- move /etc/dhcp.conf to /etc/dhcp.conf.rpmsave in %post (#561094)
- document -nc option in dhclient(8) man page
This commit is contained in:
Jiří Popelka
parent
79859968bb
commit
cd8c86f398
@ -1,6 +1,42 @@
|
||||
diff -up dhcp-4.1.1/client/dhclient.8.capability dhcp-4.1.1/client/dhclient.8
|
||||
--- dhcp-4.1.1/client/dhclient.8.capability 2010-02-03 11:19:39.854958099 -0500
|
||||
+++ dhcp-4.1.1/client/dhclient.8 2010-02-03 11:44:57.949895909 -0500
|
||||
@@ -381,6 +381,32 @@ Do not configure any interfaces. Most u
|
||||
option.
|
||||
|
||||
.TP
|
||||
+.BI \-nc
|
||||
+Do not drop capabilities.
|
||||
+
|
||||
+Normally, if
|
||||
+.B dhclient
|
||||
+was compiled with libcap-ng support,
|
||||
+.B dhclient
|
||||
+drops most capabilities immediately upon startup. While more secure,
|
||||
+this greatly restricts the additional actions that hooks in
|
||||
+.B dhclient-script (8)
|
||||
+can take. (For example, any daemons that
|
||||
+.B dhclient-script (8)
|
||||
+starts or restarts will inherit the restricted capabilities as well,
|
||||
+which may interfere with their correct operation.) Thus, the
|
||||
+.BI \-nc
|
||||
+option can be used to prevent
|
||||
+.B dhclient
|
||||
+from dropping capabilities.
|
||||
+
|
||||
+The
|
||||
+.BI \-nc
|
||||
+option is ignored if
|
||||
+.B dhclient
|
||||
+was not compiled with libcap-ng support.
|
||||
+
|
||||
+.TP
|
||||
.BI \-nw
|
||||
Become a daemon process immediately (nowait) rather than waiting until an IP
|
||||
address has been acquired.
|
||||
diff -up dhcp-4.1.1/client/dhclient.c.capability dhcp-4.1.1/client/dhclient.c
|
||||
--- dhcp-4.1.1/client/dhclient.c.capability 2010-02-02 11:58:29.000000000 +0100
|
||||
+++ dhcp-4.1.1/client/dhclient.c 2010-02-02 12:04:39.000000000 +0100
|
||||
--- dhcp-4.1.1/client/dhclient.c.capability 2010-02-03 11:19:39.876957973 -0500
|
||||
+++ dhcp-4.1.1/client/dhclient.c 2010-02-03 11:46:14.665957658 -0500
|
||||
@@ -37,6 +37,9 @@
|
||||
#include <sys/time.h>
|
||||
#include <sys/wait.h>
|
||||
@ -25,8 +61,8 @@ diff -up dhcp-4.1.1/client/dhclient.c.capability dhcp-4.1.1/client/dhclient.c
|
||||
}
|
||||
|
||||
dhclient_request_options = argv[i];
|
||||
+#ifdef HAVE_LIBCAP_NG
|
||||
+ } else if (!strcmp(argv[i], "-nc")) {
|
||||
+#ifdef HAVE_LIBCAP_NG
|
||||
+ keep_capabilities = 1;
|
||||
+#endif
|
||||
} else if (argv[i][0] == '-') {
|
||||
@ -53,8 +89,8 @@ diff -up dhcp-4.1.1/client/dhclient.c.capability dhcp-4.1.1/client/dhclient.c
|
||||
initialize_common_option_spaces();
|
||||
|
||||
diff -up dhcp-4.1.1/client/Makefile.am.capability dhcp-4.1.1/client/Makefile.am
|
||||
--- dhcp-4.1.1/client/Makefile.am.capability 2008-11-18 23:33:22.000000000 +0100
|
||||
+++ dhcp-4.1.1/client/Makefile.am 2010-02-02 12:05:31.000000000 +0100
|
||||
--- dhcp-4.1.1/client/Makefile.am.capability 2008-11-18 17:33:22.000000000 -0500
|
||||
+++ dhcp-4.1.1/client/Makefile.am 2010-02-03 11:19:39.895958083 -0500
|
||||
@@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c
|
||||
scripts/netbsd scripts/nextstep scripts/openbsd \
|
||||
scripts/solaris scripts/openwrt
|
||||
@ -65,8 +101,8 @@ diff -up dhcp-4.1.1/client/Makefile.am.capability dhcp-4.1.1/client/Makefile.am
|
||||
EXTRA_DIST = $(man_MANS)
|
||||
|
||||
diff -up dhcp-4.1.1/configure.ac.capability dhcp-4.1.1/configure.ac
|
||||
--- dhcp-4.1.1/configure.ac.capability 2010-02-02 11:58:29.000000000 +0100
|
||||
+++ dhcp-4.1.1/configure.ac 2010-02-02 12:07:04.000000000 +0100
|
||||
--- dhcp-4.1.1/configure.ac.capability 2010-02-03 11:19:39.806895971 -0500
|
||||
+++ dhcp-4.1.1/configure.ac 2010-02-03 11:19:39.895958083 -0500
|
||||
@@ -419,6 +419,41 @@ AC_TRY_LINK(
|
||||
# Look for optional headers.
|
||||
AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
Summary: Dynamic host configuration protocol software
|
||||
Name: dhcp
|
||||
Version: %{basever}
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
# NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to
|
||||
# dcantrell maintaining the package) made incorrect use of the epoch and
|
||||
# that's why it is at 12 now. It should have never been used, but it was.
|
||||
@ -384,6 +384,7 @@ prevconf="%{_sysconfdir}/dhcpd.conf"
|
||||
if [ ! -z "${prevconf}" ]; then
|
||||
if [ ! -f %{dhcpconfdir}/dhcpd.conf -o "${sampleconf}" = "${contents}" ]; then
|
||||
/bin/cp -a ${prevconf} %{dhcpconfdir}/dhcpd.conf >/dev/null 2>&1
|
||||
/bin/mv ${prevconf} ${prevconf}.rpmsave >/dev/null 2>&1
|
||||
if [ -x /sbin/restorecon ]; then
|
||||
/sbin/restorecon %{dhcpconfdir}/dhcpd.conf >/dev/null 2>&1
|
||||
fi
|
||||
@ -499,6 +500,10 @@ fi
|
||||
%attr(0644,root,root) %{_mandir}/man3/omapi.3.gz
|
||||
|
||||
%changelog
|
||||
* Wed Feb 03 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.1.1-3
|
||||
- move /etc/dhcp.conf to /etc/dhcp.conf.rpmsave in %%post (#561094)
|
||||
- document -nc option in dhclient(8) man page
|
||||
|
||||
* Tue Feb 02 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.1.1-2
|
||||
- Fix capability patch (#546765)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user