rpms/dhcp
5
0
Fork 0
Code Issues Pull Requests Releases Activity

don't ship legacy SysV initscripts + dhcpd[6].service improvements

Browse Source 
dhcpd6: move '-cf /etc/dhcp/dhcpd6.conf' from sysconfig/dhcpd6 to dhcpd6.service
run 'chown -R dhcpd:dhcpd /var/lib/dhcpd/' before starting dhcpd/dhcpd6 service
       for the case where leases file is owned by root:root as a
       consequence of running dhcpd without '-user dhcpd -group dhcpd' (#744292)
This commit is contained in:
Jiri Popelka 2011-12-19 18:38:02 +01:00
parent e810201549
commit 8b9d5e1b3b
6 changed files with 16 additions and 440 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
dhcp.spec
View File

@ -22,7 +22,7 @@
Summary: Dynamic host configuration protocol software
Name: dhcp
Version: 4.2.3
Release: 8.%{patchver}%{?dist}
Release: 9.%{patchver}%{?dist}
# NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to
# dcantrell maintaining the package) made incorrect use of the epoch and
# that's why it is at 12 now. It should have never been used, but it was.
@ -32,9 +32,6 @@ License: ISC
Group: System Environment/Daemons
URL: http://isc.org/products/DHCP/
Source0: ftp://ftp.isc.org/isc/dhcp/dhcp-%{VERSION}.tar.gz
Source1: dhcpd.init
Source2: dhcpd6.init
Source3: dhcrelay.init
Source4: dhclient-script
Source5: README.dhclient.d
Source6: 11-dhclient
@ -407,12 +404,6 @@ CFLAGS="%{optflags} -fno-strict-aliasing" \
%{__mv} %{buildroot}%{_sbindir}/dhclient %{buildroot}/sbin/dhclient
%{__install} -p -m 0755 client/scripts/linux %{buildroot}/sbin/dhclient-script
# Install legacy SysV initscripts
%{__mkdir} -p %{buildroot}%{_initddir}
%{__install} -p -m 0755 %{SOURCE1} %{buildroot}%{_initddir}/dhcpd
%{__install} -p -m 0755 %{SOURCE2} %{buildroot}%{_initddir}/dhcpd6
%{__install} -p -m 0755 %{SOURCE3} %{buildroot}%{_initddir}/dhcrelay
# Install systemd unit files
mkdir -p %{buildroot}%{_unitdir}
install -m 644 %{SOURCE9} %{buildroot}%{_unitdir}
@ -443,7 +434,7 @@ EOF
%{__cat} <<EOF > %{buildroot}%{_sysconfdir}/sysconfig/dhcpd6
# Command line options here
DHCPDARGS="-cf /etc/dhcp/dhcpd6.conf"
DHCPDARGS=""
EOF
# Copy sample conf files into position (called by doc macro)
@ -669,12 +660,15 @@ fi
%attr(0644,root,root) %{_mandir}/man3/dhcpctl.3.gz
%attr(0644,root,root) %{_mandir}/man3/omapi.3.gz
%files sysvinit
%{_initddir}/dhcpd
%{_initddir}/dhcpd6
%{_initddir}/dhcrelay
%changelog
* Mon Dec 19 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.3-9.P1
- don't ship legacy SysV initscripts
- dhcpd6: move '-cf /etc/dhcp/dhcpd6.conf' from sysconfig/dhcpd6 to dhcpd6.service
- run 'chown -R dhcpd:dhcpd /var/lib/dhcpd/' before starting dhcpd/dhcpd6 service
for the case where leases file is owned by root:root as a
consequence of running dhcpd without '-user dhcpd -group dhcpd' (#744292)
* Fri Dec 09 2011 Jiri Popelka <jpopelka@redhat.com> - 12:4.2.3-8.P1
- 4.2.3-P1: fix for CVE-2011-4539 (#765681)

150
dhcpd.init
View File

@ -1,150 +0,0 @@
#!/bin/sh
#
### BEGIN INIT INFO
# Provides: dhcpd
# Default-Start:
# Default-Stop:
# Should-Start:
# Required-Start: $network
# Required-Stop:
# Short-Description: Start and stop the DHCP server
# Description: dhcpd provides the Dynamic Host Configuration Protocol (DHCP)
# server.
### END INIT INFO
#
# The fields below are left around for legacy tools (will remove later).
#
# chkconfig: - 65 35
# description: dhcpd provides the Dynamic Host Configuration Protocol (DHCP) \
# server
# processname: dhcpd
# config: /etc/dhcp/dhcpd.conf
# config: /var/lib/dhcpd/dhcpd.leases
# pidfile: /var/run/dhcpd.pid
. /etc/rc.d/init.d/functions
RETVAL=0
prog=dhcpd
exec=/usr/sbin/dhcpd
lockfile=/var/lock/subsys/dhcpd
pidfile=/var/run/dhcpd.pid
statedir=/var/lib/dhcpd
[ -f /etc/sysconfig/dhcpd ] && . /etc/sysconfig/dhcpd
# if the user specified a different config file, make sure we reference it
findConfig() {
for arg in $DHCPDARGS ; do
if [ "$found" = 1 ]; then
[ -f "$arg" ] && echo "$arg"
return
fi
if [ "$arg" = "-cf" ]; then
found=1
continue
fi
done
echo "/etc/dhcp/dhcpd.conf"
}
config="$(findConfig "$DHCPDARGS")"
if [ ! -f $statedir/dhcpd.leases ] ; then
mkdir -p $statedir
touch $statedir/dhcpd.leases
[ -x /sbin/restorecon ] && [ -d /selinux ] && /sbin/restorecon $statedir/dhcpd.leases >/dev/null 2>&1
fi
configtest() {
[ -x $exec ] || return 5
[ -f $config ] || return 6
$exec -q -t -cf $config
RETVAL=$?
if [ $RETVAL -eq 1 ]; then
$exec -t -cf $config
else
echo "Syntax: OK" >&2
fi
return $RETVAL
}
rh_status() {
status -p $pidfile -l $(basename $lockfile) $exec
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
start() {
[ `id -u` -eq 0 ] || return 4
[ -x $exec ] || return 5
[ -f $config ] || return 6
rh_status_q && return 0
echo -n $"Starting $prog: "
daemon --pidfile=$pidfile $exec $DHCPDARGS 2>/dev/null
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch $lockfile
return $RETVAL
}
stop() {
[ `id -u` -eq 0 ] || return 4
rh_status_q || return 0
echo -n $"Shutting down $prog: "
killproc -p $pidfile $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $lockfile
return $RETVAL
}
usage() {
echo $"Usage: $0 {start|stop|restart|force-reload|condrestart|try-restart|configtest|status}"
}
if [ $# -gt 1 ]; then
exit 2
fi
case "$1" in
start)
start
;;
stop)
stop
;;
restart|force-reload)
stop ; start
;;
condrestart|try-restart)
rh_status_q || exit 0
stop ; start
;;
reload)
usage
# unimplemented feature
exit 3
;;
configtest)
configtest
;;
status)
rh_status
;;
*)
usage
exit 2
;;
esac
exit $?

3
dhcpd.service
View File

@ -4,6 +4,9 @@ After=syslog.target network.target
[Service]
EnvironmentFile=/etc/sysconfig/dhcpd
# For the case where /var/lib/dhcpd/dhcpd.leases is owned by root:root as a
# consequence of running dhcpd without '-user dhcpd -group dhcpd'
ExecStartPre=/bin/chown -R dhcpd:dhcpd /var/lib/dhcpd/
ExecStart=/usr/sbin/dhcpd -d -user dhcpd -group dhcpd --no-pid $DHCPDARGS
[Install]

153
dhcpd6.init
View File

@ -1,153 +0,0 @@
#!/bin/sh
#
### BEGIN INIT INFO
# Provides: dhcpd
# Default-Start:
# Default-Stop:
# Should-Start:
# Required-Start: $network
# Required-Stop:
# Short-Description: Start and stop the DHCPv6 server
# Description: dhcpd provides the Dynamic Host Configuration Protocol (DHCPv6)
# server.
### END INIT INFO
#
# The fields below are left around for legacy tools (will remove later).
#
# chkconfig: - 65 35
# description: dhcpd provides the Dynamic Host Configuration Protocol (DHCPv6) \
# server
# processname: dhcpd
# config: /etc/dhcp/dhcpd6.conf
# config: /var/lib/dhcpd/dhcpd6.leases
# pidfile: /var/run/dhcpd6.pid
. /etc/rc.d/init.d/functions
RETVAL=0
prog=dhcpd
exec=/usr/sbin/dhcpd
lockfile=/var/lock/subsys/dhcpd6
pidfile=/var/run/dhcpd6.pid
statedir=/var/lib/dhcpd
default_config=/etc/dhcp/dhcpd6.conf
[ -f /etc/sysconfig/dhcpd6 ] && . /etc/sysconfig/dhcpd6
# if the user specified a different config file, make sure we reference it
findConfig() {
for arg in $DHCPDARGS ; do
if [ "$found" = 1 ]; then
[ -f "$arg" ] && echo "$arg"
return
fi
if [ "$arg" = "-cf" ]; then
found=1
continue
fi
done
echo $default_config
}
config="$(findConfig "$DHCPDARGS")"
if [ ! -f $statedir/dhcpd6.leases ] ; then
mkdir -p $statedir
touch $statedir/dhcpd6.leases
[ -x /sbin/restorecon ] && [ -d /selinux ] && /sbin/restorecon $statedir/dhcpd6.leases >/dev/null 2>&1
fi
configtest() {
[ -x $exec ] || return 5
[ -f $config ] || return 6
$exec -q -t -6 -cf $config
RETVAL=$?
if [ $RETVAL -eq 1 ]; then
$exec -t -6 -cf $config
else
echo "Syntax: OK" >&2
fi
return $RETVAL
}
rh_status() {
status -p $pidfile -l $(basename $lockfile) $exec
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
start() {
[ `id -u` -eq 0 ] || return 4
[ -x $exec ] || return 5
[ -f $config ] || return 6
rh_status_q && return 0
# add default dhcpd6.conf configuration file if there's no one in DHCPDARGS
[ "${config}" = "${default_config}" ] && DHCPDARGS="$DHCPDARGS -cf $default_config"
echo -n $"Starting $prog (DHCPv6): "
daemon --pidfile=$pidfile $exec -6 $DHCPDARGS 2>/dev/null
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch $lockfile
return $RETVAL
}
stop() {
[ `id -u` -eq 0 ] || return 4
rh_status_q || return 0
echo -n $"Shutting down $prog (DHCPv6): "
killproc -p $pidfile $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $lockfile
return $RETVAL
}
usage() {
echo $"Usage: $0 {start|stop|restart|force-reload|condrestart|try-restart|configtest|status}"
}
if [ $# -gt 1 ]; then
exit 2
fi
case "$1" in
start)
start
;;
stop)
stop
;;
restart|force-reload)
stop ; start
;;
condrestart|try-restart)
rh_status_q || exit 0
stop ; start
;;
reload)
usage
# unimplemented feature
exit 3
;;
configtest)
configtest
;;
status)
rh_status
;;
*)
usage
exit 2
;;
esac
exit $?

5
dhcpd6.service
View File

@ -4,7 +4,10 @@ After=syslog.target network.target
[Service]
EnvironmentFile=/etc/sysconfig/dhcpd6
ExecStart=/usr/sbin/dhcpd -d -6 -user dhcpd -group dhcpd --no-pid $DHCPDARGS
# For the case where /var/lib/dhcpd/dhcpd6.leases is owned by root:root as a
# consequence of running dhcpd without '-user dhcpd -group dhcpd'
ExecStartPre=/bin/chown -R dhcpd:dhcpd /var/lib/dhcpd/
ExecStart=/usr/sbin/dhcpd -d -6 -cf /etc/dhcp/dhcpd6.conf -user dhcpd -group dhcpd --no-pid $DHCPDARGS
[Install]
WantedBy=multi-user.target

121
dhcrelay.init
View File

@ -1,121 +0,0 @@
#!/bin/sh
#
### BEGIN INIT INFO
# Provides: dhcrelay
# Default-Start:
# Default-Stop:
# Should-Start:
# Required-Start: $network
# Required-Stop:
# Short-Description: Start and stop the DHCP relay server
# Description: dhcrelay provides the Dynamic Host Configuration Protocol (DHCP)
# relay server. This is required when your DHCP server is on
# another network segment from the clients.
### END INIT INFO
#
# The fields below are left around for legacy tools (will remove later).
#
# chkconfig: - 65 35
# description: dhcrelay provides a relay for Dynamic Host Control Protocol.
# processname: dhcrelay
# # pidfile: /var/run/dhcrelay.pid
. /etc/rc.d/init.d/functions
RETVAL=0
prog=dhcrelay
exec=/usr/sbin/dhcrelay
lockfile=/var/lock/subsys/dhcrelay
pidfile=/var/run/dhcrelay.pid
config=/etc/sysconfig/dhcrelay
# The dhcrelay daemon uses the sysconfig file for configuration information.
# There is no native configuration file for this program and you must specify
# its settings on the command line.
[ -f /etc/sysconfig/dhcrelay ] && . /etc/sysconfig/dhcrelay
configtest() {
[ -x $exec ] || exit 5
[ -f $config ] || exit 6
[ -z "$DHCPSERVERS" ] && exit 6
return 0
}
rh_status() {
status $exec
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
start() {
[ `id -u` -eq 0 ] || exit 4
[ -x $exec ] || exit 5
[ -f $config ] || exit 6
rh_status_q && return 0
echo -n $"Starting $prog: "
daemon $exec $DHCRELAYARGS 2>/dev/null
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch $lockfile
return $RETVAL
}
stop() {
[ `id -u` -eq 0 ] || exit 4
rh_status_q || return 0
echo -n $"Shutting down $prog: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $lockfile
return $RETVAL
}
usage() {
echo $"Usage: $0 {start|stop|restart|force-reload|condrestart|try-restart|configtest|status}"
}
if [ $# -gt 1 ]; then
exit 2
fi
case "$1" in
start)
start
;;
stop)
stop
;;
restart|force-reload)
stop ; start
;;
condrestart|try-restart)
rh_status_q || exit 0
stop ; start
;;
reload)
usage
# unimplemented feature
exit 3
;;
configtest)
configtest
;;
status)
rh_status
;;
*)
usage
exit 2
;;
esac
exit $?