unbound-adblock 0.5 errata 003, January 25, 2021: This is a hotfix release to address some shell portability issues as well as improve support for running unbound-adblock on custom OS types. Issues fixed: * Explicitly specify stdin as input for myawk, mygrep and mysort functions as their stdin autodetection could get confused when invoked from certain shells. * Tweak the pre-execution tests to make using a custom OS easier, including generating lists with '-x' on machines without unbound installed. * Make '-h' switch slightly more useful for new users. * Nuke superflous 'set -e' Apply by doing: (Note: Provided file path is for OpenBSD, other platforms path may differ) patch /usr/local/bin/unbound-adblock < p2.patch NOTE: This patch is dependent on all previously released patches. To check which patch/version of unbound-adblock you're running call unbound-adblock with the '-h' switch; the second line of output will show the version info: $ unbound-adblock -h ... # unbound-adblock 0.5p0 (Gaslight Republic) Released on: 2021-01-10 ... '0.5p0' means you have the first patch installed, if there is no "p*" suffix, then that means you have no patches installed. --- unbound-adblock.sh.orig2 Tue Jan 19 00:33:09 2021 +++ unbound-adblock.sh Sat Jan 23 16:17:30 2021 @@ -23,7 +23,7 @@ # Fetch, parse and generate domain blocklists data into format suitable # for ingestion by RPZ compatible DNS servers and/or unbound/unwind. -version='0.5p1' +version='0.5p2' release_date='2021-01-10' release_name='Gaslight Republic' @@ -148,8 +148,10 @@ printf '# unbound-adblock blocks malicious domains via Unbound DNS Server\n#\n' printf '# Supported Operating Systems:\n#\n# * OpenBSD\n# * FreeBSD\n# * NetBSD\n# * DragonflyBSD\n# * Linux\n# * Alpine\n#\n' printf '# OS Type Can Be Specified As An Argument:\n' - printf '# Example: "unbound-adblock -o DragonflyBSD"\n#\n' - printf '# NOTE: OS arguments are case insensitive\n' + printf '# Example: "unbound-adblock -O DragonflyBSD"\n#\n' + printf '# NOTE: OS arguments are case insensitive\n#\n' + printf '# The man page can be found at:\n' + printf '# https://geoghegan.ca/pub/unbound-adblock/0.5/man/man.txt\n' printf '###################################################################\n\n' } @@ -210,11 +212,11 @@ # Opportunistically use mawk or GNU awk if they're available myawk() { if command -v mawk >/dev/null 2>&1 ; then - nice mawk "$@" + nice mawk "$@" - elif command -v gawk >/dev/null 2>&1 ; then - nice gawk "$@" + nice gawk "$@" - else - nice awk "$@" + nice awk "$@" - fi } @@ -234,20 +236,20 @@ # Opportunistically use RipGrep or GNU grep if they're available mygrep() { if command -v rg >/dev/null 2>&1 ; then - nice rg "$@" || true + nice rg "$@" - || true elif command -v ggrep >/dev/null 2>&1 ; then - nice ggrep -E "$@" || true + nice ggrep -E "$@" - || true else - nice grep -E "$@" || true + nice grep -E "$@" - || true fi } # Opportunistically use GNU sort if available (needed for NetBSD support) mysort() { if command -v gsort >/dev/null 2>&1 ; then - nice gsort "$@" + nice gsort "$@" - else - nice sort "$@" + nice sort "$@" - fi } @@ -490,7 +492,7 @@ typeset _cmd unbound_control # Make sure requisite utilities are installed - for _cmd in 'cmp' 'find' 'gunzip' 'unbound-checkconf' ; do + for _cmd in 'cmp' 'find' 'gunzip' "${getroot}" "${rcd}" "${netget}" ; do CHECK_CMD "${_cmd}" done > /dev/null @@ -500,10 +502,10 @@ # Make sure unbound/unwind is running if [ "${_PRINT_ONLY}" -ne 1 ]; then - CHECK_DRIVE if [ "${_ALT_UNWIND}" -eq 1 ]; then - rcctl check unwind >/dev/null 2>&1 || ERR 'unwind does not appear to be running!' + "${rcd}" check unwind >/dev/null 2>&1 || ERR 'unwind does not appear to be running!' else + CHECK_CMD 'unbound-checkconf' > /dev/null UNBOUND_STATUS_CHECK || ERR 'unbound does not appear to be running!' fi # Make sure 'unbound-control' is working @@ -511,6 +513,7 @@ unbound_control="$(CHECK_CMD unbound-control)" "${getroot}" -- "${unbound_control}" -q status || ERR "Unable to connect to unbound with 'unbound-control'" fi + CHECK_DRIVE fi # Check for network connectivity to GitHub, bail out if fail @@ -522,6 +525,8 @@ case "${_OS_TYPE}" in alpine) "${rcd}" unbound status >/dev/null 2>&1 ; return ;; + custom) + return 0 ;; dragonflybsd) "${rcd}" unbound onestatus >/dev/null 2>&1 ; return ;; freebsd) @@ -558,11 +563,6 @@ _RETRY=1 fi - # Make sure user provided OS is accurate and that specified utilities exist - for _cmd in "${getroot}" "${netget}" "${rcd}" ; do - command -v -- "${_cmd}" >/dev/null 2>&1 || ERR "'${_cmd}' not found! Did you specify the correct OS type?" - done - if [ "${_ALT_UNBOUND}" -eq 1 ] && [ "${_ALT_UNWIND}" -eq 1 ]; then ERR 'RPZ, Unbound and Unwind format options are mutually exclusive!' elif [ "${_ALT_UNBOUND}" -eq 1 ] && [ "${_ALT_RPZ}" -eq 1 ]; then @@ -734,7 +734,8 @@ o) # Formatting and runtime options _opt_arg="${OPTARG}" case "${_opt_arg}" in - domain) _PRINT_ONLY=1 ; _ALT_UNWIND=1 ; _ALT_UNBOUND=0 ; _ALT_RPZ=0 ; _LOG=0 ; _NO_UID_CHECK=1 ;; + domain) _PRINT_ONLY=1 ; _ALT_UNWIND=1 ; _ALT_UNBOUND=0 ; _ALT_RPZ=0 + _LOG=0 ; _NO_UID_CHECK=1 ; confpath='/dev/null' ; getroot='false' ;; log) _LOG=1 ;; strict) _STRICT=1 ;; uid-check) _NO_UID_CHECK=0 ;; @@ -780,7 +781,7 @@ else ERR "File '${OPTARG}' either not found or has incorrect permissions!" fi ;; - x) _PRINT_ONLY=1 ; _LOG=0 ; _NO_UID_CHECK=1 ;; # Print generated list to stdout + x) _PRINT_ONLY=1 ; _LOG=0 ; _NO_UID_CHECK=1 ; confpath='/dev/null' ; getroot='false' ;; # Print generated list to stdout ?) HELP_MESSAGE 1>&2 ; exit 2 ;; esac done @@ -853,10 +854,8 @@ custom) test -n "${getroot}" || ERR "Custom OS type specified - please set doas/sudo preference with '-Z' option" test -n "${netget}" || ERR "Custom OS type specified - please set ftp/fetch/curl preference with '-F' option" - test -n "${rcd}" || ERR "Custom OS type specified - please specifiy path to SSH authlog with '-J' option" - test -n "${rcdarg1}" || ERR "Custom OS type specified - please specifiy first argument to pass to \$rcd with the '-XXXX' option" - test -n "${rcdarg2}" || ERR "Custom OS type specified - pplease specifiy second argument to pass to \$rcd with the '-XXXX' option" - test -n "${confpath}" || ERR "Custom OS type specified - please specifiy path to adblock.conf with '-W' option" + test -n "${rcd}" || rcd='false' + test -n "${confpath}" || ERR "Custom OS type specified - please specifiy path to adblock.rpz with '-W' option" ;; *) printf '\n\nUnknown Operating System Specified. Available Options Are:\n * Alpine\n * DragonflyBSD\n * FreeBSD\n * Linux\n * NetBSD\n * OpenBSD\n\n' 1>&2 @@ -987,9 +986,6 @@ # Make sure shell supports typeset command -v typeset >/dev/null 2>&1 || ERR 'Are you running a modern shell? Current shell does not appear to support the non-POSIX "typeset" command...' - -# Abort if something unexpectedly fails -set -e # Execute main function main "$@"