directive in the DNS config file
-        sed -i 's/^#log-queries/log-queries/' "${dnsmasq_pihole_01_location}"
+        sed -i 's/^#log-queries/log-queries/' "${dnsmasq_pihole_01_target}"
    fi
    printf "  %b Installing %s..." "${INFO}" "${dnsmasq_rfc6761_06_source}"
    install -D -m 644 -T "${dnsmasq_rfc6761_06_source}" "${dnsmasq_rfc6761_06_target}"
    printf "%b  %b Installed %s\n" "${OVER}"  "${TICK}" "${dnsmasq_rfc6761_06_target}"
 }
 # Clean an existing installation to prepare for upgrade/reinstall
@ -1662,7 +1569,7 @@ update_package_cache() {
    else
        # Otherwise, show an error and exit
        printf "%b  %b %s\\n" "${OVER}" "${CROSS}" "${str}"
-        printf "  %bError: Unable to update package cache. Please try \"%s\"%b" "${COL_LIGHT_RED}" "${UPDATE_PKG_CACHE}" "${COL_NC}"
+        printf "  %bError: Unable to update package cache. Please try \"%s\"%b" "${COL_LIGHT_RED}" "sudo ${UPDATE_PKG_CACHE}" "${COL_NC}"
        return 1
    fi
 }
@ -1689,20 +1596,7 @@ notify_package_updates_available() {
    fi
 }
 # This counter is outside of install_dependent_packages so that it can count the number of times the function is called.
 counter=0
 install_dependent_packages() {
    # Local, named variables should be used here, especially for an iterator
    # Add one to the counter
    counter=$((counter+1))
    if [[ "${counter}" == 1 ]]; then
        # On the first loop, print a special message
        printf "  %b Installer Dependency checks...\\n" "${INFO}"
    else
        # On all subsequent loops, print a generic message.
        printf "  %b Main Dependency checks...\\n" "${INFO}"
    fi
    # Install packages passed in via argument array
    # No spinner - conflicts with set -e
@ -1940,9 +1834,17 @@ finalExports() {
 # Install the logrotate script
 installLogrotate() {
    local str="Installing latest logrotate script"
    local target=/etc/pihole/logrotate
    printf "\\n  %b %s..." "${INFO}" "${str}"
    if [[ -f ${target} ]]; then
        printf "\\n\\t%b Existing logrotate file found. No changes made.\\n" "${INFO}"
        # Return value isn't that important, using 2 to indicate that it's not a fatal error but
        # the function did not complete.
        return 2
    fi
    # Copy the file over from the local repo
-    install -D -m 644 -T ${PI_HOLE_LOCAL_REPO}/advanced/Templates/logrotate /etc/pihole/logrotate
+    install -D -m 644 -T "${PI_HOLE_LOCAL_REPO}"/advanced/Templates/logrotate ${target}
    # Different operating systems have different user / group
    # settings for logrotate that makes it impossible to create
    # a static logrotate file that will work with e.g.
@ -1951,9 +1853,9 @@ installLogrotate() {
    # the local properties of the /var/log directory
    logusergroup="$(stat -c '%U %G' /var/log)"
    # If there is a usergroup for log rotation,
-    if [[ ! -z "${logusergroup}" ]]; then
+    if [[ -n "${logusergroup}" ]]; then
        # replace the line in the logrotate script with that usergroup.
-        sed -i "s/# su #/su ${logusergroup}/g;" /etc/pihole/logrotate
+        sed -i "s/# su #/su ${logusergroup}/g;" ${target}
    fi
    printf "%b  %b %s\\n" "${OVER}" "${TICK}" "${str}"
 }
@ -2030,8 +1932,10 @@ installPihole() {
    fi
    # Install the cron file
    installCron
    # Install the logrotate file
-    installLogrotate
+    installLogrotate || true
    # Check if dnsmasq is present. If so, disable it and back up any possible
    # config file
    disable_dnsmasq
@ -2116,7 +2020,7 @@ Your Admin Webpage login password is ${pwstring}"
 IPv4:	${IPV4_ADDRESS%/*}
 IPv6:	${IPV6_ADDRESS:-"Not Configured"}
-If you set a new IP address, you should restart the Pi.
+If you have not done so already, the above IP should be set to static.
 The install log is in /etc/pihole.
@ -2137,7 +2041,7 @@ update_dialogs() {
        strAdd="You will be updated to the latest version."
    fi
    opt2a="Reconfigure"
-    opt2b="This will reset your Pi-hole and allow you to enter new settings."
+    opt2b="Resets Pi-hole and allows re-selecting settings."
    # Display the information to the user
    UpdateCmd=$(whiptail --title "Existing Install Detected!" --menu "\\n\\nWe have detected an existing install.\\n\\nPlease choose from the following options: \\n($strAdd)" "${r}" "${c}" 2 \
@ -2322,8 +2226,6 @@ FTLinstall() {
            # Before stopping FTL, we download the macvendor database
            curl -sSL "https://ftl.pi-hole.net/macvendor.db" -o "${PI_HOLE_CONFIG_DIR}/macvendor.db" || true
            chmod 644 "${PI_HOLE_CONFIG_DIR}/macvendor.db"
            chown pihole:pihole "${PI_HOLE_CONFIG_DIR}/macvendor.db"
            # Stop pihole-FTL service if available
            stop_service pihole-FTL &> /dev/null
@ -2628,8 +2530,25 @@ main() {
        fi
    fi
-    # Check for supported distribution
+    # Check for supported package managers so that we may install dependencies
-    distro_check
+    package_manager_detect
    # Notify user of package availability
    notify_package_updates_available
    # Install packages necessary to perform os_check
    printf "  %b Checking for / installing Required dependencies for OS Check...\\n" "${INFO}"
    install_dependent_packages "${OS_CHECK_DEPS[@]}"
    # Check that the installed OS is officially supported - display warning if not
    os_check
    # Install packages used by this installation script
    printf "  %b Checking for / installing Required dependencies for this install script...\\n" "${INFO}"
    install_dependent_packages "${INSTALLER_DEPS[@]}"
    # Check if SELinux is Enforcing
    checkSelinux
    # If the setup variable file exists,
    if [[ -f "${setupVars}" ]]; then
@ -2646,19 +2565,6 @@ main() {
        fi
    fi
    # Start the installer
    # Notify user of package availability
    notify_package_updates_available
    # Install packages used by this installation script
    install_dependent_packages "${INSTALLER_DEPS[@]}"
    # Check that the installed OS is officially supported - display warning if not
    os_check
    # Check if SELinux is Enforcing
    checkSelinux
    if [[ "${useUpdateVars}" == false ]]; then
        # Display welcome dialogs
        welcomeDialogs
@ -2705,6 +2611,8 @@ main() {
        dep_install_list+=("${PIHOLE_WEB_DEPS[@]}")
    fi
    # Install packages used by the actual software
    printf "  %b Checking for / installing Required dependencies for Pi-hole software...\\n" "${INFO}"
    install_dependent_packages "${dep_install_list[@]}"
    unset dep_install_list
@ -2809,7 +2717,7 @@ main() {
        printf "  %b You may now configure your devices to use the Pi-hole as their DNS server\\n" "${INFO}"
        [[ -n "${IPV4_ADDRESS%/*}" ]] && printf "  %b Pi-hole DNS (IPv4): %s\\n" "${INFO}" "${IPV4_ADDRESS%/*}"
        [[ -n "${IPV6_ADDRESS}" ]] && printf "  %b Pi-hole DNS (IPv6): %s\\n" "${INFO}" "${IPV6_ADDRESS}"
-        printf "  %b If you set a new IP address, please restart the server running the Pi-hole\\n" "${INFO}"
+        printf "  %b If you have not done so already, the above IP should be set to static.\\n" "${INFO}"
        INSTALL_TYPE="Installation"
    else
        INSTALL_TYPE="Update"
--- a/install/uninstall.sh
+++ b/install/uninstall.sh
@ -42,8 +42,8 @@ source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh"
 # setupVars set in basic-install.sh
 source "${setupVars}"
-# distro_check() sourced from basic-install.sh
+# package_manager_detect() sourced from basic-install.sh
-distro_check
+package_manager_detect
 # Install packages used by the Pi-hole
 DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}")
@ -113,7 +113,7 @@ removeNoPurge() {
        fi
    fi
    echo -e "${OVER}  ${TICK} Removed Web Interface"
- 
+
    # Attempt to preserve backwards compatibility with older versions
    # to guarantee no additional changes were made to /etc/crontab after
    # the installation of pihole, /etc/crontab.pihole should be permanently
@ -145,6 +145,7 @@ removeNoPurge() {
    ${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null
    ${SUDO} rm -f /etc/dnsmasq.d/01-pihole.conf &> /dev/null
    ${SUDO} rm -f /etc/dnsmasq.d/06-rfc6761.conf &> /dev/null
    ${SUDO} rm -rf /var/log/*pihole* &> /dev/null
    ${SUDO} rm -rf /etc/pihole/ &> /dev/null
    ${SUDO} rm -rf /etc/.pihole/ &> /dev/null
@ -206,11 +207,7 @@ removeNoPurge() {
 }
 ######### SCRIPT ###########
-if command -v vcgencmd &> /dev/null; then
+echo -e "  ${INFO} Be sure to confirm if any dependencies should not be removed"
    echo -e "  ${INFO} All dependencies are safe to remove on Raspbian"
 else
    echo -e "  ${INFO} Be sure to confirm if any dependencies should not be removed"
 fi
 while true; do
    echo -e "  ${INFO} ${COL_YELLOW}The following dependencies may have been added by the Pi-hole install:"
    echo -n "    "
--- a/gravity.sh
+++ b/gravity.sh
@ -47,16 +47,6 @@ domainsExtension="domains"
 setupVars="${piholeDir}/setupVars.conf"
 if [[ -f "${setupVars}" ]];then
  source "${setupVars}"
  # Remove CIDR mask from IPv4/6 addresses
  IPV4_ADDRESS="${IPV4_ADDRESS%/*}"
  IPV6_ADDRESS="${IPV6_ADDRESS%/*}"
  # Determine if IPv4/6 addresses exist
  if [[ -z "${IPV4_ADDRESS}" ]] && [[ -z "${IPV6_ADDRESS}" ]]; then
    echo -e "  ${COL_LIGHT_RED}No IP addresses found! Please run 'pihole -r' to reconfigure${COL_NC}"
    exit 1
  fi
 else
  echo -e "  ${COL_LIGHT_RED}Installation Failure: ${setupVars} does not exist! ${COL_NC}
  Please run 'pihole -r', and choose the 'reconfigure' option to fix."
@ -73,6 +63,8 @@ fi
 # have changed
 gravityDBfile="${GRAVITYDB}"
 gravityTEMPfile="${GRAVITYDB}_temp"
 gravityDIR="$(dirname -- "${gravityDBfile}")"
 gravityOLDfile="${gravityDIR}/gravity_old.db"
 if [[ -z "${BLOCKINGMODE}" ]] ; then
  BLOCKINGMODE="NULL"
@ -123,8 +115,19 @@ gravity_swap_databases() {
  fi
  echo -e "${OVER}  ${TICK} ${str}"
-  # Swap databases and remove old database
+  # Swap databases and remove or conditionally rename old database
-  rm "${gravityDBfile}"
+  # Number of available blocks on disk
  availableBlocks=$(stat -f --format "%a" "${gravityDIR}")
  # Number of blocks, used by gravity.db
  gravityBlocks=$(stat --format "%b" ${gravityDBfile})
  # Only keep the old database if available disk space is at least twice the size of the existing gravity.db.
  # Better be safe than sorry...
  if [ "${availableBlocks}" -gt "$(("${gravityBlocks}" * 2))" ] && [ -f "${gravityDBfile}" ]; then
    echo -e "  ${TICK} The old database remains available."
    mv "${gravityDBfile}" "${gravityOLDfile}"
  else
    rm "${gravityDBfile}"
  fi
  mv "${gravityTEMPfile}" "${gravityDBfile}"
 }
@ -564,7 +567,7 @@ compareLists() {
 # Download specified URL and perform checks on HTTP status and file content
 gravity_DownloadBlocklistFromUrl() {
  local url="${1}" cmd_ext="${2}" agent="${3}" adlistID="${4}" saveLocation="${5}" target="${6}" compression="${7}"
-  local heisenbergCompensator="" patternBuffer str httpCode success=""
+  local heisenbergCompensator="" patternBuffer str httpCode success="" ip
  # Create temp file to store content on disk instead of RAM
  patternBuffer=$(mktemp -p "/tmp" --suffix=".phgpb")
@ -582,7 +585,10 @@ gravity_DownloadBlocklistFromUrl() {
  blocked=false
  case $BLOCKINGMODE in
    "IP-NODATA-AAAA"|"IP")
-        if [[ $(dig "${domain}" +short | grep "${IPV4_ADDRESS}" -c) -ge 1 ]]; then
+        # Get IP address of this domain
        ip="$(dig "${domain}" +short)"
        # Check if this IP matches any IP of the system
        if [[ -n "${ip}" && $(grep -Ec "inet(|6) ${ip}" <<< "$(ip a)") -gt 0 ]]; then
          blocked=true
        fi;;
    "NXDOMAIN")
@ -785,43 +791,12 @@ gravity_ShowCount() {
  gravity_Table_Count "vw_regex_whitelist" "regex whitelist filters"
 }
 # Parse list of domains into hosts format
 gravity_ParseDomainsIntoHosts() {
  awk -v ipv4="$IPV4_ADDRESS" -v ipv6="$IPV6_ADDRESS" '{
    # Remove windows CR line endings
    sub(/\r$/, "")
    # Parse each line as "ipaddr domain"
    if(ipv6 && ipv4) {
      print ipv4" "$0"\n"ipv6" "$0
    } else if(!ipv6) {
      print ipv4" "$0
    } else {
      print ipv6" "$0
    }
  }' >> "${2}" < "${1}"
 }
 # Create "localhost" entries into hosts format
 gravity_generateLocalList() {
  local hostname
  if [[ -s "/etc/hostname" ]]; then
    hostname=$(< "/etc/hostname")
  elif command -v hostname &> /dev/null; then
    hostname=$(hostname -f)
  else
    echo -e "  ${CROSS} Unable to determine fully qualified domain name of host"
    return 0
  fi
  echo -e "${hostname}\\npi.hole" > "${localList}.tmp"
  # Empty $localList if it already exists, otherwise, create it
-  : > "${localList}"
+  echo "### Do not modify this file, it will be overwritten by pihole -g" > "${localList}"
  chmod 644 "${localList}"
  gravity_ParseDomainsIntoHosts "${localList}.tmp" "${localList}"
  # Add additional LAN hosts provided by OpenVPN (if available)
  if [[ -f "${VPNList}" ]]; then
    awk -F, '{printf $2"\t"$1".vpn\n"}' "${VPNList}" >> "${localList}"
@ -890,6 +865,11 @@ for var in "$@"; do
  esac
 done
 # Remove OLD (backup) gravity file, if it exists
 if [[ -f "${gravityOLDfile}" ]]; then
  rm "${gravityOLDfile}"
 fi
 # Trap Ctrl-C
 gravity_Trap
--- a/manpages/pihole.8
+++ b/manpages/pihole.8
@ -56,7 +56,7 @@ Available commands and options:
 \fB-w, whitelist\fR [options] [<domain1> <domain2 ...>]
 .br
-    Adds or removes specified domain or domains tho the Whitelist
+    Adds or removes specified domain or domains to the Whitelist
 .br
 \fB-b, blacklist\fR [options] [<domain1> <domain2 ...>]
--- a/50
+++ b/50
@ -242,7 +242,7 @@ Time:
    echo "BLOCKING_ENABLED=true" >> "${setupVars}"
  fi
-  restartDNS reload
+  restartDNS reload-lists
  echo -e "${OVER}  ${TICK} ${str}"
 }
@ -363,16 +363,13 @@ tailFunc() {
  fi
  echo -e "  ${INFO} Press Ctrl-C to exit"
  # Retrieve IPv4/6 addresses
  source /etc/pihole/setupVars.conf
  # Strip date from each line
  # Color blocklist/blacklist/wildcard entries as red
  # Color A/AAAA/DHCP strings as white
  # Color everything else as gray
-  tail -f /var/log/pihole.log | sed -E \
+  tail -f /var/log/pihole.log | grep --line-buffered "${1}" | sed -E \
    -e "s,($(date +'%b %d ')| dnsmasq\[[0-9]*\]),,g" \
-    -e "s,(.*(blacklisted |gravity blocked ).* is (0.0.0.0|::|NXDOMAIN|${IPV4_ADDRESS%/*}|${IPV6_ADDRESS:-NULL}).*),${COL_RED}&${COL_NC}," \
+    -e "s,(.*(blacklisted |gravity blocked ).*),${COL_RED}&${COL_NC}," \
    -e "s,.*(query\\[A|DHCP).*,${COL_NC}&${COL_NC}," \
    -e "s,.*,${COL_GRAY}&${COL_NC},"
  exit 0
@ -402,34 +399,24 @@ Branches:
 }
 tricorderFunc() {
  local tricorder_token
  if [[ ! -p "/dev/stdin" ]]; then
    echo -e "  ${INFO} Please do not call Tricorder directly"
    exit 1
  fi
-  if ! (echo > /dev/tcp/tricorder.pi-hole.net/9998) >/dev/null 2>&1; then
+  tricorder_token=$(curl --silent --fail --show-error --upload-file "-" https://tricorder.pi-hole.net/upload < /dev/stdin 2>&1)
-    echo -e "  ${CROSS} Unable to connect to Pi-hole's Tricorder server"
+  if [[ "${tricorder_token}" != "https://tricorder.pi-hole.net/"* ]]; then
-    exit 1
+      echo -e "${CROSS} uploading failed, contact Pi-hole support for assistance."
-  fi
+      # Log curl error (if available)
-
+      if [ -n "${tricorder_token}" ]; then
-  if command -v openssl &> /dev/null; then
+          echo -e "${INFO} Error message: ${COL_RED}${tricorder_token}${COL_NC}\\n"
-    openssl s_client -quiet -connect tricorder.pi-hole.net:9998 2> /dev/null < /dev/stdin
+          tricorder_token=""
-    exit "$?"
+      fi
-  else
+      exit 1
    echo -e "  ${INFO} ${COL_YELLOW}Security Notice${COL_NC}: ${COL_WHITE}openssl${COL_NC} is not installed
       Your debug log will be transmitted unencrypted via plain-text
       There is a possibility that this could be intercepted by a third party
       If you wish to cancel, press Ctrl-C to exit within 10 seconds"
    secs="10"
    while [[ "$secs" -gt "0" ]]; do
       echo -ne "."
       sleep 1
       : $((secs--))
    done
    echo " "
    nc tricorder.pi-hole.net 9999 < /dev/stdin
    exit "$?"
  fi
  echo "Upload successful, your token is: ${COL_GREEN}${tricorder_token}${COL_NC}"
  exit 0
 }
 updateCheckFunc() {
@ -456,7 +443,10 @@ Debugging Options:
                        Add '-a' to automatically upload the log to tricorder.pi-hole.net
  -f, flush           Flush the Pi-hole log
  -r, reconfigure     Reconfigure or Repair Pi-hole subsystems
-  -t, tail            View the live output of the Pi-hole log
+  -t, tail [arg]      View the live output of the Pi-hole log.
                      Add an optional argument to filter the log
                      (regular expressions are supported)
 Options:
  -a, admin           Web interface options
@ -530,7 +520,7 @@ case "${1}" in
  "status"                      ) statusFunc "$2";;
  "restartdns"                  ) restartDNS "$2";;
  "-a" | "admin"                ) webpageFunc "$@";;
-  "-t" | "tail"                 ) tailFunc;;
+  "-t" | "tail"                 ) tailFunc "$2";;
  "checkout"                    ) piholeCheckoutFunc "$@";;
  "tricorder"                   ) tricorderFunc;;
  "updatechecker"               ) updateCheckFunc "$@";;
--- a/supportedos.txt
+++ b/supportedos.txt
@ -1,5 +0,0 @@
 Raspbian=9,10
 Ubuntu=16,18,20
 Debian=9,10
 Fedora=32,33
 CentOS=7,8
--- a/test/_centos_7.Dockerfile
+++ b/test/_centos_7.Dockerfile
@ -12,5 +12,6 @@ RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_centos_8.Dockerfile
+++ b/test/_centos_8.Dockerfile
@ -12,5 +12,6 @@ RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_debian_10.Dockerfile
+++ b/test/_debian_10.Dockerfile
@ -12,5 +12,6 @@ RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_debian_11.Dockerfile
+++ b/test/_debian_11.Dockerfile
@ -0,0 +1,17 @@
 FROM buildpack-deps:bullseye-scm
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_debian_9.Dockerfile
+++ b/test/_debian_9.Dockerfile
@ -12,5 +12,6 @@ RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_fedora_32.Dockerfile
+++ b/test/_fedora_32.Dockerfile
@ -12,5 +12,6 @@ RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_fedora_33.Dockerfile
+++ b/test/_fedora_33.Dockerfile
@ -12,5 +12,6 @@ RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_16.Dockerfile
+++ b/test/_ubuntu_16.Dockerfile
@ -12,5 +12,6 @@ RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_18.Dockerfile
+++ b/test/_ubuntu_18.Dockerfile
@ -12,5 +12,6 @@ RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_20.Dockerfile
+++ b/test/_ubuntu_20.Dockerfile
@ -13,5 +13,6 @@ RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/_ubuntu_21.Dockerfile
+++ b/test/_ubuntu_21.Dockerfile
@ -0,0 +1,18 @@
 FROM buildpack-deps:hirsute-scm
 ENV GITDIR /etc/.pihole
 ENV SCRIPTDIR /opt/pihole
 RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole
 ADD . $GITDIR
 RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/
 ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR
 ENV DEBIAN_FRONTEND=noninteractive
 RUN true && \
    chmod +x $SCRIPTDIR/*
 ENV PH_TEST true
 ENV OS_CHECK_DOMAIN_NAME dev-supportedos.pi-hole.net
 #sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \
--- a/test/conftest.py
+++ b/test/conftest.py
@ -8,8 +8,6 @@ check_output = testinfra.get_backend(
 SETUPVARS = {
    'PIHOLE_INTERFACE': 'eth99',
    'IPV4_ADDRESS': '1.1.1.1',
    'IPV6_ADDRESS': 'FE80::240:D0FF:FE48:4672',
    'PIHOLE_DNS_1': '4.2.2.1',
    'PIHOLE_DNS_2': '4.2.2.2'
 }
--- a/test/test_automated_install.py
+++ b/test/test_automated_install.py
@ -18,13 +18,13 @@ def test_supported_operating_system(Pihole):
    # break supported package managers to emulate an unsupported distribution
    Pihole.run('rm -rf /usr/bin/apt-get')
    Pihole.run('rm -rf /usr/bin/rpm')
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
    expected_stdout = cross_box + ' OS distribution not supported'
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
-    # assert distro_check.rc == 1
+    # assert package_manager_detect.rc == 1
 def test_setupVars_are_sourced_to_global_scope(Pihole):
@ -45,8 +45,6 @@ def test_setupVars_are_sourced_to_global_scope(Pihole):
        # Currently debug test function only
        echo "Outputting sourced variables"
        echo "PIHOLE_INTERFACE=${PIHOLE_INTERFACE}"
        echo "IPV4_ADDRESS=${IPV4_ADDRESS}"
        echo "IPV6_ADDRESS=${IPV6_ADDRESS}"
        echo "PIHOLE_DNS_1=${PIHOLE_DNS_1}"
        echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}"
    }
@ -137,7 +135,7 @@ def test_update_package_cache_success_no_errors(Pihole):
    '''
    updateCache = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    update_package_cache
    ''')
    expected_stdout = tick_box + ' Update local cache of available packages'
@ -152,7 +150,7 @@ def test_update_package_cache_failure_no_errors(Pihole):
    mock_command('apt-get', {'update': ('', '1')}, Pihole)
    updateCache = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    update_package_cache
    ''')
    expected_stdout = cross_box + ' Update local cache of available packages'
@ -359,7 +357,7 @@ def test_FTL_download_aarch64_no_errors(Pihole):
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    install_dependent_packages ${INSTALLER_DEPS[@]}
    ''')
    download_binary = Pihole.run('''
@ -569,7 +567,8 @@ def test_os_check_fails(Pihole):
    ''' Confirms install fails on unsupported OS '''
    Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    install_dependent_packages ${OS_CHECK_DEPS[@]}
    install_dependent_packages ${INSTALLER_DEPS[@]}
    cat <<EOT > /etc/os-release
    ID=UnsupportedOS
@ -588,7 +587,8 @@ def test_os_check_passes(Pihole):
    ''' Confirms OS meets the requirements '''
    Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    install_dependent_packages ${OS_CHECK_DEPS[@]}
    install_dependent_packages ${INSTALLER_DEPS[@]}
    ''')
    detectOS = Pihole.run('''
@ -597,3 +597,42 @@ def test_os_check_passes(Pihole):
    ''')
    expected_stdout = 'Supported OS detected'
    assert expected_stdout in detectOS.stdout
 def test_package_manager_has_installer_deps(Pihole):
    ''' Confirms OS is able to install the required packages for the installer'''
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    output = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    install_dependent_packages ${INSTALLER_DEPS[@]}
    ''')
    assert 'No package' not in output.stdout  # centos7 still exits 0...
    assert output.rc == 0
 def test_package_manager_has_pihole_deps(Pihole):
    ''' Confirms OS is able to install the required packages for Pi-hole '''
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    output = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    install_dependent_packages ${PIHOLE_DEPS[@]}
    ''')
    assert 'No package' not in output.stdout  # centos7 still exits 0...
    assert output.rc == 0
 def test_package_manager_has_web_deps(Pihole):
    ''' Confirms OS is able to install the required packages for web '''
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
    output = Pihole.run('''
    source /opt/pihole/basic-install.sh
    package_manager_detect
    install_dependent_packages ${PIHOLE_WEB_DEPS[@]}
    ''')
    assert 'No package' not in output.stdout  # centos7 still exits 0...
    assert output.rc == 0
--- a/test/test_centos_7_support.py
+++ b/test/test_centos_7_support.py
@ -9,13 +9,13 @@ def test_php_upgrade_default_optout_centos_eq_7(Pihole):
    '''
    confirms the default behavior to opt-out of installing PHP7 from REMI
    '''
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
@ -27,13 +27,13 @@ def test_php_upgrade_user_optout_centos_eq_7(Pihole):
    '''
    # Whiptail dialog returns Cancel for user prompt
    mock_command('whiptail', {'*': ('', '1')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
@ -45,16 +45,16 @@ def test_php_upgrade_user_optin_centos_eq_7(Pihole):
    '''
    # Whiptail dialog returns Continue for user prompt
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
-    assert 'opt-out' not in distro_check.stdout
+    assert 'opt-out' not in package_manager_detect.stdout
    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                  '(https://rpms.remirepo.net)')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
    expected_stdout = tick_box + (' Remi\'s RPM repository has '
                                  'been enabled for PHP7')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert remi_package.is_installed
--- a/test/test_centos_8_support.py
+++ b/test/test_centos_8_support.py
@ -10,13 +10,13 @@ def test_php_upgrade_default_continue_centos_gte_8(Pihole):
    confirms the latest version of CentOS continues / does not optout
    (should trigger on CentOS7 only)
    '''
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
                                    ' Deprecated PHP may be in use.')
-    assert unexpected_stdout not in distro_check.stdout
+    assert unexpected_stdout not in package_manager_detect.stdout
    # ensure remi was not installed on latest CentOS
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
@ -30,13 +30,13 @@ def test_php_upgrade_user_optout_skipped_centos_gte_8(Pihole):
    '''
    # Whiptail dialog returns Cancel for user prompt
    mock_command('whiptail', {'*': ('', '1')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
    unexpected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS.'
                                    ' Deprecated PHP may be in use.')
-    assert unexpected_stdout not in distro_check.stdout
+    assert unexpected_stdout not in package_manager_detect.stdout
    # ensure remi was not installed on latest CentOS
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
@ -50,16 +50,16 @@ def test_php_upgrade_user_optin_skipped_centos_gte_8(Pihole):
    '''
    # Whiptail dialog returns Continue for user prompt
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
-    assert 'opt-out' not in distro_check.stdout
+    assert 'opt-out' not in package_manager_detect.stdout
    unexpected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                    '(https://rpms.remirepo.net)')
-    assert unexpected_stdout not in distro_check.stdout
+    assert unexpected_stdout not in package_manager_detect.stdout
    unexpected_stdout = tick_box + (' Remi\'s RPM repository has '
                                    'been enabled for PHP7')
-    assert unexpected_stdout not in distro_check.stdout
+    assert unexpected_stdout not in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
--- a/test/test_centos_common_support.py
+++ b/test/test_centos_common_support.py
@ -13,29 +13,29 @@ def test_release_supported_version_check_centos(Pihole):
    '''
    # modify /etc/redhat-release to mock an unsupported CentOS release
    Pihole.run('echo "CentOS Linux release 6.9" > /etc/redhat-release')
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
    expected_stdout = cross_box + (' CentOS 6 is not supported.')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
    expected_stdout = 'Please update to CentOS release 7 or later'
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
 def test_enable_epel_repository_centos(Pihole):
    '''
    confirms the EPEL package repository is enabled when installed on CentOS
    '''
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
    expected_stdout = info_box + (' Enabling EPEL package repository '
                                  '(https://fedoraproject.org/wiki/EPEL)')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
    expected_stdout = tick_box + ' Installed epel-release'
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
    epel_package = Pihole.package('epel-release')
    assert epel_package.is_installed
@ -51,13 +51,13 @@ def test_php_version_lt_7_detected_upgrade_default_optout_centos(Pihole):
    default_centos_php_version = php_package.version.split('.')[0]
    if int(default_centos_php_version) >= 7:  # PHP7 is supported/recommended
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
@ -75,13 +75,13 @@ def test_php_version_lt_7_detected_upgrade_user_optout_centos(Pihole):
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
    # Whiptail dialog returns Cancel for user prompt
    mock_command('whiptail', {'*': ('', '1')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert not remi_package.is_installed
@ -99,20 +99,20 @@ def test_php_version_lt_7_detected_upgrade_user_optin_centos(Pihole):
        pytest.skip("Test deprecated . Detected default PHP version >= 7")
    # Whiptail dialog returns Continue for user prompt
    mock_command('whiptail', {'*': ('', '0')}, Pihole)
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    install_dependent_packages PIHOLE_WEB_DEPS[@]
    ''')
    expected_stdout = info_box + (' User opt-out of PHP 7 upgrade on CentOS. '
                                  'Deprecated PHP may be in use.')
-    assert expected_stdout not in distro_check.stdout
+    assert expected_stdout not in package_manager_detect.stdout
    expected_stdout = info_box + (' Enabling Remi\'s RPM repository '
                                  '(https://rpms.remirepo.net)')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
    expected_stdout = tick_box + (' Remi\'s RPM repository has '
                                  'been enabled for PHP7')
-    assert expected_stdout in distro_check.stdout
+    assert expected_stdout in package_manager_detect.stdout
    remi_package = Pihole.package('remi-release')
    assert remi_package.is_installed
    updated_php_package = Pihole.package('php')
--- a/test/test_fedora_support.py
+++ b/test/test_fedora_support.py
@ -3,11 +3,11 @@ def test_epel_and_remi_not_installed_fedora(Pihole):
    confirms installer does not attempt to install EPEL/REMI repositories
    on Fedora
    '''
-    distro_check = Pihole.run('''
+    package_manager_detect = Pihole.run('''
    source /opt/pihole/basic-install.sh
-    distro_check
+    package_manager_detect
    ''')
-    assert distro_check.stdout == ''
+    assert package_manager_detect.stdout == ''
    epel_package = Pihole.package('epel-release')
    assert not epel_package.is_installed
--- a/test/tox.debian_11.ini
+++ b/test/tox.debian_11.ini
@ -0,0 +1,8 @@
 [tox]
 envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _debian_11.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_automated_install.py
--- a/test/tox.ubuntu_21.ini
+++ b/test/tox.ubuntu_21.ini
@ -0,0 +1,8 @@
 [tox]
 envlist = py37
 [testenv]
 whitelist_externals = docker
 deps = -rrequirements.txt
 commands = docker build -f _ubuntu_21.Dockerfile -t pytest_pihole:test_container ../
           pytest {posargs:-vv -n auto} ./test_automated_install.py