rpms/dhcp/devel dhcp-4.1.1-capability.patch, 1.2, 1.3 dhcp.spec, 1.286, 1.287

Jiří Popelka jpopelka at fedoraproject.org
Wed Feb 3 17:48:52 UTC 2010 

Author: jpopelka

Update of /cvs/pkgs/rpms/dhcp/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv23030

Modified Files:
	dhcp-4.1.1-capability.patch dhcp.spec 
Log Message:
* Wed Feb 03 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-3
- move /etc/dhcp.conf to /etc/dhcp.conf.rpmsave in %post (#561094)
- document -nc option in dhclient(8) man page


dhcp-4.1.1-capability.patch:
 client/Makefile.am |    2 +-
 client/dhclient.8  |   26 ++++++++++++++++++++++++++
 client/dhclient.c  |   23 +++++++++++++++++++++++
 configure.ac       |   35 +++++++++++++++++++++++++++++++++++
 4 files changed, 85 insertions(+), 1 deletion(-)

Index: dhcp-4.1.1-capability.patch
===================================================================
RCS file: /cvs/pkgs/rpms/dhcp/devel/dhcp-4.1.1-capability.patch,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- dhcp-4.1.1-capability.patch	2 Feb 2010 12:28:54 -0000	1.2
+++ dhcp-4.1.1-capability.patch	3 Feb 2010 17:48:51 -0000	1.3
@@ -1,6 +1,42 @@
+diff -up dhcp-4.1.1/client/dhclient.8.capability dhcp-4.1.1/client/dhclient.8
+--- dhcp-4.1.1/client/dhclient.8.capability	2010-02-03 11:19:39.854958099 -0500
++++ dhcp-4.1.1/client/dhclient.8	2010-02-03 11:44:57.949895909 -0500
+@@ -381,6 +381,32 @@ Do not configure any interfaces.  Most u
+ option.
+ 
+ .TP
++.BI \-nc
++Do not drop capabilities.
++
++Normally, if
++.B dhclient
++was compiled with libcap-ng support,
++.B dhclient
++drops most capabilities immediately upon startup.  While more secure,
++this greatly restricts the additional actions that hooks in
++.B dhclient-script (8)
++can take.  (For example, any daemons that 
++.B dhclient-script (8)
++starts or restarts will inherit the restricted capabilities as well,
++which may interfere with their correct operation.)  Thus, the
++.BI \-nc
++option can be used to prevent
++.B dhclient
++from dropping capabilities.
++
++The
++.BI \-nc
++option is ignored if
++.B dhclient
++was not compiled with libcap-ng support.
++
++.TP
+ .BI \-nw
+ Become a daemon process immediately (nowait) rather than waiting until an IP
+ address has been acquired.
 diff -up dhcp-4.1.1/client/dhclient.c.capability dhcp-4.1.1/client/dhclient.c
---- dhcp-4.1.1/client/dhclient.c.capability	2010-02-02 11:58:29.000000000 +0100
-+++ dhcp-4.1.1/client/dhclient.c	2010-02-02 12:04:39.000000000 +0100
+--- dhcp-4.1.1/client/dhclient.c.capability	2010-02-03 11:19:39.876957973 -0500
++++ dhcp-4.1.1/client/dhclient.c	2010-02-03 11:46:14.665957658 -0500
 @@ -37,6 +37,9 @@
  #include <sys/time.h>
  #include <sys/wait.h>
@@ -25,8 +61,8 @@ diff -up dhcp-4.1.1/client/dhclient.c.ca
  			}
  
  			dhclient_request_options = argv[i];
-+#ifdef HAVE_LIBCAP_NG
 +		} else if (!strcmp(argv[i], "-nc")) {
++#ifdef HAVE_LIBCAP_NG
 +			keep_capabilities = 1;
 +#endif
  		} else if (argv[i][0] == '-') {
@@ -53,8 +89,8 @@ diff -up dhcp-4.1.1/client/dhclient.c.ca
  	initialize_common_option_spaces();
  
 diff -up dhcp-4.1.1/client/Makefile.am.capability dhcp-4.1.1/client/Makefile.am
---- dhcp-4.1.1/client/Makefile.am.capability	2008-11-18 23:33:22.000000000 +0100
-+++ dhcp-4.1.1/client/Makefile.am	2010-02-02 12:05:31.000000000 +0100
+--- dhcp-4.1.1/client/Makefile.am.capability	2008-11-18 17:33:22.000000000 -0500
++++ dhcp-4.1.1/client/Makefile.am	2010-02-03 11:19:39.895958083 -0500
 @@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c 
  		   scripts/netbsd scripts/nextstep scripts/openbsd \
  		   scripts/solaris scripts/openwrt
@@ -65,8 +101,8 @@ diff -up dhcp-4.1.1/client/Makefile.am.c
  EXTRA_DIST = $(man_MANS)
  
 diff -up dhcp-4.1.1/configure.ac.capability dhcp-4.1.1/configure.ac
---- dhcp-4.1.1/configure.ac.capability	2010-02-02 11:58:29.000000000 +0100
-+++ dhcp-4.1.1/configure.ac	2010-02-02 12:07:04.000000000 +0100
+--- dhcp-4.1.1/configure.ac.capability	2010-02-03 11:19:39.806895971 -0500
++++ dhcp-4.1.1/configure.ac	2010-02-03 11:19:39.895958083 -0500
 @@ -419,6 +419,41 @@ AC_TRY_LINK(
  # Look for optional headers.
  AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)


Index: dhcp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/dhcp/devel/dhcp.spec,v
retrieving revision 1.286
retrieving revision 1.287
diff -u -p -r1.286 -r1.287
--- dhcp.spec	2 Feb 2010 12:30:33 -0000	1.286
+++ dhcp.spec	3 Feb 2010 17:48:51 -0000	1.287
@@ -13,7 +13,7 @@
 Summary:  Dynamic host configuration protocol software
 Name:     dhcp
 Version:  %{basever}
-Release:  2%{?dist}
+Release:  3%{?dist}
 # NEVER CHANGE THE EPOCH on this package.  The previous maintainer (prior to
 # dcantrell maintaining the package) made incorrect use of the epoch and
 # that's why it is at 12 now.  It should have never been used, but it was.
@@ -384,6 +384,7 @@ prevconf="%{_sysconfdir}/dhcpd.conf"
 if [ ! -z "${prevconf}" ]; then
     if [ ! -f %{dhcpconfdir}/dhcpd.conf -o "${sampleconf}" = "${contents}" ]; then
         /bin/cp -a ${prevconf} %{dhcpconfdir}/dhcpd.conf >/dev/null 2>&1
+        /bin/mv ${prevconf} ${prevconf}.rpmsave >/dev/null 2>&1
         if [ -x /sbin/restorecon ]; then
             /sbin/restorecon %{dhcpconfdir}/dhcpd.conf >/dev/null 2>&1
         fi
@@ -499,6 +500,10 @@ fi
 %attr(0644,root,root) %{_mandir}/man3/omapi.3.gz
 
 %changelog
+* Wed Feb 03 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-3
+- move /etc/dhcp.conf to /etc/dhcp.conf.rpmsave in %%post (#561094)
+- document -nc option in dhclient(8) man page
+
 * Tue Feb 02 2010 Jiri Popelka <jpopelka at redhat.com> - 12:4.1.1-2
 - Fix capability patch (#546765)

More information about the scm-commits mailing list