iankelling.org Git - distro-setup/blob - trusted-network

   1 #!/bin/bash -l
   2
   3 set -eE -o pipefail
   4 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
   5
   6 [[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@"
   7
   8 # Usage: run when switching from an untrusted network like public wifi
   9 # to a trusted one.
  10
  11 if [[ -e /etc/NetworkManager/conf.d/dns.conf ]]; then
  12   rm -fv /etc/NetworkManager/conf.d/dns.conf
  13   if [[ $(systemctl is-active NetworkManager) == active ]]; then
  14     m systemctl restart NetworkManager
  15   fi
  16 fi
  17
  18 rm -f /etc/systemd/resolved.conf.d/untrusted-network.conf
  19
  20 dhclient_restart=false
  21 # man dhclient.conf
  22 if ! grep -qP '\bdomain-name-servers\b' /etc/dhcp/dhclient.conf; then
  23   sed -i 's/^ *request/request domain-name-servers,/' /etc/dhcp/dhclient.conf
  24   dhclient_restart=true
  25   e $0: dhclient_restart=true
  26 fi
  27
  28
  29
  30 read -r _ _ _ _  gateway_if _ < <(ip route get 8.8.8.8)
  31 if [[ $gateway_if ]]; then
  32   # we could do this, but dhclient is still running and will use its old settings
  33   # from dependencies of ifupdown,
  34   # from man dhclient-script
  35   # from /etc/dhcp/dhclient-enter-hooks.d/resolved
  36   # rm -f /run/systemd/resolved.conf.d/*$gateway_if*
  37
  38
  39   if $dhclient_restart && grep -Pq "^ *auto ($gateway_if|.* $gateway_if( |$))" /etc/network/interfaces; then
  40     m ifdown $gateway_if
  41     m ifup $gateway_if
  42   fi
  43
  44   # at least on systemd 237 ifupdown it sets a global and this is not needed
  45   systemd-resolve --interface=$gateway_if --revert
  46 else
  47   e $0: no gateway_if found
  48 fi
  49
  50 reresolv