[Dnsmasq-discuss] Is there a way to run dnsmasq in safe mode (no-fail)?

Geert Stappers stappers at stappers.nl
Sun May 23 20:25:28 UTC 2021

On Sun, May 23, 2021 at 09:01:01PM +0200, Cyberfusion wrote:
> Op 23 mei 2021 om 20:17 heeft Ercolino de Spiacico het volgende geschreven:
> > 
> > I didn't try but I suppose the --test parameter works. However this
> > is not my point.
> > I would like dnsmasq to stop (prevent execution) only for very serious
> > matters like incomplete IP addresses in config, binding port higher
> > than 65K, etc. you name it.
> > 
> > I believe there is a rather long list of reasons (incorrect dhcp-host
> > syntax being one as per original message) that could/should be
> > excluded from this process execution control.
> > 
> It is impossible for software to decide what is a ‘serious matter’ and what isn’t.
> > This takes nothing away from the fact that having a clear/clean config
> > is ultimately a must, I just don't want to have to call a person
> > in a different continent again because of a typo on a "secondary"
> > configuration parameter.
> > 
> You don’t have to. You can validate the config.
> > In one sentence: let's make dnsmasq as resilient as possible.
> > 
> The workflow should be as resilient as possible. Ergo, validate your
> config. You could add the validation command to ExecStartPre to prevent
> dnsmasq from restarting with a faulty config.

I do like that idea.  While preparing a patch for it, I learnt it is
already implemented:

* https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=debian/systemd.service;h=b769c4ea04f973b2069f529923c1b1821a6ff59c;hb=HEAD#l13
* https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=debian/systemd@.service;h=16ca86e9826888c671e05fc05b2731255bc05445;hb=HEAD#l13
* https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=blob;f=contrib/systemd/dnsmasq.service;h=ff0ed089b2062258fbeccc48d5b7becc05670557;hb=HEAD#l10

Geert Stappers
Silence is hard to parse

More information about the Dnsmasq-discuss mailing list