Overwriting of `/etc/dnsmasq.conf` probably not required

[RafaelKr]

[Basic info

Distro (Name and version)	PHP Version	Valet version
Linux Mint Cinnamon 21.2	8.2	2.3.5

• [x] I've checked the issue queue and could not find anything similar to my bug.
• [x] I'm on the latest version of valet-linux (valet --version): 2.3.5
• [ ] I've run valet fix and valet install after updating and before submitting my issue/feature.

What is the problem? I think it's not required to overwrite the /etc/dnsmasq.conf file. I just received a dnsmasq update with running sudo apt upgrade and got a large diff asking if I want to keep my local /etc/dnsmasq.conf or overwrite it with the version of the update. After comparing them I think the only changed option is

-conf-dir=/etc/dnsmasq.d
+#conf-dir=/etc/dnsmasq.d

but actually its not required to set this option explicitly, because the files in that directory are included by default. At least on my Linux distribution that's the case.

So probably the code to overwrite that file and the stub can be removed completely: https://github.com/cpriego/valet-linux/blob/321e261bfc425b06acd9cba4eab11e44cc4f6759/cli/Valet/DnsMasq.php#L158

Sources I'm pretty sure the conf-dir is the only changed option before and after valet install. Still here is the full diff for comparison:

--- dnsmasq-original.conf   2024-02-26 21:23:07.928725457 +0100
+++ dnsmasq-valet.conf  2024-02-26 21:08:28.350028253 +0100
@@ -27,8 +27,8 @@

 # Replies which are not DNSSEC signed may be legitimate, because the domain
 # is unsigned, or may be forgeries. Setting this option tells dnsmasq to
-# check that an unsigned reply is OK, by finding a secure proof that a DS 
-# record somewhere between the root and the domain does not exist. 
+# check that an unsigned reply is OK, by finding a secure proof that a DS
+# record somewhere between the root and the domain does not exist.
 # The cost of setting this is that even queries in unsigned domains will need
 # one or more extra DNS queries to verify.
 #dnssec-check-unsigned
@@ -85,22 +85,12 @@
 # subdomains to the vpn and search ipsets:
 #ipset=/yahoo.com/google.com/vpn,search

-# Add the IPs of all queries to yahoo.com, google.com, and their
-# subdomains to netfilters sets, which is equivalent to
-# 'nft add element ip test vpn { ... }; nft add element ip test search { ... }'
-#nftset=/yahoo.com/google.com/ip#test#vpn,ip#test#search
-
-# Use netfilters sets for both IPv4 and IPv6:
-# This adds all addresses in *.yahoo.com to vpn4 and vpn6 for IPv4 and IPv6 addresses.
-#nftset=/yahoo.com/4#ip#test#vpn4
-#nftset=/yahoo.com/6#ip#test#vpn6
-
 # You can control how dnsmasq talks to a server: this forces
 # queries to 10.1.2.3 to be routed via eth1
 # server=10.1.2.3@eth1

 # and this sets the source (ie local) address used to talk to
-# 10.1.2.3 to 192.168.1.1 port 55 (there must be an interface with that
+# 10.1.2.3 to 192.168.1.1 port 55 (there must be a interface with that
 # IP on the machine, obviously).
 # server=10.1.2.3@192.168.1.1#55

@@ -193,11 +183,11 @@
 #dhcp-range=1234::2, 1234::500, 64, 12h

 # Do Router Advertisements, BUT NOT DHCP for this subnet.
-#dhcp-range=1234::, ra-only 
+#dhcp-range=1234::, ra-only

 # Do Router Advertisements, BUT NOT DHCP for this subnet, also try and
-# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack 
-# hosts. Use the DHCPv4 lease to derive the name, network segment and 
+# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
+# hosts. Use the DHCPv4 lease to derive the name, network segment and
 # MAC address and assume that the host will also have an
 # IPv6 address calculated using the SLAAC algorithm.
 #dhcp-range=1234::, ra-names
@@ -220,9 +210,9 @@
 #dhcp-range=1234::, ra-stateless, ra-names

 # Do router advertisements for all subnets where we're doing DHCPv6
-# Unless overridden by ra-stateless, ra-names, et al, the router 
+# Unless overridden by ra-stateless, ra-names, et al, the router
 # advertisements will have the M and O bits set, so that the clients
-# get addresses and configuration from DHCPv6, and the A bit reset, so the 
+# get addresses and configuration from DHCPv6, and the A bit reset, so the
 # clients don't use SLAAC addresses.
 #enable-ra

@@ -295,11 +285,11 @@
 # any machine with Ethernet address starting 11:22:33:
 #dhcp-host=11:22:33:*:*:*,set:red

-# Give a fixed IPv6 address and name to client with 
+# Give a fixed IPv6 address and name to client with
 # DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
 # Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
-# Note also that the [] around the IPv6 address are obligatory.
-#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5] 
+# Note also the they [] around the IPv6 address are obligatory.
+#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]

 # Ignore any clients which are not specified in dhcp-host lines
 # or /etc/ethers. Equivalent to ISC "deny unknown-clients".
@@ -355,7 +345,7 @@
 # Send DHCPv6 option. Note [] around IPv6 addresses.
 #dhcp-option=option6:dns-server,[1234::77],[1234::88]

-# Send DHCPv6 option for namservers as the machine running 
+# Send DHCPv6 option for namservers as the machine running
 # dnsmasq and another.
 #dhcp-option=option6:dns-server,[::],[1234::88]

@@ -364,11 +354,11 @@

 # Set option 58 client renewal time (T1). Defaults to half of the
 # lease time if not specified. (RFC2132)
-#dhcp-option=option:T1,1m
+#dhcp-option=option:T1:1m

 # Set option 59 rebinding time (T2). Defaults to 7/8 of the
 # lease time if not specified. (RFC2132)
-#dhcp-option=option:T2,2m
+#dhcp-option=option:T2:2m

 # Set the NTP time server address to be the same machine as
 # is running dnsmasq
@@ -394,7 +384,7 @@

 # The following DHCP options set up dnsmasq in the same way as is specified
 # for the ISC dhcpcd in
-# https://web.archive.org/web/20040313070105/http://us1.samba.org/samba/ftp/docs/textdocs/DHCP-Server-Configuration.txt
+# http://www.samba.org/samba/ftp/docs/textdocs/DHCP-Server-Configuration.txt
 # adapted for a typical dnsmasq installation where the host running
 # dnsmasq is also the host running samba.
 # you may want to uncomment some or all of them if you use
@@ -446,22 +436,22 @@
 #dhcp-option-force=211,30i

 # Set the boot filename for netboot/PXE. You will only need
-# this if you want to boot machines over the network and you will need
-# a TFTP server; either dnsmasq's built-in TFTP server or an
+# this is you want to boot machines over the network and you will need
+# a TFTP server; either dnsmasq's built in TFTP server or an
 # external one. (See below for how to enable the TFTP server.)
 #dhcp-boot=pxelinux.0

 # The same as above, but use custom tftp-server instead machine running dnsmasq
 #dhcp-boot=pxelinux,server.name,192.168.1.100

-# Boot for iPXE. The idea is to send two different
-# filenames, the first loads iPXE, and the second tells iPXE what to
-# load. The dhcp-match sets the ipxe tag for requests from iPXE.
-#dhcp-boot=undionly.kpxe
-#dhcp-match=set:ipxe,175 # iPXE sends a 175 option.
-#dhcp-boot=tag:ipxe,http://boot.ipxe.org/demo/boot.php
+# Boot for Etherboot gPXE. The idea is to send two different
+# filenames, the first loads gPXE, and the second tells gPXE what to
+# load. The dhcp-match sets the gpxe tag for requests from gPXE.
+#dhcp-match=set:gpxe,175 # gPXE sends a 175 option.
+#dhcp-boot=tag:!gpxe,undionly.kpxe
+#dhcp-boot=mybootimage

-# Encapsulated options for iPXE. All the options are
+# Encapsulated options for Etherboot gPXE. All the options are
 # encapsulated within option 175
 #dhcp-option=encap:175, 1, 5b         # priority code
 #dhcp-option=encap:175, 176, 1b       # no-proxydhcp
@@ -557,14 +547,6 @@
 # http://www.isc.org/files/auth.html
 #dhcp-authoritative

-# Set the DHCP server to enable DHCPv4 Rapid Commit Option per RFC 4039.
-# In this mode it will respond to a DHCPDISCOVER message including a Rapid Commit
-# option with a DHCPACK including a Rapid Commit option and fully committed address
-# and configuration information. This must only be enabled if either the server is 
-# the only server for the subnet, or multiple servers are present and they each
-# commit a binding for all clients.
-#dhcp-rapid-commit
-
 # Run an executable when a DHCP lease is created or destroyed.
 # The arguments sent to the script are "add" or "del",
 # then the MAC address, the IP address and finally the hostname
@@ -664,7 +646,7 @@
 # Provide an alias for a "local" DNS name. Note that this _only_ works
 # for targets which are names from DHCP or /etc/hosts. Give host
 # "bert" another name, bertrand
-#cname=bertrand,bert
+#cname=bertand,bert

 # For debugging purposes, log each DNS query as it passes through
 # dnsmasq.
@@ -675,7 +657,7 @@

 # Include another lot of configuration options.
 #conf-file=/etc/dnsmasq.more.conf
-#conf-dir=/etc/dnsmasq.d
+conf-dir=/etc/dnsmasq.d

 # Include all the files in a directory except those ending in .bak
 #conf-dir=/etc/dnsmasq.d,.bak
@@ -683,7 +665,3 @@
 # Include all files in a directory which end in .conf
 #conf-dir=/etc/dnsmasq.d/,*.conf

-# If a DHCP client claims that its name is "wpad", ignore that.
-# This fixes a security hole. see CERT Vulnerability VU#598349
-#dhcp-name-match=set:wpad-ignore,wpad
-#dhcp-ignore-names=tag:wpad-ignore