Development

2026-06-09 10:24:29 -04:00 · 2026-06-09 10:24:29 -04:00 · df08cec23f
commit df08cec23f
parent e33133df1e
1 changed files with 11 additions and 8 deletions
--- a/routlin/mod_dnsmasq.py
+++ b/routlin/mod_dnsmasq.py
@ -31,8 +31,9 @@ _log = logging.getLogger("blocklists")
 # ===================================================================

 def vlan_hosts_file(vlan):
-    """Stable per-VLAN hosts file path (always the same regardless of blocklist combo)."""
-    return BLOCKLIST_DIR / f"for-{vlan['name']}.hosts"
+    """Stable per-VLAN hosts file in the system dnsmasq config dir (world-readable,
+    accessible after dnsmasq drops privileges from root to the dnsmasq user)."""
+    return shared.DNSMASQ_CONF_DIR / f"for-{vlan['name']}.hosts"


 def blocklists_available(data):
@ -275,8 +276,6 @@ def update_blocklist_hosts(data):

        hosts_file = vlan_hosts_file(vlan)
        if not bl_names:
-            if not hosts_file.exists():
-                hosts_file.write_text("")
            continue

        if not changed.intersection(bl_names) and hosts_file.exists():
@ -287,9 +286,10 @@ def update_blocklist_hosts(data):
        hosts_file.write_text(_build_merged_hosts(domains, bl_names))
        _log.info(f"VLAN '{vlan_name}': wrote {len(domains):,} domains from [{', '.join(sorted(bl_names))}]")

-    for f in BLOCKLIST_DIR.glob("for-*.hosts"):
+    for f in shared.DNSMASQ_CONF_DIR.glob("for-*.hosts"):
        vlan_name = f.stem.removeprefix("for-")
-        if vlan_name not in active_vlan_names:
+        vlan = next((v for v in data.get("vlans", []) if v["name"] == vlan_name), None)
+        if vlan is None or not vlan.get("use_blocklists"):
            f.unlink()
            _log.info(f"Removed stale hosts file: {f.name}")

@ -371,7 +371,8 @@ def build_vlan_dnsmasq_conf(vlan, data, iface):
    opts      = shared.resolve_vlan_options(vlan)
    gateway   = opts["gateway"]

-    hosts_file = vlan_hosts_file(vlan)
+    bl_names   = vlan.get("use_blocklists", [])
+    hosts_file = vlan_hosts_file(vlan) if bl_names else None

    L = [
        "# Generated by core.py -- do not edit manually.",
@ -487,12 +488,14 @@ def build_vlan_dnsmasq_conf(vlan, data, iface):
        for o in overrides:
            L += [f"# {o['description']}", f"address=/{o['host']}/{o['ip']}", ""]

-    if hosts_file.exists():
+    if hosts_file and hosts_file.exists():
        L += [
            "# -- Blocklist ------------------------------------------------------",
            f"addn-hosts={hosts_file}",
            "",
        ]
+    elif bl_names:
+        L += ["# Blocklist not yet merged -- run: sudo python3 core.py --merge-blocklists", ""]

    return "\n".join(L)