Pacnew: Keep your config files up to date – February `19

Two files need to be changed:

warning: /etc/php/php.ini installed as /etc/php/php.ini.pacnew
warning: /etc/dnsmasq.d/01-pihole.conf installed as /etc/dnsmasq.d/01-pihole.conf.pacnew

 

The easiest way is to install etc-update from the AUR repo
yay -S etc-update
sudo etc-update

and follow the instructions.

But this time we have to change one(pihole) file manually. You can use etc-update for php if you want. How? The description is below.

 

1. PHP

Manually

sudo nano /etc/php/php.ini

add the + lines

; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file.
+; Note: disables the realpath cache

; http://php.net/open-basedir

; Determines the size of the realpath cache to be used by PHP. This value should
; be increased on systems where PHP opens many files to reflect the quantity of
; the file operations performed.
+; Note: if open_basedir is set, the cache is disabled

; http://php.net/realpath-cache-size
;realpath_cache_size = 4096k

Save and delete:

sudo rm /etc/php/php.ini.pacnew

 

etc-update

sudo etc-update

Merge the following and keep everything else (%1)

                                            > ; Note: disables the realpath cache
%2

                                            > ; Note: if open_basedir is set, the cache is disabled
%2

 

2. Pi-Hole

Manually (only)

sudo nano /etc/dnsmasq.d/01-pihole.conf

add the + lines and delete the lines

addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/local.list
addn-hosts=/etc/pihole/black.list
+domain-needed

localise-queries
+bogus-priv

no-resolv
cache-size=10000
-log-queries=extra
+log-queries

log-facility=/run/log/pihole/pihole.log
local-ttl=2
log-async

server=84.200.69.80
server=84.200.70.40
+
-domain-needed
-bogus-priv

interface=eth0
+
+# If a DHCP client claims that its name is "wpad", ignore that.
+# This fixes a security hole. see CERT Vulnerability VU#598349
+dhcp-name-match=set:wpad-ignore,wpad
+dhcp-ignore-names=tag:wpad-ignore

Save and delete:

sudo rm /etc/dnsmasq.d/01-pihole.conf.pacnew

That’s it.

I changed the pihole file a little because you wouldn’t have any internet connection if you would merge it with etc-update. You can check the file from Arch compare to the original pihole file from GitHub.