installer: use a drop-in to disable systemd-resolved stub listener

systemd-resolved supports drop-in config snippets, e.g. by placing .conf files in /etc/systemd/resolved.conf.d. During install, use a drop-in config to set DNSStubListener=no, instead of modifying the main config. This is generally better practice, and also prevents conflicts when distribution packages are upgraded, which may include new versions of /etc/systemd/resolved.conf. Signed-off-by: Nick Rosbrook <enr0n@ubuntu.com>
2025-02-08 22:22:38 +00:00 · 2025-02-03 11:18:50 -05:00 · 2025-02-03 11:18:50 -05:00 · 8fb3ccc147
commit 8fb3ccc147
parent 7dbf408c26
2 changed files with 12 additions and 16 deletions
--- a/install/basic-install.sh
+++ b/install/basic-install.sh
@ -1436,20 +1436,15 @@ disable_resolved_stublistener() {
    printf "  %b Testing if systemd-resolved is enabled\\n" "${INFO}"
    # Check if Systemd-resolved's DNSStubListener is enabled and active on port 53
    if check_service_active "systemd-resolved"; then
-        # Check if DNSStubListener is enabled
-        printf "  %b %b Testing if systemd-resolved DNSStub-Listener is active" "${OVER}" "${INFO}"
-        if (grep -E '#?DNSStubListener=yes' /etc/systemd/resolved.conf &>/dev/null); then
-            # Disable the DNSStubListener to unbind it from port 53
-            # Note that this breaks dns functionality on host until ftl are up and running
-            printf "%b  %b Disabling systemd-resolved DNSStubListener" "${OVER}" "${TICK}"
-            # Make a backup of the original /etc/systemd/resolved.conf
-            # (This will need to be restored on uninstallation)
-            sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf
-            printf " and restarting systemd-resolved\\n"
-            systemctl reload-or-restart systemd-resolved
-        else
-            printf "%b  %b Systemd-resolved does not need to be restarted\\n" "${OVER}" "${INFO}"
-        fi
+        # Disable the DNSStubListener to unbind it from port 53
+        # Note that this breaks dns functionality on host until FTL is up and running
+        printf "%b  %b Disabling systemd-resolved DNSStubListener\\n" "${OVER}" "${TICK}"
+        mkdir -p /etc/systemd/resolved.conf.d
+        cat > /etc/systemd/resolved.conf.d/90-pi-hole-disable-stub-listener.conf << EOF
+[Resolve]
+DNSStubListener=no
+EOF
+        systemctl reload-or-restart systemd-resolved
    else
        printf "%b  %b Systemd-resolved is not enabled\\n" "${OVER}" "${INFO}"
    fi
--- a/install/uninstall.sh
+++ b/install/uninstall.sh
@ -94,8 +94,9 @@ removePiholeFiles() {
    echo -e "  ${TICK} Removed config files"

    # Restore Resolved
-    if [[ -e /etc/systemd/resolved.conf.orig ]]; then
-        ${SUDO} cp -p /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf
+    if [[ -e /etc/systemd/resolved.conf.orig ]] || [[ -e /etc/systemd/resolved.conf.d/90-pi-hole-disable-stub-listener.conf ]]; then
+        ${SUDO} cp -p /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf &> /dev/null || true
+        ${SUDO} rm -f /etc/systemd/resolved.conf.d/90-pi-hole-disable-stub-listener.conf
        systemctl reload-or-restart systemd-resolved
    fi