dhcp/dhcp-4.0.0-FD_CLOEXEC.patch
David Cantrell f669e74cea - Carry over RES_OPTIONS from ifcfg-ethX files to /etc/resolv.conf
(#202923)
- Clean up Requires tags for devel packages
- Allow SEARCH variable in ifcfg files to override search path (#454152)
- Do not down interface if there is an active lease (#453982)
- Clean up how dhclient-script restarts ypbind
- Set close-on-exec on dhclient.leases for SELinux (#446632)
2008-08-01 22:16:38 +00:00

134 lines
3.6 KiB
Diff

diff -up dhcp-4.0.0/client/dhclient.c.FD_CLOEXEC dhcp-4.0.0/client/dhclient.c
--- dhcp-4.0.0/client/dhclient.c.FD_CLOEXEC 2008-08-01 11:02:35.000000000 -1000
+++ dhcp-4.0.0/client/dhclient.c 2008-08-01 11:14:01.000000000 -1000
@@ -2696,6 +2696,7 @@ int leases_written = 0;
void rewrite_client_leases ()
{
+ int fd, flags;
struct interface_info *ip;
struct client_state *client;
struct client_lease *lp;
@@ -2708,6 +2709,23 @@ void rewrite_client_leases ()
return;
}
+ if ((fd = fileno(leaseFile)) == -1) {
+ log_error ("could not determine fd for %s: %s", path_dhclient_db, strerror(errno));
+ return;
+ }
+
+ if ((flags = fcntl(fd, F_GETFD)) == -1) {
+ log_error ("failed to get flags for %s: %s", path_dhclient_db, strerror(errno));
+ return;
+ }
+
+ flags |= FD_CLOEXEC;
+
+ if (fcntl(fd, F_SETFD, flags) == -1) {
+ log_error ("failed to set close-on-exec for %s", path_dhclient_db);
+ return;
+ }
+
/* If there is a default duid, write it out. */
if (default_duid.len != 0)
write_duid(&default_duid);
@@ -2800,7 +2818,7 @@ static isc_result_t
write_duid(struct data_string *duid)
{
char *str;
- int stat;
+ int stat, flags, fd;
if ((duid == NULL) || (duid->len <= 2))
return ISC_R_INVALIDARG;
@@ -2811,6 +2829,23 @@ write_duid(struct data_string *duid)
log_error("can't create %s: %m", path_dhclient_db);
return ISC_R_IOERROR;
}
+
+ if ((fd = fileno(leaseFile)) == -1) {
+ log_error ("could not determine fd for %s: %s", path_dhclient_db, strerror(errno));
+ return ISC_R_IOERROR;
+ }
+
+ if ((flags = fcntl(fd, F_GETFD)) == -1) {
+ log_error ("failed to get flags for %s: %s", path_dhclient_db, strerror(errno));
+ return ISC_R_IOERROR;
+ }
+
+ flags |= FD_CLOEXEC;
+
+ if (fcntl(fd, F_SETFD, flags) == -1) {
+ log_error ("failed to set close-on-exec for %s", path_dhclient_db);
+ return ISC_R_IOERROR;
+ }
}
/* It would make more sense to write this as a hex string,
@@ -2840,7 +2875,7 @@ write_client6_lease(struct client_state
{
struct dhc6_ia *ia;
struct dhc6_addr *addr;
- int stat;
+ int stat, flags, fd;
/* This should include the current lease. */
if (!rewrite && (leases_written++ > 20)) {
@@ -2858,6 +2893,23 @@ write_client6_lease(struct client_state
log_error("can't create %s: %m", path_dhclient_db);
return ISC_R_IOERROR;
}
+
+ if ((fd = fileno(leaseFile)) == -1) {
+ log_error ("could not determine fd for %s: %s", path_dhclient_db, strerror(errno));
+ return ISC_R_IOERROR;
+ }
+
+ if ((flags = fcntl(fd, F_GETFD)) == -1) {
+ log_error ("failed to get flags for %s: %s", path_dhclient_db, strerror(errno));
+ return ISC_R_IOERROR;
+ }
+
+ flags |= FD_CLOEXEC;
+
+ if (fcntl(fd, F_SETFD, flags) == -1) {
+ log_error ("failed to set close-on-exec for %s", path_dhclient_db);
+ return ISC_R_IOERROR;
+ }
}
stat = fprintf(leaseFile, "lease6 {\n");
@@ -2940,6 +2992,7 @@ int write_client_lease (client, lease, r
{
struct data_string ds;
int errors = 0;
+ int flags, fd;
char *s;
const char *tval;
@@ -2961,6 +3014,23 @@ int write_client_lease (client, lease, r
log_error ("can't create %s: %m", path_dhclient_db);
return 0;
}
+
+ if ((fd = fileno(leaseFile)) == -1) {
+ log_error ("could not determine fd for %s: %s", path_dhclient_db, strerror(errno));
+ return ISC_R_IOERROR;
+ }
+
+ if ((flags = fcntl(fd, F_GETFD)) == -1) {
+ log_error ("failed to get flags for %s: %s", path_dhclient_db, strerror(errno));
+ return ISC_R_IOERROR;
+ }
+
+ flags |= FD_CLOEXEC;
+
+ if (fcntl(fd, F_SETFD, flags) == -1) {
+ log_error ("failed to set close-on-exec for %s", path_dhclient_db);
+ return ISC_R_IOERROR;
+ }
}
errno = 0;