diff options
| author | Wojciech Kosior <kwojtus@protonmail.com> | 2020-05-22 03:44:59 +0200 |
|---|---|---|
| committer | Wojciech Kosior <kwojtus@protonmail.com> | 2020-05-22 03:44:59 +0200 |
| commit | b59756351ede9a42f43175fc7e48dc5f323f5ee0 (patch) | |
| tree | 4a60f5e7123927150bcede599956a198ca68e657 | |
| parent | 25a70a8882bb6f466b06b7e8f1c496267532ba34 (diff) | |
| download | 0tdns-b59756351ede9a42f43175fc7e48dc5f323f5ee0.tar.gz 0tdns-b59756351ede9a42f43175fc7e48dc5f323f5ee0.zip | |
add script that prepares system for use of our wrapper script
| -rwxr-xr-x | install.sh | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/install.sh b/install.sh new file mode 100755 index 0000000..3b3d4e2 --- /dev/null +++ b/install.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +# run this script as root + +# more could go here (e.g. initialization of postgres database) + +mkdir -p /var/lib/0tdns/ + +mkdir -p /etc/netns/0tdns/ + +# in case we want some process in the namespace to be able +# to resolve domain names via libc we put some random public +# dns in namespace sepcific's resolv.conf; +# note, that while libunbound we're using will probably have +# dns addresses provided by us, it is still possible to pass +# a domain name as forwarder address to unbound, in which case +# it will try to resolve it first using libc +echo nameserver 23.253.163.53 > /etc/netns/0tdns/resolv.conf + +# part of the program running inside network namespace +# will run under this user +sudo useradd --system 0tdns |