resolvconf: disable default route when -p is specified

Internally, the switch triggers 'resolvectl default-route INTERFACE no'.

Closes #34112.

man/resolvectl.xml

@@ -570,10 +570,19 @@
       </varlistentry>
 
       <varlistentry>
-        <term><option>-m</option></term>
         <term><option>-p</option></term>
 
-        <listitem><para>These switches are not supported and are silently ignored.</para>
+        <listitem><para>When specified, the interface will not be used as the default route. See also
+        <citerefentry><refentrytitle>systemd-resolved.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        about the default route.</para>
+
+        <xi:include href="version-info.xml" xpointer="v257"/></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>-m</option></term>
+
+        <listitem><para>The switch is not supported and is silently ignored.</para>
 
         <xi:include href="version-info.xml" xpointer="v239"/></listitem>
       </varlistentry>

src/resolve/resolvconf-compat.c

@@ -34,13 +34,14 @@ static int resolvconf_help(void) {
                "     --version  Show package version\n"
                "  -a            Register per-interface DNS server and domain data\n"
                "  -d            Unregister per-interface DNS server and domain data\n"
+               "  -p            Do not use this interface as default route\n"
                "  -f            Ignore if specified interface does not exist\n"
                "  -x            Send DNS traffic preferably over this interface\n"
                "\n"
                "This is a compatibility alias for the resolvectl(1) tool, providing native\n"
                "command line compatibility with the resolvconf(8) tool of various Linux\n"
                "distributions and BSD systems. Some options supported by other implementations\n"
-               "are not supported and are ignored: -m, -p, -u. Various options supported by other\n"
+               "are not supported and are ignored: -m, -u. Various options supported by other\n"
                "implementations are not supported and will cause the invocation to fail:\n"
                "-I, -i, -l, -R, -r, -v, -V, --enable-updates, --disable-updates,\n"
                "--updates-are-enabled.\n"
@@ -119,7 +120,7 @@ int resolvconf_parse_argv(int argc, char *argv[]) {
 
         enum {
                 TYPE_REGULAR,
-                TYPE_PRIVATE,   /* -p: Not supported, treated identically to TYPE_REGULAR */
+                TYPE_PRIVATE,
                 TYPE_EXCLUSIVE, /* -x */
         } type = TYPE_REGULAR;
 
@@ -132,7 +133,7 @@ int resolvconf_parse_argv(int argc, char *argv[]) {
         if (getenv("IF_EXCLUSIVE"))
                 type = TYPE_EXCLUSIVE;
         if (getenv("IF_PRIVATE"))
-                type = TYPE_PRIVATE; /* not actually supported */
+                type = TYPE_PRIVATE;
 
         arg_mode = _MODE_INVALID;
 
@@ -160,7 +161,7 @@ int resolvconf_parse_argv(int argc, char *argv[]) {
                         break;
 
                 case 'p':
-                        type = TYPE_PRIVATE; /* not actually supported */
+                        type = TYPE_PRIVATE;
                         break;
 
                 case 'f':
@@ -256,17 +257,26 @@ int resolvconf_parse_argv(int argc, char *argv[]) {
                         log_syntax(NULL, LOG_DEBUG, "stdin", n, 0, "Ignoring resolv.conf line: %s", line);
                 }
 
-                if (type == TYPE_EXCLUSIVE) {
+                switch (type) {
+                case TYPE_REGULAR:
+                        break;
 
+                case TYPE_PRIVATE:
+                        arg_disable_default_route = true;
+                        break;
+
+                case TYPE_EXCLUSIVE:
                         /* If -x mode is selected, let's preferably route non-suffixed lookups to this interface. This
                          * somewhat matches the original -x behaviour */
 
                         r = strv_extend(&arg_set_domain, "~.");
                         if (r < 0)
                                 return log_oom();
+                        break;
 
-                } else if (type == TYPE_PRIVATE)
-                        log_debug("Private DNS server data not supported, ignoring.");
+                default:
+                        assert_not_reached();
+                }
 
                 if (strv_isempty(arg_set_dns))
                         return log_error_errno(SYNTHETIC_ERRNO(EINVAL),

src/resolve/resolvectl.c

@@ -71,10 +71,11 @@ typedef enum RawType {
 } RawType;
 static RawType arg_raw = RAW_NONE;
 
+/* Used by compat interfaces: systemd-resolve and resolvconf. */
 ExecutionMode arg_mode = MODE_RESOLVE_HOST;
-
 char **arg_set_dns = NULL;
 char **arg_set_domain = NULL;
+bool arg_disable_default_route = false;
 static const char *arg_set_llmnr = NULL;
 static const char *arg_set_mdns = NULL;
 static const char *arg_set_dns_over_tls = NULL;
@@ -4178,6 +4179,12 @@ static int compat_main(int argc, char *argv[]) {
         case MODE_SET_LINK:
                 assert(arg_ifname);
 
+                if (arg_disable_default_route) {
+                        r = translate("default-route", arg_ifname, 1, STRV_MAKE("no"));
+                        if (r < 0)
+                                return r;
+                }
+
                 if (arg_set_dns) {
                         r = translate("dns", arg_ifname, strv_length(arg_set_dns), arg_set_dns);
                         if (r < 0)

src/resolve/resolvectl.h

@@ -24,6 +24,7 @@ typedef enum ExecutionMode {
 extern ExecutionMode arg_mode;
 extern char **arg_set_dns;
 extern char **arg_set_domain;
+extern bool arg_disable_default_route;
 extern bool arg_ifindex_permissive;
 
 int ifname_mangle_full(const char *s, bool drop_protocol_specifier);