[dhcp] Write lease file AFTER changing of the effective user/group ID.

Jiří Popelka jpopelka at fedoraproject.org
Wed Oct 26 18:17:31 UTC 2011


commit 6e67a560a85c00ceb725d8f204ebbb7538267375
Author: Jiri Popelka <jpopelka at redhat.com>
Date:   Wed Oct 26 19:40:23 2011 +0200

    Write lease file AFTER changing of the effective user/group ID.
    
    Move omshell from dhcp-common to main package (where it originally was).

 dhcp-4.2.2-paranoia-pid.patch |   49 ------------------
 dhcp-4.2.3-paranoia.patch     |  110 +++++++++++++++++++++++++++++++++++++++++
 dhcp.spec                     |   25 +++++----
 3 files changed, 124 insertions(+), 60 deletions(-)
---
diff --git a/dhcp-4.2.3-paranoia.patch b/dhcp-4.2.3-paranoia.patch
new file mode 100644
index 0000000..4139ce9
--- /dev/null
+++ b/dhcp-4.2.3-paranoia.patch
@@ -0,0 +1,110 @@
+diff -up dhcp-4.2.3/server/dhcpd.c.paranoia dhcp-4.2.3/server/dhcpd.c
+--- dhcp-4.2.3/server/dhcpd.c.paranoia	2011-10-26 19:10:08.162925489 +0200
++++ dhcp-4.2.3/server/dhcpd.c	2011-10-26 19:12:34.541095509 +0200
+@@ -699,11 +699,11 @@ main(int argc, char **argv) {
+ 
+ 	group_write_hook = group_writer;
+ 
+-	/* Start up the database... */
+-	db_startup (lftest);
+-
+-	if (lftest)
++	if (lftest) {
++		/* Start up the database... */
++		db_startup (lftest);
+ 		exit (0);
++	}
+ 
+ 	/* Discover all the network interfaces and initialize them. */
+ 	discover_interfaces(DISCOVER_SERVER);
+@@ -743,24 +743,6 @@ main(int argc, char **argv) {
+ #if defined (TRACING)
+ 	trace_seed_stash (trace_srandom, seed + cur_time);
+ #endif
+-	postdb_startup ();
+-
+-#ifdef DHCPv6
+-	/*
+-	 * Set server DHCPv6 identifier.
+-	 * See dhcpv6.c for discussion of setting DUID.
+-	 */
+-	if (set_server_duid_from_option() == ISC_R_SUCCESS) {
+-		write_server_duid();
+-	} else {
+-		if (!server_duid_isset()) {
+-			if (generate_new_server_duid() != ISC_R_SUCCESS) {
+-				log_fatal("Unable to set server identifier.");
+-			}
+-			write_server_duid();
+-		}
+-	}
+-#endif /* DHCPv6 */
+ 
+ #ifndef DEBUG
+ 	if (daemon) {
+@@ -771,22 +753,6 @@ main(int argc, char **argv) {
+ 			exit (0);
+ 	}
+  
+-#if defined (PARANOIA)
+-	/* change uid to the specified one */
+-
+-	if (set_gid) {
+-		if (setgroups (0, (void *)0))
+-			log_fatal ("setgroups: %m");
+-		if (setgid (set_gid))
+-			log_fatal ("setgid(%d): %m", (int) set_gid);
+-	}	
+-
+-	if (set_uid) {
+-		if (setuid (set_uid))
+-			log_fatal ("setuid(%d): %m", (int) set_uid);
+-	}
+-#endif /* PARANOIA */
+-
+ 	/*
+ 	 * Deal with pid files.  If the user told us
+ 	 * not to write a file we don't read one either
+@@ -823,6 +789,42 @@ main(int argc, char **argv) {
+ 		}
+ 	}
+ 
++#if defined (PARANOIA)
++	/* change uid to the specified one */
++
++	if (set_gid) {
++		if (setgroups (0, (void *)0))
++			log_fatal ("setgroups: %m");
++		if (setgid (set_gid))
++			log_fatal ("setgid(%d): %m", (int) set_gid);
++	}	
++
++	if (set_uid) {
++		if (setuid (set_uid))
++			log_fatal ("setuid(%d): %m", (int) set_uid);
++	}
++#endif /* PARANOIA */
++
++	db_startup(lftest);
++	postdb_startup ();
++
++#ifdef DHCPv6
++	/*
++	 * Set server DHCPv6 identifier.
++	 * See dhcpv6.c for discussion of setting DUID.
++	 */
++	if (set_server_duid_from_option() == ISC_R_SUCCESS) {
++		write_server_duid();
++	} else {
++		if (!server_duid_isset()) {
++			if (generate_new_server_duid() != ISC_R_SUCCESS) {
++				log_fatal("Unable to set server identifier.");
++			}
++			write_server_duid();
++		}
++	}
++#endif /* DHCPv6 */
++
+ 	/* If we were requested to log to stdout on the command line,
+ 	   keep doing so; otherwise, stop. */
+ 	if (log_perror == -1)
diff --git a/dhcp.spec b/dhcp.spec
index 23f97f7..89e4e8e 100644
--- a/dhcp.spec
+++ b/dhcp.spec
@@ -22,7 +22,7 @@
 Summary:  Dynamic host configuration protocol software
 Name:     dhcp
 Version:  4.2.3
-Release:  2%{?dist}
+Release:  3%{?dist}
 # NEVER CHANGE THE EPOCH on this package.  The previous maintainer (prior to
 # dcantrell maintaining the package) made incorrect use of the epoch and
 # that's why it is at 12 now.  It should have never been used, but it was.
@@ -71,7 +71,7 @@ Patch28:  dhcp-4.2.0-noprefixavail.patch
 Patch29:  dhcp-4.2.2-remove-bind.patch
 Patch30:  dhcp-4.2.2-sharedlib.patch
 Patch31:  dhcp-4.2.0-PPP.patch
-Patch32:  dhcp-4.2.2-paranoia-pid.patch
+Patch32:  dhcp-4.2.3-paranoia.patch
 Patch33:  dhcp-4.2.2-lpf-ib.patch
 Patch34:  dhcp-4.2.2-improved-xid.patch
 Patch35:  dhcp-4.2.2-gpxe-cid.patch
@@ -117,8 +117,7 @@ DHCP (Dynamic Host Configuration Protocol) is a protocol which allows
 individual devices on an IP network to get their own network
 configuration information (IP address, subnetmask, broadcast address,
 etc.) from a DHCP server. The overall purpose of DHCP is to make it
-easier to administer a large network.  The dhcp package includes the
-ISC DHCP service and relay agent.
+easier to administer a large network.
 
 To use DHCP on your network, install a DHCP service (or relay agent),
 and on clients run a DHCP client daemon.  The dhcp package provides
@@ -315,9 +314,10 @@ rm bind/bind.tar.gz
 # DHCPv6 over PPP support (#626514)
 %patch31 -p1 -b .PPP
 
-# Move changing of the effective user/group ID after writing new PID file.
+# Write PID file BEFORE changing of the effective user/group ID.
 # (Submitted to dhcp-bugs at isc.org - [ISC-Bugs #25806])
-%patch32 -p1 -b .paranoia-pid
+# Write lease file AFTER changing of the effective user/group ID.
+%patch32 -p1 -b .paranoia
 
 # IPoIB support (#660681)
 # (Submitted to dhcp-bugs at isc.org - [ISC-Bugs #24249])
@@ -364,7 +364,7 @@ for page in server/dhcpd.conf.5 server/dhcpd.leases.5 server/dhcpd.8 ; do
 done
 
 %build
-libtoolize --copy --force
+#libtoolize --copy --force
 autoreconf --verbose --force --install
 
 CFLAGS="%{optflags} -fno-strict-aliasing -D_GNU_SOURCE" \
@@ -462,7 +462,6 @@ EOF
 # DHCPv6 Server Configuration file.
 #   see /usr/share/doc/dhcp*/dhcpd6.conf.sample
 #   see dhcpd.conf(5) man page
-#   run 'service dhcpd6 start' or 'dhcpd -6 -cf /etc/dhcp/dhcpd6.conf'
 #
 EOF
 
@@ -617,6 +616,8 @@ fi
 %attr(0644,root,root)   %{_unitdir}/dhcrelay.service
 %{_sbindir}/dhcpd
 %{_sbindir}/dhcrelay
+%{_bindir}/omshell
+%attr(0644,root,root) %{_mandir}/man1/omshell.1.gz
 %attr(0644,root,root) %{_mandir}/man5/dhcpd.conf.5.gz
 %attr(0644,root,root) %{_mandir}/man5/dhcpd.leases.5.gz
 %attr(0644,root,root) %{_mandir}/man8/dhcpd.8.gz
@@ -643,8 +644,6 @@ fi
 
 %files common
 %doc LICENSE README RELNOTES doc/References.txt
-%{_bindir}/omshell
-%attr(0644,root,root) %{_mandir}/man1/omshell.1.gz
 %attr(0644,root,root) %{_mandir}/man5/dhcp-options.5.gz
 %attr(0644,root,root) %{_mandir}/man5/dhcp-eval.5.gz
 
@@ -670,8 +669,12 @@ fi
 %{_initddir}/dhcrelay
 
 %changelog
+* Wed Oct 26 2011 Jiri Popelka <jpopelka at redhat.com> - 12:4.2.3-3
+- Write lease file AFTER changing of the effective user/group ID.
+- Move omshell from dhcp-common to main package (where it originally was).
+
 * Thu Oct 20 2011 Jiri Popelka <jpopelka at redhat.com> - 12:4.2.3-2
-- Move changing of the effective user/group ID after writing new PID file.
+- Write PID file BEFORE changing of the effective user/group ID.
 - Really define _hardened_build this time
 
 * Thu Oct 20 2011 Jiri Popelka <jpopelka at redhat.com> - 12:4.2.3-1


More information about the scm-commits mailing list