From 9f1be6e0790d52f2ecf612f4ff337e6edde14f1f Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Wed, 3 Oct 2018 16:35:59 +0200 Subject: [PATCH] killChild() is not needed any more; update config example by the way --- dnscrypt-proxy/example-dnscrypt-proxy.toml | 16 ++++++++++------ dnscrypt-proxy/main.go | 1 - dnscrypt-proxy/privilege_linux.go | 8 -------- dnscrypt-proxy/privilege_others.go | 8 -------- dnscrypt-proxy/privilege_windows.go | 1 - 5 files changed, 10 insertions(+), 24 deletions(-) diff --git a/dnscrypt-proxy/example-dnscrypt-proxy.toml b/dnscrypt-proxy/example-dnscrypt-proxy.toml index 8c4ce26d..66c4170b 100644 --- a/dnscrypt-proxy/example-dnscrypt-proxy.toml +++ b/dnscrypt-proxy/example-dnscrypt-proxy.toml @@ -41,12 +41,7 @@ listen_addresses = ['127.0.0.1:53', '[::1]:53'] max_clients = 250 -## Switch to a non-privileged system user after listening sockets have been created. -## Two processes will be running. -## The first one will keep root privileges, but is only a supervisor, that does nothing -## except create the sockets, manage the service, and restart it if it crashes. -## The second process is the service itself, and that one will always run as a different -## user. +## Switch to a different system user after listening sockets have been created. ## Note (1): this feature is currently unsupported on Windows. ## Note (2): this feature is not compatible with systemd socket activation. @@ -491,6 +486,15 @@ cache_neg_max_ttl = 600 refresh_delay = 72 prefix = '' + ## Quad9 over DNSCrypt - https://quad9.net/ + + # [sources.quad9-resolvers] + # urls = ["https://www.quad9.net/quad9-resolvers.md"] + # minisign_key = "RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN" + # cache_file = "quad9-resolvers.md" + # refresh_delay = 72 + # prefix = "quad9" + ## Another example source, with resolvers censoring some websites not appropriate for children ## This is a subset of the `public-resolvers` list, so enabling both is useless diff --git a/dnscrypt-proxy/main.go b/dnscrypt-proxy/main.go index 637876c7..2ee91f7a 100644 --- a/dnscrypt-proxy/main.go +++ b/dnscrypt-proxy/main.go @@ -108,7 +108,6 @@ func (app *App) Stop(service service.Service) error { if pidFilePath := pidfile.GetPidfilePath(); len(pidFilePath) > 1 { os.Remove(pidFilePath) } - killChild() dlog.Notice("Stopped.") return nil } diff --git a/dnscrypt-proxy/privilege_linux.go b/dnscrypt-proxy/privilege_linux.go index 149dffde..65730752 100644 --- a/dnscrypt-proxy/privilege_linux.go +++ b/dnscrypt-proxy/privilege_linux.go @@ -84,11 +84,3 @@ func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) { dlog.Fatalf("Unable to reexecute [%s]", path) os.Exit(1) } - -func killChild() { - if cmd != nil { - if err := cmd.Process.Kill(); err != nil { - dlog.Fatal("Failed to kill child process.") - } - } -} diff --git a/dnscrypt-proxy/privilege_others.go b/dnscrypt-proxy/privilege_others.go index 19b44d3c..1af1b451 100644 --- a/dnscrypt-proxy/privilege_others.go +++ b/dnscrypt-proxy/privilege_others.go @@ -86,11 +86,3 @@ func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) { dlog.Fatalf("Unable to reexecute [%s]", path) os.Exit(1) } - -func killChild() { - if cmd != nil { - if err := cmd.Process.Kill(); err != nil { - dlog.Fatal("Failed to kill child process.") - } - } -} diff --git a/dnscrypt-proxy/privilege_windows.go b/dnscrypt-proxy/privilege_windows.go index e70789d8..61c08d1b 100644 --- a/dnscrypt-proxy/privilege_windows.go +++ b/dnscrypt-proxy/privilege_windows.go @@ -3,4 +3,3 @@ package main import "os" func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {} -func killChild() {}