rpms/dhcp
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- Fix dhclient.conf man page and sample config file to say 'supersede

Browse Source 
domain-search', which is what was actually demonstrated (#467955)
This commit is contained in:
David Cantrell 2008-10-23 20:07:49 +00:00
parent f1ade682c4
commit eb72a55a2b
3 changed files with 284 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
dhcp-4.0.0-invalid-dhclient-conf.patch Normal file
View File

@ -0,0 +1,16 @@
diff -up dhcp-4.0.0/client/dhclient.conf.invalid dhcp-4.0.0/client/dhclient.conf
--- dhcp-4.0.0/client/dhclient.conf.invalid 1997-06-02 12:50:44.000000000 -1000
+++ dhcp-4.0.0/client/dhclient.conf 2008-10-23 10:01:58.000000000 -1000
@@ -1,10 +1,10 @@
send host-name "andare.fugue.com";
send dhcp-client-identifier 1:0:a0:24:ab:fb:9c;
send dhcp-lease-time 3600;
-supersede domain-name "fugue.com home.vix.com";
+supersede domain-search "fugue.com home.vix.com";
prepend domain-name-servers 127.0.0.1;
request subnet-mask, broadcast-address, time-offset, routers,
- domain-name, domain-name-servers, host-name;
+ domain-search, domain-name, domain-name-servers, host-name;
require subnet-mask, domain-name-servers;
timeout 60;
retry 60;

409
dhcp-4.0.0-manpages.patch
View File

@ -1,109 +1,7 @@
diff -up dhcp-4.0.0/server/dhcpd.conf.5.manpages dhcp-4.0.0/server/dhcpd.conf.5
--- dhcp-4.0.0/server/dhcpd.conf.5.manpages 2007-11-20 08:34:37.000000000 -1000
+++ dhcp-4.0.0/server/dhcpd.conf.5 2008-01-02 11:26:38.000000000 -1000
@@ -513,6 +513,9 @@ pool {
};
.fi
.PP
+Dynamic BOOTP leases are not compatible with failover, and, as such,
+you need to disallow BOOTP in pools that you are using failover for.
+.PP
The server currently does very little sanity checking, so if you
configure it wrong, it will just fail in odd ways. I would recommend
therefore that you either do failover or don't do failover, but don't
@@ -527,9 +530,9 @@ primary server might look like this:
failover peer "foo" {
primary;
address anthrax.rc.vix.com;
- port 519;
+ port 647;
peer address trantor.rc.vix.com;
- peer port 520;
+ peer port 847;
max-response-delay 60;
max-unacked-updates 10;
mclt 3600;
@@ -588,9 +591,7 @@ statement
.B port \fIport-number\fR\fB;\fR
.PP
The \fBport\fR statement declares the TCP port on which the server
-should listen for connections from its failover peer. This statement
-may not currently be omitted, because the failover protocol does not
-yet have a reserved TCP port number.
+should listen for connections from its failover peer.
.RE
.PP
The
@@ -602,10 +603,8 @@ statement
.PP
The \fBpeer port\fR statement declares the TCP port to which the
server should connect to reach its failover peer for failover
-messages. This statement may not be omitted because the failover
-protocol does not yet have a reserved TCP port number. The port
-number declared in the \fBpeer port\fR statement may be the same as
-the port number declared in the \fBport\fR statement.
+messages. The port number declared in the \fBpeer port\fR statement
+may be the same as the port number declared in the \fBport\fR statement.
.RE
.PP
The
@@ -1272,7 +1271,7 @@ the zone containing PTR records - for IS
.PP
.nf
key DHCP_UPDATER {
- algorithm HMAC-MD5.SIG-ALG.REG.INT;
+ algorithm hmac-md5;
secret pRP5FapFoJ95JEL06sv4PQ==;
};
@@ -1295,7 +1294,7 @@ dhcpd.conf file:
.PP
.nf
key DHCP_UPDATER {
- algorithm HMAC-MD5.SIG-ALG.REG.INT;
+ algorithm hmac-md5;
secret pRP5FapFoJ95JEL06sv4PQ==;
};
@@ -2433,7 +2432,8 @@ statement
The \fInext-server\fR statement is used to specify the host address of
the server from which the initial boot file (specified in the
\fIfilename\fR statement) is to be loaded. \fIServer-name\fR should
-be a numeric IP address or a domain name.
+be a numeric IP address or a domain name. If no \fInext-server\fR statement
+applies to a given client, the address 0.0.0.0 is used.
.RE
.PP
The
diff -up dhcp-4.0.0/common/dhcp-options.5.manpages dhcp-4.0.0/common/dhcp-options.5
--- dhcp-4.0.0/common/dhcp-options.5.manpages 2007-09-17 07:52:01.000000000 -1000
+++ dhcp-4.0.0/common/dhcp-options.5 2008-01-02 11:26:38.000000000 -1000
@@ -896,6 +896,21 @@ classless IP routing - it does not inclu
classless IP routing is now the most widely deployed routing standard,
this option is virtually useless, and is not implemented by any of the
popular DHCP clients, for example the Microsoft DHCP client.
+.PP
+NOTE to @PRODUCTNAME@ dhclient users:
+.br
+dhclient-script interprets trailing 0 octets of the target as indicating
+the subnet class of the route, so for the following static-routes value:
+.br
+ option static-routes 172.0.0.0 172.16.2.254,
+.br
+ 192.168.0.0 192.168.2.254;
+.br
+dhclient-script will create routes:
+.br
+ 172/8 via 172.16.2.254 dev $interface
+.br
+ 192.168/16 via 192.168.2.254 dev $interface
.RE
.PP
.nf
diff -up dhcp-4.0.0/client/dhclient-script.8.manpages dhcp-4.0.0/client/dhclient-script.8
--- dhcp-4.0.0/client/dhclient-script.8.manpages 2006-02-24 13:16:27.000000000 -1000
+++ dhcp-4.0.0/client/dhclient-script.8 2008-01-02 11:26:38.000000000 -1000
@@ -47,7 +47,7 @@ customizations are needed, they should b
+++ dhcp-4.0.0/client/dhclient-script.8 2008-10-23 09:58:40.000000000 -1000
@@ -47,16 +47,16 @@ customizations are needed, they should b
exit hooks provided (see HOOKS for details). These hooks will allow the
user to override the default behaviour of the client in creating a
.B /etc/resolv.conf
@ -112,71 +10,80 @@ diff -up dhcp-4.0.0/client/dhclient-script.8.manpages dhcp-4.0.0/client/dhclient
.PP
No standard client script exists for some operating systems, even though
the actual client may work, so a pioneering user may well need to create
@@ -91,6 +91,26 @@ present. The
.B ETCDIR/dhclient-exit-hooks
a new script or modify an existing one. In general, customizations specific
to a particular computer should be done in the
-.B ETCDIR/dhclient.conf
+.B /usr/local/etc/dhclient.conf
file. If you find that you can't make such a customization without
customizing
-.B ETCDIR/dhclient.conf
+.B /usr/local/etc/dhclient.conf
or using the enter and exit hooks, please submit a bug report.
.SH HOOKS
When it starts, the client script first defines a shell function,
@@ -68,33 +68,53 @@ the enter hook script.
.PP
On after defining the make_resolv_conf function, the client script checks
for the presence of an executable
-.B ETCDIR/dhclient-enter-hooks
+.B /usr/local/etc/dhclient-enter-hooks
script, and if present, it invokes the script inline, using the Bourne
shell '.' command. The entire environment documented under OPERATION
is available to this script, which may modify the environment if needed
to change the behaviour of the script. If an error occurs during the
execution of the script, it can set the exit_status variable to a nonzero
value, and
-.B CLIENTBINDIR/dhclient-script
+.B /sbin/dhclient-script
will exit with that error code immediately after the client script exits.
.PP
After all processing has completed,
-.B CLIENTBINDIR/dhclient-script
+.B /sbin/dhclient-script
checks for the presence of an executable
-.B ETCDIR/dhclient-exit-hooks
+.B /usr/local/etc/dhclient-exit-hooks
script, which if present is invoked using the '.' command. The exit
status of dhclient-script will be passed to dhclient-exit-hooks in the
exit_status shell variable, and will always be zero if the script
succeeded at the task for which it was invoked. The rest of the
environment as described previously for dhclient-enter-hooks is also
present. The
-.B ETCDIR/dhclient-exit-hooks
+.B /usr/local/etc/dhclient-exit-hooks
script can modify the valid of exit_status to change the exit status
of dhclient-script.
+.PP
+Immediately after dhclient brings an interface UP with a new IP address,
+subnet mask, and routes, in the REBOOT/BOUND states, it will check for the
+existence of an executable
+.B ETCDIR/dhclient-up-hooks
+.B /usr/local/etc/dhclient-up-hooks
+script, and source it if found. This script can handle DHCP options in
+the environment that are not handled by default. A per-interface.
+.B ETCDIR/dhclient-${IF}-up-hooks
+.B /usr/local/etc/dhclient-${IF}-up-hooks
+script will override the generic script and be sourced when interface
+$IF has been brought up.
+.PP
+Immediately before dhclient brings an interface DOWN, removing its IP
+address, subnet mask, and routes, in the STOP/RELEASE states, it will
+check for the existence of an executable
+.B ETCDIR/dhclient-down-hooks
+.B /usr/local/etc/dhclient-down-hooks
+script, and source it if found. This script can handle DHCP options in
+the environment that are not handled by default. A per-interface
+.B ETCDIR/dhclient-${IF}-down-hooks
+.B /usr/local/etc/dhclient-${IF}-down-hooks
+script will override the generic script and be sourced when interface
+$IF is about to be brought down.
.SH OPERATION
When dhclient needs to invoke the client configuration script, it
defines a set of variables in the environment, and then invokes
diff -up dhcp-4.0.0/client/dhclient.conf.5.manpages dhcp-4.0.0/client/dhclient.conf.5
--- dhcp-4.0.0/client/dhclient.conf.5.manpages 2007-08-23 06:06:08.000000000 -1000
+++ dhcp-4.0.0/client/dhclient.conf.5 2008-01-02 11:26:38.000000000 -1000
@@ -186,9 +186,9 @@ responding to the client send the client
options. Only the option names should be specified in the request
statement - not option parameters. By default, the DHCP server
requests the subnet-mask, broadcast-address, time-offset, routers,
-domain-name, domain-name-servers and host-name options. Note that if
-you enter a 'request' statement, you over-ride this default and these
-options will not be requested.
+domain-name, domain-name-servers host-name, nis-domain, nis-servers,
+and ntp-servers options. Note that if you enter a 'request' statement,
+you over-ride this default and these options will not be requested.
.PP
In some cases, it may be desirable to send no parameter request list
at all. To do this, simply write the request statement but specify
@@ -626,6 +626,18 @@ database and will record the media type
Whenever the client tries to renew the lease, it will use that same
media type. The lease must expire before the client will go back to
cycling through media types.
+.PP
+ \fBbootp-broadcast-always;\fR
+.PP
+The
+.B bootp-broadcast-always
+statement instructs dhclient to always set the bootp broadcast flag in
+request packets, so that servers will always broadcast replies.
+This is equivalent to supplying the dhclient -B argument, and has
+the same effect as specifying 'always-broadcast' in the server's dhcpd.conf.
+This option is provided as an extension to enable dhclient to work
+on IBM s390 Linux guests.
+.PP
.SH SAMPLE
The following configuration file is used on a laptop running NetBSD
1.3. The laptop has an IP alias of 192.5.5.213, and has one
-.B CLIENTBINDIR/dhclient-script.
+.B /sbin/dhclient-script.
In all cases, $reason is set to the name of the reason why the script
has been invoked. The following reasons are currently defined:
MEDIUM, PREINIT, BOUND, RENEW, REBIND, REBOOT, EXPIRE, FAIL, STOP, RELEASE,
diff -up dhcp-4.0.0/client/dhclient.8.manpages dhcp-4.0.0/client/dhclient.8
--- dhcp-4.0.0/client/dhclient.8.manpages 2007-10-04 07:13:25.000000000 -1000
+++ dhcp-4.0.0/client/dhclient.8 2008-01-02 11:26:38.000000000 -1000
+++ dhcp-4.0.0/client/dhclient.8 2008-10-23 09:58:40.000000000 -1000
@@ -91,6 +91,33 @@ relay
.B -w
]
@ -344,19 +251,19 @@ diff -up dhcp-4.0.0/client/dhclient.8.manpages dhcp-4.0.0/client/dhclient.8
+.TP
+.BI \-lf\ <lease-file>
+Path to the lease database file. If unspecified, the default
+.B DBDIR/dhclient.leases
+.B /private/var/db/dhclient/dhclient.leases
+is used.
+
+.TP
+.BI \-pf\ <pid-file>
+Path to the process ID file. If unspecified, the default
+.B RUNDIR/dhclient.pid
+.B /private/var/run/dhclient.pid
+is used.
+
+.TP
+.BI \-cf\ <config-file>
+Path to the client configuration file. If unspecified, the default
+.B ETCDIR/dhclient.conf
+.B /usr/local/etc/dhclient.conf
+is used.
+
+.TP
@ -364,7 +271,7 @@ diff -up dhcp-4.0.0/client/dhclient.8.manpages dhcp-4.0.0/client/dhclient.8
+Path to the network configuration script invoked by
+.B dhclient
+when it gets a lease. If unspecified, the default
+.B CLIENTBINDIR/dhclient-script
+.B /sbin/dhclient-script
+is used.
+
+.TP
@ -531,3 +438,205 @@ diff -up dhcp-4.0.0/client/dhclient.8.manpages dhcp-4.0.0/client/dhclient.8
.SH CONFIGURATION
The syntax of the dhclient.conf(5) file is discussed separately.
.SH OMAPI
@@ -338,9 +421,9 @@ do a DHCPRELEASE. To pause it, set its
resume it, set its state attribute to 4.
.PP
.SH FILES
-.B CLIENTBINDIR/dhclient-script,
-.B ETCDIR/dhclient.conf, DBDIR/dhclient.leases, RUNDIR/dhclient.pid,
-.B DBDIR/dhclient.leases~.
+.B /sbin/dhclient-script,
+.B /usr/local/etc/dhclient.conf, /private/var/db/dhclient/dhclient.leases, /private/var/run/dhclient.pid,
+.B /private/var/db/dhclient/dhclient.leases~.
.SH SEE ALSO
dhcpd(8), dhcrelay(8), dhclient-script(8), dhclient.conf(5),
dhclient.leases(5), dhcp-eval(5).
diff -up dhcp-4.0.0/client/dhclient.conf.5.manpages dhcp-4.0.0/client/dhclient.conf.5
--- dhcp-4.0.0/client/dhclient.conf.5.manpages 2007-08-23 06:06:08.000000000 -1000
+++ dhcp-4.0.0/client/dhclient.conf.5 2008-10-23 10:01:34.000000000 -1000
@@ -186,9 +186,9 @@ responding to the client send the client
options. Only the option names should be specified in the request
statement - not option parameters. By default, the DHCP server
requests the subnet-mask, broadcast-address, time-offset, routers,
-domain-name, domain-name-servers and host-name options. Note that if
-you enter a 'request' statement, you over-ride this default and these
-options will not be requested.
+domain-name, domain-name-servers host-name, nis-domain, nis-servers,
+and ntp-servers options. Note that if you enter a 'request' statement,
+you over-ride this default and these options will not be requested.
.PP
In some cases, it may be desirable to send no parameter request list
at all. To do this, simply write the request statement but specify
@@ -626,6 +626,18 @@ database and will record the media type
Whenever the client tries to renew the lease, it will use that same
media type. The lease must expire before the client will go back to
cycling through media types.
+.PP
+ \fBbootp-broadcast-always;\fR
+.PP
+The
+.B bootp-broadcast-always
+statement instructs dhclient to always set the bootp broadcast flag in
+request packets, so that servers will always broadcast replies.
+This is equivalent to supplying the dhclient -B argument, and has
+the same effect as specifying 'always-broadcast' in the server's dhcpd.conf.
+This option is provided as an extension to enable dhclient to work
+on IBM s390 Linux guests.
+.PP
.SH SAMPLE
The following configuration file is used on a laptop running NetBSD
1.3. The laptop has an IP alias of 192.5.5.213, and has one
@@ -647,12 +659,12 @@ interface "ep0" {
send host-name "andare.fugue.com";
send dhcp-client-identifier 1:0:a0:24:ab:fb:9c;
send dhcp-lease-time 3600;
- supersede domain-name "fugue.com rc.vix.com home.vix.com";
+ supersede domain-search "fugue.com rc.vix.com home.vix.com";
prepend domain-name-servers 127.0.0.1;
request subnet-mask, broadcast-address, time-offset, routers,
- domain-name, domain-name-servers, host-name;
+ domain-search, domain-name, domain-name-servers, host-name;
require subnet-mask, domain-name-servers;
- script "CLIENTBINDIR/dhclient-script";
+ script "/sbin/dhclient-script";
media "media 10baseT/UTP", "media 10base2/BNC";
}
diff -up dhcp-4.0.0/common/dhcp-options.5.manpages dhcp-4.0.0/common/dhcp-options.5
--- dhcp-4.0.0/common/dhcp-options.5.manpages 2007-09-17 07:52:01.000000000 -1000
+++ dhcp-4.0.0/common/dhcp-options.5 2008-10-23 09:58:40.000000000 -1000
@@ -896,6 +896,21 @@ classless IP routing - it does not inclu
classless IP routing is now the most widely deployed routing standard,
this option is virtually useless, and is not implemented by any of the
popular DHCP clients, for example the Microsoft DHCP client.
+.PP
+NOTE to Fedora dhclient users:
+.br
+dhclient-script interprets trailing 0 octets of the target as indicating
+the subnet class of the route, so for the following static-routes value:
+.br
+ option static-routes 172.0.0.0 172.16.2.254,
+.br
+ 192.168.0.0 192.168.2.254;
+.br
+dhclient-script will create routes:
+.br
+ 172/8 via 172.16.2.254 dev $interface
+.br
+ 192.168/16 via 192.168.2.254 dev $interface
.RE
.PP
.nf
diff -up dhcp-4.0.0/server/dhcpd.conf.5.manpages dhcp-4.0.0/server/dhcpd.conf.5
--- dhcp-4.0.0/server/dhcpd.conf.5.manpages 2007-11-20 08:34:37.000000000 -1000
+++ dhcp-4.0.0/server/dhcpd.conf.5 2008-10-23 09:58:40.000000000 -1000
@@ -513,6 +513,9 @@ pool {
};
.fi
.PP
+Dynamic BOOTP leases are not compatible with failover, and, as such,
+you need to disallow BOOTP in pools that you are using failover for.
+.PP
The server currently does very little sanity checking, so if you
configure it wrong, it will just fail in odd ways. I would recommend
therefore that you either do failover or don't do failover, but don't
@@ -527,9 +530,9 @@ primary server might look like this:
failover peer "foo" {
primary;
address anthrax.rc.vix.com;
- port 519;
+ port 647;
peer address trantor.rc.vix.com;
- peer port 520;
+ peer port 847;
max-response-delay 60;
max-unacked-updates 10;
mclt 3600;
@@ -588,9 +591,7 @@ statement
.B port \fIport-number\fR\fB;\fR
.PP
The \fBport\fR statement declares the TCP port on which the server
-should listen for connections from its failover peer. This statement
-may not currently be omitted, because the failover protocol does not
-yet have a reserved TCP port number.
+should listen for connections from its failover peer.
.RE
.PP
The
@@ -602,10 +603,8 @@ statement
.PP
The \fBpeer port\fR statement declares the TCP port to which the
server should connect to reach its failover peer for failover
-messages. This statement may not be omitted because the failover
-protocol does not yet have a reserved TCP port number. The port
-number declared in the \fBpeer port\fR statement may be the same as
-the port number declared in the \fBport\fR statement.
+messages. The port number declared in the \fBpeer port\fR statement
+may be the same as the port number declared in the \fBport\fR statement.
.RE
.PP
The
@@ -1272,7 +1271,7 @@ the zone containing PTR records - for IS
.PP
.nf
key DHCP_UPDATER {
- algorithm HMAC-MD5.SIG-ALG.REG.INT;
+ algorithm hmac-md5;
secret pRP5FapFoJ95JEL06sv4PQ==;
};
@@ -1295,7 +1294,7 @@ dhcpd.conf file:
.PP
.nf
key DHCP_UPDATER {
- algorithm HMAC-MD5.SIG-ALG.REG.INT;
+ algorithm hmac-md5;
secret pRP5FapFoJ95JEL06sv4PQ==;
};
@@ -2240,7 +2239,7 @@ statement
.PP
.I Name
should be the name of the DHCP server's lease file. By default, this
-is DBDIR/dhcpd.leases. This statement \fBmust\fR appear in the outer
+is /private/var/db/dhcpd/dhcpd.leases. This statement \fBmust\fR appear in the outer
scope of the configuration file - if it appears in some other scope,
it will have no effect. Furthermore, it has no effect if overridden
by the
@@ -2275,7 +2274,7 @@ statement
.PP
.I Name
is the name of the lease file to use if and only if the server is running
-in DHCPv6 mode. By default, this is DBDIR/dhcpd6.leases. This statement,
+in DHCPv6 mode. By default, this is /private/var/db/dhcpd/dhcpd6.leases. This statement,
like
.I lease-file-name,
\fBmust\fR appear in the outer scope of the configuration file. It
@@ -2433,7 +2432,8 @@ statement
The \fInext-server\fR statement is used to specify the host address of
the server from which the initial boot file (specified in the
\fIfilename\fR statement) is to be loaded. \fIServer-name\fR should
-be a numeric IP address or a domain name.
+be a numeric IP address or a domain name. If no \fInext-server\fR statement
+applies to a given client, the address 0.0.0.0 is used.
.RE
.PP
The
@@ -2478,7 +2478,7 @@ statement
.I Name
should be the name of the DHCP server's process ID file. This is the
file in which the DHCP server's process ID is stored when the server
-starts. By default, this is RUNDIR/dhcpd.pid. Like the
+starts. By default, this is /private/var/run/dhcpd.pid. Like the
.I lease-file-name
statement, this statement must appear in the outer scope
of the configuration file. It has no effect if overridden by the
@@ -2496,7 +2496,7 @@ statement
.PP
.I Name
is the name of the pid file to use if and only if the server is running
-in DHCPv6 mode. By default, this is DBDIR/dhcpd6.pid. This statement,
+in DHCPv6 mode. By default, this is /private/var/db/dhcpd/dhcpd6.pid. This statement,
like
.I pid-file-name,
\fBmust\fR appear in the outer scope of the configuration file. It

10
dhcp.spec
View File

@ -4,7 +4,7 @@
Summary: DHCP (Dynamic Host Configuration Protocol) server and relay agent
Name: dhcp
Version: 4.0.0
Release: 29%{?dist}
Release: 30%{?dist}
# NEVER CHANGE THE EPOCH on this package. The previous maintainer (prior to
# dcantrell maintaining the package) made incorrect use of the epoch and
# that's why it is at 12 now. It should have never been used, but it was.
@ -48,6 +48,7 @@ Patch18: %{name}-4.0.0-libdhcp4client.patch
Patch19: %{name}-4.0.0-inherit-leases.patch
Patch20: %{name}-4.0.0-garbage-chars.patch
Patch21: %{name}-4.0.0-port-validation.patch
Patch22: %{name}-4.0.0-invalid-dhclient-conf.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: autoconf
@ -208,6 +209,9 @@ client library.
# to make sure they are within 1-65535, inclusive. (#438149)
%patch21 -p1
# The sample dhclient.conf should say 'supersede domain-search' (#467955)
%patch22 -p1
# Copy in documentation and example scripts for LDAP patch to dhcpd
%{__install} -p -m 0644 %{SOURCE5} .
%{__install} -p -m 0644 %{SOURCE6} doc/
@ -445,6 +449,10 @@ fi
%{_libdir}/libdhcp4client.so
%changelog
* Thu Oct 23 2008 David Cantrell <dcantrell@redhat.com> - 12:4.0.0-30
- Fix dhclient.conf man page and sample config file to say 'supersede
domain-search', which is what was actually demonstrated (#467955)
* Wed Oct 01 2008 David Cantrell <dcantrell@redhat.com> - 12:4.0.0-29
- Make sure /etc/resolv.conf has restorecon run on it (#451560)