From 94ec5da03a1d2353dd36b4ded1b5dc8a916b379b Mon Sep 17 00:00:00 2001 From: Jiri Popelka Date: Thu, 4 Nov 2010 20:12:23 +0100 Subject: [PATCH] Add domain part of hostname to 'search' statement in resolv.conf --- dhclient-script | 72 +++++++++++++++++++++++++++++++++++++++++++++---- dhcp.spec | 2 ++ 2 files changed, 69 insertions(+), 5 deletions(-) diff --git a/dhclient-script b/dhclient-script index 72f4103..af8b822 100755 --- a/dhclient-script +++ b/dhclient-script @@ -67,6 +67,51 @@ save_previous() { fix_context ${savefile} } +eventually_add_hostnames_domain_to_search() { +# For the case when hostname for this machine has a domain that is not in domain_search list +# 1) get a hostname with `ipcalc --hostname` or `hostname` +# 2) get the domain from this hostname +# 3) add this domain to search line in resolv.conf if it's not already +# there (domain list that we have recently added there is a parameter of this function) +# We can't do this directly when generating resolv.conf in make_resolv_conf(), because +# we need to first save the resolv.conf with obtained values before we can call `ipcalc --hostname`. +# See bug 637763 + search="${1}" + if need_hostname; then + status=1 + if [ -n "${new_ip_address}" ]; then + eval $(/bin/ipcalc --silent --hostname ${new_ip_address} ; echo "status=$?") + elif [ -n "${new_ip6_address}" ]; then + eval $(/bin/ipcalc --silent --hostname ${new_ip6_address} ; echo "status=$?") + fi + + if [ ${status} -eq 0 ]; then + domain=$(echo $HOSTNAME | cut -s -d "." -f 2-) + fi + else + domain=$(hostname 2>/dev/null | cut -s -d "." -f 2-) + fi + + if [ -n "${domain}" ] && + [ ! "${domain}" = "localdomain" ] && + [ ! "${domain}" = "localdomain6" ] && + [ ! "${domain}" = "(none)" ] && + [[ ! "${domain}" = *\ * ]]; then + is_in="false" + for s in ${search}; do + if [ "${s}" = "${domain}" ] || + [ "${s}" = "${domain}." ]; then + is_in="true" + fi + done + + if [ "${is_in}" = "false" ]; then + # Add domain name to search list (#637763) + sed -i -e "s/${search}/${search} ${domain}/" /etc/resolv.conf + fi + fi +} + make_resolv_conf() { [ "${PEERDNS}" = "no" ] && return @@ -84,18 +129,23 @@ make_resolv_conf() { echo "; generated by /sbin/dhclient-script" > ${rscf} if [ -n "${SEARCH}" ]; then - echo "search ${SEARCH}" >> $rscf + search="${SEARCH}" else if [ -n "${new_domain_search}" ]; then - echo "search ${new_domain_search//\\032/ }" >> ${rscf} + # Remove instaces of \032 (#450042) + search="${new_domain_search//\\032/ }" elif [ -n "${new_domain_name}" ]; then # Note that the DHCP 'Domain Name Option' is really just a domain # name, and that this practice of using the domain name option as # a search path is both nonstandard and deprecated. - echo "search ${new_domain_name//\\032/ }" >> ${rscf} + search="${new_domain_name}" fi fi + if [ -n "${search}" ]; then + echo "search ${search}" >> $rscf + fi + if [ -n "${RES_OPTIONS}" ]; then echo "options ${RES_OPTIONS}" >> ${rscf} fi @@ -107,6 +157,10 @@ make_resolv_conf() { change_resolv_conf ${rscf} rm -f ${rscf} + if [ -n "${search}" ]; then + eventually_add_hostnames_domain_to_search "${search}" + fi + fix_context /etc/resolv.conf elif [ -n "${new_dhcp6_name_servers}" ] || [ -n "${new_dhcp6_domain_search}" ]; then @@ -115,13 +169,17 @@ make_resolv_conf() { echo "; generated by /sbin/dhclient-script" > ${rscf} if [ -n "${SEARCH}" ]; then - echo "search ${SEARCH}" >> $rscf + search="${SEARCH}" else if [ -n "${new_dhcp6_domain_search}" ]; then - echo "search ${new_dhcp6_domain_search//\\032/ }" >> ${rscf} + search="${new_dhcp6_domain_search//\\032/ }" fi fi + if [ -n "${search}" ]; then + echo "search ${search}" >> $rscf + fi + if [ -n "${RES_OPTIONS}" ]; then echo "options ${RES_OPTIONS}" >> ${rscf} fi @@ -133,6 +191,10 @@ make_resolv_conf() { change_resolv_conf ${rscf} rm -f ${rscf} + if [ -n "${search}" ]; then + eventually_add_hostnames_domain_to_search "${search}" + fi + fix_context /etc/resolv.conf fi } diff --git a/dhcp.spec b/dhcp.spec index 87bbb87..d88d96e 100644 --- a/dhcp.spec +++ b/dhcp.spec @@ -577,6 +577,8 @@ fi %changelog * Thu Nov 04 2010 Jiri Popelka - 12:4.2.0-16.P1 - 4.2.0-P1: fix for CVE-2010-3611 (#649880) +- dhclient-script: when updating 'search' statement in resolv.conf, + add domain part of hostname if it's not already there (#637763) * Wed Oct 20 2010 Adam Tkac - 12:4.2.0-15 - build dhcp's libraries as shared libs instead of static libs