#!/bin/bash # # dhclient-script: Network interface configuration script run by # dhclient based on DHCP client communication # # Copyright (C) 2008-2014 Red Hat, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # # Author(s): David Cantrell # Jiri Popelka # # ---------- # This script is a rewrite/reworking on dhclient-script originally # included as part of dhcp-970306: # dhclient-script for Linux. Dan Halbert, March, 1997. # Updated for Linux 2.[12] by Brian J. Murrell, January 1999. # Modified by David Cantrell for Fedora and RHEL # ---------- # PATH=/bin:/usr/bin:/sbin # scripts in dhclient.d/ use $SAVEDIR (#833054) export SAVEDIR=/var/lib/dhclient LOGFACILITY="local7" LOGLEVEL="notice" ETCDIR="/etc/dhcp" RESOLVCONF="/etc/resolv.conf" logmessage() { msg="${1}" logger -p "${LOGFACILITY}.${LOGLEVEL}" -t "NET" "dhclient: ${msg}" } eventually_add_hostnames_domain_to_search() { # For the case when hostname for this machine has a domain that is not in domain_search list # 1) get a hostname with `ipcalc --hostname` or `hostnamectl --transient` # 2) get the domain from this hostname # 3) add this domain to search line in resolv.conf if it's not already # there (domain list that we have recently added there is a parameter of this function) # We can't do this directly when generating resolv.conf in make_resolv_conf(), because # we need to first save the resolv.conf with obtained values before we can call `ipcalc --hostname`. # See bug 637763 search="${1}" if need_hostname; then status=1 if [ -n "${new_ip_address}" ]; then eval $(/usr/bin/ipcalc --silent --hostname "${new_ip_address}" ; echo "status=$?") elif [ -n "${new_ip6_address}" ]; then eval $(/usr/bin/ipcalc --silent --hostname "${new_ip6_address}" ; echo "status=$?") fi if [ ${status} -eq 0 ]; then domain=$(echo "${HOSTNAME}" | cut -s -d "." -f 2-) fi else domain=$(hostnamectl --transient 2>/dev/null | cut -s -d "." -f 2-) fi if [ -n "${domain}" ] && [ ! "${domain}" = "localdomain" ] && [ ! "${domain}" = "localdomain6" ] && [ ! "${domain}" = "(none)" ] && [[ ! "${domain}" = *\ * ]]; then is_in="false" for s in ${search}; do if [ "${s}" = "${domain}" ] || [ "${s}" = "${domain}." ]; then is_in="true" fi done if [ "${is_in}" = "false" ]; then # Add domain name to search list (#637763) sed -i -e "s/${search}/${search} ${domain}/" "${RESOLVCONF}" fi fi } make_resolv_conf() { [ "${PEERDNS}" = "no" ] && return if [ "${reason}" = "RENEW" ] && [ "${new_domain_name}" = "${old_domain_name}" ] && [ "${new_domain_name_servers}" = "${old_domain_name_servers}" ]; then return fi if [ -n "${new_domain_name}" ] || [ -n "${new_domain_name_servers}" ] || [ -n "${new_domain_search}" ]; then rscf="$(mktemp "${TMPDIR:-/tmp}/XXXXXX")" [[ -z "${rscf}" ]] && return echo "; generated by /usr/sbin/dhclient-script" > "${rscf}" if [ -n "${SEARCH}" ]; then search="${SEARCH}" else if [ -n "${new_domain_search}" ]; then # Remove instaces of \032 (#450042) search="${new_domain_search//\\032/ }" elif [ -n "${new_domain_name}" ]; then # Note that the DHCP 'Domain Name Option' is really just a domain # name, and that this practice of using the domain name option as # a search path is both nonstandard and deprecated. search="${new_domain_name}" fi fi if [ -n "${search}" ]; then echo "search ${search}" >> "${rscf}" fi if [ -n "${RES_OPTIONS}" ]; then echo "options ${RES_OPTIONS}" >> "${rscf}" fi if [ -n "${new_domain_name_servers}" ]; then for nameserver in ${new_domain_name_servers} ; do echo "nameserver ${nameserver}" >> "${rscf}" done else # keep 'old' nameservers sed -n /^\w*[Nn][Aa][Mm][Ee][Ss][Ee][Rr][Vv][Ee][Rr]/p "${RESOLVCONF}" >> "${rscf}" fi change_resolv_conf "${rscf}" rm -f "${rscf}" if [ -n "${search}" ]; then eventually_add_hostnames_domain_to_search "${search}" fi elif [ -n "${new_dhcp6_name_servers}" ] || [ -n "${new_dhcp6_domain_search}" ]; then rscf="$(mktemp "${TMPDIR:-/tmp}/XXXXXX")" [[ -z "${rscf}" ]] && return echo "; generated by /usr/sbin/dhclient-script" > "${rscf}" if [ -n "${SEARCH}" ]; then search="${SEARCH}" else if [ -n "${new_dhcp6_domain_search}" ]; then search="${new_dhcp6_domain_search//\\032/ }" fi fi if [ -n "${search}" ]; then echo "search ${search}" >> "${rscf}" fi if [ -n "${RES_OPTIONS}" ]; then echo "options ${RES_OPTIONS}" >> "${rscf}" fi shopt -s nocasematch if [ -n "${new_dhcp6_name_servers}" ]; then for nameserver in ${new_dhcp6_name_servers} ; do # If the nameserver has a link-local address # add a (interface name) to it. if [[ "$nameserver" =~ ^fe80:: ]] then zone_id="%${interface}" else zone_id= fi echo "nameserver ${nameserver}$zone_id" >> "${rscf}" done else # keep 'old' nameservers sed -n /^\w*[Nn][Aa][Mm][Ee][Ss][Ee][Rr][Vv][Ee][Rr]/p "${RESOLVCONF}" >> "${rscf}" fi shopt -u nocasematch change_resolv_conf "${rscf}" rm -f "${rscf}" if [ -n "${search}" ]; then eventually_add_hostnames_domain_to_search "${search}" fi fi } # run given script run_hook() { local script local exit_status script="${1}" if [ -f ${script} ]; then . ${script} fi if [ -n "${exit_status}" ] && [ "${exit_status}" -ne 0 ]; then logmessage "${script} returned non-zero exit status ${exit_status}" fi return ${exit_status} } # run scripts in given directory run_hookdir() { local dir dir="${1}" if [ -d "${dir}" ]; then for script in $(run-parts --list $dir); do run_hook ${script} || return $? done fi return 0 } exit_with_hooks() { # Source the documented exit-hook script, if it exists run_hook "${ETCDIR}/dhclient-exit-hooks" || exit $? # Now run scripts in the hooks directory. run_hookdir "${ETCDIR}/dhclient-exit-hooks.d" || exit $? exit ${1} } quad2num() { if [ $# -eq 4 ]; then let n="${1} << 24 | ${2} << 16 | ${3} << 8 | ${4}" echo "${n}" return 0 else echo "0" return 1 fi } ip2num() { IFS='.' quad2num ${1} } num2ip() { let n="${1}" let o1="(${n} >> 24) & 0xff" let o2="(${n} >> 16) & 0xff" let o3="(${n} >> 8) & 0xff" let o4="${n} & 0xff" echo "${o1}.${o2}.${o3}.${o4}" } get_network_address() { # get network address for the given IP address and (netmask or prefix) ip="${1}" nm="${2}" if [ -n "${ip}" -a -n "${nm}" ]; then if [[ "${nm}" = *.* ]]; then ipcalc -s -n "${ip}" "${nm}" | cut -d '=' -f 2 else ipcalc -s -n "${ip}/${nm}" | cut -d '=' -f 2 fi fi } get_prefix() { # get prefix for the given IP address and mask ip="${1}" nm="${2}" if [ -n "${ip}" -a -n "${nm}" ]; then ipcalc -s -p "${ip}" "${nm}" | cut -d '=' -f 2 fi } class_bits() { let ip=$(IFS='.' ip2num "${1}") let bits=32 let mask='255' for ((i=0; i <= 3; i++, 'mask<<=8')); do let v='ip&mask' if [ "$v" -eq 0 ] ; then let bits-=8 else break fi done echo $bits } is_router_reachable() { # handle DHCP servers that give us a router not on our subnet router="${1}" routersubnet="$(get_network_address "${router}" "${new_subnet_mask}")" mysubnet="$(get_network_address "${new_ip_address}" "${new_subnet_mask}")" if [ ! "${routersubnet}" = "${mysubnet}" ]; then # TODO: This function should not have side effects such as adding or # removing routes. Can this be done with "ip route get" or similar # instead? Are there cases that rely on this route being created here? ip -4 route replace "${router}/32" dev "${interface}" if [ "$?" -ne 0 ]; then logmessage "failed to create host route for ${router}" return 1 fi fi return 0 } add_default_gateway() { router="${1}" if is_router_reachable "${router}" ; then if [ $# -gt 1 ] && [ -n "${2}" ] && [[ "${2}" -gt 0 ]]; then ip -4 route replace default via "${router}" dev "${interface}" metric "${2}" else ip -4 route replace default via "${router}" dev "${interface}" fi if [ $? -ne 0 ]; then logmessage "failed to create default route: ${router} dev ${interface} ${metric}" return 1 else return 0 fi fi return 1 } execute_client_side_configuration_scripts() { # execute any additional client side configuration scripts we have if [ "${1}" == "config" ] || [ "${1}" == "restore" ]; then for f in ${ETCDIR}/dhclient.d/*.sh ; do if [ -x "${f}" ]; then subsystem="${f%.sh}" subsystem="${subsystem##*/}" . "${f}" "${subsystem}_${1}" fi done fi } flush_dev() { # Instead of bringing the interface down (#574568) # explicitly clear ARP cache and flush all addresses & routes. ip -4 addr flush dev "${1}" >/dev/null 2>&1 ip -4 route flush dev "${1}" >/dev/null 2>&1 ip -4 neigh flush dev "${1}" >/dev/null 2>&1 } remove_old_addr() { if [ -n "${old_ip_address}" ]; then if [ -n "${old_prefix}" ]; then ip -4 addr del "${old_ip_address}/${old_prefix}" dev "${interface}" >/dev/null 2>&1 else ip -4 addr del "${old_ip_address}" dev "${interface}" >/dev/null 2>&1 fi fi } dhconfig() { if [ -n "${old_ip_address}" ] && [ -n "${alias_ip_address}" ] && [ ! "${alias_ip_address}" = "${old_ip_address}" ]; then # possible new alias, remove old alias first ip -4 addr del "${old_ip_address}" dev "${interface}" label "${interface}:0" fi if [ -n "${old_ip_address}" ] && [ ! "${old_ip_address}" = "${new_ip_address}" ]; then # IP address changed. Delete all routes, and clear the ARP cache. flush_dev "${interface}" fi # make sure the interface is up ip link set dev "${interface}" up # replace = add if it doesn't exist or override (update lifetimes) if it's there ip -4 addr replace "${new_ip_address}/${new_prefix}" broadcast "${new_broadcast_address}" dev "${interface}" \ valid_lft "${new_dhcp_lease_time}" preferred_lft "${new_dhcp_lease_time}" >/dev/null 2>&1 if [ "${reason}" = "BOUND" ] || [ "${reason}" = "REBOOT" ] || [ ! "${old_ip_address}" = "${new_ip_address}" ] || [ ! "${old_subnet_mask}" = "${new_subnet_mask}" ] || [ ! "${old_network_number}" = "${new_network_number}" ] || [ ! "${old_broadcast_address}" = "${new_broadcast_address}" ] || [ ! "${old_routers}" = "${new_routers}" ] || [ ! "${old_interface_mtu}" = "${new_interface_mtu}" ]; then # The 576 MTU is only used for X.25 and dialup connections # where the admin wants low latency. Such a low MTU can cause # problems with UDP traffic, among other things. As such, # disallow MTUs from 576 and below by default, so that broken # MTUs are ignored, but higher stuff is allowed (1492, 1500, etc). if [ -n "${new_interface_mtu}" ] && [ "${new_interface_mtu}" -gt 576 ]; then ip link set dev "${interface}" mtu "${new_interface_mtu}" fi # static routes if [ -n "${new_classless_static_routes}" ] || [ -n "${new_static_routes}" ]; then if [ -n "${new_classless_static_routes}" ]; then IFS=', |' static_routes=(${new_classless_static_routes}) # If the DHCP server returns both a Classless Static Routes option and # a Router option, the DHCP client MUST ignore the Router option. (RFC3442) new_routers="" else IFS=', |' static_routes=(${new_static_routes}) fi route_targets=() for((i=0; i<${#static_routes[@]}; i+=2)); do target=${static_routes[$i]} if [ -n "${new_classless_static_routes}" ]; then if [ "${target}" = "0" ]; then new_routers="${static_routes[$i+1]}" continue else prefix=${target%%.*} target=${target#*.} IFS="." target_arr=(${target}) unset IFS ((pads=4-${#target_arr[@]})) for j in $(seq $pads); do target="${target}.0" done # Client MUST zero any bits in the subnet number where the corresponding bit in the mask is zero. # In other words, the subnet number installed in the routing table is the logical AND of # the subnet number and subnet mask given in the Classless Static Routes option. (RFC3442) target="$(get_network_address "${target}" "${prefix}")" fi else prefix=$(class_bits "${target}") fi gateway=${static_routes[$i+1]} # special case 0.0.0.0 to allow static routing for link-local addresses # (including IPv4 multicast) which will not have a next-hop (#769463, #787318) if [ "${gateway}" = "0.0.0.0" ]; then valid_gateway=0 scope='scope link' else is_router_reachable "${gateway}" valid_gateway=$? scope='' fi if [ "${valid_gateway}" -eq 0 ]; then metric='' for t in "${route_targets[@]}"; do if [ "${t}" = "${target}" ]; then if [ -z "${metric}" ]; then metric=1 else ((metric=metric+1)) fi fi done if [ -n "${metric}" ]; then metric="metric ${metric}" fi ip -4 route replace "${target}/${prefix}" proto static via "${gateway}" dev "${interface}" ${metric} ${scope} if [ $? -ne 0 ]; then logmessage "failed to create static route: ${target}/${prefix} via ${gateway} dev ${interface} ${metric}" else route_targets=(${route_targets[@]} ${target}) fi fi done fi # gateways if [[ ( "${DEFROUTE}" != "no" ) && (( -z "${GATEWAYDEV}" ) || ( "${GATEWAYDEV}" = "${interface}" )) ]]; then if [[ ( -z "${GATEWAY}" ) || (( -n "${DHCLIENT_IGNORE_GATEWAY}" ) && ( "${DHCLIENT_IGNORE_GATEWAY}" = [Yy]* )) ]]; then metric="${METRIC:-}" let i="${METRIC:-0}" default_routers=() for router in ${new_routers} ; do added_router=- for r in "${default_routers[@]}" ; do if [ "${r}" = "${router}" ]; then added_router=1 fi done if [ -z "${router}" ] || [ "${added_router}" = "1" ] || [ "$(IFS='.' ip2num ${router})" -le 0 ] || [[ ( "${router}" = "${new_broadcast_address}" ) && ( "${new_subnet_mask}" != "255.255.255.255" ) ]]; then continue fi default_routers=(${default_routers[@]} ${router}) add_default_gateway "${router}" "${metric}" let i=i+1 metric=${i} done elif [ -n "${GATEWAY}" ]; then routersubnet=$(get_network_address "${GATEWAY}" "${new_subnet_mask}") mysubnet=$(get_network_address "${new_ip_address}" "${new_subnet_mask}") if [ "${routersubnet}" = "${mysubnet}" ]; then ip -4 route replace default via "${GATEWAY}" dev "${interface}" fi fi fi fi if [ ! "${new_ip_address}" = "${alias_ip_address}" ] && [ -n "${alias_ip_address}" ]; then # Reset the alias address (fix: this should really only do this on changes) ip -4 addr flush dev "${interface}" label "${interface}:0" >/dev/null 2>&1 ip -4 addr replace "${alias_ip_address}/${alias_prefix}" broadcast "${alias_broadcast_address}" dev "${interface}" label "${interface}:0" ip -4 route replace "${alias_ip_address}/32" dev "${interface}" fi # After dhclient brings an interface UP with a new IP address, subnet mask, # and routes, in the REBOOT/BOUND states -> search for "dhclient-up-hooks". if [ "${reason}" = "BOUND" ] || [ "${reason}" = "REBOOT" ] || [ ! "${old_ip_address}" = "${new_ip_address}" ] || [ ! "${old_subnet_mask}" = "${new_subnet_mask}" ] || [ ! "${old_network_number}" = "${new_network_number}" ] || [ ! "${old_broadcast_address}" = "${new_broadcast_address}" ] || [ ! "${old_routers}" = "${new_routers}" ] || [ ! "${old_interface_mtu}" = "${new_interface_mtu}" ]; then if [ -x "${ETCDIR}/dhclient-${interface}-up-hooks" ]; then . "${ETCDIR}/dhclient-${interface}-up-hooks" elif [ -x ${ETCDIR}/dhclient-up-hooks ]; then . ${ETCDIR}/dhclient-up-hooks fi fi make_resolv_conf if [ -n "${new_host_name}" ] && need_hostname; then hostnamectl set-hostname --transient --no-ask-password "${new_host_name}" fi if [[ ( "${DHCP_TIME_OFFSET_SETS_TIMEZONE}" = [yY1]* ) && ( -n "${new_time_offset}" ) ]]; then # DHCP option "time-offset" is requested by default and should be # handled. The geographical zone abbreviation cannot be determined # from the GMT offset, but the $ZONEINFO/Etc/GMT$offset file can be # used - note: this disables DST. ((z=new_time_offset/3600)) ((hoursWest=$(printf '%+d' $z))) if (( $hoursWest < 0 )); then # tzdata treats negative 'hours west' as positive 'gmtoff'! ((hoursWest*=-1)) fi tzfile=/usr/share/zoneinfo/Etc/GMT$(printf '%+d' ${hoursWest}) if [ -e "${tzfile}" ]; then cp -fp "${tzfile}" /etc/localtime touch /etc/localtime fi fi execute_client_side_configuration_scripts "config" } wait_for_link_local() { # we need a link-local address to be ready (not tentative) for i in $(seq 50); do linklocal=$(ip -6 addr show dev "${interface}" scope link) # tentative flag means DAD is still not complete tentative=$(echo "${linklocal}" | grep tentative) [[ -n "${linklocal}" && -z "${tentative}" ]] && exit_with_hooks 0 sleep 0.1 done } # Section 18.1.8. (Receipt of Reply Messages) of RFC 3315 says: # The client SHOULD perform duplicate address detection on each of # the addresses in any IAs it receives in the Reply message before # using that address for traffic. add_ipv6_addr_with_DAD() { ip -6 addr replace "${new_ip6_address}/${new_ip6_prefixlen}" \ dev "${interface}" scope global valid_lft "${new_max_life}" \ preferred_lft "${new_preferred_life}" # repeatedly test whether newly added address passed # duplicate address detection (DAD) for i in $(seq 5); do sleep 1 # give the DAD some time addr=$(ip -6 addr show dev "${interface}" \ | grep "${new_ip6_address}/${new_ip6_prefixlen}") # tentative flag == DAD is still not complete tentative=$(echo "${addr}" | grep tentative) # dadfailed flag == address is already in use somewhere else dadfailed=$(echo "${addr}" | grep dadfailed) if [ -n "${dadfailed}" ] ; then # address was added with valid_lft/preferred_lft 'forever', remove it ip -6 addr del "${new_ip6_address}/${new_ip6_prefixlen}" dev "${interface}" exit_with_hooks 3 fi if [ -z "${tentative}" ] ; then if [ -n "${addr}" ]; then # DAD is over return 0 else # address was auto-removed (or not added at all) exit_with_hooks 3 fi fi done return 0 } dh6config() { if [ -n "${old_ip6_prefix}" ] || [ -n "${new_ip6_prefix}" ]; then echo "Prefix ${reason} old=${old_ip6_prefix} new=${new_ip6_prefix}" exit_with_hooks 0 fi case "${reason}" in BOUND6) if [ -z "${new_ip6_address}" ] || [ -z "${new_ip6_prefixlen}" ]; then exit_with_hooks 2 fi add_ipv6_addr_with_DAD make_resolv_conf ;; RENEW6|REBIND6) if [[ -n "${new_ip6_address}" ]] && [[ -n "${new_ip6_prefixlen}" ]]; then if [[ ! "${new_ip6_address}" = "${old_ip6_address}" ]]; then [[ -n "${old_ip6_address}" ]] && ip -6 addr del "${old_ip6_address}" dev "${interface}" fi # call it even if new_ip6_address = old_ip6_address to update lifetimes add_ipv6_addr_with_DAD fi if [ ! "${new_dhcp6_name_servers}" = "${old_dhcp6_name_servers}" ] || [ ! "${new_dhcp6_domain_search}" = "${old_dhcp6_domain_search}" ]; then make_resolv_conf fi ;; DEPREF6) if [ -z "${new_ip6_prefixlen}" ]; then exit_with_hooks 2 fi ip -6 addr change "${new_ip6_address}/${new_ip6_prefixlen}" \ dev "${interface}" scope global preferred_lft 0 ;; esac execute_client_side_configuration_scripts "config" } # Functions from /etc/sysconfig/network-scripts/network-functions need_hostname () { CHECK_HOSTNAME=$(hostnamectl --transient) if [[ "${CHECK_HOSTNAME}" = "(none)" ]] || [[ "${CHECK_HOSTNAME}" = "localhost" ]] || [[ "${CHECK_HOSTNAME}" = "localhost.localdomain" ]]; then return 0 else return 1 fi } # Takes one argument - temporary resolv.conf file change_resolv_conf () { options=$(grep '^[\ \ ]*option' "${RESOLVCONF}" 2>/dev/null); if [[ -n "${options}" ]]; then # merge options from existing resolv.conf with specified resolv.conf content newres="${options}"$'\n'$(grep -vF "${options}" "${1}"); else newres=$(cat "${1}"); fi; eval $(echo "${newres}" > "${RESOLVCONF}"; echo "status=$?") if [[ $status -eq 0 ]]; then logger -p local7.notice -t "NET" -i "${0} : updated ${RESOLVCONF}"; [[ -e /var/run/nscd/socket ]] && /usr/sbin/nscd -i hosts; # invalidate cache fi; return $status; } get_config_by_name () { LANG=C grep -E -i -l \ "^[[:space:]]*NAME=\"(Auto |System )?${1}\"" \ /etc/sysconfig/network-scripts/ifcfg-* \ | LC_ALL=C sed -e "$__sed_discard_ignored_files" } get_hwaddr () { if [ -f /sys/class/net/${1}/address ]; then awk '{ print toupper($0) }' < /sys/class/net/${1}/address elif [ -d "/sys/class/net/${1}" ]; then LC_ALL= LANG= ip -o link show ${1} 2>/dev/null | \ awk '{ print toupper(gensub(/.*link\/[^ ]* ([[:alnum:]:]*).*/, "\\1", 1)); }' fi } validate_resolv_conf() { # It's possible to have broken symbolic link $RESOLVCONF -> # https://bugzilla.redhat.com/1475279 # Remove broken link and hope NM will survive if [ -h "${RESOLVCONF}" -a ! -e "${RESOLVCONF}" ]; then logmessage "${RESOLVCONF) is broken symlink. Recreating..." unlink "${RESOLVCONF}" touch "${RESOLVCONF}" fi; } get_config_by_hwaddr () { LANG=C grep -il "^[[:space:]]*HWADDR=\"\?${1}\"\?\([[:space:]#]\|$\)" /etc/sysconfig/network-scripts/ifcfg-* \ | LC_ALL=C sed -e "$__sed_discard_ignored_files" } get_config_by_device () { LANG=C grep -l "^[[:space:]]*DEVICE=\"\?${1}\"\?\([[:space:]#]\|$\)" \ /etc/sysconfig/network-scripts/ifcfg-* \ | LC_ALL=C sed -e "$__sed_discard_ignored_files" } need_config () { # A sed expression to filter out the files that is_ignored_file recognizes __sed_discard_ignored_files='/\(~\|\.bak\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d' local nconfig CONFIG="ifcfg-${1}" [ -f "${CONFIG}" ] && return CONFIG="${1##*/}" [ -f "${CONFIG}" ] && return nconfig=$(get_config_by_name "${1}") if [ -n "$nconfig" ] && [ -f "$nconfig" ]; then CONFIG=${nconfig##*/} return fi local addr=$(get_hwaddr ${1}) if [ -n "$addr" ]; then nconfig=$(get_config_by_hwaddr ${addr}) if [ -n "$nconfig" ] ; then CONFIG=${nconfig##*/} [ -f "${CONFIG}" ] && return fi fi nconfig=$(get_config_by_device ${1}) if [ -n "$nconfig" ] && [ -f "$nconfig" ]; then CONFIG=${nconfig##*/} return fi } # We need this because of PEERDNS source_config () { CONFIG=${CONFIG##*/} . /etc/sysconfig/network-scripts/$CONFIG } # # ### MAIN # # Invoke the local dhcp client enter hooks, if they exist. run_hook "${ETCDIR}/dhclient-enter-hooks" || exit $? run_hookdir "${ETCDIR}/dhclient-enter-hooks.d" || exit $? [ "${PEERDNS}" = "no" ] || validate_resilv_conf() if [ -f /etc/sysconfig/network ]; then . /etc/sysconfig/network fi if [ -f /etc/sysconfig/networking/network ]; then . /etc/sysconfig/networking/network fi cd /etc/sysconfig/network-scripts CONFIG="${interface}" need_config "${CONFIG}" source_config >/dev/null 2>&1 # In case there's some delay in rebinding, it might happen, that the valid_lft drops to 0, # address is removed by kernel and then re-added few seconds later by dhclient-script. # With this work-around the address lives a minute longer. # "4294967235" = infinite (forever) - 60 [[ "${new_dhcp_lease_time}" -lt "4294967235" ]] && new_dhcp_lease_time=$((new_dhcp_lease_time + 60)) [[ "${new_max_life}" -lt "4294967235" ]] && new_max_life=$((new_max_life + 60)) new_prefix="$(get_prefix "${new_ip_address}" "${new_subnet_mask}")" old_prefix="$(get_prefix "${old_ip_address}" "${old_subnet_mask}")" alias_prefix="$(get_prefix "${alias_ip_address}" "${alias_subnet_mask}")" case "${reason}" in MEDIUM|ARPCHECK|ARPSEND) # Do nothing exit_with_hooks 0 ;; PREINIT) if [ -n "${alias_ip_address}" ]; then # Flush alias, its routes will disappear too. ip -4 addr flush dev "${interface}" label "${interface}:0" >/dev/null 2>&1 fi # upstream dhclient-script removes (ifconfig $interface 0 up) old adresses in PREINIT, # but we sometimes (#125298) need (for iSCSI/nfs root to have a dhcp interface) to keep the existing ip # flush_dev ${interface} ip link set dev "${interface}" up if [ -n "${DHCLIENT_DELAY}" ] && [ "${DHCLIENT_DELAY}" -gt 0 ]; then # We need to give the kernel some time to get the interface up. sleep "${DHCLIENT_DELAY}" fi exit_with_hooks 0 ;; PREINIT6) # ensure interface is up ip link set dev "${interface}" up # Removing stale addresses from aborted clients shouldn't be needed # since we've been adding addresses with lifetimes. # Which means that kernel eventually removes them automatically. # ip -6 addr flush dev "${interface}" scope global permanent wait_for_link_local exit_with_hooks 0 ;; BOUND|RENEW|REBIND|REBOOT) if [ -z "${interface}" ] || [ -z "${new_ip_address}" ]; then exit_with_hooks 2 fi if arping -D -q -c2 -I "${interface}" "${new_ip_address}"; then dhconfig exit_with_hooks 0 else # DAD failed, i.e. address is already in use ARP_REPLY=$(arping -D -c2 -I "${interface}" "${new_ip_address}" | grep reply | awk '{print toupper($5)}' | cut -d "[" -f2 | cut -d "]" -f1) OUR_MACS=$(ip link show | grep link | awk '{print toupper($2)}' | uniq) if [[ "${OUR_MACS}" = *"${ARP_REPLY}"* ]]; then # the reply can come from our system, that's OK (#1116004#c33) dhconfig exit_with_hooks 0 else exit_with_hooks 1 fi fi ;; BOUND6|RENEW6|REBIND6|DEPREF6) dh6config exit_with_hooks 0 ;; EXPIRE6|RELEASE6|STOP6) if [ -z "${old_ip6_address}" ] || [ -z "${old_ip6_prefixlen}" ]; then exit_with_hooks 2 fi ip -6 addr del "${old_ip6_address}/${old_ip6_prefixlen}" \ dev "${interface}" execute_client_side_configuration_scripts "restore" if [ -x "${ETCDIR}/dhclient-${interface}-down-hooks" ]; then . "${ETCDIR}/dhclient-${interface}-down-hooks" elif [ -x ${ETCDIR}/dhclient-down-hooks ]; then . ${ETCDIR}/dhclient-down-hooks fi exit_with_hooks 0 ;; EXPIRE|FAIL|RELEASE|STOP) execute_client_side_configuration_scripts "restore" if [ -x "${ETCDIR}/dhclient-${interface}-down-hooks" ]; then . "${ETCDIR}/dhclient-${interface}-down-hooks" elif [ -x ${ETCDIR}/dhclient-down-hooks ]; then . ${ETCDIR}/dhclient-down-hooks fi if [ -n "${alias_ip_address}" ]; then # Flush alias ip -4 addr flush dev "${interface}" label "${interface}:0" >/dev/null 2>&1 fi # upstream script sets interface down here, # we only remove old ip address #flush_dev ${interface} remove_old_addr if [ -n "${alias_ip_address}" ]; then ip -4 addr replace "${alias_ip_address}/${alias_prefix}" broadcast "${alias_broadcast_address}" dev "${interface}" label "${interface}:0" ip -4 route replace "${alias_ip_address}/32" dev "${interface}" fi exit_with_hooks 0 ;; TIMEOUT) if [ -n "${new_routers}" ]; then if [ -n "${alias_ip_address}" ]; then ip -4 addr flush dev "${interface}" label "${interface}:0" >/dev/null 2>&1 fi ip -4 addr replace "${new_ip_address}/${new_prefix}" \ broadcast "${new_broadcast_address}" dev "${interface}" \ valid_lft "${new_dhcp_lease_time}" preferred_lft "${new_dhcp_lease_time}" set ${new_routers} if ping -q -c 1 -w 10 -I "${interface}" "${1}"; then dhconfig exit_with_hooks 0 fi #flush_dev ${interface} remove_old_addr exit_with_hooks 1 else exit_with_hooks 1 fi ;; *) logmessage "unhandled state: ${reason}" exit_with_hooks 1 ;; esac exit_with_hooks 0