commit cfcbc0cde39f67501a8ec785127fa9fd9ac0c333f1abf7b3ce6bc40574ed94fd Author: OBS User unknown Date: Wed Jan 10 16:39:58 2007 +0000 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dhcp?expand=0&rev=1 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/DDNS-howto.txt b/DDNS-howto.txt new file mode 100644 index 0000000..de85661 --- /dev/null +++ b/DDNS-howto.txt @@ -0,0 +1,119 @@ +The ISC DHCP server v3 supports dynamical DNS updates (DDNS), as do BIND8/9. +There are several standards in the works; for now the best way to do it seems +to be updates done by the DHCP server only (not by the clients themselves). + +Short outline of how things work together: + - DHCP clients send their preferred hostname along the request + - dhcpd acknowledges the lease + - dhcpd contacts named, asking it to update the zone, using an HMAC-MD5 key + (TSIG, short for transaction signature) for authentication + - named updates the zone (and rewrites the zone files periodically) + - when the lease times out or is freed, named will remove it + +The following instructions should get you started. +They are basically taken from the dnskeygen and dhcpd.conf man pages. + + + +1. Make a key to be used by dhcpd to authenticate for DNS updates. +You can use the script /usr/bin/genDDNSkey which essentially runs BIND's key +generating utility, extracts the secret from the K*.private key file and puts +it into the file /etc/named.keys. File name and key name can be specified on +the commandline, or via shell environment. Install the bind-utils package if +you don't have the script, or get it here: . +Call genDDNSkey --help for usage info. + +The simplest example to use it is: + + genDDNSkey + +which is equivalent to + + genDDNSkey --key-file /etc/named.key --key-name DHCP_UPDATER + +thereby using the defaults that fit the rest of this readme. + +The script works both for BIND8 and BIND9 (some subtle difference in the syntax). + + +2. Configure dhcpd: + +/etc/dhcpd.conf needs these additional lines: + + --------------------> + ddns-update-style interim; + ignore client-updates; + + include "/etc/named.keys"; + <-------------------- + +and in the subnet declaration: + + --------------------> + subnet 192.168.0.0 netmask 255.255.255.0 { + range dynamic-bootp 192.168.0.201 192.168.0.219; + + zone whirl. { primary 127.0.0.1; key DHCP_UPDATER; } + zone 0.168.192.in-addr.arpa. { primary 127.0.0.1; key DHCP_UPDATER; } + + } + + <-------------------- + +Note that this setup implies that the DNS server runs on the same machine +(127.0.0.1), but you can easily change that. + +Since the DHCP server runs in a chroot jail by default, the key file needs to +be copied into the jail because dhcpd cannot files outside it (thanks Andrew +Beames for pointing this out!). This can easily be achieved by adding + /etc/named.keys +to the value of DHCPD_CONF_INCLUDE_FILES in /etc/sysconfig/dhcpd, which can be +done via YaST, or via any editor. + + + +3. Configure named: + +Append something along these lines to /etc/named.conf: + + --------------------> + include "/etc/named.keys"; + + zone "whirl" in { + type master; + file "dyn/whirl.zone"; + allow-update { key DHCP_UPDATER; }; + }; + zone "0.168.192.in-addr.arpa" in { + type master; + file "dyn/0.168.192.zone"; + allow-update { key DHCP_UPDATER; }; + }; + <-------------------- + +Since named runs, by default, in a chroot directory since SuSE 8.2, we need to add + /etc/named.keys +to the value of NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named, just as we +did it with dhcpd. + +Since named runs, by default, as user "named" since SuSE 8.2, there is another +issue to be sorted out: named needs to create its .jnl files somewhere, but it +isn't allowed to do that in its working directory (/var/lib/named) for security +reasons. See /usr/share/doc/packages/bind9/README.SuSE for a solution. + + +if you got this far, there is a reasonable chance that you've got DDNS working. +Obviously, you need some zone files :) One further note: if you provide dummy +hostnames like d1, d2, d3,... for the dynamical clients they will have a +hostname even if they don't send a hostname (and no DDNS update is done). + +If it doesn't work, closely watch /var/log/messages. In almost all cases the +messages give the right clues. + +Feedback is appreciated. + +Have fun, +Peter +-- +Thought is limitation. Free your mind. + diff --git a/clearip b/clearip new file mode 100644 index 0000000..9ade624 --- /dev/null +++ b/clearip @@ -0,0 +1,35 @@ +#! /usr/bin/perl + +# +# Author: Kevin C. Miller +# http://www.andrew.cmu.edu/~kevinm/dhcp/failover.html +# +# The copyright is with the author. We (SuSE) include this script +# with his permission. +# + +# NOTE: you have to edit this script to make it functional for you. + +use Expect; + +if ($#ARGV == -1 ) { + print "Usage: $0 [IP to reset] [server to reset on]\n"; + print "In most cases only one server needs to have the IP reset\n"; + print "and it generates the updates to get things in sync.\n"; + exit 1; +} + +# Fill in your OMAPI key +my $KEY = ""; + +my $con = Expect->spawn("omshell"); +$con->send("key defomapi $KEY\n"); +$con->send("server $ARGV[1]\n"); +$con->send("connect\n"); +sleep(1); +$con->send("new lease\nset ip-address = $ARGV[0]\n"); +sleep(1); +$con->send("open\n"); +$con->send("set state = 1\n"); +$con->send("update\n"); +sleep(2); diff --git a/dhclient.c.dif b/dhclient.c.dif new file mode 100644 index 0000000..ea9595a --- /dev/null +++ b/dhclient.c.dif @@ -0,0 +1,57 @@ +--- dhcp-3.0b2pl18/client/dhclient.c.orig Thu Feb 15 23:17:05 2001 ++++ dhcp-3.0b2pl18/client/dhclient.c Wed Mar 28 17:07:31 2001 +@@ -46,6 +46,7 @@ + + #include "dhcpd.h" + #include "version.h" ++#include + + TIME cur_time; + TIME default_lease_time = 43200; /* 12 hours... */ +@@ -84,6 +85,7 @@ + static void usage PROTO ((void)); + + void do_release(struct client_state *); ++void signalSetup(); + + int main (argc, argv, envp) + int argc; +@@ -247,6 +249,7 @@ + } else + log_perror = 0; + ++ signalSetup (); + /* If we're given a relay agent address to insert, for testing + purposes, figure out what it is. */ + if (relay) { +@@ -2731,3 +2734,30 @@ + { + return length; + } ++ ++/* install a signal handler to restore resolv.conf when dhclient is being sent TERM */ ++ ++void sigHandler (int sig) ++{ ++ if (sig == SIGTERM) { ++ log_info ("caught deadly SIGTERM"); ++ if ( rename("/etc/resolv.conf.saved.by.dhclient", "/etc/resolv.conf") == 0 ) ++ log_info ("restored resolv.conf "); ++ else ++ log_error ("could not restore resolv.conf: %m"); ++ } ++ exit (sig); ++} ++ ++void signalSetup() ++{ ++ struct sigaction newaction; ++ ++ newaction.sa_handler = sigHandler; ++ sigemptyset(&newaction.sa_mask); ++ newaction.sa_flags = 0; ++ sigaction (SIGTERM, &newaction, NULL); ++ /* log_info ("installed signal handler:"); */ ++ /* log_info ("resolv.conf will be restored at termination"); */ ++} ++ diff --git a/dhcp-3.0.2-extended_option_environment.patch b/dhcp-3.0.2-extended_option_environment.patch new file mode 100644 index 0000000..5d1bd52 --- /dev/null +++ b/dhcp-3.0.2-extended_option_environment.patch @@ -0,0 +1,216 @@ +--- dhcp-3.0.2/common/parse.c.extended_option_environment 2005-04-05 17:49:36.513062562 -0400 ++++ dhcp-3.0.2/common/parse.c 2005-04-05 17:49:36.580052656 -0400 +@@ -1270,6 +1270,10 @@ + option_hash_add (option -> universe -> hash, + (const char *)option -> name, + 0, option, MDL); ++#ifdef EXTENDED_NEW_OPTION_INFO ++ if ( new_option_info_tree != 0L ) ++ add_new_option_info( option ); ++#endif + return 1; + } + +--- dhcp-3.0.2/common/tables.c.extended_option_environment 2004-09-01 13:06:35.000000000 -0400 ++++ dhcp-3.0.2/common/tables.c 2005-04-05 18:04:23.915838623 -0400 +@@ -1238,3 +1238,40 @@ + fqdn_universe.name, 0, + &fqdn_universe, MDL); + } ++ ++#ifdef EXTENDED_NEW_OPTION_INFO ++#include ++ ++void *new_option_info_tree = 0L; ++ ++static int new_option_info_comparator( const void* p1, const void *p2 ) ++{ ++ uint32_t ocode1 = (((const struct option*)p1)->universe->index << 8) ++ |(((const struct option*)p1)->code), ++ ocode2 = (((const struct option*)p2)->universe->index << 8) ++ |(((const struct option*)p2)->code); ++ return( (ocode1 == ocode2) ++ ? 0 ++ :( ( ocode1 > ocode2 ) ++ ? 1 ++ : -1 ++ ) ++ ); ++} ++ ++void *add_new_option_info( struct option *option ) ++{ ++ if ( option->universe->index >= fqdn_universe.index ) ++ return 0L; ++ if ( new_option_info_tree == GENERATE_NEW_OPTION_INFO ) ++ new_option_info_tree = (void*)0L; ++ return tsearch( option, &(new_option_info_tree), new_option_info_comparator ); ++} ++ ++void *lookup_new_option_info( struct option *option ) ++{ ++ if ( new_option_info_tree == GENERATE_NEW_OPTION_INFO ) ++ return 0L; ++ return tfind( option, &(new_option_info_tree), new_option_info_comparator ); ++} ++#endif +--- dhcp-3.0.2/includes/dhcpd.h.extended_option_environment 2004-11-24 12:39:16.000000000 -0500 ++++ dhcp-3.0.2/includes/dhcpd.h 2005-04-05 17:49:36.613047777 -0400 +@@ -1800,6 +1800,13 @@ + void initialize_common_option_spaces PROTO ((void)); + struct universe *config_universe; + ++#ifdef EXTENDED_NEW_OPTION_INFO ++#define GENERATE_NEW_OPTION_INFO ((void*)1) ++extern void *new_option_info_tree; ++extern void *add_new_option_info( struct option*); ++extern void *lookup_new_option_info( struct option *); ++#endif ++ + /* stables.c */ + #if defined (FAILOVER_PROTOCOL) + extern failover_option_t null_failover_option; +--- dhcp-3.0.2/client/dhclient.c.extended_option_environment 2005-04-05 17:49:36.566054726 -0400 ++++ dhcp-3.0.2/client/dhclient.c 2005-04-05 17:49:36.617047185 -0400 +@@ -74,7 +74,9 @@ + int onetry=0; + int quiet=0; + int nowait=0; +- ++#ifdef EXTENDED_NEW_OPTION_INFO ++int extended_option_environment = 0; ++#endif + static void usage PROTO ((void)); + + void do_release(struct client_state *); +@@ -204,6 +206,11 @@ + } else if (!strcmp (argv [i], "--version")) { + log_info ("isc-dhclient-%s", DHCP_VERSION); + exit (0); ++#ifdef EXTENDED_NEW_OPTION_INFO ++ } else if (!strcmp (argv [i], "-x")) { ++ extended_option_environment = 1; ++ new_option_info_tree = GENERATE_NEW_OPTION_INFO; ++#endif + } else if (argv [i][0] == '-') { + usage (); + } else { +@@ -572,7 +579,11 @@ + log_info (arr); + log_info (url); + ++#ifdef EXTENDED_NEW_OPTION_INFO ++ log_error ("Usage: dhclient [-1dqr] [-nwx] [-p ] %s", ++#else + log_error ("Usage: dhclient [-1dqr] [-nw] [-p ] %s", ++#endif + "[-s server]"); + log_error (" [-cf config-file] [-lf lease-file]%s", + "[-pf pid-file] [-e VAR=val]"); +@@ -2529,8 +2540,28 @@ + struct envadd_state { + struct client_state *client; + const char *prefix; ++ struct universe *universe; + }; + ++#ifdef EXTENDED_NEW_OPTION_INFO ++static ++void build_universe_info_envvar ++( struct option_cache *oc, ++ struct packet *p, struct lease *l, ++ struct client_state *client, ++ struct option_state *in_o, ++ struct option_state *cf_o, ++ struct binding_scope **scope, ++ struct universe *u, void *es ++) ++{ ++ char info_name[512], info_data[512]; ++ snprintf(info_name, 512, "%s._universe_.", oc->option->universe->name); ++ snprintf(info_data, 512, "%u:%s", oc->option->code,oc->option->format); ++ client_envadd( client, info_name, oc->option->name, info_data ); ++} ++#endif ++ + void client_option_envadd (struct option_cache *oc, + struct packet *packet, struct lease *lease, + struct client_state *client_state, +@@ -2547,6 +2578,31 @@ + in_options, cfg_options, scope, oc, MDL)) { + if (data.len) { + char name [256]; ++#ifdef EXTENDED_NEW_OPTION_INFO ++ if ( extended_option_environment ) ++ { ++ if( ( oc->option->universe != &dhcp_universe ) ++ &&( oc->option->universe->index > fqdn_universe.index ) ++ &&( es->universe != oc->option->universe ) ++ ) ++ { ++ es->universe = oc->option->universe; ++ (*(es->universe->foreach)) ++ ( (struct packet *)0, (struct lease *)0, ++ client_state, ++ in_options, cfg_options, ++ scope, es->universe, es, ++ build_universe_info_envvar ++ ); ++ }else ++ if ( lookup_new_option_info(oc->option) != 0L ) ++ build_universe_info_envvar ++ ( oc, packet, lease, client_state, ++ in_options, cfg_options, scope, ++ oc->option->universe, es ++ ); ++ } ++#endif + if (dhcp_option_ev_name (name, sizeof name, + oc -> option)) { + client_envadd (es -> client, es -> prefix, +@@ -2575,6 +2631,7 @@ + + es.client = client; + es.prefix = prefix; ++ es.universe = 0L; + + client_envadd (client, + prefix, "ip_address", "%s", piaddr (lease -> address)); +@@ -2788,7 +2845,14 @@ + s = option -> name; + if (j + 1 == buflen) + return 0; ++#ifdef EXTENDED_NEW_OPTION_INFO ++ if ( ! extended_option_environment ) ++ buf [j++] = '_'; ++ else ++ buf [j++] = '.'; ++#else + buf [j++] = '_'; ++#endif + } + ++i; + } while (i != 2); +--- dhcp-3.0.2/client/dhclient.8.extended_option_environment 2004-09-29 19:01:46.000000000 -0400 ++++ dhcp-3.0.2/client/dhclient.8 2005-04-05 17:49:36.619046889 -0400 +@@ -78,6 +78,9 @@ + .B -w + ] + [ ++.B -x ++] ++[ + .I if0 + [ + .I ...ifN +@@ -252,6 +255,10 @@ + supplying the + .B -nw + flag. ++.PP ++The -x argument enables eXtended option information to be created in the ++-s dhclient-script environment, which would allow applications running ++in that environment to handle options they do not know about in advance. + .SH CONFIGURATION + The syntax of the dhclient.conf(5) file is discussed separately. + .SH OMAPI diff --git a/dhcp-3.0.3-dhclient-nis-01-thoenig.patch b/dhcp-3.0.3-dhclient-nis-01-thoenig.patch new file mode 100644 index 0000000..8b0aa99 --- /dev/null +++ b/dhcp-3.0.3-dhclient-nis-01-thoenig.patch @@ -0,0 +1,12 @@ +--- dhcp-3.0.3/client/dhclient.conf 2006-01-13 22:24:01.000000000 +0100 ++++ dhcp-3.0.3/client/dhclient.conf 2006-01-13 22:22:46.000000000 +0100 +@@ -24,7 +24,8 @@ + + send dhcp-lease-time 3600; + request subnet-mask, broadcast-address, time-offset, routers, +- domain-name, domain-name-servers, host-name; ++ domain-name, domain-name-servers, host-name, nis-domain, ++ nis-servers; + require subnet-mask, domain-name-servers; + timeout 60; + retry 60; diff --git a/dhcp-3.0.3-dhclient-script-dhcdbd.patch b/dhcp-3.0.3-dhclient-script-dhcdbd.patch new file mode 100644 index 0000000..15815b9 --- /dev/null +++ b/dhcp-3.0.3-dhclient-script-dhcdbd.patch @@ -0,0 +1,166 @@ +--- a/client/scripts/linux ++++ b/client/scripts/linux +@@ -44,6 +44,20 @@ + set -x + fi + ++if [ -n "${dhc_dbus}" ]; then ++ /usr/bin/dbus-send \ ++ --system \ ++ --dest=com.redhat.dhcp \ ++ --type=method_call \ ++ /com/redhat/dhcp/$interface \ ++ com.redhat.dhcp.set \ ++ 'string:'"`env | /bin/egrep -v '^(PATH|SHLVL|_|PWD|dhc_dbus)\='`"; ++ if (( ( dhc_dbus & 31 ) == 31 )); then ++ exit 0; ++ fi; ++fi; ++ ++ + make_resolv_conf() { + # first, look if we are allowed to modify resolv.conf: + eval `grep "^MODIFY_RESOLV_CONF_DYNAMICALLY=" /etc/sysconfig/network/config` +@@ -167,24 +181,26 @@ + fi + + if [ x$reason = xPREINIT ]; then +- if [ x$alias_ip_address != x ]; then +- # Bring down alias interface. Its routes will disappear too. +- ifconfig $interface:0- inet 0 +- fi +- if [ $relmajor -lt 2 ] || ( [ $relmajor -eq 2 ] && [ $relminor -eq 0 ] ) +- then +- ifconfig $interface inet 0.0.0.0 netmask 0.0.0.0 \ ++ if [ -z "${dhc_dbus}" ] || (( ( dhc_dbus & 2 ) != 2 )); then ++ if [ x$alias_ip_address != x ]; then ++ # Bring down alias interface. Its routes will disappear too. ++ ifconfig $interface:0- inet 0 ++ fi ++ if [ $relmajor -lt 2 ] || ( [ $relmajor -eq 2 ] && [ $relminor -eq 0 ] ) ++ then ++ ifconfig $interface inet 0.0.0.0 netmask 0.0.0.0 \ + broadcast 255.255.255.255 up +- # Add route to make broadcast work. Do not omit netmask. +- route add default dev $interface netmask 0.0.0.0 +- else +- ifconfig $interface 0 up +- fi ++ # Add route to make broadcast work. Do not omit netmask. ++ route add default dev $interface netmask 0.0.0.0 ++ else ++ ifconfig $interface 0 up ++ fi + +- # We need to give the kernel some time to get the interface up. +- sleep 1 ++ # We need to give the kernel some time to get the interface up. ++ sleep 1 + +- exit_with_hooks 0 ++ exit_with_hooks 0 ++ fi + fi + + if [ x$reason = xARPCHECK ] || [ x$reason = xARPSEND ]; then +@@ -193,55 +209,65 @@ + + if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \ + [ x$reason = xREBIND ] || [ x$reason = xREBOOT ]; then +- if [ x$old_ip_address != x ] && [ x$alias_ip_address != x ] && \ ++ if [ -z "${dhc_dbus}" ] || (( ( dhc_dbus & 2 ) != 2 )); then ++ if [ x$old_ip_address != x ] && [ x$alias_ip_address != x ] && \ + [ x$alias_ip_address != x$old_ip_address ]; then +- # Possible new alias. Remove old alias. +- ifconfig $interface:0- inet 0 +- fi +- if [ x$old_ip_address != x ] && [ x$old_ip_address != x$new_ip_address ]; then +- # IP address changed. Bringing down the interface will delete all routes, +- # and clear the ARP cache. +- ifconfig $interface inet 0 down ++ # Possible new alias. Remove old alias. ++ ifconfig $interface:0- inet 0 ++ fi ++ if [ x$old_ip_address != x ] && [ x$old_ip_address != x$new_ip_address ]; then ++ # IP address changed. Bringing down the interface will delete all routes, ++ # and clear the ARP cache. ++ ifconfig $interface inet 0 down + ++ fi + fi + if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ + [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then + +- ifconfig $interface inet $new_ip_address $new_subnet_arg \ ++ if [ -z "${dhc_dbus}" ] || (( ( dhc_dbus & 2 ) != 2 )); then ++ ifconfig $interface inet $new_ip_address $new_subnet_arg \ + $new_broadcast_arg +- # Add a network route to the computed network address. +- if [ $relmajor -lt 2 ] || \ ++ fi ++ if [ -z "${dhc_dbus}" ] || (( ( dhc_dbus & 4 ) != 4 )); then ++ # Add a network route to the computed network address. ++ if [ $relmajor -lt 2 ] || \ + ( [ $relmajor -eq 2 ] && [ $relminor -eq 0 ] ); then +- route add -net $new_network_number $new_subnet_arg dev $interface ++ route add -net $new_network_number $new_subnet_arg dev $interface ++ fi ++ for router in $new_routers; do ++ route add default gw $router ++ done + fi +- for router in $new_routers; do +- route add default gw $router +- done + fi +- if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ]; +- then +- ifconfig $interface:0- inet 0 +- ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg +- route add -host $alias_ip_address $interface:0 ++ if [ -z "${dhc_dbus}" ] || (( ( dhc_dbus & 2 ) != 2 )); then ++ if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ]; ++ then ++ ifconfig $interface:0- inet 0 ++ ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg ++ route add -host $alias_ip_address $interface:0 ++ fi + fi +- make_resolv_conf +- eval `grep --no-filename "^DHCLIENT_SET_HOSTNAME=" /etc/sysconfig/network/dhcp` +- if [ "$DHCLIENT_SET_HOSTNAME" = yes ] ; then +- +- current_hostname=`hostname` +- if [ x$current_hostname = x ] || \ +- [ x$current_hostname != x$new_host_name ]; then +- +- if [ x$new_host_name != x ]; then +- hostname $new_host_name +- else +- if [ -x /usr/bin/host ] ; then +- hostname `host "$new_ip_address" | sed 's:^.* ::; s:\..*::'` ++ if [ -z "${dhc_dbus}" ] || (( ( dhc_dbus & 1 ) != 1 )); then ++ make_resolv_conf ++ eval `grep --no-filename "^DHCLIENT_SET_HOSTNAME=" /etc/sysconfig/network/dhcp` ++ if [ "$DHCLIENT_SET_HOSTNAME" = yes ] ; then ++ ++ current_hostname=`hostname` ++ if [ x$current_hostname = x ] || \ ++ [ x$current_hostname != x$new_host_name ]; then ++ ++ if [ x$new_host_name != x ]; then ++ hostname $new_host_name ++ else ++ if [ -x /usr/bin/host ] ; then ++ hostname `host "$new_ip_address" | sed 's:^.* ::; s:\..*::'` ++ fi + fi +- fi + +- fi ++ fi + ++ fi + fi + exit_with_hooks 0 + fi diff --git a/dhcp-3.0.3-man.dif b/dhcp-3.0.3-man.dif new file mode 100644 index 0000000..1b272b3 --- /dev/null +++ b/dhcp-3.0.3-man.dif @@ -0,0 +1,28 @@ +diff -uNr dhcp-3.0.3.orig/dhcpctl/dhcpctl.3 dhcp-3.0.3/dhcpctl/dhcpctl.3 +--- dhcp-3.0.3.orig/dhcpctl/dhcpctl.3 2004-09-24 23:08:38.000000000 +0200 ++++ dhcp-3.0.3/dhcpctl/dhcpctl.3 2006-03-29 15:46:13.281689267 +0200 +@@ -425,8 +425,8 @@ + #include + #include + +-#include +-#include ++#include ++#include + + int main (int argc, char **argv) { + dhcpctl_data_string ipaddrstring = NULL; +diff -uNr dhcp-3.0.3.orig/omapip/omapi.3 dhcp-3.0.3/omapip/omapi.3 +--- dhcp-3.0.3.orig/omapip/omapi.3 2004-09-24 23:08:38.000000000 +0200 ++++ dhcp-3.0.3/omapip/omapi.3 2006-03-29 15:46:57.128056679 +0200 +@@ -87,8 +87,8 @@ + #include + #include + +- #include +- #include ++ #include ++ #include + + int main (int argc, char **argv) { + dhcpctl_data_string ipaddrstring = NULL; diff --git a/dhcp-3.0.3b1-pie.dif b/dhcp-3.0.3b1-pie.dif new file mode 100644 index 0000000..d8b2781 --- /dev/null +++ b/dhcp-3.0.3b1-pie.dif @@ -0,0 +1,45 @@ +--- client/Makefile.dist ++++ client/Makefile.dist +@@ -128,6 +128,6 @@ + + + dhclient: $(OBJS) $(DHCPLIB) +- $(CC) $(LFLAGS) -o $(PROG) $(OBJS) $(DHCPLIB) $(LIBS) ++ $(CC) $(LFLAGS) -pie -o $(PROG) $(OBJS) $(DHCPLIB) $(LIBS) + + # Dependencies (semi-automatically-generated) +--- dhcpctl/Makefile.dist ++++ dhcpctl/Makefile.dist +@@ -37,10 +37,10 @@ + all: libdhcpctl.a omshell cltest $(CATMANPAGES) + + omshell: omshell.o $(DHCPCTLLIBS) +- $(CC) $(DEBUG) $(LFLAGS) -o omshell omshell.o $(DHCPCTLLIBS) $(LIBS) ++ $(CC) $(DEBUG) $(LFLAGS) -pie -o omshell omshell.o $(DHCPCTLLIBS) $(LIBS) + + cltest: cltest.o $(DHCPCTLLIBS) +- $(CC) $(DEBUG) $(LFLAGS) -o cltest cltest.o $(DHCPCTLLIBS) $(LIBS) ++ $(CC) $(DEBUG) $(LFLAGS) -pie -o cltest cltest.o $(DHCPCTLLIBS) $(LIBS) + + libdhcpctl.a: $(OBJ) + rm -f libdhcpctl.a +--- relay/Makefile.dist ++++ relay/Makefile.dist +@@ -83,6 +83,6 @@ + -e "s#RUNDIR#$(VARRUN)#" < dhcrelay.8 >dhcrelay.man8 + + dhcrelay: dhcrelay.o $(DHCPLIB) +- $(CC) $(LFLAGS) -o $(PROG) dhcrelay.o $(DHCPLIB) $(LIBS) ++ $(CC) $(LFLAGS) -pie -o $(PROG) dhcrelay.o $(DHCPLIB) $(LIBS) + + # Dependencies (semi-automatically-generated) +--- server/Makefile.dist ++++ server/Makefile.dist +@@ -103,6 +103,6 @@ + -e "s#RUNDIR#$(VARRUN)#g" < dhcpd.leases.5 >dhcpd.leases.man5 + + dhcpd: $(OBJS) $(COBJ) $(DHCPLIB) +- $(CC) $(LFLAGS) -o dhcpd $(OBJS) $(DHCPLIB) $(LIBS) ++ $(CC) $(LFLAGS) -pie -o dhcpd $(OBJS) $(DHCPLIB) $(LIBS) + + # Dependencies (semi-automatically-generated) diff --git a/dhcp-3.0.4-ldap-patch-nossl.dif b/dhcp-3.0.4-ldap-patch-nossl.dif new file mode 100644 index 0000000..fcf9668 --- /dev/null +++ b/dhcp-3.0.4-ldap-patch-nossl.dif @@ -0,0 +1,32 @@ +diff -u dhcp-3.0.4-ldap/dst/Makefile.dist dhcp-3.0.4-ldap/dst/Makefile.dist +--- dhcp-3.0.4-ldap/dst/Makefile.dist 2006-05-08 08:30:33.000000000 -0400 ++++ dhcp-3.0.4-ldap/dst/Makefile.dist 2006-05-08 08:30:33.000000000 -0400 +@@ -21,8 +21,8 @@ + # + # http://www.isc.org/ + +-SRC = dst_support.c dst_api.c hmac_link.c base64.c prandom.c +-OBJ = dst_support.o dst_api.o hmac_link.o base64.o prandom.o ++SRC = dst_support.c dst_api.c hmac_link.c md5_dgst.c base64.c prandom.c ++OBJ = dst_support.o dst_api.o hmac_link.o md5_dgst.o base64.o prandom.o + HDRS = dst_internal.h md5.h md5_locl.h + + INCLUDES = $(BINDINC) -I$(TOP)/includes +diff -u dhcp-3.0.4-ldap/site.conf dhcp-3.0.4-ldap/site.conf +--- dhcp-3.0.4-ldap/site.conf 2006-05-08 08:30:33.000000000 -0400 ++++ dhcp-3.0.4-ldap/site.conf 2006-05-08 08:30:33.000000000 -0400 +@@ -4 +4,2 @@ +-LIBS=-lssl -lcrypto -lldap -llber ++#LIBS=-lssl -lcrypto -lldap -llber ++#LIBS=-lldap -llber +--- dhcp-3.0.4/configure 2004-09-10 17:02:30.000000000 -0400 ++++ dhcp-3.0.4-ldap/configure 2005-07-25 08:14:44.000000000 -0400 +@@ -269,4 +269,8 @@ + make links + fi + ++mv $workname/server/Makefile $workname/server/Makefile.noldap ++cat $workname/server/Makefile.noldap | sed 's/^LIBS =/LIBS=-lldap -llber/' > $workname/server/Makefile.ldap ++ln $workname/server/Makefile.ldap $workname/server/Makefile ++ + exit 0 diff --git a/dhcp-3.0.4-ldap-patch-strncat.diff b/dhcp-3.0.4-ldap-patch-strncat.diff new file mode 100644 index 0000000..c7f8418 --- /dev/null +++ b/dhcp-3.0.4-ldap-patch-strncat.diff @@ -0,0 +1,224 @@ +--- server/ldap.c ++++ server/ldap.c 2006/08/28 16:12:55 +@@ -63,6 +63,13 @@ typedef struct ldap_dn_node { + static ldap_dn_node *ldap_service_dn_head = NULL; + static ldap_dn_node *ldap_service_dn_tail = NULL; + ++ ++static char * ++x_strncat(char *dst, const char *src, size_t dst_size) ++{ ++ size_t len = strlen(dst); ++ return strncat(dst, src, dst_size > len ? dst_size - len - 1: 0); ++} + + static void + ldap_parse_class (struct ldap_config_stack *item, struct parse *cfile) +@@ -78,9 +83,9 @@ ldap_parse_class (struct ldap_config_sta + return; + } + +- strncat (cfile->inbuf, "class \"", LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, "\" {\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "class \"", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "\" {\n", LDAP_BUFFER_SIZE); + + item->close_brace = 1; + ldap_value_free (tempstr); +@@ -112,11 +117,11 @@ ldap_parse_subclass (struct ldap_config_ + return; + } + +- strncat (cfile->inbuf, "subclass ", LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, classdata[0], LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "subclass ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, classdata[0], LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE); + + item->close_brace = 1; + ldap_value_free (tempstr); +@@ -140,14 +145,14 @@ ldap_parse_host (struct ldap_config_stac + + hwaddr = ldap_get_values (ld, item->ldent, "dhcpHWAddress"); + +- strncat (cfile->inbuf, "host ", LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "host ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE); + + if (hwaddr != NULL && hwaddr[0] != NULL) + { +- strncat (cfile->inbuf, " {\nhardware ", LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, hwaddr[0], LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " {\nhardware ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, hwaddr[0], LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); + ldap_value_free (hwaddr); + } + +@@ -171,9 +176,9 @@ ldap_parse_shared_network (struct ldap_c + return; + } + +- strncat (cfile->inbuf, "shared-network \"", LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, "\" {\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "shared-network \"", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "\" {\n", LDAP_BUFFER_SIZE); + + item->close_brace = 1; + ldap_value_free (tempstr); +@@ -224,14 +229,14 @@ ldap_parse_subnet (struct ldap_config_st + return; + } + +- strncat (cfile->inbuf, "subnet ", LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "subnet ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempstr[0], LDAP_BUFFER_SIZE); + +- strncat (cfile->inbuf, " netmask ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " netmask ", LDAP_BUFFER_SIZE); + parse_netmask (strtol (netmaskstr[0], NULL, 10), netmaskbuf); +- strncat (cfile->inbuf, netmaskbuf, LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, netmaskbuf, LDAP_BUFFER_SIZE); + +- strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " {\n", LDAP_BUFFER_SIZE); + + ldap_value_free (tempstr); + ldap_value_free (netmaskstr); +@@ -240,10 +245,10 @@ ldap_parse_subnet (struct ldap_config_st + { + for (i=0; tempstr[i] != NULL; i++) + { +- strncat (cfile->inbuf, "range", LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, tempstr[i], LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "range", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempstr[i], LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); + } + ldap_value_free (tempstr); + } +@@ -258,17 +263,17 @@ ldap_parse_pool (struct ldap_config_stac + char **tempstr; + int i; + +- strncat (cfile->inbuf, "pool {\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "pool {\n", LDAP_BUFFER_SIZE); + + if ((tempstr = ldap_get_values (ld, item->ldent, "dhcpRange")) != NULL) + { +- strncat (cfile->inbuf, "range", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "range", LDAP_BUFFER_SIZE); + for (i=0; tempstr[i] != NULL; i++) + { +- strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, tempstr[i], LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, " ", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempstr[i], LDAP_BUFFER_SIZE); + } +- strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); + ldap_value_free (tempstr); + } + +@@ -276,8 +281,8 @@ ldap_parse_pool (struct ldap_config_stac + { + for (i=0; tempstr[i] != NULL; i++) + { +- strncat (cfile->inbuf, tempstr[i], LDAP_BUFFER_SIZE); +- strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, tempstr[i], LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, ";\n", LDAP_BUFFER_SIZE); + } + ldap_value_free (tempstr); + } +@@ -289,7 +294,7 @@ ldap_parse_pool (struct ldap_config_stac + static void + ldap_parse_group (struct ldap_config_stack *item, struct parse *cfile) + { +- strncat (cfile->inbuf, "group {\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "group {\n", LDAP_BUFFER_SIZE); + item->close_brace = 1; + } + +@@ -625,7 +630,7 @@ next_ldap_entry (struct parse *cfile) + + if (ldap_stack != NULL && ldap_stack->close_brace) + { +- strncat (cfile->inbuf, "}\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "}\n", LDAP_BUFFER_SIZE); + ldap_stack->close_brace = 0; + } + +@@ -635,7 +640,7 @@ next_ldap_entry (struct parse *cfile) + { + if (ldap_stack->close_brace) + { +- strncat (cfile->inbuf, "}\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "}\n", LDAP_BUFFER_SIZE); + ldap_stack->close_brace = 0; + } + +@@ -646,7 +651,7 @@ next_ldap_entry (struct parse *cfile) + + if (ldap_stack != NULL && ldap_stack->close_brace) + { +- strncat (cfile->inbuf, "}\n", LDAP_BUFFER_SIZE); ++ x_strncat (cfile->inbuf, "}\n", LDAP_BUFFER_SIZE); + ldap_stack->close_brace = 0; + } + } +@@ -722,16 +727,16 @@ ldap_parse_entry_options (LDAPMessage *e + continue; + } + +- strncat (buffer, tempstr[i], size); ++ x_strncat (buffer, tempstr[i], size); + + switch((int) check_statement_end (tempstr[i])) + { + case '}': + case ';': +- strncat (buffer, "\n", size); ++ x_strncat (buffer, "\n", size); + break; + default: +- strncat (buffer, ";\n", size); ++ x_strncat (buffer, ";\n", size); + break; + } + } +@@ -742,15 +747,15 @@ ldap_parse_entry_options (LDAPMessage *e + { + for (i=0; tempstr[i] != NULL; i++) + { +- strncat (buffer, "option ", size); +- strncat (buffer, tempstr[i], size); ++ x_strncat (buffer, "option ", size); ++ x_strncat (buffer, tempstr[i], size); + switch ((int) check_statement_end (tempstr[i])) + { + case ';': +- strncat (buffer, "\n", size); ++ x_strncat (buffer, "\n", size); + break; + default: +- strncat (buffer, ";\n", size); ++ x_strncat (buffer, ";\n", size); + break; + } + } diff --git a/dhcp-3.0.4-ldap-patch.gz b/dhcp-3.0.4-ldap-patch.gz new file mode 100644 index 0000000..d62871e --- /dev/null +++ b/dhcp-3.0.4-ldap-patch.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a05f121b66797a8e97a7695acf7c6f05b5e25b310a7d43d784915529de95f815 +size 62497 diff --git a/dhcp-3.0.5-tmpfile.dif b/dhcp-3.0.5-tmpfile.dif new file mode 100644 index 0000000..be8f3e7 --- /dev/null +++ b/dhcp-3.0.5-tmpfile.dif @@ -0,0 +1,30 @@ +--- dhcp-3.0.5/server/db.c ++++ dhcp-3.0.5/server/db.c 2006/11/07 10:19:41 +@@ -782,21 +782,16 @@ + + db_validity = lease_file_is_corrupt; + +- /* %Audit% Truncated filename causes panic. %2004.06.17,Safe% +- * This should never happen since the path is a configuration +- * variable from build-time or command-line. But if it should, +- * either by malice or ignorance, we panic, since the potential +- * for havoc is high. +- */ +- if (snprintf (newfname, sizeof newfname, "%s.%d", +- path_dhcpd_db, (int)t) >= sizeof newfname) +- log_fatal("new_lease_file: lease file path too long"); +- +- db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT, 0664); ++ snprintf (newfname, sizeof(newfname), "%s.XXXXXX", path_dhcpd_db); ++ db_fd = mkstemp (newfname); + if (db_fd < 0) { + log_error ("Can't create new lease file: %m"); + return 0; + } ++ if (fchmod(db_fd, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) == -1) { ++ log_error ("Can't fchmod new lease file: %m"); ++ goto fail; ++ } + if ((new_db_file = fdopen(db_fd, "w")) == NULL) { + log_error("Can't fdopen new lease file: %m"); + close(db_fd); diff --git a/dhcp-3.0.5.tar.gz b/dhcp-3.0.5.tar.gz new file mode 100644 index 0000000..af6fee8 --- /dev/null +++ b/dhcp-3.0.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:dd445fb2a341cdd69e85693dce6f8fda1a1c9d0e98d34c01afc3e68d8037ffb6 +size 876591 diff --git a/dhcp-3.0.5.tar.gz.asc b/dhcp-3.0.5.tar.gz.asc new file mode 100644 index 0000000..308d41b --- /dev/null +++ b/dhcp-3.0.5.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.5 (FreeBSD) + +iQEVAwUARUkswyM0Ek4byR5sAQLf0gf+PEw+bNTHnSbzNIYZtMu20rw7JU0zGklx +INRhplkpO8VY+yeQv8gqpLJmlvtwz87/dSu3A3utXOmjD5bDgl54crSR9iULbGZZ +fnmv1GE6wWpXNpfuxu/snnF/UFPMUI9HSg7axREiCSo54G9XyH2l2pj+AnkRvOs1 ++eOs50i5y3Lsw+4NnEKw9LgwBF8/BpGuovj819TC5JWsX4+Z52nBejZVQTvU8PXG +Hmp/w6Y5Sn6VvKZDWkBtpSQNwJRllC2W4ZYVphUH7AO5AdOtE7EbV2jgTz1t6g3h +dZPehdpSQ0bLYwCudYjNKCVFv1faYL7nQz7KLgGOoR3tTwIHauR/yA== +=abWh +-----END PGP SIGNATURE----- diff --git a/dhcp-3.0b2pl18.paranoia.dif b/dhcp-3.0b2pl18.paranoia.dif new file mode 100644 index 0000000..2c654ba --- /dev/null +++ b/dhcp-3.0b2pl18.paranoia.dif @@ -0,0 +1,170 @@ +--- server/dhcpd.c ++++ server/dhcpd.c Sun Mar 18 03:58:15 2001 +@@ -56,6 +56,15 @@ + #include "version.h" + #include + ++#ifdef PARANOIA ++# include ++# include ++/* get around the ISC's declaration of group */ ++#define group real_group ++# include ++#undef group ++#endif ++ + static void usage PROTO ((void)); + + TIME cur_time; +@@ -214,6 +223,15 @@ + char *traceinfile = (char *)0; + char *traceoutfile = (char *)0; + #endif ++#ifdef PARANOIA ++ char *set_user = NULL; ++ char *set_group = NULL; ++ char *set_chroot = NULL; ++ ++ uid_t set_uid = 0; ++ gid_t set_gid = 0; ++#endif ++ + + /* Set up the client classification system. */ + classification_setup (); +@@ -262,6 +280,20 @@ + daemon = 0; + #endif + log_perror = -1; ++#ifdef PARANOIA ++ } else if (!strcmp (argv [i], "-user")) { ++ if (++i == argc) ++ usage (); ++ set_user = argv [i]; ++ } else if (!strcmp (argv [i], "-group")) { ++ if (++i == argc) ++ usage (); ++ set_group = argv [i]; ++ } else if (!strcmp (argv [i], "-chroot")) { ++ if (++i == argc) ++ usage (); ++ set_chroot = argv [i]; ++#endif + } else if (!strcmp (argv [i], "-s")) { + if (++i == argc) + usage (); +@@ -323,7 +355,7 @@ + log_fatal ("Insufficient memory to %s %s: %s", + "record interface", argv [i], + isc_result_totext (result)); +- strcpy (tmp -> name, argv [i]); ++ strncpy (tmp -> name, argv [i], sizeof(tmp->name)-1); + if (interfaces) { + interface_reference (&tmp -> next, + interfaces, MDL); +@@ -384,6 +416,66 @@ + } + } + ++#ifdef PARANOIA ++ /* get user and group info if those options were given */ ++ if (set_user) { ++ struct passwd *tmp_pwd; ++ ++ /* ++ ** I query for the real UID and not for the effective UID ++ ** just to force the user to run this server as root and ++ ** not setting it suid. It should be a paranoia patch and ++ ** not a teletubbie patch. *eg* ++ ** Note: That the user is still able to set it suid! *zitter* ++ ** thomas@suse.de ++ */ ++ if (getuid()) ++ error ("you must be root to set user"); ++ ++ if (!(tmp_pwd = getpwnam(set_user))) ++ error ("no such user: %s", set_user); ++ ++ set_uid = tmp_pwd->pw_uid; ++ ++ /* use the user's group as the default gid */ ++ if (!set_group) ++ set_gid = tmp_pwd->pw_gid; ++ ++ } ++ ++ if (set_group) { ++/* get around the ISC's declaration of group */ ++#define group real_group ++ struct group *tmp_grp; ++ ++ /* ++ ** getuid() instead of geteuid(), see above ++ */ ++ if (getuid()) ++ error ("you must be root to set group"); ++ ++ if (!(tmp_grp = getgrnam(set_group))) ++ error ("no such group: %s", set_group); ++ ++ set_gid = tmp_grp->gr_gid; ++#undef group ++ } ++ ++ if (set_chroot) { ++ if (getuid()) /* see above */ ++ error ("you must be root to use chroot"); ++ ++ if (chroot(set_chroot) != 0) { ++ error ("chroot(\"%s\"): %s", set_chroot, ++ strerror(errno)); ++ } ++ if (chdir ("/") != 0) { ++ /* probably permission denied */ ++ error ("chdir(\"/\"): %s", strerror(errno)); ++ } ++ } ++#endif /* PARANOIA */ ++ + remote_port = htons (ntohs (local_port) + 1); + + if (server) { +@@ -587,6 +679,27 @@ + dump_rc_history (); + #endif + ++#ifdef PARANOIA ++ /* change uid to the specified one */ ++ ++ /* ++ ** common failure: forget to drop supplementary GID'S ;-> ++ ** thomas@suse.de ++ */ ++ ++ if (set_gid) { ++ if(setgroups(0, NULL) < 0) ++ error("couldn't drop supplementary groups!"); ++ if (setgid (set_gid) != 0) ++ error ("couldn't set gid to %d", set_gid); ++ } ++ ++ if (set_uid) { ++ if (setuid (set_uid) != 0) ++ error ("couldn't set uid to %d", set_uid); ++ } ++#endif ++ + /* Receive packets and dispatch them... */ + dispatch (); + +@@ -851,6 +964,10 @@ + + log_fatal ("Usage: dhcpd [-p ] [-d] [-f]%s%s%s%s", + "\n [-cf config-file] [-lf lease-file]", ++#ifdef PARANOIA ++ "\n [-user ] [-group ]", ++ "\n [-chroot ]", ++#endif + #if defined (TRACING) + "\n [-tf trace-output-file]", + "\n [-play trace-input-file]", diff --git a/dhcp-3.0b2pl24.resolv.conf.dif b/dhcp-3.0b2pl24.resolv.conf.dif new file mode 100644 index 0000000..0d9bf3e --- /dev/null +++ b/dhcp-3.0b2pl24.resolv.conf.dif @@ -0,0 +1,161 @@ +--- dhcp-3.0.1rc9/client/scripts/linux.orig Fri Apr 26 22:30:46 2002 ++++ dhcp-3.0.1rc9/client/scripts/linux Tue May 21 18:37:25 2002 +@@ -22,14 +22,101 @@ + # 4. TIMEOUT not tested. ping has a flag I don't know, and I'm suspicious + # of the $1 in its args. + ++ ++# Debugging: ++# ++# logs entire run of dhclient-script to /var/log/dhclient-script, ++# if DHCLIENT_DEBUG is set in sysconfig/network/dhcp ++# ++eval `grep "^DHCLIENT_DEBUG=" /etc/sysconfig/network/dhcp` ++if [ "$DHCLIENT_DEBUG" = yes ]; then ++ set -a # allexport ++ ( ++ echo '****************' ++ echo "$0 $*" ++ date ++ echo '----------------' ++ set ++ echo '----------------' ++ ) >> /var/log/dhclient-script ++ exec 2>> /var/log/dhclient-script ++ set +a ++ set -x ++fi ++ + make_resolv_conf() { +- if [ "x$new_domain_name" != x ] && [ x"$new_domain_name_servers" != x ]; then +- echo search $new_domain_name >/etc/resolv.conf +- chmod 644 /etc/resolv.conf +- for nameserver in $new_domain_name_servers; do +- echo nameserver $nameserver >>/etc/resolv.conf +- done ++ # first, look if we are allowed to modify resolv.conf: ++ eval `grep "^MODIFY_RESOLV_CONF_DYNAMICALLY=" /etc/sysconfig/network/config` ++ eval `grep "^DHCLIENT_MODIFY_RESOLV_CONF=" /etc/sysconfig/network/dhcp` ++ ++ test "$MODIFY_RESOLV_CONF_DYNAMICALLY" = no \ ++ -o "$DHCLIENT_MODIFY_RESOLV_CONF" = no \ ++ && return ++ ++ # It might be useful to have more than one domain in the searchlist. To ++ # achieve this set DHCLIENT_KEEP_SEARCHLIST in /etc/sysconfig/network/dhcp to "yes" ++ # and put the additional domains in the searchlist of the *unmodified* ++ # /etc/resolv.conf. When the client is configured via DHCP the old ++ # searchlist will be appended to the new one. ++ oldsearchlist="" ++ eval `grep "^DHCLIENT_KEEP_SEARCHLIST=" /etc/sysconfig/network/dhcp` ++ if test "$DHCLIENT_KEEP_SEARCHLIST" = yes ; then ++ oldsearchlist=`while read line; do ++ case $line in search*) oldsearchlist=${line/search /};; esac; ++ done< /etc/resolv.conf; ++ echo -n $oldsearchlist` + fi ++ ++ ++ ++ # now, backup the existing resolv.conf first. BUT: ++ # an old backup copy should not be there, because the init script deletes them; if there ++ # is one, it must be current and we don't want to overwrite it ++ # (since this script is called by dhclient more than once) ++ if ! test -f /etc/resolv.conf.saved.by.dhclient ; then ++ mv /etc/resolv.conf /etc/resolv.conf.saved.by.dhclient &> /dev/null ++ fi ++ ++ # put a comment into the new file ++ # FIXME: in theory we should use /sbin/modify_resolvconf for the modifications ++ # instead of fiddling around with it ourselves. ++ write_informational_resolv_conf_header ++ ++ echo search $new_domain_name $oldsearchlist >>/etc/resolv.conf ++ chmod 644 /etc/resolv.conf ++ for nameserver in $new_domain_name_servers; do ++ echo nameserver $nameserver >>/etc/resolv.conf ++ done ++} ++ ++function write_informational_resolv_conf_header() { ++ cat > /etc/resolv.conf << EOF ++### BEGIN INFO ++# ++# Modified_by: dhclient ++# Backup: /etc/resolv.conf.saved.by.dhclient ++# Process: /sbin/dhclient ++# Process_id: $(pidof dhclient) ++# Script: /sbin/dhclient-script ++# ++# Info: This is a temporary resolv.conf created by dhclient. ++# A previous resolv.conf has been saved as ++# /etc/resolv.conf.saved.by.dhclient and will be ++# restored when dhclient is stopped. ++# ++# If you don't like dhclient to change your nameserver ++# settings, set DHCLIENT_MODIFY_RESOLV_CONF in ++# /etc/sysconfig/network/dhcp to "no", or set ++# MODIFY_RESOLV_CONF_DYNAMICALLY in /etc/sysconfig/network/config ++# to "no". ++# You can also customize /etc/dhclient.conf (man 5 dhclient.conf) ++# using the supersede and/or prepend option. ++### END INFO ++ ++EOF ++ ++# Make sure that the file is world readable even if umask is set to e.g. 077 ++ + } + + # Must be used on exit. Invokes the local dhcp client exit hooks, if any. +@@ -106,15 +193,6 @@ + + if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \ + [ x$reason = xREBIND ] || [ x$reason = xREBOOT ]; then +- current_hostname=`hostname` +- if [ x$current_hostname = x ] || \ +- [ x$current_hostname = x$old_host_name ]; then +- if [ x$current_hostname = x ] || \ +- [ x$new_host_name != x$old_host_name ]; then +- hostname $new_host_name +- fi +- fi +- + if [ x$old_ip_address != x ] && [ x$alias_ip_address != x ] && \ + [ x$alias_ip_address != x$old_ip_address ]; then + # Possible new alias. Remove old alias. +@@ -147,6 +225,24 @@ + route add -host $alias_ip_address $interface:0 + fi + make_resolv_conf ++ eval `grep --no-filename "^DHCLIENT_SET_HOSTNAME=" /etc/sysconfig/network/dhcp` ++ if [ "$DHCLIENT_SET_HOSTNAME" = yes ] ; then ++ ++ current_hostname=`hostname` ++ if [ x$current_hostname = x ] || \ ++ [ x$current_hostname != x$new_host_name ]; then ++ ++ if [ x$new_host_name != x ]; then ++ hostname $new_host_name ++ else ++ if [ -x /usr/bin/host ] ; then ++ hostname `host "$new_ip_address" | sed 's:^.* ::; s:\..*::'` ++ fi ++ fi ++ ++ fi ++ ++ fi + exit_with_hooks 0 + fi + +@@ -195,4 +291,9 @@ + exit_with_hooks 1 + fi + ++# restore backup copy of resolv.conf ++if test -f /etc/resolv.conf.saved.by.dhclient ; then ++ mv /etc/resolv.conf.saved.by.dhclient /etc/resolv.conf ++fi ++ + exit_with_hooks 0 diff --git a/dhcp-3.0rc10.dif b/dhcp-3.0rc10.dif new file mode 100644 index 0000000..e5f4618 --- /dev/null +++ b/dhcp-3.0rc10.dif @@ -0,0 +1,212 @@ +--- Makefile.conf.orig Tue Jun 26 20:31:36 2001 ++++ Makefile.conf Mon Jul 2 11:37:29 2001 +@@ -38,8 +38,8 @@ + ETC = /etc + VARRUN = /var/run + VARDB = /var/db +-LIBDIR=/usr/local/lib +-INCDIR=/usr/local/include ++LIBDIR=/usr/lib ++INCDIR=/usr/include + LIBS = + COPTS = $(BINDDEF) $(CC_OPTIONS) + DEBUG = -g +@@ -288,17 +288,17 @@ + #COPTS = -DLINUX_MAJOR=$(MAJORVERSION) -DLINUX_MINOR=$(MINORVERSION) \ + # $(BINDDEF) $(CC_OPTIONS) + #CF = cf/linux.h +-#ADMMANDIR = /usr/man/man8 ++#ADMMANDIR = /usr/share/man/man8 + #ADMMANEXT = .8 +-#FFMANDIR = /usr/man/man5 ++#FFMANDIR = /usr/share/man/man5 + #FFMANEXT = .5 +-#LIBMANDIR = /usr/man/man3 ++#LIBMANDIR = /usr/share/man/man3 + #LIBMANEXT = .3 +-#USRMANDIR = /usr/man/man1 ++#USRMANDIR = /usr/share/man/man1 + #USRMANEXT = .1 + #MANCAT = man + #VARRUN = /var/run +-#VARDB = /var/state/dhcp ++#VARDB = /var/lib/dhcp + #SCRIPT=linux + ##--linux-2.0-- + +@@ -307,17 +307,17 @@ + #COPTS = -DLINUX_MAJOR=$(MAJORVERSION) -DLINUX_MINOR=$(MINORVERSION) \ + # $(BINDDEF) $(CC_OPTIONS) + #CF = cf/linux.h +-#ADMMANDIR = /usr/man/man8 ++#ADMMANDIR = /usr/share/man/man8 + #ADMMANEXT = .8 +-#FFMANDIR = /usr/man/man5 ++#FFMANDIR = /usr/share/man/man5 + #FFMANEXT = .5 +-#LIBMANDIR = /usr/man/man3 ++#LIBMANDIR = /usr/share/man/man3 + #LIBMANEXT = .3 +-#USRMANDIR = /usr/man/man1 ++#USRMANDIR = /usr/share/man/man1 + #USRMANEXT = .1 + #MANCAT = man + #VARRUN = /var/run +-#VARDB = /var/state/dhcp ++#VARDB = /var/lib/dhcp + #SCRIPT=linux + ##--linux-2.1-- + +@@ -326,20 +326,36 @@ + #COPTS = -DLINUX_MAJOR=$(MAJORVERSION) -DLINUX_MINOR=$(MINORVERSION) \ + # $(BINDDEF) $(CC_OPTIONS) + #CF = cf/linux.h +-#ADMMANDIR = /usr/man/man8 ++#ADMMANDIR = /usr/share/man/man8 + #ADMMANEXT = .8 +-#FFMANDIR = /usr/man/man5 ++#FFMANDIR = /usr/share/man/man5 + #FFMANEXT = .5 +-#LIBMANDIR = /usr/man/man3 ++#LIBMANDIR = /usr/share/man/man3 + #LIBMANEXT = .3 +-#USRMANDIR = /usr/man/man1 ++#USRMANDIR = /usr/share/man/man1 + #USRMANEXT = .1 + #MANCAT = man + #VARRUN = /var/run +-#VARDB = /var/state/dhcp ++#VARDB = /var/lib/dhcp + #SCRIPT=linux + ##--linux-2.2-- + ++## Linux 2.4 ++##--linux-2.4-- ++#COPTS = -DLINUX_MAJOR=$(MAJORVERSION) -DLINUX_MINOR=$(MINORVERSION) $(BINDDEF) ++#CF = cf/linux.h ++#ADMMANDIR = /usr/share/man/man8 ++#ADMMANEXT = .8 ++#FFMANDIR = /usr/share/man/man5 ++#FFMANEXT = .5 ++#LIBMANDIR = /usr/share/man/man3 ++#LIBMANEXT = .3 ++#MANCAT = man ++#VARRUN = /var/run ++#VARDB = /var/lib/dhcp ++#SCRIPT=linux ++##--linux-2.4-- ++ + ## SCO UnixWare 7 + ##--uw7-- + #CF = cf/uw7.h +--- client/dhclient.conf ++++ client/dhclient.conf 2000/07/24 10:40:54 +@@ -1,8 +1,28 @@ +-send host-name "andare.fugue.com"; +-send dhcp-client-identifier 1:0:a0:24:ab:fb:9c; ++# dhclient configuration file ++# see "man dhclient.conf" for further details ++# file: /etc/dhclient.conf ++# ++ ++ ++###################################################### ++# Suggested configurations for Cable Modem providers # ++# ++# uncomment and fill in the appropriate section ++ ++##################################################### ++# @Home -- TCI, etc ++# ++# Uncomment the following line and enter your Client ID, which should ++# have come in your mail from @Home ++# ++# send dhcp-client-identifier "c32423-a" ++ ++#send host-name "andare.fugue.com"; ++#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c; ++#supersede domain-name "fugue.com home.vix.com"; ++#prepend domain-name-servers 127.0.0.1; ++ + send dhcp-lease-time 3600; +-supersede domain-name "fugue.com home.vix.com"; +-prepend domain-name-servers 127.0.0.1; + request subnet-mask, broadcast-address, time-offset, routers, + domain-name, domain-name-servers, host-name; + require subnet-mask, domain-name-servers; +@@ -11,26 +31,7 @@ + reboot 10; + select-timeout 5; + initial-interval 2; +-script "/etc/dhclient-script"; +-media "-link0 -link1 -link2", "link0 link1"; +-reject 192.33.137.209; +- +-alias { +- interface "ep0"; +- fixed-address 192.5.5.213; +- option subnet-mask 255.255.255.255; +-} +- +-lease { +- interface "ep0"; +- fixed-address 192.33.137.200; +- medium "link0 link1"; +- option host-name "andare.swiftmedia.com"; +- option subnet-mask 255.255.255.0; +- option broadcast-address 192.33.137.255; +- option routers 192.33.137.250; +- option domain-name-servers 127.0.0.1; +- renew 2 2000/1/12 00:00:01; +- rebind 2 2000/1/12 00:00:01; +- expire 2 2000/1/12 00:00:01; +-} ++script "/sbin/dhclient-script"; ++ ++#media "-link0 -link1 -link2", "link0 link1"; ++#reject 192.33.137.209; +--- includes/cf/linux.h ++++ includes/cf/linux.h Sun Mar 18 02:34:20 2001 +@@ -84,7 +84,7 @@ + + #include /* gettimeofday()*/ + +-/* Databases go in /var/state/dhcp. It would also be valid to put them ++/* Databases go in /var/lib/dhcp. It would also be valid to put them + in /var/state/misc - indeed, given that there's only one lease file, it + would probably be better. However, I have some ideas for optimizing + the lease database that may result in a _lot_ of smaller files being +@@ -92,11 +92,11 @@ + directory. */ + + #ifndef _PATH_DHCPD_DB +-#define _PATH_DHCPD_DB "/var/state/dhcp/dhcpd.leases" ++#define _PATH_DHCPD_DB "/var/lib/dhcp/db/dhcpd.leases" + #endif + + #ifndef _PATH_DHCLIENT_DB +-#define _PATH_DHCLIENT_DB "/var/state/dhcp/dhclient.leases" ++#define _PATH_DHCLIENT_DB "/var/lib/dhcp/dhclient.leases" + #endif + + /* Varargs stuff... */ +--- includes/dhcpd.h ++++ includes/dhcpd.h Sun Mar 18 02:38:16 2001 +@@ -860,7 +860,7 @@ + #endif + + #ifndef _PATH_DHCPD_DB +-#define _PATH_DHCPD_DB "/etc/dhcpd.leases" ++#define _PATH_DHCPD_DB "/var/lib/dhcp/db/dhcpd.leases" + #endif + + #ifndef _PATH_DHCPD_PID +@@ -877,7 +877,7 @@ + #endif + + #ifndef _PATH_DHCLIENT_DB +-#define _PATH_DHCLIENT_DB "/etc/dhclient.leases" ++#define _PATH_DHCLIENT_DB "/var/run/dhclient.leases" + #endif + + #ifndef _PATH_RESOLV_CONF diff --git a/dhcp-3.0rc10.filedes.dif b/dhcp-3.0rc10.filedes.dif new file mode 100644 index 0000000..71dc11d --- /dev/null +++ b/dhcp-3.0rc10.filedes.dif @@ -0,0 +1,16 @@ +--- client/dhclient.c.orig Wed Jun 20 05:03:59 2001 ++++ client/dhclient.c Mon Jul 16 14:30:00 2001 +@@ -2558,6 +2558,13 @@ + wstatus = 0; + } + } else { ++ if ((i = open("/dev/null", O_RDWR)) != -1) { ++ dup2(i, STDIN_FILENO); ++ dup2(i, STDOUT_FILENO); ++ dup2(i, STDERR_FILENO); ++ if (i > STDERR_FILENO) ++ close(i); ++ } + execve (scriptName, argv, envp); + log_error ("execve (%s, ...): %m", scriptName); + exit (0); diff --git a/dhcp-send-hostname-rml.patch b/dhcp-send-hostname-rml.patch new file mode 100644 index 0000000..73fdd90 --- /dev/null +++ b/dhcp-send-hostname-rml.patch @@ -0,0 +1,104 @@ +Add -H flag to specify a hostname to send to the DHCP server + + client/dhclient.8 | 8 ++++++++ + client/dhclient.c | 41 +++++++++++++++++++++++++++++++++++++++-- + 2 files changed, 47 insertions(+), 2 deletions(-) + +diff -urN dhcp-3.0.3/client/dhclient.8 dhcp/client/dhclient.8 +--- dhcp-3.0.3/client/dhclient.8 2006-05-04 13:06:38.000000000 -0400 ++++ dhcp/client/dhclient.8 2006-05-04 13:08:33.000000000 -0400 +@@ -33,6 +33,9 @@ + .I port + ] + [ ++.B -H hostname ++] ++[ + .B -d + ] + [ +@@ -165,6 +168,11 @@ + transmit on, the client will also use a different destination port - + one greater than the specified destination port. + .PP ++The ++.B -H ++flag may be used to specify a client hostname that should be sent to ++the DHCP server. ++.PP + The DHCP client normally transmits any protocol messages it sends + before acquiring an IP address to, 255.255.255.255, the IP limited + broadcast address. For debugging purposes, it may be useful to have +diff -urN dhcp-3.0.3/client/dhclient.c dhcp/client/dhclient.c +--- dhcp-3.0.3/client/dhclient.c 2006-05-04 13:06:38.000000000 -0400 ++++ dhcp/client/dhclient.c 2006-05-04 13:09:41.000000000 -0400 +@@ -104,6 +104,7 @@ + int no_dhclient_db = 0; + int no_dhclient_pid = 0; + int no_dhclient_script = 0; ++ char *dhclient_hostname = NULL; + char *s; + + /* Make sure we have stdin, stdout and stderr. */ +@@ -186,6 +187,15 @@ + if (++i == argc) + usage (); + relay = argv [i]; ++ } else if (!strcmp (argv [i], "-H")) { ++ if (++i == argc || !argv[i] || *(argv[i]) == '\0') ++ usage (); ++ if (strlen (argv[i]) >= DHCP_OPTION_LEN) { ++ log_error("-H option host-name string \"%s\" is too long:" ++ "maximum length is %d characters", argv[i], DHCP_OPTION_LEN-1); ++ exit(1); ++ } ++ dhclient_hostname = argv [i]; + } else if (!strcmp (argv [i], "-nw")) { + nowait = 1; + } else if (!strcmp (argv [i], "-n")) { +@@ -350,6 +360,33 @@ + /* Parse the dhclient.conf file. */ + read_client_conf (); + ++ /* If the user specified a hostname, send it here and now */ ++ if ((dhclient_hostname != NULL) && (*dhclient_hostname != '\0') ) { ++ struct parse *cfile = NULL; ++ char buf[DHCP_OPTION_LEN + 40]; ++ int len; ++ ++ len = sprintf (buf, "send host-name \"%s\";", dhclient_hostname); ++ ++ status = new_parse (&cfile, -1, buf, len, "host-name option", 0); ++ ++ if (status != ISC_R_SUCCESS) ++ log_fatal ("Cannot parse dhcp-client-identifier send statement!"); ++ ++ for (;;) { ++ const char *val = NULL; ++ int token; ++ ++ token = peek_token (&val, (unsigned *)0, cfile); ++ if (token == END_OF_FILE) ++ break; ++ ++ parse_client_statement (cfile, NULL, &top_level_config); ++ ++ } ++ end_parse (&cfile); ++ } ++ + /* Parse the lease database. */ + read_client_leases (); + +@@ -487,9 +524,9 @@ + log_info (url); + + #ifdef EXTENDED_NEW_OPTION_INFO +- log_error ("Usage: dhclient [-1dqr] [-nwx] [-p ] %s", ++ log_error ("Usage: dhclient [-1dqr] [-nwx] [-H ] [-p ] %s", + #else +- log_error ("Usage: dhclient [-1dqr] [-nw] [-p ] %s", ++ log_error ("Usage: dhclient [-1dqr] [-nw] [-H ] [-p ] %s", + #endif + "[-s server]"); + log_error (" [-cf config-file] [-lf lease-file]%s", diff --git a/dhcp.LIESMICH b/dhcp.LIESMICH new file mode 100644 index 0000000..f4b5574 --- /dev/null +++ b/dhcp.LIESMICH @@ -0,0 +1,106 @@ +/* README.SuSE zum ISC DHCP-Server */ + +Bevor Sie dhcpd benutzen koennen, muessen Sie ihn ueber + - /etc/sysconfig/dhcpd (grundsaetzliche Einst.) +und + - /etc/dhcpd.conf (Konfigurationsdatei) +konfigurieren. Eine Beispielkonfiguration finden Sie unter +/usr/share/doc/packages/dhcp-server/ + + +Paketfilter +=========== +Dieses Paket enthaelt ein zusaetzliches dhcpd-Binary (/usr/sbin/dhcpd.bsd), das +so kompiliert ist, dass es BSD Sockets anstatt LPF (Linux Packet +Filter) verwendet. + +Mit diesem binary ist es moeglich, den Netzwerkverkehr des Servers mit dem +Paketfilter des Kernels zu filtern, waehrend die sonst verwendeten Raw Sockets +den Paketfilter umgehen. Allerdings kann es dadurch in seltenen Faellen zu +Inkompatibilitaeten mit manchen DHCP-Clients (oder dazwischengeschalteten +DHCP-Gateways) kommen. Mehr Informationen und moegliche Seiteneffekte wurden +hier diskutiert: +http://marc.theaimsgroup.com/?l=dhcp-server&m=108791973729847&w=2 + +Es besteht die Moeglichkeit, das verwendete Binary ueber DHCPD_BINARY in +/etc/sysconfig/dhcpd festzulegen. + + +Option 119 (Searchlist) +======================= +Fuer diese relativ neue Option (DHCP Option 119, RFC3397) gibt es noch keinen +direkten Support im DHCP Server. Sie muss als freie Option definiert werden, +wenn der zu sendende String im DNS-Format komprimiert wurde, und kann +folgendermassen in die Konfiguration geschrieben werden: + +option searchlist code 119 = string; +option searchlist "\x07domain1\x07example\x03com\x00\x07domain2\xc0\x08"; + +Die erste Anweisung ist immer global zu verwenden; die zweite kann sich auch in +einem Subnet befinden. + +Der komprimierte String kann mit dem Programm +/usr/share/doc/packages/dhcp-server/dnscompr.py wie folgt erzeugt werden (Beispiel): + + # python /usr/share/doc/packages/dhcp-server/dnscompr.py domain1.example.com domain2.example.com +'\x07domain1\x07example\x03com\x00\x07domain2\xc0\x08' + +dnscompr.py benoetigt das python-dnspython Paket, das mit 10.0 ausgeliefert +wird. Fuer aeltere SUSE Linux Versionen gibt es das Python-Modul unter +http://ftp.suse.com/pub/people/poeml/python-dnspython/ + +Die Kompression ist in RFC 3397 sowie, in detaillierterer Form, in RFC1035 +beschrieben. + + +Chroot-"Gefaengnis" +=================== + +Unsere Version des ISC DHCP-Servers enthaelt einen modifizierten +'non-root/chroot'-Patch nach Ari Edelkind. Damit kann der dhcpd + + - als unprivilegierter Benutzer laufen + - in einer chroot-Umgebung laufen (/var/lib/dhcp) + +was (in dieser Kombination) die sicherste Moeglichkeit ist, den Server zu +betreiben. + +Die Konfigurationsdatei muss dafuer in /var/lib/dhcp/etc liegen, und wird +deshalb vom Init-Skript beim Start automatisch dorthin kopiert. Weitere Dateien +(Include-Dateien) koennen in /etc/sysconfig/dhcpd:DHCPD_CONF_INCLUDE_FILES +aufgefuehrt werden. + +Damit der dhcp-Daemon aus der chroot-Umgebung heraus weiter loggen kann, auch +wenn der Syslog-Daemon neu gestartet wird, wird in /etc/sysconfig/syslog +automatisch "-a /var/lib/dhcp/dev/log" hinzugefuegt. + + +WICHTIG: In der chroot-Umgebung kann dhcpcd nur dann Hostnamen +aufloesen, wenn folgende Dateien vorhanden sind: + /etc/localtime + /etc/host.conf + /etc/hosts + /etc/resolv.conf + /lib/libresolv.so.2 + /lib/libnss_dns.so.2 + /lib/libnss_dns6.so.2 +Beim Start des Init-Skriptes werden diese (zus. etwa 100 kB) deshalb nach +/var/lib/dhcp/ kopiert. (Diese Dateien muessen eventuell auf dem Laufenden +gehalten werden, wenn sie durch Skript wie /etc/ppp/ip-up dynamisch modifiziert +werden.) Wenn in der Konfigurationsdatei nur IP-Adressen anstelle von Hostnamen +verwenden, sind hier keine Probleme zu erwarten. + +Das chroot-Feature kann ueber DHCPD_RUN_CHROOTED in /etc/sysconfig/dhcpd zur +Not auch abgeschaltet werden. + + +Weitere Informationen finden Sie unter + +und + . + +Have a lot of fun! + + Your SuSE Team + + diff --git a/dhcp.README b/dhcp.README new file mode 100644 index 0000000..5123ba5 --- /dev/null +++ b/dhcp.README @@ -0,0 +1,102 @@ +/* README.SuSE for the ISC DHCP server */ + +Before you can run dhcpd, you have to configure it via + - /etc/sysconfig/dhcpd (general settings) +and + - /etc/dhcpd.conf (configuration file) + +See /usr/share/doc/packages/dhcp-server for example configurations. + + +Note on packet filtering +======================== +This dhcp package contains an additional dhcpd binary (/usr/sbin/dhcpd.bsd) +which is compiled using BSD sockets instead of LPF (linux packet filter). + +Using that binary, the network traffic handled by dhcpd can be filtered by the +packet filter of the Linux kernel, while the raw sockets used normally would +bypass any filtering. However, there is a tiny number of setups where this can +result in incompatibilities with certain DHCP clients, or with DHCP relay +agents in between. More information and a discussion of side effects was +discussed here: +See http://marc.theaimsgroup.com/?l=dhcp-server&m=108791973729847&w=2 + +It is possible to choose the binary by adjusting DHCPD_BINARY in +/etc/sysconfig/dhcpd. + + +Option 119 (Searchlist) +======================= +For this relatively new option (DHCP Option 119, RFC3397) the server does not +have a dedicated configuration option yet. It must be declared as free option, +after compressing the search string with DNS compression (see below), and put +into the configuration like this: + +option searchlist code 119 = string; +option searchlist "\x07domain1\x07example\x03com\x00\x07domain2\xc0\x08"; + +The first line is always used globally; the second one could be placed in a +subnet block. + +The compressed string can be generated with the program +/usr/share/doc/packages/dhcp-server/dnscompr.py as shown here (example): + + # python /usr/share/doc/packages/dhcp-server/dnscompr.py domain1.example.com domain2.example.com +'\x07domain1\x07example\x03com\x00\x07domain2\xc0\x08' + +dnscompr.py needs the python-dnspython package installed, which is shipping +since 10.0. For older SUSE Linux versions the python-module can be found at +http://ftp.suse.com/pub/people/poeml/python-dnspython/ + +The compression is described in RFC 3397, and (with more detail) in RFC1035. + + + +Chroot Jail +=========== + +Our version of the ISC dhcp server contains a modified "(non-root/chroot)" +patch by Ari Edelkind. This allows dhcpd to + + - run as unprivileged user + - run in a chroot environment (/var/lib/dhcp) + +which, in this combination, is the safest possible way of running dhcpd. + +In order to be found by dhcpd in the chroot jail, the configuration file +will automatically copied to /var/lib/dhcp/etc/ when the server is started. +Further conf files (include files) can be listed in DHCPD_CONF_INCLUDE_FILES +in /etc/sysconfig/dhcpd. + +To enable dhcpd to continue logging from the chroot environment even after +syslogd has been restarted, "-a /var/lib/dhcp/dev/log" is automatically added to the syslog configuration in /etc/sysconfig/syslog. + + +NOTE: +In the chroot jail, dhcpd can't resolve hostnames unless it can find +the following files: + /etc/localtime + /etc/host.conf + /etc/hosts + /etc/resolv.conf + /lib/libresolv.so.2 + /lib/libnss_dns.so.2 + /lib/libnss_dns6.so.2 +Thererore, these files (about 100 kB) will automatically copied to the chroot +jail when the server is started. (You might have to keep these current if +they are modified dynamically by other programs (e.g./etc/ppp/ip-up) while +dhcpd is running.) This is not a problem at all when you use IP addresses +instead of host names in the config file. + +In case of trouble, you can also disable the chroot feature by setting +DHCPD_RUN_CHROOTED in /etc/sysconfig/dhcpd to "no". + +See + +and + +for more information. + +Have a lot of fun! + + Your SuSE Team diff --git a/dhcp.README.upgrade b/dhcp.README.upgrade new file mode 100644 index 0000000..91233a8 --- /dev/null +++ b/dhcp.README.upgrade @@ -0,0 +1,36 @@ +When upgrading from version 2 to version 3, there are three things that are +helpful to know: + + + - you must use the ddns-update-style keyword. Either set it to "none", e.g. + like this: + + ddns-update-style none; ddns-updates off; + + If you don't have a statement about ddns at all, dhcpd-3 will not start, + and give you a message about "ddns-update-style ad-hoc;". (Don't use that + one -- the ad-hoc style is depracated. Use the interim style instead.) + + If you used DDNS with 3.0beta1 versions and want to upgrade, you can + convert the lease file with this script: + /usr/share/doc/packages/dhcp/3.0b1-lease-convert + + + - in version 3, if you define an IP address range for dynamic allocation, it + will not work for bootp by default. Contrary to version 2 you have to + explicitely allow bootp like this: + + range dynamic-bootp 192.168.0.10 192.168.0.20; + + + - version 3 will not act as an "authoritative" server by default. That means + that it will not send DHCPNAKs for addresses that can't be requested. If you + run the principal DHCP server of your network, add the + + authoritative; + + statement to the subnet declaration. + + +Apart from that, you should be able to use the same configuration as before! +Please send comments to poeml@suse.de. diff --git a/dhcp.changes b/dhcp.changes new file mode 100644 index 0000000..2d521da --- /dev/null +++ b/dhcp.changes @@ -0,0 +1,1373 @@ +------------------------------------------------------------------- +Tue Jan 9 13:48:07 CET 2007 - mt@suse.de + +- Added installation of dhcpd.xml, dhcpd service description + for omc xml-service-provider, fate #301710. +- fix of the ldap-patch strncat fix, bug #202648 + +------------------------------------------------------------------- +Wed Nov 8 11:33:50 CET 2006 - mt@suse.de + +- fix for strncat usage in ldap-patch, bug #202648 + +------------------------------------------------------------------- +Tue Nov 7 11:28:23 CET 2006 - mt@suse.de + +- updated to 3.0.5, bug #212310: + * This release is a maintenance release that seeks to correct bugs + introduced in 3.0.4 or prior. The most important of these bugs + is for 64-bit time_t systems that was introduced in 3.0.4. + * If you are upgrading from ISC DHCP 3.0.3 or prior and are using + failover, please take special care of the 'atsfp' values now + included on failover-controlled leases. See the RELNOTES file. +- adopted dhcp-3.0.4-tmpfile.dif (now dhcp-3.0.5-tmpfile.dif) +- added to provide gpg signature of the tar archive as rpm-source + +------------------------------------------------------------------- +Tue Oct 17 20:26:30 CEST 2006 - poeml@suse.de + +- there is no SuSEconfig.syslog script anymore, thus remove the + YaST hint from the sysconfig template + +------------------------------------------------------------------- +Fri Jun 9 14:49:58 CEST 2006 - poeml@suse.de + +- upstream 3.0.4: + * fix an insidious bug in the failover implementation which, if + left unchecked, could result in tying up all leases in + transitional states (such as released, reset, or expired) + * fix a confusing (wrong) syslog line, logged by during DDNS update + * The server now tries harder to survive the condition where it is + unable to open a new lease file to rewrite the lease state + database. + * several other small bug fixes +- update ldap patch. It now supports ldap over ssl, but we don't + enable it and add dhcp-3.0.4-ldap-patch-nossl.dif, because at the + moment there seems to be a choice between linking dhclient + against ldap+ssl libs (not in /lib) or risking clash between + openssl and isc's md5 symbols. (At least, I assume that this is + the reason why the ldap patch now removes the isc implementation + from the build.) Thus, I readd the patch which added ldap libs to + LIBS in the server subdir only, via ./configure +- if /etc/sysconfig/dhcpd:DHCPD_INTERFACE is set to "ANY", dhcpd + will now autodetect available network interfaces + +------------------------------------------------------------------- +Fri Jun 2 11:55:59 CEST 2006 - poeml@suse.de + +- allow for build on SUSE Linux 9.3 and older (no -fpie) +- clean up all CFLAGS/DEBUG_FLAGS definitions + +------------------------------------------------------------------- +Tue May 16 16:24:33 CEST 2006 - poeml@suse.de + +- add s390x to the list of platforms to compile with -fsigned-char + to avoid the dhclient.conf parse error "expecting a statement" + [#171532], [#134590] + +------------------------------------------------------------------- +Thu May 4 23:01:10 CEST 2006 - rml@suse.de + +- Add "-H" flag for setting hostname (Novell major bug #139532) + +------------------------------------------------------------------- +Wed Mar 29 15:47:38 CEST 2006 - poeml@suse.de + +- fix two further include paths in dhcpctl.3 and omapi.3 + +------------------------------------------------------------------- +Wed Mar 29 12:50:24 CEST 2006 - poeml@suse.de + +- package the static libdst.a library [#158271] +- fix the include path in dhcpctl.3 and omapi.3 [#158271] + +------------------------------------------------------------------- +Fri Jan 27 01:11:31 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Wed Jan 25 14:06:19 CET 2006 - poeml@suse.de + +- dereference links when copying stuff into the chroot jail [#145169] + +------------------------------------------------------------------- +Mon Jan 23 11:53:45 CET 2006 - thoenig@suse.de + +- dropped dhcp-3.0.3-dhclient-nm_active-01-thoenig.patch. Correct + solution is being implemented in NetworkManager + +------------------------------------------------------------------- +Sat Jan 14 12:40:06 CET 2006 - thoenig@suse.de + +- replaced 'nis-domain-servers' by 'nis-servers' in + dhcp-3.0.3-dhclient-nis-01-thoenig.patch (follow-up #134160) + +------------------------------------------------------------------- +Fri Jan 13 22:35:10 CET 2006 - thoenig@suse.de + +- add 'nis-domain' and 'nis-domain-servers' to 'request' + dhclient.conf (dhcp-3.0.3-dhclient-nis-01-thoenig.patch). If + the DHCP reply contains information about NIS, NM will set those. + (#134160) +- extended /sbin/dhclient-script to set domain name and host name. + This will only happen if the relevant options in + /etc/sysconfig/network/dhcp are set. + (dhcp-3.0.3-dhclient-nm_active-01-thoenig.patch) (#134160) + +------------------------------------------------------------------- +Mon Nov 28 14:43:43 CET 2005 - poeml@suse.de + +- compile with -fsigned-char on ppc/ppc64, avoiding the + dhclient.conf parse error "expecting a statement" [#134590] + +------------------------------------------------------------------- +Mon Sep 26 01:30:25 CEST 2005 - ro@suse.de + +- define LDAP_DEPRECATED in CFLAGS + +------------------------------------------------------------------- +Wed Aug 3 15:07:50 CEST 2005 - poeml@suse.de + +- update to 3.0.3 + * A bug was fixed in BOOTPREQUEST handling code wherein stale + references to host records would be left behind on leases that + were not allocated to the client currently booting (eg in the + case where the host was denied booting). + * The dhcpd.conf.5 manpage was updated to be more clear in + regards to multiple host declarations (thanks to Vincent + McIntyre). 'Interim' style dynamic updates were also + retouched. + * dhclient.conf documentation for interface {} was updated to + reflect recent discussion on the dhcp-hackers mailing list. +- update ldap patch, patches merged upstream +- compile with LPF instead of bsd sockets. Provide optional binary + compiled with bsd sockets. +- README: describe how to serve option 119 (searchlist), add dns + compression tool + +------------------------------------------------------------------- +Tue Jul 12 08:47:02 CEST 2005 - hare@suse.de + +- build with pie/PIE depending on architecture. + +------------------------------------------------------------------- +Thu Jun 30 21:38:41 CEST 2005 - gekker@suse.de + +- Add -DEXTENDED_NEW_OPTION_INFO to CFLAGS for rml + +------------------------------------------------------------------- +Tue Jun 28 22:03:50 CEST 2005 - gekker@suse.de + +- Add support for dhcdbd, patches from RH via rml + +------------------------------------------------------------------- +Mon Jun 20 16:45:22 CEST 2005 - ro@suse.de + +- build with pie/fpie + +------------------------------------------------------------------- +Mon Jun 13 15:26:44 CEST 2005 - kukuk@suse.de + +- Don't use kernel types in user space + +------------------------------------------------------------------- +Fri Apr 8 16:25:06 CEST 2005 - poeml@suse.de + +- update to 3.0.3b1 release. Changes since 3.0.2: + * A bug was fixed where a server might load balance a DHCP REQUEST to its + peer after already choosing not to load balance the preceeding DISCOVER. + The peer cannot allocate the originating server's lease. + * In the case where a secondary server lost its stable storage while the + primary was still in communications-interrupted, and came back online, + the lease databases would not be fully transferred to the secondary. + This was due to the secondary errantly sending an extra UPDREQ message + when the primary made its state transition to PARTNER-DOWN known. + * The package will now compile cleanly in gcc 3.3 and 3.4. As a side effect, + lease structures will be 9 bytes smaller on all platforms. Thanks to + Jason Vas Dias at Redhat. + * Interface discovery code in DISCOVER_UNCONFIGURED mode is now + properly restricted to only detecting broadcast interfaces. Thanks + to a patch from Jason Vas Dias at RedHat. + * decode_udp_ip_header was changed so that the IP address was copied out + to a variable, rather than referenced by a pointer. This enforces 4-byte + alignment of the 32-bit IP address value. Thanks to a patch from Dr. + Peter Poeml. + * An incorrect log message was corrected thanks to a patch from + Dr. Peter Poeml. + * A bug in DDNS was repaired, where if the server's first DDNS action was + a DDNS removal rather than a DDNS update, the resolver library's + retransmit timer and retry timer was set to the default, implying a + 15 second timeout interval. Which is a little excessive in a synchronous, + single-threaded system. In all cases, ISC DHCP should now hold fast to + a 1-second timeout, trying only once. + * The siaddr field was being improperly set to the server-identifier when + responding to DHCP messages. RFC2131 clarified the siaddr field as + meaning the 'next server in the bootstrap process', eg a tftp server. + The siaddr field is now left zeroed unless next-server is configured. + * mockup_lease() could have returned in an error condition (or in the + condition where no fixed-address was found matching the shared + network) with stale references to a host record. This is probably not + a memory leak since host records generally never die anyway. + * A bug was repaired where failover servers would let stale client identifiers + persist on leases that were reallocated to new clients not sending an id. + * Binding scopes ("set var = value;") are now removed from leases allocated + by failover peers if the lease had expired. This should help reduce the + number of stale binding scopes on leases. + * A small memory leak was closed involving client identifiers larger than + 7 bytes, and failover. + * Configuring a subnet in dhcpd.conf with a subnet mask of 32 bits might + cause an internal function to overflow heap. Thanks to Jason Vas Dias + at Redhat. + * Some inconsistencies in treating numbers that the lexer parsed as 'NUMBER' + or 'NUMBER_OR_NAME' was repaired. Hexadecimal parsing is affected, and + should work better. + * In several cases, parse warnings were being issued before the lexical + token had been advanced to the token whose value was causing an error... + causing parse warnings to claim the problem is on the wrong token. + * Host declarations matching on client identifier for dynamic leases will + no longer match fixed-address host declarations (this is now identical + to behaviour for host records matching on hardware address). +- print error if binary DHCPD_BINARY is not found [#76392] +- remove patches incorporated upstreams +- update ssh forced command example in dhcpsync man page + +------------------------------------------------------------------- +Mon Feb 21 17:53:08 CET 2005 - poeml@suse.de + +- update to 3.0.2 release. Changes since 3.0.2rc3: + * A previously undocumented configuration directive, + 'local-address', was documented in the dhcpd.conf manpage. + +------------------------------------------------------------------- +Tue Feb 8 17:40:05 CET 2005 - mt@suse.de + +- Bug #49433: try to reconnect to ldap server if it was down; + ignore SIGPIPE while ldap_unbind called on closed handle. + = new patch file: dhcp-3.0.2-ldap-reconnect.mt.dif.gz + +------------------------------------------------------------------- +Tue Dec 7 15:29:15 CET 2004 - poeml@suse.de + +- update to 3.0.2rc3. Changes since rc2: + * Two variables introduced in 3.0.2b1 were used without being + initialized in the case where neither the FILE nor SNAME fields + were available for overloading. This was repaired. + * A heretofore believed to be impossible corner case of the + option overloading implementation turned out to be possible + ("Unable to sort overloaded options after 10 tries."). The + implementation was reworked to consider the case of an option + so large it would require more than three chunks to fit. + * Many other instances of variables being used without being + initialized were repaired. + * An uninitialized variable in omapi_io_destroy() led to the + discovery that this function may result in orphaned pointers + (and hence, a memory leak). +- refresh the unaligned.patch + +------------------------------------------------------------------- +Tue Nov 30 14:10:15 CET 2004 - poeml@suse.de + +- update to 3.0.2rc2. Changes since 3.0.1: + * allocate_lease() was rewritten to repair a bug in which the server would + try to allocate an ABANDONED lease when FREE leases were available. + * Some dhcp-eval.5 manpage formatting was repaired. + * A bug was fixed in the server's 'option overloading' implementation, + where options loaded into the 'file' and 'sname' packet fields were + not aligned precisely as rfc2131 dictates. + * The FreeBSD client script was changed to support the case where a domain + name was not provided by the server. + * A memory leak in 'omshell' per each command line parsed was + repaired, thanks to a patch from Jarkko Torppa. + * Log functions writing to stderr were adjusted to use the STDERR_FILENO + system definition rather than '2'. This is a no-op for 90% of platforms. + * One call to trace_write_packet_iov() counted the number of io vectors + incorrectly, causing inconsistent tracefiles. This was fixed. + * Some expression parse failure memory leaks were closed. + * A host byte order problem in tracefiles was repaired. + * Pools configured in DHCPD for failover possessing permission lists that + previously were assumed to not include dyanmic bootp clients are now + a little more pessimistic. The result is, dhcpd will nag you about just + about most pools that possess a 'allow' statement with no 'deny' that + would definitely match a dynamic bootp client. + * The 'ddns-update-style' configuration warning bit now insists that + the configuration be globally scoped. + * Two memory leaks in dhclient were closed thanks to a patch from Felix + Farkas. + * Some minor but excellently pedantic documentation errors were fixed + thanks to a patch from Thomas Klausner. + * Bugs in operator precedence in executable statements have been repaired + once again. More legal syntaxes should be parsed legally. + * Failing to initialize a tracefile for any reason if a tracefile was + specified is now a fatal error. Thanks to a patch from Albert Herranz. + * Corrected a bug in which the number of leases transferred as calculated + by the failover primary and sent to peers in POOLRESP responses may be + incorrect. This value is not believed to be used by other failover + implementations, excepting perhaps as logged information. + * Corrected a bug in which 'dhcp_failover_send_poolresp()' was in fact + sending POOLREQ messages instead of POOLRESP mesasges. This message + was essentially ignored since failover secondaries effectively do not + respond to POOLREQ messages. + * Type definitions for various bitwidths of integers in the sunos5-5 + build of ISC DHCP have been fixed. It should compile and run more + easily when built in 64-bit for this platform. + * "allow known-clients;" is now a legal syntax, to avoid confusion. + * If one dhcp server chooses to 'load balance' a request to its failover + peer, it first checks to see if it believes said peer has a free + lease to allocate before ignoring the DISCOVER. + * log() was logging a work buffer, rather than the value returned by + executing the statements configured by the user. In some cases, + the work buffer and the intended results were the same. In some other + cases, they were not. This was fixed thanks to a patch from Gunnar + Fjone and directconnect.no. + * Compiler warnings for some string type conversions was fixed, thanks + to Andreas Gustafsson. + * The netbsd build environments were simplified to one, in which + -Wconversion is not used, thanks to Andreas Gustafsson. + * How randomness in the backoff-cutoff dhclient configuration variable + is implemented was better documented in the manpage, and the behaviour + of dhclient in REQUEST timeout handling was changed to match that of + DISCOVER timeout handling. + * Omapi was hardened against clients that pass in null values, thanks + to a patch from Mark Jason Dominus. + * A bug was fixed in dhclient that kept it from doing client-side + ddns updates. Thanks to a patch from Andreas Gustafsson, which + underwent some modification after review by Jason Vas Dias. + * Failover implementations disconnected due to the network between + them (rather than one of the two shutting down) will now try to + re-establish the failover connection every 5 seconds, rather than + to simply try once and give up until one of them is restarted. + Thanks to a patch from Ulf Ekberg from Infoblox, and field testing + by Greger V. Teigre which led to an enhancement to it. + * A problem that kept DHCP Failover secondaries from tearing down + ddns records was repaired. Thanks to a patch from Ulf Ekberg from + Infoblox. + * 64bit pointer sizes are detected properly on FreeBSD now. + * A bug was repaired where the DHCP server would leave stale references + to host records on leases it once thought about offering to certain + clients. The result would be to apply host and 'known' scopes to the + wrong clients (possibly denying booting). NOTE: The 'mis-host' patch + that was being circulated as a workaround is not the way this bug was + fixed. If you were a victim of this bug in 3.0.1, you are cautioned + to proceed carefully and see if it fixes your problem. + * A bug was repaired in the server's DHCPINFORM handling, where it + tried to divine the client's address from the source packet and + would get it wrong. Thanks to Anshuman Singh Rawat. + * A log message was introduced to help illuminate the case where the + server was unable to find a lease to assign to any BOOTP client. + Thanks to Daniel Baker. + * A minor dhcpd.conf.5 manpage error was fixed. +- update ldap patch (11/8/2004 version) + +------------------------------------------------------------------- +Thu Nov 11 12:47:21 CET 2004 - ro@suse.de + +- fixed file list for devel package + +------------------------------------------------------------------- +Thu Sep 23 11:34:56 CEST 2004 - poeml@suse.de + +- sysconfig.dhcpd, sysconfig.dhcrelay: give examples how to use + configuration names instead of interface names + +------------------------------------------------------------------- +Thu Aug 5 14:12:50 CEST 2004 - poeml@suse.de + +- update to 3.0.1 + * The global variable 'cur_time' was centralized and is now + uniformly of a type #defined in system-dependent headers. It + had previously been defined in one of many places as a 32-bit + value, and this causes mayhem on 64-bit big endian systems. It + probably wasn't too healthy on little endian systems either. + * A printf format string error introduced in rc14 was repaired. + * AIX system-dependent header file was altered to only define + NO_SNPRINTF if the condition used to #ifdef in vsnprintf in + AIX' header files is false. + * The Alpha/OSF system-dependent header file was altered to + define NO_SNPRINTF on OS revisions older than 4.0G. + * omapip/test.c had string.h added to its includes. +- drop obsolete dhcp-curtimetype.patch +- cope with missing files during chroot setup (e.g., if no + resolv.conf exists) [#40728] +- remove duplicated option "-cf" from usage output +- add notes about the used raw socket API to README + +------------------------------------------------------------------- +Fri Jul 16 14:27:18 CEST 2004 - poeml@suse.de + +- update to 3.0.1rc14 +- remove obsolete patches and adapt dhcp-3.0.1rc13-tmpfile.dif +- dhcpsync: use try-restart (so the server isn't started if it has + been stopped) +- remove notify messages that are sent to root +- check if dhcpd was active at boot time before update and + restore runlevel links if needed [#41215], and PreRequires for + that + +------------------------------------------------------------------- +Mon Jun 14 20:51:29 CEST 2004 - poeml@suse.de + +- security fixes [#41975]: + - fix buffer overflow in the DHCP server that can be exploited by + the client by specifying multiple 'hostnames' to execute + arbitrary code or at least crash the server. VU#317350 + - add patch to use vsnprintf() instead of vsprintf() calls. + VU#654390 + +------------------------------------------------------------------- +Fri May 14 15:04:50 CEST 2004 - poeml@suse.de + +- fix sysconfig comment and DHCPD_RUN_AS default [#40174] + +------------------------------------------------------------------- +Thu May 13 14:05:35 CEST 2004 - poeml@suse.de + +- improve security of the chroot jail setup by creating a dedicated + user id for the server, and move the leases database into a + subdirectory (/var/lib/dhcp/db). With the exception of that + subdirectory the chroot jail is now owned by root. [#40174] Use + mkstemp to create temporary files. [#40267] +- don't use startproc to start dhcpd, because startproc waits a + fixed time (100 msec) until it decides whether the service is + running or not. Now that dhcpd might have to contact an LDAP + server first to read its configuration, starting up can take + longer than that, and the init script would falsely report + "success" even when the server cannot start up due to broken + configuration or non-existant interfaces. Increasing the + startproc timeout (-t) is not a real alternative because, because + it would imply a fixed dely to the init script, and it might + still be too short. [#40350] + +------------------------------------------------------------------- +Tue May 4 18:24:14 CEST 2004 - poeml@suse.de + +- convert configuration names in DHCPD_INTERFACE / + DHCRELAY_INTERFACES into interface names [#39718] +- fix service restart for the case where the binary has been + switched for backward compatibility during updating. +- do not change DHCPD_BINARY for backward compatibility if updating + from 9.0. This and the last change complete the fix for [#38422] + and take care of updates from 8.1-9.1 with and without YOU + updates. + +------------------------------------------------------------------- +Fri Apr 30 15:09:44 CEST 2004 - poeml@suse.de + +- additionally package the dhcpd binary that uses the Linux packet + filter API. New option DHCPD_BINARY in sysconfig.dhcpd. [#38422] +- when updating from a previous package using LPF API, retain the + old behaviour. Fix init script so that 'stop' works also after a + switch of DHCPD_BINARY. + +------------------------------------------------------------------- +Thu Apr 22 11:53:00 CEST 2004 - mt@suse.de + +- updated to dhcp-3.0.1rc13-ldap-patch also obsolating the + patches: dhcp-ldap-fix01.dif, dhcpd-conf-to-ldap.pl.dif +- added dhcp-3.0.1rc13-ldap.mt.dif, providing diverse fixes + and basic failover support for server/ldap.c +- added dhcpd-conf-to-ldap.mt.dif providing failover support + to dhcpd.conf convert script + +------------------------------------------------------------------- +Thu Mar 25 19:23:17 CET 2004 - mt@suse.de + +- applied dhcp-3.0.1rc12-ldap-patch adding support to store + dhcp configuration in ldap (incl. draft ldap schema). + further patches: + - dhcp-ldap-fix01.dif: fixes for server/ldap.c (debuging + output, support for block statements, ...) + - dhcpd-conf-to-ldap.pl.dif: fixes for convert script + +------------------------------------------------------------------- +Wed Feb 25 16:00:55 CET 2004 - poeml@suse.de + +- the genDDNSkey script has been moved to the bind-utils package +- update the DDNS-howto.txt +- package leases.awk (dhcpd.leases analyzer) (courtesy of Jeff Wilson) +- update to 3.0.1rc13 + - Fixed a bug in omapi lease lookup function, to form the + hardware address for the hash lookup correctly + - The 'ping timeout' debugs from rc12 were removed to -DDEBUG + only + - Fixed a case where leases read from the leases database do not + properly over-ride previously read leases. + - Fixed a bug where dhcrelay was sending relayed responses back + to the broadcast address, but with the source's unicast mac + address. Should now conform to rfc2131 section 4.1. + - Fixed a crash bug in dhclient where dhcpd servers that do not + provide renewal times results in an FPE. As a side effect, + dhclient can now properly handle 0xFFFFFFFF (-1) expiry times + supplied by servers. + - dhcpctl.3 manpage was tweaked. +- the files CHANGES and COPYRIGHT have vanished, package LICENSE + instead + +------------------------------------------------------------------- +Sun Jan 11 10:35:11 CET 2004 - adrian@suse.de + +- build as user + +------------------------------------------------------------------- +Tue Nov 18 22:48:05 CET 2003 - poeml@suse.de + +- if starting dhcpd in chroot jail, and a pid file is present in + the jail, and the pid file does not contain a pid of a running + dhcpd process, but that of another _running_ process, remove + that pid file. [#32603] +- fix typo in dhcp.LIESMICH +- DDNS-howto.txt: adjust changed path +- DDNS-howto.txt: instead of the shell variables (they were copy + and paste'd from a script), use a real example (makes it easier) +- add a comment in sysconfig.dhcpd that entire directories may be + included +- dhcpsync: if run from the commandline, do not use an identity + that ssh-agent may hold, but use $KEY instead +- dhcpsync.8: add a note about a know limitation + +------------------------------------------------------------------- +Tue Nov 18 14:06:10 CET 2003 - poeml@suse.de + +- fix wrong ServiceRestart tags in sysconfig/dhcrelay [#32062] + +------------------------------------------------------------------- +Fri Oct 17 14:12:45 CEST 2003 - uli@suse.de + +- fixed data type mismatch in libomapi, only harmful on 64-bit + BE systems (ppc64, s390x, bug #32123) + +------------------------------------------------------------------- +Mon Sep 8 16:32:33 CEST 2003 - poeml@suse.de + +- update to 3.0.1rc12 + - a failover bug relating to identifying peers by name length + instead of by name was fixed + - declaring failover configs within shared-network statements + should no longer result in error + - a problem with lease expiry times in failover configurations + was fixed + - reverse dns PTR record updates with values containing spaces + are now permitted + - problems with long option processing fixed + - fixes to minires so that updates of KEY records will work + - memory leak in configuration parsing closed + - non-broadcast or point-to-point interfaces are now ignored + - options not yet known by the dhcpd or dhclient now appear as + e.g. "unknown-144" rather than "#144" in the leases file, to + avoid the hash marks + - dhclient no longer uses shell commands to kill another instance + of itself, it sends the signal directly. + - the -nw command line option to dhclient now works +- dhcp-3.0.1rc10-dhcrelay-limit-hopcount.dif included upstreams +- added contrib/ms2isc (converts Microsoft DHCP server configuration) + +------------------------------------------------------------------- +Mon Sep 8 10:46:42 CEST 2003 - poeml@suse.de + +- mark dhclient's lease database %config(noreplace) + +------------------------------------------------------------------- +Wed Sep 3 13:28:21 CEST 2003 - kukuk@suse.de + +- Really fix [#29405], server should not provide and obsolete dhcp. + +------------------------------------------------------------------- +Wed Aug 27 12:34:27 CEST 2003 - poeml@suse.de + +- don't provide/require dhcp-base. Require dhcp instead [#29405] + +------------------------------------------------------------------- +Tue Aug 26 18:16:28 CEST 2003 - poeml@suse.de + +- add Config: syslog-ng to sysconfig.syslog-dhcpd + +------------------------------------------------------------------- +Fri Aug 15 03:28:02 CEST 2003 - poeml@suse.de + +- use -Wall -Wno-unused +- add -fno-strict-aliasing, due to warnings about code where + dereferencing type-punned pointers will break strict aliasing +- add activation metadata to sysconfig template [#28864, [#28865], + [#28950] + +------------------------------------------------------------------- +Tue Aug 12 21:05:33 CEST 2003 - poeml@suse.de + +- rc.dhcpd, rc.dhcrelay: implement try-restart correctly +- cleaned up the root mail, and the READMEs [#27214], [#26266] +- send the root mail only on update [#27214] +- have no default value in /etc/sysconfig/dhcpd:DHCPD_INTERFACE +- in client's %post, send a mail only when rc.config is encountered +- clean buildroot, but not in chroot buildsystem +- the SuSE string is now replaced by UnitedLinux where appropriate +- rename the "dhcp-base" package to "dhcp", so there is a binary + package matching the name of the source package [#17668] +- use the lately added macros only on newer distributions + +------------------------------------------------------------------- +Wed Jul 30 16:58:25 CEST 2003 - poeml@suse.de + +- new macros for stop/restart of services on rpm update/removal + +------------------------------------------------------------------- +Mon Jul 28 14:25:01 CEST 2003 - poeml@suse.de + +- when copying include files into the chroot jail, create + subdirectories as needed, thus retaining the path to the files + +------------------------------------------------------------------- +Sun Jul 27 15:45:49 CEST 2003 - poeml@suse.de + +- don't explicitely strip binaries since RPM handles it, and may + keep the stripped information somewhere + +------------------------------------------------------------------- +Mon Jun 16 16:32:47 CEST 2003 - poeml@suse.de + +- add some notes to DDNS-howto.txt, kindly provided by Andrew Beames +- fix typo in genDDNSKey.sh + +------------------------------------------------------------------- +Wed May 21 18:25:11 CEST 2003 - mmj@suse.de + +- Implement try-restart correctly in init-script + +------------------------------------------------------------------- +Mon May 19 14:06:36 CEST 2003 - poeml@suse.de + +- update to 3.0.1rc11, relevant fixes are + - Potential buffer overflows in minires repaired. + - A correction of boolean parsing syntax validation - some illegal syntaxes + that worked before are now detected and produce errs, some legal syntaxes + that errored before will now work properly. + - Some search-and-replace errors that caused some options to change their + names was repaired. + - Shu-min Chang of the Intel corporation has contributed a perl script and + module that converts the MS NT4 DHCP configuration to a ISC DHCP3 + configuration file. + - Applied the remainder of the dhcpctl memory leak patch provided by Bill + Squier at ReefEdge, Inc. (groo@reefedge.com). + - Missing non-optional failover peer configurations will now result in a soft + error rather than a null dereference. +- use BSD sockets instead of LPF (makes iptables filtering of + packages possible for server and relay. It doesn't work on the + client, though, so that one requires seperate compilation.) See + Message-Id: <5.1.0.14.0.20030408175011.00b9c7c0@pop.itd.nrl.navy.mil> + +------------------------------------------------------------------- +Thu Mar 13 13:14:03 CET 2003 - poeml@suse.de + +- rcdhcpd, rcdcrelay: do not write the startup log to a world + writable directory [#25241] + +------------------------------------------------------------------- +Mon Mar 3 16:38:07 CET 2003 - poeml@suse.de + +- don't try to copy libraries into the chroot jail that do not + exist (any longer) [#24533] +- remove the %ghost filelist entries for pid files and chroot jail + contents [#20030]. Clean up the libraries from the jail when the + server is stopped. +- dhcrelay: add patch from Florian Lohoff (slightly modified), + that makes the maximal hop count of forwarded packages + configurable (-c maxcount), sets the default to 4, and rejects + packages with a hop count higher than maxcount (CAN-2003-0039, + http://www.kb.cert.org/vuls/id/149953). Add a variable to + /etc/sysconfig/dhcrelay to pass such additional options. + +------------------------------------------------------------------- +Wed Feb 12 15:29:29 CET 2003 - mmj@suse.de + +- Added sysconfig metadata [#22631] [#22632] [#22696] + +------------------------------------------------------------------- +Tue Dec 10 14:51:59 CET 2002 - okir@suse.de + +- Added security patch from ISC + +------------------------------------------------------------------- +Thu Dec 5 18:26:18 CET 2002 - poeml@suse.de + +- update to 3.0.1rc10. relevant fixes: + - A Linux-specific Token Ring detection problem was fixed. + - Hashes removed from as-yet-unknown agent options, having those + options appear in reality before we know about them will no + longer produce self-corrupting lease databases. + - dhclient will use the proper port numbers now when using the -g + option. + - A order-of-operations bug with 2 match clauses in 1 class + statement is fixed thanks to a patch from Andrew Matheson. + - A fix to the dhcp ack process which makes certain group options + will be included in the first DHCPOFFER message was made thanks + to a patch from Ling Gou. + - A few memory leaks were repaired thanks to patches from Bill + Squier at ReefEdge, Inc. (groo@reefedge.com). + - A fix for shared-networks that sometimes give clients options + for the wrong subnets (in particular, 'option routers') was + applied, thanks to Ted Lemon for the patch. + - Omshell's handling of dotted octets as values was changed such + that dots one after the other produce zero values in the + integer string. +- due to the upstream fixes: drop the reactivate-tr-support.dif and + format.dif +- retrofitted the (server) package to work for old distributions + down to 7.2 + +------------------------------------------------------------------- +Fri Nov 29 12:58:46 CET 2002 - schwab@suse.de + +- Fix unaligned access. + +------------------------------------------------------------------- +Mon Nov 4 13:02:26 CET 2002 - poeml@suse.de + +- update DDNS-howto.txt for BIND9 +- add genDDNSKey.sh to create a key for BIND8/9 +- add comments about DDNS to the dhcpd.conf [#18419], and + directives to disable DDNS by default +- change defaults in the sample configuration + +------------------------------------------------------------------- +Thu Aug 29 18:01:32 CEST 2002 - poeml@suse.de + +- fix permissions of man pages + +------------------------------------------------------------------- +Sun Aug 18 15:03:16 CEST 2002 - poeml@suse.de + +- re-add token ring support that got lost ("tr0:unknown hardware + address type 800"). With 2.4 kernel, ARPHRD_IEEE802 (6) has been + renamed to ARPHRD_IEEE802_TR (800). Known bug in 3.0.1rc9. +- move PreReq tag to the subpackages, where it is actually needed + [#17822, #17821] + +------------------------------------------------------------------- +Mon Aug 12 17:25:09 CEST 2002 - poeml@suse.de + +- dhcp-client: add missing Requires on /usr/bin/host + +------------------------------------------------------------------- +Mon Aug 12 14:53:14 CEST 2002 - poeml@suse.de + +- Fix requires of dhcp-devel subpackage +- add some helpful scripts, courtesy of Kevin C. Miller + +------------------------------------------------------------------- +Thu Aug 1 02:05:06 CEST 2002 - poeml@suse.de + +- use PreReq + +------------------------------------------------------------------- +Wed Jul 17 17:55:08 CEST 2002 - poeml@suse.de + +- add a sysconfig.syslog-dhcpd template to make syslogd open an + additional socket (inside the chroot dir of dhcpd) + +------------------------------------------------------------------- +Thu Jul 11 16:28:20 CEST 2002 - poeml@suse.de + +- fix typo in %post, introduced with last change + +------------------------------------------------------------------- +Thu Jul 11 15:33:11 CEST 2002 - poeml@suse.de + +- add Version: tags to the subpackages to satisfy the build system, + because dhcp has no main package [#16318] +- run in chroot and as user nobody per default +- fix wrong pathnames in mail to root [#15601] +- install example dhcpd.conf [#9122] +- improve example configuration files [#12563] +- init scripts: update INIT INFO, using the new tags from + /etc/init.d/skeleton + +------------------------------------------------------------------- +Tue May 21 18:48:50 CEST 2002 - poeml@suse.de + +- dhclient-script: + - source the right sysconfig files (/etc/sysconfig/network/) + [#15871] + - use KEEP_SEARCHLIST option (thanks Sumit Bose) + - improve the indentation + +------------------------------------------------------------------- +Thu May 16 13:15:36 CEST 2002 - poeml@suse.de + +- add documentation about configuration for dynamical DNS updates + +------------------------------------------------------------------- +Mon May 13 19:33:59 CEST 2002 - poeml@suse.de + +- fix last change (rediff dhcp-3.0.1rc9.format.dif) + +------------------------------------------------------------------- +Mon May 13 18:21:50 CEST 2002 - poeml@suse.de + +- update to 3.0.1rc9 + - fixes a format string vulnerability in the server that could + lead to a remote root compromise + (see http://www.cert.org/advisories/CA-2002-12.html) + - fixes a memory leak in the client and some other minor bugs +- fix some printf arguments in server/omapi.c +- fix small typo (x390x -> s390x) + +------------------------------------------------------------------- +Mon Apr 29 10:24:29 CEST 2002 - sf@suse.de + +- changed Makefile.conf to be able to add LIBDIR +- added LIBDIR to make install to put libs into the correct path +- use -DPTRSIZE_64BIT on x86_64 + +------------------------------------------------------------------- +Mon Apr 22 17:35:58 CEST 2002 - poeml@suse.de + +- update to 3.0.1rc8. Most significant changes are (see RELNOTES): + - Don't allow a lease that's in the EXPIRED, RELEASED or RESET + state to be renewed. + - Implement lease stealing for cases where the primary has fewer + leases than the secondary, as called for by the standard. + - Fix a bug where if an option universe contained no options, the + DHCP server could dump core (Walter Steiner). + - Fix a bug in the handling of encapsulated options. + - Fix an uninitialized memory bug in the DHCP client. +- use -DPTRSIZE_64BIT on x390x and ppc64, too +- create /etc/resolv.conf with a file mask of 644, regardless of + the umask [Bug #15915]. Patch by Joerg Mayer. +- the scripts dir is now called CLIENTBINDIR in the Makefiles, and + correctly set to /sbin --> drop 2 hunks from dhcp-3.0rc10.dif + +------------------------------------------------------------------- +Tue Mar 26 14:12:42 CET 2002 - ro@suse.de + +- Fix handling of initscript links and START_* variable [Bug #13755] + +------------------------------------------------------------------- +Sun Feb 10 23:09:42 CET 2002 - poeml@suse.de + +- drop the sysconfig/network/dhcp template. It's in the syconfig + package now. +- strip /sbin/dhclient + +------------------------------------------------------------------- +Mon Feb 4 17:55:01 CET 2002 - poeml@suse.de + +- rename dhcp subpackage to dhcp-base, add dhcp-server subpackage +- rename dhclient to dhcp-client and dhcrelay to dhcp-relay +- remove Conflicts tag dhclient <-> dhcpcd +- use %defattr(-, root, root) for all subpackages +- update copyright info (GmbH --> AG) +- update sysconfig.dhclient (.dhcp-dhclient now), and let it be + filled up into /etc/sysconfig/network/config + +------------------------------------------------------------------- +Wed Jan 30 19:59:51 CET 2002 - poeml@suse.de + +- add /sbin/dhclient, accidentally deleted from filelist lately + +------------------------------------------------------------------- +Sun Jan 27 23:19:14 CET 2002 - ro@suse.de + +- remove START_DHCPD on update +- use fillup_only where no initscript is handled + +------------------------------------------------------------------- +Sun Jan 27 21:08:27 CET 2002 - poeml@suse.de + +- use %_lib and %_libdir +- update rc.dhcpd to use %_libdir when setting up chroot dir +- dhcpsync: name of slave can be given as argument; update man page +- rc.dhcpd: no longer source rc.config +- don't try insserv on dhclient init script -- it's dropped +- tell fillup to use "dhcpd" instead of the package name (dhcp) + +------------------------------------------------------------------- +Fri Jan 25 00:18:52 CET 2002 - poeml@suse.de + +- update to 3.0.1rc6 + - Fix the off-by-one error in the MAC-address checking code for + DHCPRELEASE that was added in 3.0.1rc5. + - Fix a bug where client-specific information was not being + discarded from the lease when it expired or was released, + resulting in problems if the lease was reallocated to a + different client. + - merge pools if possible + - workaround for some Lexmark printers that send a double-NUL- + terminated host-name option, which would break DNS updates. + - no longer log fallback_discard messages +- dhcp-3.0.1rc5-release.dif obsolete hereby +- drop dhclient init script (obsoleted by /sbin/if*-dhcp) + +------------------------------------------------------------------- +Tue Jan 15 16:31:35 CET 2002 - poeml@suse.de + +- update to 3.0.1rc5 + - Fix a bug that would cause the DHCP server to spin if asked to + parse a certain kind of incorrect statement. + - Fix a related bug that would prevent an error from being + reported in the same case. + - Additional documentation. + - Make sure that the hardware address matches the lease when + processing a DHCPRELEASE message. +- add dhcp-3.0.1rc5-release.dif that corrects an error by one in + the code that finds a lease that is being RELEASEd +- use ddns-update-style interim instead of ad-hoc when testing +- make sure that dhcpd is started after xntpd (failover needs + correct system time) +- drop version 2 of dhcpd and dhcrelay + +------------------------------------------------------------------- +Thu Dec 13 00:39:56 CET 2001 - ro@suse.de + +- removed START_ variables, moved rc.config.d -> sysconfig + +------------------------------------------------------------------- +Tue Nov 6 13:50:12 CET 2001 - poeml@suse.de + +- update to 3.0.1rc4 +- add dhcpsync and dhcpync.8 (script to sync DHCP failover config.) +- update rc.dhclient script from the one used in the dhcpcd package +- client: don't check if a device is there; terminate anyway +- small addition to the examples; update README.upgrade + +------------------------------------------------------------------- +Wed Oct 31 17:28:27 CET 2001 - poeml@suse.de + +- update to 3.0.1rc2 +- add a README.upgrade + +------------------------------------------------------------------- +Thu Oct 25 15:51:22 CEST 2001 - poeml@suse.de + +- update to 3.0.1rc1 +- remove our #undef use_LPF patch for 2.0pl5; it seems to cause + problems (stopping responding) with more than one network card +- mark /etc/dhclient.conf with noreplace tag + +------------------------------------------------------------------- +Sun Sep 16 15:44:51 CEST 2001 - poeml@suse.de + +- fix stupid bug in rc.dhcpd where rc.config is sourced too late + +------------------------------------------------------------------- +Fri Sep 14 12:25:38 CEST 2001 - poeml@suse.de + +- fix #9962 where "exit 1" instead of "return" in dhclient-script + would confuse dhclient (which then DECLINEd the lease) + +------------------------------------------------------------------- +Tue Aug 28 16:45:54 CEST 2001 - poeml@suse.de + +- make sure that files are really copied to the chroot dir + +------------------------------------------------------------------- +Mon Aug 27 11:43:08 CEST 2001 - poeml@suse.de + +- add libnss_dns6.so.2 as ghost to the file list to remove it + from the chroot dir when uninstalling the package +- rc.dhcpd: remove empty pid files to avoid warnings by + checkproc/killproc (dhcpd sometimes leaves them if it does not + want to start due to wrong syntax) +- rc.dhcpd: to save time, source rc.config only when necessary +- add dhcpd.conf examples + +------------------------------------------------------------------- +Fri Aug 24 02:11:12 CEST 2001 - poeml@suse.de + +- update to 3.0rc12 (fixes some failover state transitions; other + failover fixes; always returns a subnet selection option if one + is sent) +- change dhclient-script to ignore lines that are commented out + when grepping for variables and eval-ing them + +------------------------------------------------------------------- +Mon Jul 16 14:35:33 CEST 2001 - poeml@suse.de + +- add filedes.dif that gives scripts executed from dhclient-script + their own filedescriptors (patch by Brian Somers + ) +- correct typo in rc.dhcpd + +------------------------------------------------------------------- +Mon Jul 2 11:23:46 CEST 2001 - poeml@suse.de + +- update to 3.0rc10 +- change default in rc.config.d.dhcrelay +- add /usr/sbin/svtest, /usr/bin/omshell, and omshell man pages +- new variable in rc.dhcpd.config: $DHCPD_CONF_INCLUDE_FILES, for + dhcpd.conf include files to be copied to $chroot/etc/ + +------------------------------------------------------------------- +Tue May 22 13:10:54 CEST 2001 - poeml@suse.de + +- update to 3.0rc7 (failover and OMAPI fixes, see RELNOTES) + +------------------------------------------------------------------- +Wed May 16 18:59:53 CEST 2001 - poeml@suse.de + +- on 64 bit archs, define -DPTRSIZE_64BIT +- fix missing include + +------------------------------------------------------------------- +Fri May 11 12:16:16 CEST 2001 - poeml@suse.de + +- if resolv.conf does not exist, touch it; so that there is a file + to back up and restore later and the temporary resolv.conf would + not persist after stopping the client [#8078] +- use the modify_resolvconf tool to cleanup old backup files before + starting the daemon, because it does it intelligently [#8077] + +------------------------------------------------------------------- +Tue May 8 21:37:13 CEST 2001 - poeml@suse.de + +- don't provide empty /etc/rc.config.d/dhcpd.rc.config because that + inhibits the correct removal of variables from rc.config +- mention correct version numbers in mail to root (now using + version macro) +- fix a typo and a nonsense comment in rc.config.d.dhcpd + +------------------------------------------------------------------- +Mon May 7 18:38:32 CEST 2001 - poeml@suse.de + +- update to 3.0rc4 (bugfixes) +- add empty dir /var/lib/dhcp/dev and documentation about how to + ensure that logging from the chroot jail works [#6906] + +------------------------------------------------------------------- +Tue Apr 24 16:14:16 CEST 2001 - poeml@suse.de + +- update to 3.0rc2pl1: fixes bugs in the failover implementation + and a memory smash that happens when fixed-address leases are + used +- Read dhcp client script hooks if they exist, rather than only if + they're executable. +- new file: 3.0b1 lease conversion script + +------------------------------------------------------------------- +Sun Apr 15 17:49:53 CEST 2001 - poeml@suse.de + +- Init scripts: get try-restart ("restart when running") right +- client: + - dhclient-script is now correctly installed to /sbin (thus, + don't mv dhclient-script from /etc/ to /sbin/, thereby + overwriting it with the one from v2) + - move rcdhclient conveniency link to /sbin/ (same as in dhcpcd) + - update info header for resolv.conf acc. to guidelines +- server: + - don't run in chroot environment and as nobody by default + - add missing %postun for subpackages to rearrange runlevel + links after deinstalling + +------------------------------------------------------------------- +Mon Apr 9 11:35:33 CEST 2001 - poeml@suse.de + +- update to 3.0b2pl24 +- don't use rc_status -u in init scripts (option was dropped) +- always run test of dhcpd + +------------------------------------------------------------------- +Wed Mar 28 18:53:35 CEST 2001 - poeml@suse.de + +- update to 3.0b2pl18 + * trim chroot/non-root patch and the other security patches into + dhcp-3.0b2pl18.paranoia.dif + * build stable version of server (2.0pl5) and include the binary + as well as the man pages with '-2' suffix (same for dhcrelay) +- split off subpackages: dhcrelay, dhcp-devel +- reworked all init scripts + * adhere to LSB and use new rc.status functions + * rc.dhcpd: at start, copy conf file and libs to chroot dir + * rc.dhcpd: add syntax check + * rc.dhcrelay: make interface configurable + * rc.dhclient: improve resolv.conf handling +- dhclient: catch TERM to restore resolv.conf before quitting +- create /etc/rc.config.d/dhcrelay.rc.config +- create /etc/rc.config.d/dhclient.rc.config +- clean up Provides/Conflicts +- rework SuSE-fillup templates (and rename them) +- mark libraries for chroot dir as %ghost +- when ABUILD_RUN_TEST_SUITES is true, start dhcpd for a simple + test + +------------------------------------------------------------------- +Fri Mar 16 13:33:30 CET 2001 - poeml@suse.de + +- add dhcpd-thomas.diff from + * query for the real UID and not for the effective UID + * drop supplementary GID's + * avoid potential buffer overflow +- copy dhcpd.conf instead of moving it +- add $syslog to Required-Start in server init script +- fix Required-Start in client init script +- bzipped sources + +------------------------------------------------------------------- +Wed Jan 31 18:38:23 CET 2001 - poeml@suse.de + +- dhcpd.conf will no longer be installed in /etc/ but placed in the + docdir, since it is a nonfunctional example file +- test for etc/SuSE-release in %post +- fix removal of variables from rc.config which failed sometimes +- update {README,LIESMICH}.SuSE + +------------------------------------------------------------------- +Mon Jan 29 13:53:38 CET 2001 - poeml@suse.de + +- added paranoia patch by Ari Edelkind to allow dhcpd run chrooted + in /var/lib/dhcp and as nobody/nogroup. Both is optional. +- moved dhcpd.conf to /var/lib/dhcp/etc/. The file will also be + moved by %post +- moved rc.config options to rc.config.d/dhcpd.rc.config + (existing variables are moved there by %post) +- added some syntax checking via undocumented -t switch, and write + log file during startup +- renamed start script from dhcp to dhcpd +- removed /var/run/dhcpd.pid from the package +- tag some %configs with (noreplace) +- use BuildRoot +- added "Provides: dhcp2"+"Conflicts: dhcp3" in anticipation of v3 +- added {README,LIESMICH}.SuSE and the paranoia patch to the docs + +------------------------------------------------------------------- +Tue Jan 16 02:10:15 MET 2001 - draht@suse.de + +- format string security bugs in syslog(3) calls fixed. + +------------------------------------------------------------------- +Thu Jan 11 06:14:49 CET 2001 - poeml@suse.de + +- in runlevel 2, start only the client, not the server/relay +- tell insserv to start after $named +- improved comments + +------------------------------------------------------------------- +Thu Jan 4 09:29:22 CET 2001 - fober@suse.de + +- package dhclient requires net-tools, not net_tool +- removed superfluous Provides dhclient in package dhclient + +------------------------------------------------------------------- +Wed Nov 29 21:05:35 CET 2000 - poeml@suse.de + +- Update to dhcp-2.0pl5.tar.gz +- This includes a security fix that applies to the DHCP client *only* + +------------------------------------------------------------------- +Tue Nov 28 20:03:14 CET 2000 - poeml@suse.de + +- adapted spec file to use /etc/init.d for the scripts instead of + /sbin/init.d and let insserv create the links +- extracted source files from diff and placed them separately +- included paranoia (non-root/chroot) patch by ari edelkind. This + needs testing, and possibly an adapted start script + +------------------------------------------------------------------- +Mon Jul 24 13:34:55 CEST 2000 - schwab@suse.de + +- Fix argument type of dhcp_option_ev_name. + +------------------------------------------------------------------- +Mon Jul 24 13:11:34 CEST 2000 - schwab@suse.de + +- Set DEBUG, not COPTS. + +------------------------------------------------------------------- +Thu Jul 20 14:40:15 CEST 2000 - zoz@suse.de + +- updated to dhcp-2.0pl3 + +------------------------------------------------------------------- +Wed Jul 19 21:36:43 CEST 2000 - schwab@suse.de + +- Fix handling of abandoned leases with BOOTP. +- Properly handle default lease timeout. + +------------------------------------------------------------------- +Fri Jul 14 16:49:27 CEST 2000 - werner@suse.de + +- make dchpd quiet + +------------------------------------------------------------------- +Thu Jul 13 21:41:39 CEST 2000 - zoz@suse.de + +- changed test for availability of device in rcdhlient: + now using ifconfig, so automatically loading of modules + will be triggered (Bug 3415) +- patched dhclient.c do to a possible root exploit bug + (patch from Pavel Kankovsky ) + Still to be improved, waiting for Ted Lemon to rework it. + +------------------------------------------------------------------- +Tue Jul 11 11:48:02 CEST 2000 - zoz@suse.de + +- reworked rcdhclient once again. + +------------------------------------------------------------------- +Tue Jul 4 11:21:41 CEST 2000 - zoz@suse.de + +- update to dhcp-2.0.pl2 +- dhclient: hostname will only be set, if there is a + DHCLIENT_SET_HOSTNAME=yes (default =no) + in /etc/rc.config. (fixes bug 2807 and 3146) + +------------------------------------------------------------------- +Tue Jun 27 20:20:07 CEST 2000 - zoz@suse.de + +- update to dhcp-2.0.pl1 +- moved /var/state/dhcp to /var/lib/dhcp +- moved manpages to %{_mandir} +- changed rcdhclient: DHCLIENT is obsolete now. It will be started + if it finds any IFCONFIG_x=dhcpclient + +------------------------------------------------------------------- +Mon Apr 10 17:22:31 CEST 2000 - schwab@suse.de + +- Treat Linux 2.3 as linux-2.2 configuration. + +------------------------------------------------------------------- +Thu Jan 27 13:35:46 MET 2000 - grimmer@suse.de + +- added "Provides: dhcp_client" and "Conflicts: dhcpcd" to + dhclient section in spec file +- added "Provides: dhcp_server" to dhcp section +- corrected typo in rc.config variables +- added Group Tag and version macro to spec file +- changed Summary: to "ISC DHCP client" +- moved man pages to /usr/share/man + +------------------------------------------------------------------- +Wed Nov 17 19:56:07 MET 1999 - rolf@suse.de + +- now set hostname in dhclient-script [BUG#1262] + +------------------------------------------------------------------- +Fri Nov 5 11:54:06 MET 1999 - rolf@suse.de + +- reduced waiting time to 1 second +- wait 5 seconds after dhclient start to acquire an IP adress so the + following scripts have a working network setup + +------------------------------------------------------------------- +Thu Nov 4 15:07:34 MET 1999 - rolf@suse.de + +- changes from Josh for @home cablenet + +------------------------------------------------------------------- +Thu Oct 28 15:28:16 MEST 1999 - rolf@suse.de + +- added changes by Lenz Grimmer to use + ifconfig $NETDEV 0.0.0.0 up + for device setup + +------------------------------------------------------------------- +Mon Oct 25 13:47:28 MEST 1999 - rolf@suse.de + +- applied patch of Bernhard Bender + to use the correct interface. +- added client latency time and rc.config entry + +------------------------------------------------------------------- +Mon Sep 27 16:31:01 CEST 1999 - bs@suse.de + +- fixed requirements for sub packages + +------------------------------------------------------------------- +Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de + +- ran old prepare_spec on spec file to switch to new prepare_spec. + +------------------------------------------------------------------- +Mon Jul 19 17:25:15 MEST 1999 - bs@suse.de + +- changed comment for rc.config + +------------------------------------------------------------------- +Mon Jul 19 17:10:12 MEST 1999 - bs@suse.de + +- fix from werner@suse.de for /sbin/init.d/dhclient + +------------------------------------------------------------------- +Fri Jul 16 11:29:11 MEST 1999 - ro@suse.de + +- added new dhclient-script from werner + +------------------------------------------------------------------- +Wed Jun 23 14:14:46 MEST 1999 - rolf@suse.de + +- new version 2.0 +- apply fix from Michael Hasenstein + +------------------------------------------------------------------- +Mon Mar 8 23:41:14 MET 1999 - ro@suse.de + +- fixed man5-path + +------------------------------------------------------------------- +Fri Feb 26 11:15:09 MET 1999 - rolf@suse.de + +- new version 2.0b1pl16 (stable beta) +- leases are now stored in /var/state/dhcp/ (thanks to Ted Lemmon) +- correct paths in manpages +- PID files as %ghost in filelist + +------------------------------------------------------------------- +Wed Feb 17 15:11:07 MET 1999 - rolf@suse.de + +- new version 2.0b1pl13 + +------------------------------------------------------------------- +Wed Dec 9 11:54:32 MET 1998 - rolf@suse.de + +- added /usr/sbin/rcdhcp + /usr/sbin/rcdhcrelay + /usr/sbin/rcdhclient + +------------------------------------------------------------------- +Tue Nov 24 11:42:34 MET 1998 - rolf@suse.de + +- new init scripts for SuSE Linux 6.0 + +------------------------------------------------------------------- +Thu Nov 12 14:40:29 MET 1998 - bs@suse.de + +- minor changes for new rpm + +------------------------------------------------------------------- +Thu Sep 24 15:01:41 MEST 1998 - rolf@suse.de + +- new version 2.0b1pl6 (stable beta) +- now with dhcp client and dhcp relay agent +- added init scripts for relay agent and client +- changed from $NETDEV_0 to $DHCPD_INTERFACE + +------------------------------------------------------------------- +Fri Jun 26 10:23:59 MEST 1998 - rolf@suse.de + +- new version 1.0pl2 fixes two potential input buffer overrun problems +that were missed in Patchlevel 1 + +------------------------------------------------------------------- +Mon May 18 15:35:00 MEST 1998 - rolf@suse.de + +- new security patch 1.0pl1 included + changed /sbin/init.d/dhcp to run on $NETDEV_0 + +------------------------------------------------------------------- +Wed Dec 10 17:28:11 MET 1997 - rolf@suse.de + +- new version 1.0.0 this is not beta any more! + +------------------------------------------------------------------- +Thu Oct 16 19:56:24 MEST 1997 - rolf@suse.de + +- switched to dhcp.spec instead of Makefile.Linux + +---------------------------------------------------------------------------- +Thu Sep 11 16:57:58 MEST 1997 - rolf@suse.de + +- Upddate to Version 5 beta 16 and made entry for rc.config and + /sbin/init.d for startup/shutdown + There is no dhcp client in this package anymore. + +---------------------------------------------------------------------------- +Thu Jun 12 11:09:37 MEST 1997 - rolf@suse.de + +- build the package for the first time diff --git a/dhcp.spec b/dhcp.spec new file mode 100644 index 0000000..e51f26b --- /dev/null +++ b/dhcp.spec @@ -0,0 +1,1431 @@ +# +# spec file for package dhcp (Version 3.0.5) +# +# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. +# This file and all modifications and additions to the pristine +# package are under the same license as the package itself. +# +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + +# norootforbuild + +Name: dhcp +%define omc_prefix /usr/share/omc +%define omc_svcdir %{omc_prefix}/svcinfo.d +BuildRequires: openldap2-devel +License: BSD License and BSD-like +Group: Productivity/Networking/Boot/Servers +Autoreqprov: on +Version: 3.0.5 +Release: 12 +Summary: Common Files Used by ISC DHCP Software +URL: http://www.isc.org/isc/dhcp.html +Source0: http://ftp.isc.org/isc/dhcp/dhcp-%{version}.tar.gz +Source1: http://ftp.isc.org/isc/dhcp/dhcp-%{version}.tar.gz.asc +Source2: rc.dhcpd +Source3: rc.dhcrelay +Source11: sysconfig.dhcpd +Source12: sysconfig.syslog-dhcpd +Source14: sysconfig.dhcrelay +Source15: dhcp.README +Source16: dhcp.LIESMICH +Source17: examples.tar.gz +Source18: dhcp.README.upgrade +Source19: dhcpsync +Source20: dhcpsync.8 +Source21: DDNS-howto.txt +Source30: http://www.andrew.cmu.edu/~kevinm/dhcp/leasestate +Source31: http://www.andrew.cmu.edu/~kevinm/dhcp/listlease +Source32: http://www.andrew.cmu.edu/~kevinm/dhcp/clearip +Source33: http://www.andrew.cmu.edu/~kevinm/dhcp/reset-ip +Source40: http://www3.baylor.edu/~Jeff_Wilson/GiveAway/leases.awk +Source41: http://www.suse.de/~poeml/dnscompr.py +Source42: dhcpd.xml +## adjust some paths +Patch: dhcp-3.0rc10.dif +## chroot patch by Ari Edelkind (see readme) +## and patch supplied by +Patch1: dhcp-3.0b2pl18.paranoia.dif +## add missing include +Patch2: test.c.dif +## improve resolv.conf handling: +Patch31: dhcp-3.0b2pl24.resolv.conf.dif +Patch32: dhclient.c.dif +## duplicate stdin, stdout and stderr for dhclient childs +Patch40: dhcp-3.0rc10.filedes.dif +## other stuff +Patch41: makefile.diff +Patch51: dhcp-3.0.5-tmpfile.dif +Patch52: dhcp-3.0.3-man.dif +## LDAP support for DHCP server +## patch lives here: http://home.ntelos.net/~masneyb/ +%define DHCPD_LDAP 1 +%if %DHCPD_LDAP +Patch60: dhcp-3.0.4-ldap-patch.gz +Patch61: dhcp-3.0.4-ldap-patch-nossl.dif +Patch62: dhcp-3.0.4-ldap-patch-strncat.diff +%endif +%if %{?suse_version:%suse_version}%{?!suse_version:99999} > 930 +Patch70: dhcp-3.0.3b1-pie.dif +%endif +# Add support for dhcdbd +Patch80: dhcp-3.0.2-extended_option_environment.patch +Patch81: dhcp-3.0.3-dhclient-script-dhcdbd.patch +Patch83: dhcp-3.0.3-dhclient-nis-01-thoenig.patch +Patch84: dhcp-send-hostname-rml.patch +Obsoletes: dhcp-base +Provides: dhcp-base:/usr/bin/omshell +PreReq: /bin/touch /sbin/chkconfig +BuildRoot: %{_tmppath}/%{name}-%{version}-build + +%package server +Summary: ISC DHCP Server +Group: Productivity/Networking/Boot/Servers +Requires: net-tools dhcp +%if %suse_version > 800 +PreReq: %insserv_prereq %fillup_prereq /bin/cat /bin/mkdir /bin/cp /usr/sbin/useradd +%endif +Provides: dhcp_server dhcp:/usr/sbin/dhcpd +Autoreqprov: on + +%package client +Summary: ISC DHCP Client +Group: Productivity/Networking/Boot/Clients +Requires: net-tools dhcp /usr/bin/host +%if %suse_version > 800 +PreReq: %insserv_prereq %fillup_prereq /bin/cat /bin/mkdir /bin/cp +%endif +Provides: dhcp_client dhclient +Obsoletes: dhclient +Autoreqprov: on + +%package relay +Summary: DHCP Relay Agent +Group: Productivity/Networking/Boot/Servers +Requires: net-tools dhcp +%if %suse_version > 800 +PreReq: %insserv_prereq %fillup_prereq /bin/cat /bin/mkdir /bin/cp +%endif +Provides: dhcp_relay dhcrelay +Obsoletes: dhcrelay +Autoreqprov: on + +%package devel +Summary: Header Files and Libraries for dhcpctl API +Group: Development/Libraries/C and C++ +Requires: dhcp = %{version} + +%if %ul_version >= 1 +%define VENDOR UnitedLinux +%else +%define VENDOR SuSE +%endif + +%description +This package contains common files used by both the ISC DHCP server +("dhcp-server" package) and client ("dhcp-client"). + + + +Authors: +-------- + Ted Lemon + + +%description server +This package contains the ISC DHCP server. + +Please read the documentation in /usr/share/doc/packages/dhcp-server +regarding configuration of the DHCP server. + + + +Authors: +-------- + Ted Lemon + + This package also contains software written by Kevin C. Miller + and Jeff Wilson . + + +%description client +This is an alternative DHCP client, the ISC DHCP client for Linux. Like +"dhcpcd" (the client that is installed by default), it can be used to +configure the network setup. IP address, hostname, routing, +nameserver, netmask, and broadcast can be dynamically assigned while +booting the machine. + +It is configurable via the configuration file /etc/dhclient.conf and +you can define your own 'hooks' to be used by the /sbin/dhclient-script +(which is called by the daemon). + + + +Authors: +-------- + Ted Lemon + + +%description relay +This is the ISC DHCP relay agent. It can be used as a 'gateway' for +DHCP messages across physical network segments. This is necessary +because requests can be broadcast, and they will normally not be +routed. + + + + +%description devel +This package contains all of the libraries and headers for developing +with the Internet Software Consortium (ISC) dhcpctl API. + + + +Authors: +-------- + Ted Lemon + +%prep +%setup -q -n %{name}-%{version} +%patch0 -p0 -b ".paths" +%patch1 -p0 +%patch2 +%patch31 -p1 +%patch32 -p1 +%patch40 +%patch41 +%patch51 -p1 +%patch52 -p1 +%if %DHCPD_LDAP +%patch60 -p1 +%patch61 -p1 +%patch62 -p0 +%endif +%if %{?suse_version:%suse_version}%{?!suse_version:99999} > 930 +%patch70 +%endif +%patch80 -p1 +%patch81 -p1 +%patch83 -p1 +%patch84 -p1 +find . -type f -name \*.cat\* -exec rm -f {} \; +cp -p %{S:2} %{S:3} %{S:11} %{S:12} %{S:14} %{S:32} %{S:33} . +for i in README LIESMICH; do +sed 's/SuSE/%VENDOR/' $RPM_SOURCE_DIR/dhcp.$i > $i.%VENDOR +done +cp -p $RPM_SOURCE_DIR/dhcp.README.upgrade README.upgrade +cp -p $RPM_SOURCE_DIR/DDNS-howto.txt . +echo "exec /usr/bin/genDDNSkey \"$@\"" > genDDNSKey.sh +tar xzf $RPM_SOURCE_DIR/examples.tar.gz + +%build +export CFLAGS +CFLAGS="$RPM_OPT_FLAGS -W -Wall -fno-strict-aliasing -Wno-unused -DEXTENDED_NEW_OPTION_INFO -DLDAP_DEPRECATED -DPARANOIA" +%ifarch ia64 sparc64 alpha s390x ppc64 x86_64 + CFLAGS="$CFLAGS -DPTRSIZE_64BIT" +%endif +%ifarch ppc ppc64 s390x + # bugs 134590, 171532 + CFLAGS="$CFLAGS -fsigned-char" +%endif +%if %{?suse_version:%suse_version}%{?!suse_version:99999} > 930 +%ifarch ia64 sparc64 alpha s390x ppc64 x86_64 + CFLAGS="$CFLAGS -fPIE" +%else + CFLAGS="$CFLAGS -fpie" +%endif +%endif +export DEBUG_FLAGS=$CFLAGS +./configure +# first, build binaries which use bsd sockets instead of lpf +cp includes/site.h includes/site.h.save.lpf +echo "#define USE_SOCKETS" >> includes/site.h +make DEBUG="$DEBUG_FLAGS -W" all +cp -p work.linux-2.2/server/dhcpd work.linux-2.2/server/dhcpd.bsd +make clean +# then, build the normal binaries using lpf +mv includes/site.h.save.lpf includes/site.h +make DEBUG="$DEBUG_FLAGS -W" all +# with a minimal config, see if it runs +echo "ddns-update-style interim;" > testconf +work.linux-2.2/server/dhcpd -t -cf testconf || exit 1 + +%install +rm -rf $RPM_BUILD_ROOT +MANDIR=%{_mandir} DESTDIR=$RPM_BUILD_ROOT LIBDIR=%{_libdir} make install +install -m 744 work.linux-2.2/omapip/svtest $RPM_BUILD_ROOT/usr/sbin/svtest +install -m 644 work.linux-2.2/dst/libdst.a $RPM_BUILD_ROOT/%{_libdir} +# install the saved bsd flavor binary +install -m 755 work.linux-2.2/server/dhcpd.bsd $RPM_BUILD_ROOT/usr/sbin/dhcpd.bsd +mkdir -p $RPM_BUILD_ROOT/etc/init.d +mkdir -p $RPM_BUILD_ROOT/%{omc_svcdir} +mkdir -p $RPM_BUILD_ROOT/var/adm/fillup-templates +mkdir -p $RPM_BUILD_ROOT/var/run +# set up chroot jail +mkdir -p $RPM_BUILD_ROOT/var/lib/dhcp/etc +mkdir -p $RPM_BUILD_ROOT/var/lib/dhcp/dev +mkdir -p $RPM_BUILD_ROOT/var/lib/dhcp/%_lib +mkdir -p $RPM_BUILD_ROOT/var/lib/dhcp/var/run +mkdir -p $RPM_BUILD_ROOT/var/lib/dhcp/db +%if %DHCPD_LDAP +mkdir -p $RPM_BUILD_ROOT/etc/openldap/schema +install -m 644 contrib/dhcp.schema $RPM_BUILD_ROOT/etc/openldap/schema/ +%endif +install -m 744 rc.dhcpd $RPM_BUILD_ROOT/etc/init.d/dhcpd +install -m 744 rc.dhcrelay $RPM_BUILD_ROOT/etc/init.d/dhcrelay +ln -sf ../../etc/init.d/dhcpd $RPM_BUILD_ROOT/usr/sbin/rcdhcpd +ln -sf ../../etc/init.d/dhcrelay $RPM_BUILD_ROOT/usr/sbin/rcdhcrelay +install -m 755 $RPM_SOURCE_DIR/dhcpsync $RPM_BUILD_ROOT/usr/sbin/ +install -m 644 $RPM_SOURCE_DIR/dhcpsync.8 $RPM_BUILD_ROOT/%{_mandir}/man8/ +install -m 755 $RPM_SOURCE_DIR/leasestate $RPM_BUILD_ROOT/usr/sbin/ +install -m 755 $RPM_SOURCE_DIR/listlease $RPM_BUILD_ROOT/usr/sbin/ +install -m 755 $RPM_SOURCE_DIR/leases.awk $RPM_BUILD_ROOT/usr/sbin/ +cp -p $RPM_SOURCE_DIR/dnscompr.py . +install -m 644 sysconfig.dhcpd $RPM_BUILD_ROOT/var/adm/fillup-templates/ +install -m 644 sysconfig.syslog-dhcpd $RPM_BUILD_ROOT/var/adm/fillup-templates/ +install -m 644 sysconfig.dhcrelay $RPM_BUILD_ROOT/var/adm/fillup-templates/ +touch $RPM_BUILD_ROOT/var/lib/dhcp/dhclient.leases +install -m 644 client/dhclient.conf $RPM_BUILD_ROOT/etc/dhclient.conf +sed '/^max-lease-time/ a \ +\ +# if you do not use dynamical DNS updates:\ +#\ +# this statement is needed by dhcpd-3 needs at least this statement.\ +# you have to delete it for dhcpd-2, because it does not know it.\ +#\ +# if you want to use dynamical DNS updates, you should first read\ +# read /usr/share/doc/packages/dhcp-server/DDNS-howto.txt\ +ddns-update-style none; ddns-updates off;\ +' server/dhcpd.conf > dhcpd.conf +mv contrib/3.0b1-lease-convert . +find $RPM_BUILD_ROOT/%{_mandir} -type f | xargs chmod 644 +install -m 644 $RPM_SOURCE_DIR/dhcpd.xml $RPM_BUILD_ROOT/%{omc_svcdir}/ + +%pre +# In the past, the name of the source package was "dhcp" but the subpackage +# with the common files was named "dhcp-base" -- thus, no subpackage had the +# same name as the parent package. This lead to trouble on various ends, like +# the putonftp mechanism, so "dhcp-base" was renamed to "dhcp". +# +# During a YaST system update, the first package to be updated is "dhcp", which +# should --and does-- obsolete the dhcp-base package. +# However, if RPMv4 is used, there is a peculiarity: RPMv4 automatically +# invents an 'obsolete' when it sees a 'provides'. +# Since the old dhcp-server package (SLES8) did provide +# Provides: dhcp_server dhcp:/usr/sbin/dhcpd dhcp +# RPMv4 removes the dhcp-server package. +# +# This in itself is not a problem because the package is re-installed later +# (RPMv4 is not that intelligent). However, if the service is destined to be +# started at boot time, the runlevel links will be gone, so the service will +# not be started after the update. To restore the links, there is no better way +# than remember that the service was running before updating the "dhcp" package, +# and restore the links at "dhcp-server" installation time. +if [ ${1:-0} -gt 1 ]; then # update + if sbin/chkconfig -c dhcpd; then + touch var/adm/dhcpd_needs_insserv + fi +fi + +%pre server +/usr/sbin/useradd -r -g nogroup -s /bin/false -c "DHCP server daemon" -d /var/lib/dhcp dhcpd 2> /dev/null ||: +if [ ! -x usr/sbin/dhcpd.lpf -a \ + ! -d usr/share/doc/packages/dhcp-server/ms2isc ]; then + # usr/sbin/dhcpd.lpf was added _after_ release of 9.1; + # usr/share/doc/packages/dhcp-server/ms2isc was added with 9.0; + # thus, if both are not present we are updating from pre 9.0 AND + # we are NOT updating a 9.1 released package (that has not been updated before). + # 9.0 already had a binary compiled with BSD sockets. + touch etc/dhcpd_updating_from_lpf_style +fi + +%post server +%if %suse_version < 800 + echo "Updating /etc/rc.config and etc/rc.config.d/dhcpd.rc.config..." + bin/cat > var/adm/fillup-templates/rc.config.dhcpd <<-EOF + START_DHCPD="yes" + EOF + bin/fillup -q etc/rc.config var/adm/fillup-templates/rc.config.dhcpd + bin/rm var/adm/fillup-templates/rc.config.dhcpd + bin/cat > var/adm/fillup-templates/rc.config.d.dhcpd <<-EOF + DHCPD_INTERFACE="" + DHCPD_RUN_CHROOTED="yes" + DHCPD_CONF_INCLUDE_FILES="" + DHCPD_RUN_AS="dhcpd" + DHCPD_OTHER_ARGS="" + EOF + bin/fillup -q etc/rc.config.d/dhcpd.rc.config var/adm/fillup-templates/rc.config.d.dhcpd + bin/fillup -q etc/rc.config.d/dhcpd.rc.config var/adm/fillup-templates/sysconfig.dhcpd + bin/rm var/adm/fillup-templates/rc.config.d.dhcpd + # + sbin/insserv etc/init.d/dhcpd +%else + %{fillup_and_insserv -n dhcpd dhcpd} + %{fillup_only -ans syslog dhcpd} +%endif +if grep -q '^DHCPD_RUN_AS="nobody"' etc/sysconfig/dhcpd; then + tmpfile=$(mktemp -q etc/sysconfig/dhcpd.XXXXXX) + sed 's|^DHCPD_RUN_AS="nobody"|DHCPD_RUN_AS="dhcpd"|' etc/sysconfig/dhcpd \ + > $tmpfile && mv $tmpfile etc/sysconfig/dhcpd + rm -f $tmpfile +fi +# update? +if [ ${FIRST_ARG:-0} -gt 1 ]; then + if [ -e etc/dhcpd_updating_from_lpf_style -a -x usr/sbin/dhcpd.lpf ]; then + if /etc/init.d/dhcpd status &>/dev/null; then + was_running=true + /etc/init.d/dhcpd stop + else + was_running=false + fi + tmpfile=$(mktemp -q etc/sysconfig/dhcpd.XXXXXX) + sed 's|^DHCPD_BINARY=""|DHCPD_BINARY="/usr/sbin/dhcpd.lpf"|' etc/sysconfig/dhcpd \ + > $tmpfile && mv $tmpfile etc/sysconfig/dhcpd + rm -f $tmpfile + if $was_running; then + /etc/init.d/dhcpd start + fi + fi + + # see comment above + if [ -f var/adm/dhcpd_needs_insserv ]; then + sbin/insserv dhcpd + rm var/adm/dhcpd_needs_insserv + fi +fi +rm -f etc/dhcpd_updating_from_lpf_style +test -s etc/dhcpd.conf || { cp -p usr/share/doc/packages/dhcp-server/dhcpd.conf etc/; } +exit 0 + +%postun server +%if %suse_version > 810 +%restart_on_update dhcpd +%endif +%insserv_cleanup +%if %suse_version > 810 + +%preun server +%stop_on_removal dhcpd +%endif + +%post relay +%{fillup_and_insserv -n dhcrelay dhcrelay} + +%postun relay +%if %suse_version > 810 +%restart_on_update dhcrelay +%endif +%insserv_cleanup +%if %suse_version > 810 + +%preun relay +%stop_on_removal dhcrelay +%endif + +%clean +if ! test -f /.buildenv; then rm -rf $RPM_BUILD_ROOT; fi + +%files +%defattr(-,root,root) +%doc LICENSE README RELNOTES doc +/usr/bin/omshell +%dir /var/lib/dhcp +%doc %{_mandir}/man1/omshell.1.gz +%doc %{_mandir}/man5/dhcp-eval.5.gz + +%files server +%defattr(-,root,root) +%doc clearip reset-ip +%doc dnscompr.py +/usr/sbin/dhcpd +/usr/sbin/dhcpd.bsd +/usr/sbin/rcdhcpd +/usr/sbin/svtest +%config /usr/sbin/dhcpsync +%config /usr/sbin/leasestate +%config /usr/sbin/listlease +%config /usr/sbin/leases.awk +%config /etc/init.d/dhcpd +%dir /var/lib/dhcp/var +%dir /var/lib/dhcp/var/run +%attr(755,dhcpd,root) %dir /var/lib/dhcp/db +%dir /var/lib/dhcp/etc +%dir /var/lib/dhcp/dev +%doc %{_mandir}/man5/dhcpd.conf.5.gz +%doc %{_mandir}/man5/dhcp-options.5.gz +%doc %{_mandir}/man5/dhcpd.leases.5.gz +%doc %{_mandir}/man8/dhcpd.8.gz +%doc %{_mandir}/man8/dhcpsync.8.gz +%doc dhcpd.conf LIESMICH.%VENDOR README.%VENDOR README.upgrade 3.0b1-lease-convert DDNS-howto.txt genDDNSKey.sh +%doc examples +%doc contrib/ms2isc +%if %DHCPD_LDAP +%doc contrib/dhcp.schema +%doc contrib/dhcpd-conf-to-ldap.pl +%doc README.ldap doc/draft-ietf-dhc-ldap-schema-01.txt +%dir /etc/openldap/schema +%attr(0644, root, root) %config /etc/openldap/schema/dhcp.schema +%endif +/var/adm/fillup-templates/sysconfig.dhcpd +/var/adm/fillup-templates/sysconfig.syslog-dhcpd +%dir /var/lib/dhcp/%_lib +%dir %{omc_prefix}/ +%dir %{omc_svcdir}/ +%{omc_svcdir}/dhcpd.xml + +%files client +%defattr(-,root,root) +/sbin/dhclient +/sbin/dhclient-script +%config(noreplace) /etc/dhclient.conf +%config(noreplace) /var/lib/dhcp/dhclient.leases +%doc %{_mandir}/man5/dhclient.conf.5.gz +%doc %{_mandir}/man5/dhclient.leases.5.gz +%doc %{_mandir}/man8/dhclient.8.gz +%doc %{_mandir}/man8/dhclient-script.8.gz + +%files relay +%defattr(-,root,root) +/usr/sbin/dhcrelay +/usr/sbin/rcdhcrelay +%config /etc/init.d/dhcrelay +%doc %{_mandir}/man8/dhcrelay.8.gz +/var/adm/fillup-templates/sysconfig.dhcrelay + +%files devel +%defattr(-,root,root) +%_libdir/lib* +%{_prefix}/include/* +%doc %{_mandir}/man3/omshell.3.gz +%doc %{_mandir}/man3/omapi.3.gz +%doc %{_mandir}/man3/dhcpctl.3.gz + +%changelog -n dhcp +* Tue Jan 09 2007 - mt@suse.de +- Added installation of dhcpd.xml, dhcpd service description + for omc xml-service-provider, fate #301710. +- fix of the ldap-patch strncat fix, bug #202648 +* Wed Nov 08 2006 - mt@suse.de +- fix for strncat usage in ldap-patch, bug #202648 +* Tue Nov 07 2006 - mt@suse.de +- updated to 3.0.5, bug #212310: + * This release is a maintenance release that seeks to correct bugs + introduced in 3.0.4 or prior. The most important of these bugs + is for 64-bit time_t systems that was introduced in 3.0.4. + * If you are upgrading from ISC DHCP 3.0.3 or prior and are using + failover, please take special care of the 'atsfp' values now + included on failover-controlled leases. See the RELNOTES file. +- adopted dhcp-3.0.4-tmpfile.dif (now dhcp-3.0.5-tmpfile.dif) +- added to provide gpg signature of the tar archive as rpm-source +* Tue Oct 17 2006 - poeml@suse.de +- there is no SuSEconfig.syslog script anymore, thus remove the + YaST hint from the sysconfig template +* Fri Jun 09 2006 - poeml@suse.de +- upstream 3.0.4: + * fix an insidious bug in the failover implementation which, if + left unchecked, could result in tying up all leases in + transitional states (such as released, reset, or expired) + * fix a confusing (wrong) syslog line, logged by during DDNS update + * The server now tries harder to survive the condition where it is + unable to open a new lease file to rewrite the lease state + database. + * several other small bug fixes +- update ldap patch. It now supports ldap over ssl, but we don't + enable it and add dhcp-3.0.4-ldap-patch-nossl.dif, because at the + moment there seems to be a choice between linking dhclient + against ldap+ssl libs (not in /lib) or risking clash between + openssl and isc's md5 symbols. (At least, I assume that this is + the reason why the ldap patch now removes the isc implementation + from the build.) Thus, I readd the patch which added ldap libs to + LIBS in the server subdir only, via ./configure +- if /etc/sysconfig/dhcpd:DHCPD_INTERFACE is set to "ANY", dhcpd + will now autodetect available network interfaces +* Fri Jun 02 2006 - poeml@suse.de +- allow for build on SUSE Linux 9.3 and older (no -fpie) +- clean up all CFLAGS/DEBUG_FLAGS definitions +* Tue May 16 2006 - poeml@suse.de +- add s390x to the list of platforms to compile with -fsigned-char + to avoid the dhclient.conf parse error "expecting a statement" + [#171532], [#134590] +* Thu May 04 2006 - rml@suse.de +- Add "-H" flag for setting hostname (Novell major bug #139532) +* Wed Mar 29 2006 - poeml@suse.de +- fix two further include paths in dhcpctl.3 and omapi.3 +* Wed Mar 29 2006 - poeml@suse.de +- package the static libdst.a library [#158271] +- fix the include path in dhcpctl.3 and omapi.3 [#158271] +* Fri Jan 27 2006 - mls@suse.de +- converted neededforbuild to BuildRequires +* Wed Jan 25 2006 - poeml@suse.de +- dereference links when copying stuff into the chroot jail [#145169] +* Mon Jan 23 2006 - thoenig@suse.de +- dropped dhcp-3.0.3-dhclient-nm_active-01-thoenig.patch. Correct + solution is being implemented in NetworkManager +* Sat Jan 14 2006 - thoenig@suse.de +- replaced 'nis-domain-servers' by 'nis-servers' in + dhcp-3.0.3-dhclient-nis-01-thoenig.patch (follow-up #134160) +* Fri Jan 13 2006 - thoenig@suse.de +- add 'nis-domain' and 'nis-domain-servers' to 'request' + dhclient.conf (dhcp-3.0.3-dhclient-nis-01-thoenig.patch). If + the DHCP reply contains information about NIS, NM will set those. + (#134160) +- extended /sbin/dhclient-script to set domain name and host name. + This will only happen if the relevant options in + /etc/sysconfig/network/dhcp are set. + (dhcp-3.0.3-dhclient-nm_active-01-thoenig.patch) (#134160) +* Mon Nov 28 2005 - poeml@suse.de +- compile with -fsigned-char on ppc/ppc64, avoiding the + dhclient.conf parse error "expecting a statement" [#134590] +* Mon Sep 26 2005 - ro@suse.de +- define LDAP_DEPRECATED in CFLAGS +* Wed Aug 03 2005 - poeml@suse.de +- update to 3.0.3 + * A bug was fixed in BOOTPREQUEST handling code wherein stale + references to host records would be left behind on leases that + were not allocated to the client currently booting (eg in the + case where the host was denied booting). + * The dhcpd.conf.5 manpage was updated to be more clear in + regards to multiple host declarations (thanks to Vincent + McIntyre). 'Interim' style dynamic updates were also + retouched. + * dhclient.conf documentation for interface {} was updated to + reflect recent discussion on the dhcp-hackers mailing list. +- update ldap patch, patches merged upstream +- compile with LPF instead of bsd sockets. Provide optional binary + compiled with bsd sockets. +- README: describe how to serve option 119 (searchlist), add dns + compression tool +* Tue Jul 12 2005 - hare@suse.de +- build with pie/PIE depending on architecture. +* Thu Jun 30 2005 - gekker@suse.de +- Add -DEXTENDED_NEW_OPTION_INFO to CFLAGS for rml +* Tue Jun 28 2005 - gekker@suse.de +- Add support for dhcdbd, patches from RH via rml +* Mon Jun 20 2005 - ro@suse.de +- build with pie/fpie +* Mon Jun 13 2005 - kukuk@suse.de +- Don't use kernel types in user space +* Fri Apr 08 2005 - poeml@suse.de +- update to 3.0.3b1 release. Changes since 3.0.2: + * A bug was fixed where a server might load balance a DHCP REQUEST to its + peer after already choosing not to load balance the preceeding DISCOVER. + The peer cannot allocate the originating server's lease. + * In the case where a secondary server lost its stable storage while the + primary was still in communications-interrupted, and came back online, + the lease databases would not be fully transferred to the secondary. + This was due to the secondary errantly sending an extra UPDREQ message + when the primary made its state transition to PARTNER-DOWN known. + * The package will now compile cleanly in gcc 3.3 and 3.4. As a side effect, + lease structures will be 9 bytes smaller on all platforms. Thanks to + Jason Vas Dias at Redhat. + * Interface discovery code in DISCOVER_UNCONFIGURED mode is now + properly restricted to only detecting broadcast interfaces. Thanks + to a patch from Jason Vas Dias at RedHat. + * decode_udp_ip_header was changed so that the IP address was copied out + to a variable, rather than referenced by a pointer. This enforces 4-byte + alignment of the 32-bit IP address value. Thanks to a patch from Dr. + Peter Poeml. + * An incorrect log message was corrected thanks to a patch from + Dr. Peter Poeml. + * A bug in DDNS was repaired, where if the server's first DDNS action was + a DDNS removal rather than a DDNS update, the resolver library's + retransmit timer and retry timer was set to the default, implying a + 15 second timeout interval. Which is a little excessive in a synchronous, + single-threaded system. In all cases, ISC DHCP should now hold fast to + a 1-second timeout, trying only once. + * The siaddr field was being improperly set to the server-identifier when + responding to DHCP messages. RFC2131 clarified the siaddr field as + meaning the 'next server in the bootstrap process', eg a tftp server. + The siaddr field is now left zeroed unless next-server is configured. + * mockup_lease() could have returned in an error condition (or in the + condition where no fixed-address was found matching the shared + network) with stale references to a host record. This is probably not + a memory leak since host records generally never die anyway. + * A bug was repaired where failover servers would let stale client identifiers + persist on leases that were reallocated to new clients not sending an id. + * Binding scopes ("set var = value;") are now removed from leases allocated + by failover peers if the lease had expired. This should help reduce the + number of stale binding scopes on leases. + * A small memory leak was closed involving client identifiers larger than + 7 bytes, and failover. + * Configuring a subnet in dhcpd.conf with a subnet mask of 32 bits might + cause an internal function to overflow heap. Thanks to Jason Vas Dias + at Redhat. + * Some inconsistencies in treating numbers that the lexer parsed as 'NUMBER' + or 'NUMBER_OR_NAME' was repaired. Hexadecimal parsing is affected, and + should work better. + * In several cases, parse warnings were being issued before the lexical + token had been advanced to the token whose value was causing an error... + causing parse warnings to claim the problem is on the wrong token. + * Host declarations matching on client identifier for dynamic leases will + no longer match fixed-address host declarations (this is now identical + to behaviour for host records matching on hardware address). +- print error if binary DHCPD_BINARY is not found [#76392] +- remove patches incorporated upstreams +- update ssh forced command example in dhcpsync man page +* Mon Feb 21 2005 - poeml@suse.de +- update to 3.0.2 release. Changes since 3.0.2rc3: + * A previously undocumented configuration directive, + 'local-address', was documented in the dhcpd.conf manpage. +* Tue Feb 08 2005 - mt@suse.de +- Bug #49433: try to reconnect to ldap server if it was down; + ignore SIGPIPE while ldap_unbind called on closed handle. + = new patch file: dhcp-3.0.2-ldap-reconnect.mt.dif.gz +* Tue Dec 07 2004 - poeml@suse.de +- update to 3.0.2rc3. Changes since rc2: + * Two variables introduced in 3.0.2b1 were used without being + initialized in the case where neither the FILE nor SNAME fields + were available for overloading. This was repaired. + * A heretofore believed to be impossible corner case of the + option overloading implementation turned out to be possible + ("Unable to sort overloaded options after 10 tries."). The + implementation was reworked to consider the case of an option + so large it would require more than three chunks to fit. + * Many other instances of variables being used without being + initialized were repaired. + * An uninitialized variable in omapi_io_destroy() led to the + discovery that this function may result in orphaned pointers + (and hence, a memory leak). +- refresh the unaligned.patch +* Tue Nov 30 2004 - poeml@suse.de +- update to 3.0.2rc2. Changes since 3.0.1: + * allocate_lease() was rewritten to repair a bug in which the server would + try to allocate an ABANDONED lease when FREE leases were available. + * Some dhcp-eval.5 manpage formatting was repaired. + * A bug was fixed in the server's 'option overloading' implementation, + where options loaded into the 'file' and 'sname' packet fields were + not aligned precisely as rfc2131 dictates. + * The FreeBSD client script was changed to support the case where a domain + name was not provided by the server. + * A memory leak in 'omshell' per each command line parsed was + repaired, thanks to a patch from Jarkko Torppa. + * Log functions writing to stderr were adjusted to use the STDERR_FILENO + system definition rather than '2'. This is a no-op for 90%% of platforms. + * One call to trace_write_packet_iov() counted the number of io vectors + incorrectly, causing inconsistent tracefiles. This was fixed. + * Some expression parse failure memory leaks were closed. + * A host byte order problem in tracefiles was repaired. + * Pools configured in DHCPD for failover possessing permission lists that + previously were assumed to not include dyanmic bootp clients are now + a little more pessimistic. The result is, dhcpd will nag you about just + about most pools that possess a 'allow' statement with no 'deny' that + would definitely match a dynamic bootp client. + * The 'ddns-update-style' configuration warning bit now insists that + the configuration be globally scoped. + * Two memory leaks in dhclient were closed thanks to a patch from Felix + Farkas. + * Some minor but excellently pedantic documentation errors were fixed + thanks to a patch from Thomas Klausner. + * Bugs in operator precedence in executable statements have been repaired + once again. More legal syntaxes should be parsed legally. + * Failing to initialize a tracefile for any reason if a tracefile was + specified is now a fatal error. Thanks to a patch from Albert Herranz. + * Corrected a bug in which the number of leases transferred as calculated + by the failover primary and sent to peers in POOLRESP responses may be + incorrect. This value is not believed to be used by other failover + implementations, excepting perhaps as logged information. + * Corrected a bug in which 'dhcp_failover_send_poolresp()' was in fact + sending POOLREQ messages instead of POOLRESP mesasges. This message + was essentially ignored since failover secondaries effectively do not + respond to POOLREQ messages. + * Type definitions for various bitwidths of integers in the sunos5-5 + build of ISC DHCP have been fixed. It should compile and run more + easily when built in 64-bit for this platform. + * "allow known-clients;" is now a legal syntax, to avoid confusion. + * If one dhcp server chooses to 'load balance' a request to its failover + peer, it first checks to see if it believes said peer has a free + lease to allocate before ignoring the DISCOVER. + * log() was logging a work buffer, rather than the value returned by + executing the statements configured by the user. In some cases, + the work buffer and the intended results were the same. In some other + cases, they were not. This was fixed thanks to a patch from Gunnar + Fjone and directconnect.no. + * Compiler warnings for some string type conversions was fixed, thanks + to Andreas Gustafsson. + * The netbsd build environments were simplified to one, in which + -Wconversion is not used, thanks to Andreas Gustafsson. + * How randomness in the backoff-cutoff dhclient configuration variable + is implemented was better documented in the manpage, and the behaviour + of dhclient in REQUEST timeout handling was changed to match that of + DISCOVER timeout handling. + * Omapi was hardened against clients that pass in null values, thanks + to a patch from Mark Jason Dominus. + * A bug was fixed in dhclient that kept it from doing client-side + ddns updates. Thanks to a patch from Andreas Gustafsson, which + underwent some modification after review by Jason Vas Dias. + * Failover implementations disconnected due to the network between + them (rather than one of the two shutting down) will now try to + re-establish the failover connection every 5 seconds, rather than + to simply try once and give up until one of them is restarted. + Thanks to a patch from Ulf Ekberg from Infoblox, and field testing + by Greger V. Teigre which led to an enhancement to it. + * A problem that kept DHCP Failover secondaries from tearing down + ddns records was repaired. Thanks to a patch from Ulf Ekberg from + Infoblox. + * 64bit pointer sizes are detected properly on FreeBSD now. + * A bug was repaired where the DHCP server would leave stale references + to host records on leases it once thought about offering to certain + clients. The result would be to apply host and 'known' scopes to the + wrong clients (possibly denying booting). NOTE: The 'mis-host' patch + that was being circulated as a workaround is not the way this bug was + fixed. If you were a victim of this bug in 3.0.1, you are cautioned + to proceed carefully and see if it fixes your problem. + * A bug was repaired in the server's DHCPINFORM handling, where it + tried to divine the client's address from the source packet and + would get it wrong. Thanks to Anshuman Singh Rawat. + * A log message was introduced to help illuminate the case where the + server was unable to find a lease to assign to any BOOTP client. + Thanks to Daniel Baker. + * A minor dhcpd.conf.5 manpage error was fixed. +- update ldap patch (11/8/2004 version) +* Thu Nov 11 2004 - ro@suse.de +- fixed file list for devel package +* Thu Sep 23 2004 - poeml@suse.de +- sysconfig.dhcpd, sysconfig.dhcrelay: give examples how to use + configuration names instead of interface names +* Thu Aug 05 2004 - poeml@suse.de +- update to 3.0.1 + * The global variable 'cur_time' was centralized and is now + uniformly of a type #defined in system-dependent headers. It + had previously been defined in one of many places as a 32-bit + value, and this causes mayhem on 64-bit big endian systems. It + probably wasn't too healthy on little endian systems either. + * A printf format string error introduced in rc14 was repaired. + * AIX system-dependent header file was altered to only define + NO_SNPRINTF if the condition used to #ifdef in vsnprintf in + AIX' header files is false. + * The Alpha/OSF system-dependent header file was altered to + define NO_SNPRINTF on OS revisions older than 4.0G. + * omapip/test.c had string.h added to its includes. +- drop obsolete dhcp-curtimetype.patch +- cope with missing files during chroot setup (e.g., if no + resolv.conf exists) [#40728] +- remove duplicated option "-cf" from usage output +- add notes about the used raw socket API to README +* Fri Jul 16 2004 - poeml@suse.de +- update to 3.0.1rc14 +- remove obsolete patches and adapt dhcp-3.0.1rc13-tmpfile.dif +- dhcpsync: use try-restart (so the server isn't started if it has + been stopped) +- remove notify messages that are sent to root +- check if dhcpd was active at boot time before update and + restore runlevel links if needed [#41215], and PreRequires for + that +* Mon Jun 14 2004 - poeml@suse.de +- security fixes [#41975]: + - fix buffer overflow in the DHCP server that can be exploited by + the client by specifying multiple 'hostnames' to execute + arbitrary code or at least crash the server. VU#317350 + - add patch to use vsnprintf() instead of vsprintf() calls. + VU#654390 +* Fri May 14 2004 - poeml@suse.de +- fix sysconfig comment and DHCPD_RUN_AS default [#40174] +* Thu May 13 2004 - poeml@suse.de +- improve security of the chroot jail setup by creating a dedicated + user id for the server, and move the leases database into a + subdirectory (/var/lib/dhcp/db). With the exception of that + subdirectory the chroot jail is now owned by root. [#40174] Use + mkstemp to create temporary files. [#40267] +- don't use startproc to start dhcpd, because startproc waits a + fixed time (100 msec) until it decides whether the service is + running or not. Now that dhcpd might have to contact an LDAP + server first to read its configuration, starting up can take + longer than that, and the init script would falsely report + "success" even when the server cannot start up due to broken + configuration or non-existant interfaces. Increasing the + startproc timeout (-t) is not a real alternative because, because + it would imply a fixed dely to the init script, and it might + still be too short. [#40350] +* Tue May 04 2004 - poeml@suse.de +- convert configuration names in DHCPD_INTERFACE / + DHCRELAY_INTERFACES into interface names [#39718] +- fix service restart for the case where the binary has been + switched for backward compatibility during updating. +- do not change DHCPD_BINARY for backward compatibility if updating + from 9.0. This and the last change complete the fix for [#38422] + and take care of updates from 8.1-9.1 with and without YOU + updates. +* Fri Apr 30 2004 - poeml@suse.de +- additionally package the dhcpd binary that uses the Linux packet + filter API. New option DHCPD_BINARY in sysconfig.dhcpd. [#38422] +- when updating from a previous package using LPF API, retain the + old behaviour. Fix init script so that 'stop' works also after a + switch of DHCPD_BINARY. +* Thu Apr 22 2004 - mt@suse.de +- updated to dhcp-3.0.1rc13-ldap-patch also obsolating the + patches: dhcp-ldap-fix01.dif, dhcpd-conf-to-ldap.pl.dif +- added dhcp-3.0.1rc13-ldap.mt.dif, providing diverse fixes + and basic failover support for server/ldap.c +- added dhcpd-conf-to-ldap.mt.dif providing failover support + to dhcpd.conf convert script +* Thu Mar 25 2004 - mt@suse.de +- applied dhcp-3.0.1rc12-ldap-patch adding support to store + dhcp configuration in ldap (incl. draft ldap schema). + further patches: + - dhcp-ldap-fix01.dif: fixes for server/ldap.c (debuging + output, support for block statements, ...) + - dhcpd-conf-to-ldap.pl.dif: fixes for convert script +* Wed Feb 25 2004 - poeml@suse.de +- the genDDNSkey script has been moved to the bind-utils package +- update the DDNS-howto.txt +- package leases.awk (dhcpd.leases analyzer) (courtesy of Jeff Wilson) +- update to 3.0.1rc13 + - Fixed a bug in omapi lease lookup function, to form the + hardware address for the hash lookup correctly + - The 'ping timeout' debugs from rc12 were removed to -DDEBUG + only + - Fixed a case where leases read from the leases database do not + properly over-ride previously read leases. + - Fixed a bug where dhcrelay was sending relayed responses back + to the broadcast address, but with the source's unicast mac + address. Should now conform to rfc2131 section 4.1. + - Fixed a crash bug in dhclient where dhcpd servers that do not + provide renewal times results in an FPE. As a side effect, + dhclient can now properly handle 0xFFFFFFFF (-1) expiry times + supplied by servers. + - dhcpctl.3 manpage was tweaked. +- the files CHANGES and COPYRIGHT have vanished, package LICENSE + instead +* Sun Jan 11 2004 - adrian@suse.de +- build as user +* Tue Nov 18 2003 - poeml@suse.de +- if starting dhcpd in chroot jail, and a pid file is present in + the jail, and the pid file does not contain a pid of a running + dhcpd process, but that of another _running_ process, remove + that pid file. [#32603] +- fix typo in dhcp.LIESMICH +- DDNS-howto.txt: adjust changed path +- DDNS-howto.txt: instead of the shell variables (they were copy + and paste'd from a script), use a real example (makes it easier) +- add a comment in sysconfig.dhcpd that entire directories may be + included +- dhcpsync: if run from the commandline, do not use an identity + that ssh-agent may hold, but use $KEY instead +- dhcpsync.8: add a note about a know limitation +* Tue Nov 18 2003 - poeml@suse.de +- fix wrong ServiceRestart tags in sysconfig/dhcrelay [#32062] +* Fri Oct 17 2003 - uli@suse.de +- fixed data type mismatch in libomapi, only harmful on 64-bit + BE systems (ppc64, s390x, bug #32123) +* Mon Sep 08 2003 - poeml@suse.de +- update to 3.0.1rc12 + - a failover bug relating to identifying peers by name length + instead of by name was fixed + - declaring failover configs within shared-network statements + should no longer result in error + - a problem with lease expiry times in failover configurations + was fixed + - reverse dns PTR record updates with values containing spaces + are now permitted + - problems with long option processing fixed + - fixes to minires so that updates of KEY records will work + - memory leak in configuration parsing closed + - non-broadcast or point-to-point interfaces are now ignored + - options not yet known by the dhcpd or dhclient now appear as + e.g. "unknown-144" rather than "#144" in the leases file, to + avoid the hash marks + - dhclient no longer uses shell commands to kill another instance + of itself, it sends the signal directly. + - the -nw command line option to dhclient now works +- dhcp-3.0.1rc10-dhcrelay-limit-hopcount.dif included upstreams +- added contrib/ms2isc (converts Microsoft DHCP server configuration) +* Mon Sep 08 2003 - poeml@suse.de +- mark dhclient's lease database %%config(noreplace) +* Wed Sep 03 2003 - kukuk@suse.de +- Really fix [#29405], server should not provide and obsolete dhcp. +* Wed Aug 27 2003 - poeml@suse.de +- don't provide/require dhcp-base. Require dhcp instead [#29405] +* Tue Aug 26 2003 - poeml@suse.de +- add Config: syslog-ng to sysconfig.syslog-dhcpd +* Fri Aug 15 2003 - poeml@suse.de +- use -Wall -Wno-unused +- add -fno-strict-aliasing, due to warnings about code where + dereferencing type-punned pointers will break strict aliasing +- add activation metadata to sysconfig template [#28864, [#28865], + [#28950] +* Tue Aug 12 2003 - poeml@suse.de +- rc.dhcpd, rc.dhcrelay: implement try-restart correctly +- cleaned up the root mail, and the READMEs [#27214], [#26266] +- send the root mail only on update [#27214] +- have no default value in /etc/sysconfig/dhcpd:DHCPD_INTERFACE +- in client's %%post, send a mail only when rc.config is encountered +- clean buildroot, but not in chroot buildsystem +- the SuSE string is now replaced by UnitedLinux where appropriate +- rename the "dhcp-base" package to "dhcp", so there is a binary + package matching the name of the source package [#17668] +- use the lately added macros only on newer distributions +* Wed Jul 30 2003 - poeml@suse.de +- new macros for stop/restart of services on rpm update/removal +* Mon Jul 28 2003 - poeml@suse.de +- when copying include files into the chroot jail, create + subdirectories as needed, thus retaining the path to the files +* Sun Jul 27 2003 - poeml@suse.de +- don't explicitely strip binaries since RPM handles it, and may + keep the stripped information somewhere +* Mon Jun 16 2003 - poeml@suse.de +- add some notes to DDNS-howto.txt, kindly provided by Andrew Beames +- fix typo in genDDNSKey.sh +* Wed May 21 2003 - mmj@suse.de +- Implement try-restart correctly in init-script +* Mon May 19 2003 - poeml@suse.de +- update to 3.0.1rc11, relevant fixes are + - Potential buffer overflows in minires repaired. + - A correction of boolean parsing syntax validation - some illegal syntaxes + that worked before are now detected and produce errs, some legal syntaxes + that errored before will now work properly. + - Some search-and-replace errors that caused some options to change their + names was repaired. + - Shu-min Chang of the Intel corporation has contributed a perl script and + module that converts the MS NT4 DHCP configuration to a ISC DHCP3 + configuration file. + - Applied the remainder of the dhcpctl memory leak patch provided by Bill + Squier at ReefEdge, Inc. (groo@reefedge.com). + - Missing non-optional failover peer configurations will now result in a soft + error rather than a null dereference. +- use BSD sockets instead of LPF (makes iptables filtering of + packages possible for server and relay. It doesn't work on the + client, though, so that one requires seperate compilation.) See + Message-Id: <5.1.0.14.0.20030408175011.00b9c7c0@pop.itd.nrl.navy.mil> +* Thu Mar 13 2003 - poeml@suse.de +- rcdhcpd, rcdcrelay: do not write the startup log to a world + writable directory [#25241] +* Mon Mar 03 2003 - poeml@suse.de +- don't try to copy libraries into the chroot jail that do not + exist (any longer) [#24533] +- remove the %%ghost filelist entries for pid files and chroot jail + contents [#20030]. Clean up the libraries from the jail when the + server is stopped. +- dhcrelay: add patch from Florian Lohoff (slightly modified), + that makes the maximal hop count of forwarded packages + configurable (-c maxcount), sets the default to 4, and rejects + packages with a hop count higher than maxcount (CAN-2003-0039, + http://www.kb.cert.org/vuls/id/149953). Add a variable to + /etc/sysconfig/dhcrelay to pass such additional options. +* Wed Feb 12 2003 - mmj@suse.de +- Added sysconfig metadata [#22631] [#22632] [#22696] +* Tue Dec 10 2002 - okir@suse.de +- Added security patch from ISC +* Thu Dec 05 2002 - poeml@suse.de +- update to 3.0.1rc10. relevant fixes: + - A Linux-specific Token Ring detection problem was fixed. + - Hashes removed from as-yet-unknown agent options, having those + options appear in reality before we know about them will no + longer produce self-corrupting lease databases. + - dhclient will use the proper port numbers now when using the -g + option. + - A order-of-operations bug with 2 match clauses in 1 class + statement is fixed thanks to a patch from Andrew Matheson. + - A fix to the dhcp ack process which makes certain group options + will be included in the first DHCPOFFER message was made thanks + to a patch from Ling Gou. + - A few memory leaks were repaired thanks to patches from Bill + Squier at ReefEdge, Inc. (groo@reefedge.com). + - A fix for shared-networks that sometimes give clients options + for the wrong subnets (in particular, 'option routers') was + applied, thanks to Ted Lemon for the patch. + - Omshell's handling of dotted octets as values was changed such + that dots one after the other produce zero values in the + integer string. +- due to the upstream fixes: drop the reactivate-tr-support.dif and + format.dif +- retrofitted the (server) package to work for old distributions + down to 7.2 +* Fri Nov 29 2002 - schwab@suse.de +- Fix unaligned access. +* Mon Nov 04 2002 - poeml@suse.de +- update DDNS-howto.txt for BIND9 +- add genDDNSKey.sh to create a key for BIND8/9 +- add comments about DDNS to the dhcpd.conf [#18419], and + directives to disable DDNS by default +- change defaults in the sample configuration +* Thu Aug 29 2002 - poeml@suse.de +- fix permissions of man pages +* Sun Aug 18 2002 - poeml@suse.de +- re-add token ring support that got lost ("tr0:unknown hardware + address type 800"). With 2.4 kernel, ARPHRD_IEEE802 (6) has been + renamed to ARPHRD_IEEE802_TR (800). Known bug in 3.0.1rc9. +- move PreReq tag to the subpackages, where it is actually needed + [#17822, #17821] +* Mon Aug 12 2002 - poeml@suse.de +- dhcp-client: add missing Requires on /usr/bin/host +* Mon Aug 12 2002 - poeml@suse.de +- Fix requires of dhcp-devel subpackage +- add some helpful scripts, courtesy of Kevin C. Miller +* Thu Aug 01 2002 - poeml@suse.de +- use PreReq +* Wed Jul 17 2002 - poeml@suse.de +- add a sysconfig.syslog-dhcpd template to make syslogd open an + additional socket (inside the chroot dir of dhcpd) +* Thu Jul 11 2002 - poeml@suse.de +- fix typo in %%post, introduced with last change +* Thu Jul 11 2002 - poeml@suse.de +- add Version: tags to the subpackages to satisfy the build system, + because dhcp has no main package [#16318] +- run in chroot and as user nobody per default +- fix wrong pathnames in mail to root [#15601] +- install example dhcpd.conf [#9122] +- improve example configuration files [#12563] +- init scripts: update INIT INFO, using the new tags from + /etc/init.d/skeleton +* Tue May 21 2002 - poeml@suse.de +- dhclient-script: + - source the right sysconfig files (/etc/sysconfig/network/) + [#15871] + - use KEEP_SEARCHLIST option (thanks Sumit Bose) + - improve the indentation +* Thu May 16 2002 - poeml@suse.de +- add documentation about configuration for dynamical DNS updates +* Mon May 13 2002 - poeml@suse.de +- fix last change (rediff dhcp-3.0.1rc9.format.dif) +* Mon May 13 2002 - poeml@suse.de +- update to 3.0.1rc9 + - fixes a format string vulnerability in the server that could + lead to a remote root compromise + (see http://www.cert.org/advisories/CA-2002-12.html) + - fixes a memory leak in the client and some other minor bugs +- fix some printf arguments in server/omapi.c +- fix small typo (x390x -> s390x) +* Mon Apr 29 2002 - sf@suse.de +- changed Makefile.conf to be able to add LIBDIR +- added LIBDIR to make install to put libs into the correct path +- use -DPTRSIZE_64BIT on x86_64 +* Mon Apr 22 2002 - poeml@suse.de +- update to 3.0.1rc8. Most significant changes are (see RELNOTES): + - Don't allow a lease that's in the EXPIRED, RELEASED or RESET + state to be renewed. + - Implement lease stealing for cases where the primary has fewer + leases than the secondary, as called for by the standard. + - Fix a bug where if an option universe contained no options, the + DHCP server could dump core (Walter Steiner). + - Fix a bug in the handling of encapsulated options. + - Fix an uninitialized memory bug in the DHCP client. +- use -DPTRSIZE_64BIT on x390x and ppc64, too +- create /etc/resolv.conf with a file mask of 644, regardless of + the umask [Bug #15915]. Patch by Joerg Mayer. +- the scripts dir is now called CLIENTBINDIR in the Makefiles, and + correctly set to /sbin --> drop 2 hunks from dhcp-3.0rc10.dif +* Tue Mar 26 2002 - ro@suse.de +- Fix handling of initscript links and START_* variable [Bug #13755] +* Sun Feb 10 2002 - poeml@suse.de +- drop the sysconfig/network/dhcp template. It's in the syconfig + package now. +- strip /sbin/dhclient +* Mon Feb 04 2002 - poeml@suse.de +- rename dhcp subpackage to dhcp-base, add dhcp-server subpackage +- rename dhclient to dhcp-client and dhcrelay to dhcp-relay +- remove Conflicts tag dhclient <-> dhcpcd +- use %%defattr(-, root, root) for all subpackages +- update copyright info (GmbH --> AG) +- update sysconfig.dhclient (.dhcp-dhclient now), and let it be + filled up into /etc/sysconfig/network/config +* Wed Jan 30 2002 - poeml@suse.de +- add /sbin/dhclient, accidentally deleted from filelist lately +* Sun Jan 27 2002 - ro@suse.de +- remove START_DHCPD on update +- use fillup_only where no initscript is handled +* Sun Jan 27 2002 - poeml@suse.de +- use %%_lib and %%_libdir +- update rc.dhcpd to use %%_libdir when setting up chroot dir +- dhcpsync: name of slave can be given as argument; update man page +- rc.dhcpd: no longer source rc.config +- don't try insserv on dhclient init script -- it's dropped +- tell fillup to use "dhcpd" instead of the package name (dhcp) +* Fri Jan 25 2002 - poeml@suse.de +- update to 3.0.1rc6 + - Fix the off-by-one error in the MAC-address checking code for + DHCPRELEASE that was added in 3.0.1rc5. + - Fix a bug where client-specific information was not being + discarded from the lease when it expired or was released, + resulting in problems if the lease was reallocated to a + different client. + - merge pools if possible + - workaround for some Lexmark printers that send a double-NUL- + terminated host-name option, which would break DNS updates. + - no longer log fallback_discard messages +- dhcp-3.0.1rc5-release.dif obsolete hereby +- drop dhclient init script (obsoleted by /sbin/if*-dhcp) +* Tue Jan 15 2002 - poeml@suse.de +- update to 3.0.1rc5 + - Fix a bug that would cause the DHCP server to spin if asked to + parse a certain kind of incorrect statement. + - Fix a related bug that would prevent an error from being + reported in the same case. + - Additional documentation. + - Make sure that the hardware address matches the lease when + processing a DHCPRELEASE message. +- add dhcp-3.0.1rc5-release.dif that corrects an error by one in + the code that finds a lease that is being RELEASEd +- use ddns-update-style interim instead of ad-hoc when testing +- make sure that dhcpd is started after xntpd (failover needs + correct system time) +- drop version 2 of dhcpd and dhcrelay +* Thu Dec 13 2001 - ro@suse.de +- removed START_ variables, moved rc.config.d -> sysconfig +* Tue Nov 06 2001 - poeml@suse.de +- update to 3.0.1rc4 +- add dhcpsync and dhcpync.8 (script to sync DHCP failover config.) +- update rc.dhclient script from the one used in the dhcpcd package +- client: don't check if a device is there; terminate anyway +- small addition to the examples; update README.upgrade +* Wed Oct 31 2001 - poeml@suse.de +- update to 3.0.1rc2 +- add a README.upgrade +* Thu Oct 25 2001 - poeml@suse.de +- update to 3.0.1rc1 +- remove our #undef use_LPF patch for 2.0pl5; it seems to cause + problems (stopping responding) with more than one network card +- mark /etc/dhclient.conf with noreplace tag +* Sun Sep 16 2001 - poeml@suse.de +- fix stupid bug in rc.dhcpd where rc.config is sourced too late +* Fri Sep 14 2001 - poeml@suse.de +- fix #9962 where "exit 1" instead of "return" in dhclient-script + would confuse dhclient (which then DECLINEd the lease) +* Tue Aug 28 2001 - poeml@suse.de +- make sure that files are really copied to the chroot dir +* Mon Aug 27 2001 - poeml@suse.de +- add libnss_dns6.so.2 as ghost to the file list to remove it + from the chroot dir when uninstalling the package +- rc.dhcpd: remove empty pid files to avoid warnings by + checkproc/killproc (dhcpd sometimes leaves them if it does not + want to start due to wrong syntax) +- rc.dhcpd: to save time, source rc.config only when necessary +- add dhcpd.conf examples +* Fri Aug 24 2001 - poeml@suse.de +- update to 3.0rc12 (fixes some failover state transitions; other + failover fixes; always returns a subnet selection option if one + is sent) +- change dhclient-script to ignore lines that are commented out + when grepping for variables and eval-ing them +* Mon Jul 16 2001 - poeml@suse.de +- add filedes.dif that gives scripts executed from dhclient-script + their own filedescriptors (patch by Brian Somers + ) +- correct typo in rc.dhcpd +* Mon Jul 02 2001 - poeml@suse.de +- update to 3.0rc10 +- change default in rc.config.d.dhcrelay +- add /usr/sbin/svtest, /usr/bin/omshell, and omshell man pages +- new variable in rc.dhcpd.config: $DHCPD_CONF_INCLUDE_FILES, for + dhcpd.conf include files to be copied to $chroot/etc/ +* Tue May 22 2001 - poeml@suse.de +- update to 3.0rc7 (failover and OMAPI fixes, see RELNOTES) +* Wed May 16 2001 - poeml@suse.de +- on 64 bit archs, define -DPTRSIZE_64BIT +- fix missing include +* Fri May 11 2001 - poeml@suse.de +- if resolv.conf does not exist, touch it; so that there is a file + to back up and restore later and the temporary resolv.conf would + not persist after stopping the client [#8078] +- use the modify_resolvconf tool to cleanup old backup files before + starting the daemon, because it does it intelligently [#8077] +* Tue May 08 2001 - poeml@suse.de +- don't provide empty /etc/rc.config.d/dhcpd.rc.config because that + inhibits the correct removal of variables from rc.config +- mention correct version numbers in mail to root (now using + version macro) +- fix a typo and a nonsense comment in rc.config.d.dhcpd +* Mon May 07 2001 - poeml@suse.de +- update to 3.0rc4 (bugfixes) +- add empty dir /var/lib/dhcp/dev and documentation about how to + ensure that logging from the chroot jail works [#6906] +* Tue Apr 24 2001 - poeml@suse.de +- update to 3.0rc2pl1: fixes bugs in the failover implementation + and a memory smash that happens when fixed-address leases are + used +- Read dhcp client script hooks if they exist, rather than only if + they're executable. +- new file: 3.0b1 lease conversion script +* Sun Apr 15 2001 - poeml@suse.de +- Init scripts: get try-restart ("restart when running") right +- client: + - dhclient-script is now correctly installed to /sbin (thus, + don't mv dhclient-script from /etc/ to /sbin/, thereby + overwriting it with the one from v2) + - move rcdhclient conveniency link to /sbin/ (same as in dhcpcd) + - update info header for resolv.conf acc. to guidelines +- server: + - don't run in chroot environment and as nobody by default + - add missing %%postun for subpackages to rearrange runlevel + links after deinstalling +* Mon Apr 09 2001 - poeml@suse.de +- update to 3.0b2pl24 +- don't use rc_status -u in init scripts (option was dropped) +- always run test of dhcpd +* Wed Mar 28 2001 - poeml@suse.de +- update to 3.0b2pl18 + * trim chroot/non-root patch and the other security patches into + dhcp-3.0b2pl18.paranoia.dif + * build stable version of server (2.0pl5) and include the binary + as well as the man pages with '-2' suffix (same for dhcrelay) +- split off subpackages: dhcrelay, dhcp-devel +- reworked all init scripts + * adhere to LSB and use new rc.status functions + * rc.dhcpd: at start, copy conf file and libs to chroot dir + * rc.dhcpd: add syntax check + * rc.dhcrelay: make interface configurable + * rc.dhclient: improve resolv.conf handling +- dhclient: catch TERM to restore resolv.conf before quitting +- create /etc/rc.config.d/dhcrelay.rc.config +- create /etc/rc.config.d/dhclient.rc.config +- clean up Provides/Conflicts +- rework SuSE-fillup templates (and rename them) +- mark libraries for chroot dir as %%ghost +- when ABUILD_RUN_TEST_SUITES is true, start dhcpd for a simple + test +* Fri Mar 16 2001 - poeml@suse.de +- add dhcpd-thomas.diff from + * query for the real UID and not for the effective UID + * drop supplementary GID's + * avoid potential buffer overflow +- copy dhcpd.conf instead of moving it +- add $syslog to Required-Start in server init script +- fix Required-Start in client init script +- bzipped sources +* Wed Jan 31 2001 - poeml@suse.de +- dhcpd.conf will no longer be installed in /etc/ but placed in the + docdir, since it is a nonfunctional example file +- test for etc/SuSE-release in %%post +- fix removal of variables from rc.config which failed sometimes +- update {README,LIESMICH}.SuSE +* Mon Jan 29 2001 - poeml@suse.de +- added paranoia patch by Ari Edelkind to allow dhcpd run chrooted + in /var/lib/dhcp and as nobody/nogroup. Both is optional. +- moved dhcpd.conf to /var/lib/dhcp/etc/. The file will also be + moved by %%post +- moved rc.config options to rc.config.d/dhcpd.rc.config + (existing variables are moved there by %%post) +- added some syntax checking via undocumented -t switch, and write + log file during startup +- renamed start script from dhcp to dhcpd +- removed /var/run/dhcpd.pid from the package +- tag some %%configs with (noreplace) +- use BuildRoot +- added "Provides: dhcp2"+"Conflicts: dhcp3" in anticipation of v3 +- added {README,LIESMICH}.SuSE and the paranoia patch to the docs +* Tue Jan 16 2001 - draht@suse.de +- format string security bugs in syslog(3) calls fixed. +* Thu Jan 11 2001 - poeml@suse.de +- in runlevel 2, start only the client, not the server/relay +- tell insserv to start after $named +- improved comments +* Thu Jan 04 2001 - fober@suse.de +- package dhclient requires net-tools, not net_tool +- removed superfluous Provides dhclient in package dhclient +* Wed Nov 29 2000 - poeml@suse.de +- Update to dhcp-2.0pl5.tar.gz +- This includes a security fix that applies to the DHCP client *only* +* Tue Nov 28 2000 - poeml@suse.de +- adapted spec file to use /etc/init.d for the scripts instead of + /sbin/init.d and let insserv create the links +- extracted source files from diff and placed them separately +- included paranoia (non-root/chroot) patch by ari edelkind. This + needs testing, and possibly an adapted start script +* Mon Jul 24 2000 - schwab@suse.de +- Fix argument type of dhcp_option_ev_name. +* Mon Jul 24 2000 - schwab@suse.de +- Set DEBUG, not COPTS. +* Thu Jul 20 2000 - zoz@suse.de +- updated to dhcp-2.0pl3 +* Wed Jul 19 2000 - schwab@suse.de +- Fix handling of abandoned leases with BOOTP. +- Properly handle default lease timeout. +* Fri Jul 14 2000 - werner@suse.de +- make dchpd quiet +* Thu Jul 13 2000 - zoz@suse.de +- changed test for availability of device in rcdhlient: + now using ifconfig, so automatically loading of modules + will be triggered (Bug 3415) +- patched dhclient.c do to a possible root exploit bug + (patch from Pavel Kankovsky ) + Still to be improved, waiting for Ted Lemon to rework it. +* Tue Jul 11 2000 - zoz@suse.de +- reworked rcdhclient once again. +* Tue Jul 04 2000 - zoz@suse.de +- update to dhcp-2.0.pl2 +- dhclient: hostname will only be set, if there is a + DHCLIENT_SET_HOSTNAME=yes (default =no) + in /etc/rc.config. (fixes bug 2807 and 3146) +* Tue Jun 27 2000 - zoz@suse.de +- update to dhcp-2.0.pl1 +- moved /var/state/dhcp to /var/lib/dhcp +- moved manpages to %%{_mandir} +- changed rcdhclient: DHCLIENT is obsolete now. It will be started + if it finds any IFCONFIG_x=dhcpclient +* Mon Apr 10 2000 - schwab@suse.de +- Treat Linux 2.3 as linux-2.2 configuration. +* Thu Jan 27 2000 - grimmer@suse.de +- added "Provides: dhcp_client" and "Conflicts: dhcpcd" to + dhclient section in spec file +- added "Provides: dhcp_server" to dhcp section +- corrected typo in rc.config variables +- added Group Tag and version macro to spec file +- changed Summary: to "ISC DHCP client" +- moved man pages to /usr/share/man +* Wed Nov 17 1999 - rolf@suse.de +- now set hostname in dhclient-script [BUG#1262] +* Fri Nov 05 1999 - rolf@suse.de +- reduced waiting time to 1 second +- wait 5 seconds after dhclient start to acquire an IP adress so the + following scripts have a working network setup +* Thu Nov 04 1999 - rolf@suse.de +- changes from Josh for @home cablenet +* Thu Oct 28 1999 - rolf@suse.de +- added changes by Lenz Grimmer to use + ifconfig $NETDEV 0.0.0.0 up + for device setup +* Mon Oct 25 1999 - rolf@suse.de +- applied patch of Bernhard Bender + to use the correct interface. +- added client latency time and rc.config entry +* Mon Sep 27 1999 - bs@suse.de +- fixed requirements for sub packages +* Mon Sep 13 1999 - bs@suse.de +- ran old prepare_spec on spec file to switch to new prepare_spec. +* Mon Jul 19 1999 - bs@suse.de +- changed comment for rc.config +* Mon Jul 19 1999 - bs@suse.de +- fix from werner@suse.de for /sbin/init.d/dhclient +* Fri Jul 16 1999 - ro@suse.de +- added new dhclient-script from werner +* Wed Jun 23 1999 - rolf@suse.de +- new version 2.0 +- apply fix from Michael Hasenstein +* Mon Mar 08 1999 - ro@suse.de +- fixed man5-path +* Fri Feb 26 1999 - rolf@suse.de +- new version 2.0b1pl16 (stable beta) +- leases are now stored in /var/state/dhcp/ (thanks to Ted Lemmon) +- correct paths in manpages +- PID files as %%ghost in filelist +* Wed Feb 17 1999 - rolf@suse.de +- new version 2.0b1pl13 +* Wed Dec 09 1998 - rolf@suse.de +- added /usr/sbin/rcdhcp + /usr/sbin/rcdhcrelay + /usr/sbin/rcdhclient +* Tue Nov 24 1998 - rolf@suse.de +- new init scripts for SuSE Linux 6.0 +* Thu Nov 12 1998 - bs@suse.de +- minor changes for new rpm +* Thu Sep 24 1998 - rolf@suse.de +- new version 2.0b1pl6 (stable beta) +- now with dhcp client and dhcp relay agent +- added init scripts for relay agent and client +- changed from $NETDEV_0 to $DHCPD_INTERFACE +* Fri Jun 26 1998 - rolf@suse.de +- new version 1.0pl2 fixes two potential input buffer overrun problems + that were missed in Patchlevel 1 +* Mon May 18 1998 - rolf@suse.de +- new security patch 1.0pl1 included + changed /sbin/init.d/dhcp to run on $NETDEV_0 +* Wed Dec 10 1997 - rolf@suse.de +- new version 1.0.0 this is not beta any more! +* Thu Oct 16 1997 - rolf@suse.de +- switched to dhcp.spec instead of Makefile.Linux +* Thu Sep 11 1997 - rolf@suse.de +- Upddate to Version 5 beta 16 and made entry for rc.config and + /sbin/init.d for startup/shutdown + There is no dhcp client in this package anymore. +* Thu Jun 12 1997 - rolf@suse.de +- build the package for the first time diff --git a/dhcpd.xml b/dhcpd.xml new file mode 100644 index 0000000..9184731 --- /dev/null +++ b/dhcpd.xml @@ -0,0 +1,88 @@ + + + + + + + ISC DHCP Server + + + + ISC Dynamic Host Configuration Protocol Server + + + + + /usr/sbin/rcdhcpd start + + + /usr/sbin/rcdhcpd restart + + + /usr/sbin/rcdhcpd stop + + + /usr/sbin/rcdhcpd status + + + + dhcpd + /usr/sbin/dhcpd + + + + + network + + + + diff --git a/dhcpsync b/dhcpsync new file mode 100644 index 0000000..bda5482 --- /dev/null +++ b/dhcpsync @@ -0,0 +1,37 @@ +#!/bin/bash + +# Peter Poeml +# $Id: dhcpsync,v 1.10 2002/01/27 14:24:42 poeml Exp $ + +# for usage info, refer to dhcpsync(8) + +test -n "$1" && SLAVE=$1 + +: ${SLAVE:?} +: ${SHARED:="/etc/dhcpd.conf.shared"} +: ${KEY:="/root/.ssh/dhcp-share"} +: ${SLEEP:=10} + +# if run from the commandline, do not use an identity +# that ssh-agent holds for us -- use the $KEY +test -t 0 && unset SSH_AUTH_SOCK + +PROGNAME=`basename $0` +PIDFILE=/var/run/$PROGNAME.pid + +test "`/etc/init.d/dhcpd probe`" = restart \ + && { + trap 'rm $PIDFILE; exit 0' SIGTERM SIGINT SIGQUIT + + test -e $PIDFILE \ + && { echo "$0 [`cat $PIDFILE`] is already running... maybe you can delete $PIDFILE. Exiting."; exit 2; } + echo $$ > $PIDFILE + + logger $PROGNAME: restarting dhcpd; + /etc/init.d/dhcpd try-restart; + sleep $SLEEP; + RSYNC_RSH="/usr/bin/ssh -i $KEY" /usr/bin/rsync -cav $SHARED $SLAVE:/etc/; + rm $PIDFILE + } + +exit 0 diff --git a/dhcpsync.8 b/dhcpsync.8 new file mode 100644 index 0000000..3dde91e --- /dev/null +++ b/dhcpsync.8 @@ -0,0 +1,265 @@ +.\" Automatically generated by Pod::Man version 1.15 +.\" Sun Jan 27 15:29:23 2002 +.\" +.\" Standard preamble: +.\" ====================================================================== +.de Sh \" Subsection heading +.br +.if t .Sp +.ne 5 +.PP +\fB\\$1\fR +.PP +.. +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Ip \" List item +.br +.ie \\n(.$>=3 .ne \\$3 +.el .ne 3 +.IP "\\$1" \\$2 +.. +.de Vb \" Begin verbatim text +.ft CW +.nf +.ne \\$1 +.. +.de Ve \" End verbatim text +.ft R + +.fi +.. +.\" Set up some character translations and predefined strings. \*(-- will +.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left +.\" double quote, and \*(R" will give a right double quote. | will give a +.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used +.\" to do unbreakable dashes and therefore won't be available. \*(C` and +.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> +.tr \(*W-|\(bv\*(Tr +.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' +.ie n \{\ +. ds -- \(*W- +. ds PI pi +. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch +. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch +. ds L" "" +. ds R" "" +. ds C` "" +. ds C' "" +'br\} +.el\{\ +. ds -- \|\(em\| +. ds PI \(*p +. ds L" `` +. ds R" '' +'br\} +.\" +.\" If the F register is turned on, we'll generate index entries on stderr +.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and +.\" index entries marked with X<> in POD. Of course, you'll have to process +.\" the output yourself in some meaningful fashion. +.if \nF \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" +.. +. nr % 0 +. rr F +.\} +.\" +.\" For nroff, turn off justification. Always turn off hyphenation; it +.\" makes way too many mistakes in technical documents. +.hy 0 +.if n .na +.\" +.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). +.\" Fear. Run. Save yourself. No user-serviceable parts. +.bd B 3 +. \" fudge factors for nroff and troff +.if n \{\ +. ds #H 0 +. ds #V .8m +. ds #F .3m +. ds #[ \f1 +. ds #] \fP +.\} +.if t \{\ +. ds #H ((1u-(\\\\n(.fu%2u))*.13m) +. ds #V .6m +. ds #F 0 +. ds #[ \& +. ds #] \& +.\} +. \" simple accents for nroff and troff +.if n \{\ +. ds ' \& +. ds ` \& +. ds ^ \& +. ds , \& +. ds ~ ~ +. ds / +.\} +.if t \{\ +. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" +. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' +. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' +. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' +. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' +. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' +.\} +. \" troff and (daisy-wheel) nroff accents +.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' +.ds 8 \h'\*(#H'\(*b\h'-\*(#H' +.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] +.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' +.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' +.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] +.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] +.ds ae a\h'-(\w'a'u*4/10)'e +.ds Ae A\h'-(\w'A'u*4/10)'E +. \" corrections for vroff +.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' +.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' +. \" for low resolution devices (crt and lpr) +.if \n(.H>23 .if \n(.V>19 \ +\{\ +. ds : e +. ds 8 ss +. ds o a +. ds d- d\h'-1'\(ga +. ds D- D\h'-1'\(hy +. ds th \o'bp' +. ds Th \o'LP' +. ds ae ae +. ds Ae AE +.\} +.rm #[ #] #H #V #F C +.\" ====================================================================== +.\" +.IX Title "DHCPSYNC.8 1" +.TH DHCPSYNC.8 1 "1.10" "2002-01-27" " " +.UC +.SH "NAME" +dhcpsync \- synchronize \s-1DHCP\s0 configuration file +.SH "SYNOPSIS" +.IX Header "SYNOPSIS" +[ KEY=keyfile ] [ SHARED=/path/to/conffile ] [ SLEEP=seconds ] \fBdhcpsync\fR +.SH "DESCRIPTION" +.IX Header "DESCRIPTION" +This script shows how to detect if the dhcpd configuration has changed, +and sync a shared conf file to the slave, and restart both servers. +.Ip "o" 4 +It is run on the master failover peer +.Ip "o" 4 +It uses rsync over ssh with an enforced command on the slave. +.Ip "o" 4 +It relies on all include files being mentioned in \f(CW\*(C`DHCPD_CONF_INCLUDE_FILES\*(C'\fR in +/etc/rc.config.d/dhcpd.rc.config. These files are looked at to find out +whether one of the config files is newer than dhcpd's pid file +('\fBrcdhcpd probe\fR') +.PP +\&\fBdhcpsync\fR should actually be usable without modification. But you need to do +some configuration, read on. +.SH "CONFIGURATION" +.IX Header "CONFIGURATION" +In this example, host1 is the master, host2 is the slave. +.PP +A key can be generated like this: +(save the key in /root/.ssh/dhcp-share, and press enter when asked +for the passphrase.) +.PP +.Vb 11 +\& root@host1 ~ # ssh-keygen -C 'dhcp-share@host1' +\& Generating public/private rsa1 key pair. +\& Enter file in which to save the key (/root/.ssh/identity): +\& /root/.ssh/dhcp-share +\& Enter passphrase (empty for no passphrase): +\& Enter same passphrase again: +\& Your identification has been saved in /root/.ssh/dhcp-share. +\& Your public key has been saved in /root/.ssh/dhcp-share.pub. +\& The key fingerprint is: +\& 21:11:ec:20:00:42:2f:20:7e:1f:df:6a:d1:25:3d:81 dhcp-share@host1 +\& root@host1 ~ # +.Ve +Now you add the key to the authorized_keys file on the slave (host2): +.PP +.Vb 2 +\& root@host1 ~ # cat ~/.ssh/dhcp-share.pub | ssh root@host2 \e +\& 'mkdir -p .ssh; cat >> .ssh/authorized_keys' +.Ve +(This will append the key to an existing authorized_keys file, or create one.) +.PP +To protect the root account (you could as well use another account, of +course), you can edit .ssh/authorized_keys on host2 like this: +(Thereby, only the forced command can be executed, and only from host1.) +.PP +.Vb 9 +\& from="host1",command="rsync --server -vlogDtprc . /etc//dhcpd.con +\& f.shared; logger dhcpsync: restarting dhcpd; /etc/init.d/dhcpd tr +\& y-restart",no-port-forwarding,no-X11-forwarding,no-agent-forwardi +\& ng,no-pty 1024 35 15374502219051682029939108886754918218659904062 +\& 39933745099888497383649196106925140349057243770084885129581786366 +\& 05465027720474718409180919631615923416064825206960144541025646589 +\& 06475280304001588034598721095438582948133259768243300555751330261 +\& 946744924207972755699883176592160263892584211118353855811030877 d +\& hcp-share@host1 +.Ve +To run \fBdhcpsync\fR, you must specify the hostname of the \f(CW\*(C`SLAVE\*(C'\fR by putting it +into the environment, +.PP +.Vb 1 +\& root@host1 ~ # SLAVE=host2 dhcpsync +.Ve +or, alternatively, giving the name as the first argument: +.PP +.Vb 1 +\& root@host1 ~ # dhcpsync host2 +.Ve +.SH "CHANGING THE DEFAULTS" +.IX Header "CHANGING THE DEFAULTS" +Please refer to the \s-1FILES\s0 section to see what the defaults are. +.PP +The name of the file to be synced can be overridden from the environment +(bash example): +.PP +.Vb 1 +\& root@host1 ~ # SHARED="some_other_file" dhcpsync host2 +.Ve +Likewise, the ssh key to be used to authenticate can be specified via the +\&\f(CW\*(C`KEY\*(C'\fR variable. +.SH "AUTOMATION" +.IX Header "AUTOMATION" +The script can be run from cron, such as: +.PP +.Vb 1 +\& -* * * * * root /usr/sbin/dhcpsync host2 +.Ve +.SH "FILES" +.IX Header "FILES" +.Vb 2 +\& /etc/dhcpd.conf.shared default conf file that is to be synced +\& /root/.ssh/dhcp-share default file name of the ssh1 private key +.Ve +.SH "AUTHORS" +.IX Header "AUTHORS" +.Vb 1 +\& Peter Poeml +.Ve +.SH "BUGS" +.IX Header "BUGS" +If you feel that this script could be improved, please submit a bug report! +.PP +Someone who has access to the private key and the master's \s-1IP\s0 address can +overwrite the configuration file, possibly causing harm. +.PP +After an offline time of the secondary machine, it would in fact have to pull a fresh +config before starting up on next reboot. +.SH "DISCLAIMER" +.IX Header "DISCLAIMER" +\&\fBdhcpsync\fR is provided ``\s-1AS\s0 \s-1IS\s0'' and any express or implied warranties, +including, but not limited to, the implied warranties of merchantability +and fitness for a particular purpose are disclaimed. +.SH "SEE ALSO" +.IX Header "SEE ALSO" +\&\fIdhcpd\fR\|(8), /usr/share/doc/packages/dhcp/* diff --git a/dnscompr.py b/dnscompr.py new file mode 100644 index 0000000..a8c752d --- /dev/null +++ b/dnscompr.py @@ -0,0 +1,25 @@ +#!/usr/bin/python + +# Copyright 2005 Peter Poeml . All Rights Reserved. +# +# This software may be used and distributed according to the terms +# of the GNU General Public License, incorporated herein by reference. + + +def compr(names): + import dns, dns.name, cStringIO + + f = cStringIO.StringIO() + compress = {} + + for i in names: + n = dns.name.from_text(i) + n.to_wire(f, compress) + + + return f.getvalue() + +if __name__ == '__main__': + import sys + nlist = sys.argv[1:] + print repr(compr(nlist)) diff --git a/examples.tar.gz b/examples.tar.gz new file mode 100644 index 0000000..5d86e5b --- /dev/null +++ b/examples.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c8e12dc80ff8aaff46d69671b3700c5c2331900f9ae76ab0735913426bc38ad1 +size 1836 diff --git a/leases.awk b/leases.awk new file mode 100644 index 0000000..be8cc3d --- /dev/null +++ b/leases.awk @@ -0,0 +1,116 @@ +#!/usr/bin/awk -f + +# Author: wilsonj@cs.baylor.edu +# Date: I think I wrote this January 2002 + +# Disclaimer: at one point, it worked with the lease file for ISC DHCPD v3.0pl2 + +# legalese: Copyright © 1998-2003 Baylor University +# THIS SOFTWARE, DATA AND/OR DOCUMENTATION ARE PROVIDED "AS IS" +# AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT +# LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE. + +# Expected input: /var/lib/dhcp/db/dhcpd.leases + +# (For best results, pre-process the lease +# file with 'grep -v "uid \""') + +# Usually invoked as, 'leases.awk /var/lib/dhcp/db/dhcpd.leases' + +# Format of output (tab-delimited): +# ip,hardware[ip],compname[ip],state[ip],expiration-time-in-GMT[ip] + +# set the RECORD SEPARATOR, RS, to "}" ... records span multiple lines +BEGIN {RS="}"} + +# we only care about records that are greater than so-many-characters +# (why 5? I guess a CRLF may be 2 bytes ... isn't it just LF in BSD?) +length($0) > 5 { total++ + + # only want record those variables we've captured, + # so reset values to null + endtime = "" + hwaddr = "" + cn = "" + st = "" + + for(i=1;i<=NF;i++) { + + + # if this field matches the word "lease" + if($i ~ /lease/) + + # capture the next field into ipaddr + ipaddr=$(i+1) + + # if this field matches the word "ethernet" + else if($i ~ /ethernet/) { + + # get rid of the trailing semi-colon + split($(i+1),arr,";") + + # and capture the hwaddr with ipaddr as key + hwaddr=arr[1] + } + + # if this field matches the word "client-hostname" + else if($i ~ /client-hostname/) { + + # get rid of the enclosing quotes + split($(i+1),arr,"\"") + + # capture the computer name + cn=arr[2] + } + + # if this field matches the word "binding" + else if($i ~ /binding/) { + + # we don't care about what the next binding state is + # so go on and process the rest of this record + if($(i-1) ~ /next/) { # do nothing + } + else { + split($(i+2),arr,";") + st=arr[1] + } + } + + # give me a timestamp or two + else if($i ~ /ends/) { + + #if $i == "ends" then $i+2 is enddate, and $i+3 is endtime + dtstmp = $(i+2); + split($(i+3),arr,";") + tmstmp = arr[1]; + endtime=sprintf("%s %s",dtstmp,tmstmp) + } + } + if( length(hwaddr) > 0 ) + hardware[ipaddr]=hwaddr + else + hardward[ipaddr]="NONE" + if( length(cn) > 0 ) + compname[ipaddr]=cn + else + compname[ipaddr]="NONE" + if( length(st) > 0 ) + state[ipaddr]=st + else + state[ipaddr]="NONE" + if( length(endtime) > 0 ) + mytime[ipaddr]=endtime + else + mytime[ipaddr]="NONE" +} + +# for every ipaddr we captured, display ip, hardware, and compname +END { for(ip in hardware) { + if(length(IP_ONLY)>0) + print ip + else + printf("%s\t%s\t%s\t%s\t%s\n",\ + ip,hardware[ip],compname[ip],state[ip],mytime[ip]) + } +} diff --git a/leasestate b/leasestate new file mode 100644 index 0000000..66a1f18 --- /dev/null +++ b/leasestate @@ -0,0 +1,61 @@ +#! /usr/bin/perl + +# +# Author: Kevin C. Miller +# http://www.andrew.cmu.edu/~kevinm/dhcp/failover.html +# +# The copyright is with the author. We (SuSE) include this script +# with his permission. +# + +use strict; + +my %LeaseBS; +my %LeaseNBS; +my %Update; +my $level = 1; +my $IP = ''; +my ($ip, $bs, $nbs, $join); +open(FILE, "/var/lib/dhcp/dhcpd.leases"); +while(my $line = ) { + next if ($line =~ /^\#/); + if ($level == 1) { + if ($line =~ /lease ([\d\.]+) \{/) { + $level++; + $IP = $1; + $LeaseBS{$IP} = ''; + $LeaseNBS{$IP} = ''; + $Update{$IP} = 0; + } + }elsif($level == 2) { + if ($line =~ /next binding state ([^\;]+)/) { + $LeaseNBS{$IP} = $1; + }elsif($line =~ /binding state ([^\;]+)/) { + $LeaseBS{$IP} = $1; + }elsif($line =~ /f_lupdate/) { + $Update{$IP} = 1; + }elsif($line =~ /\}/) { + $level--; +# print "$IP: $Leases{$IP}->[0] $Leases{$IP}->[1]\n"; + $IP = ''; + } + } +} +close(FILE); + +format IP = +@<<<<<<<<<<<<<<<<<< @<<<<<<<<< @ @<<<<<<<<< +$ip, $bs, $join, $nbs +. + +$~ = "IP"; +print +"IP Address Binding Next Binding\n"; +foreach $ip (sort keys %LeaseBS) { + $bs = $LeaseBS{$ip}; + $nbs = $LeaseNBS{$ip}; + $join = '>'; + $join = '*' if ($Update{$ip}); + write(STDOUT); +} + diff --git a/listlease b/listlease new file mode 100644 index 0000000..efbda04 --- /dev/null +++ b/listlease @@ -0,0 +1,36 @@ +#! /usr/bin/perl + +# +# Author: Kevin C. Miller +# http://www.andrew.cmu.edu/~kevinm/dhcp/failover.html +# +# The copyright is with the author. We (SuSE) include this script +# with his permission. +# + + +use strict; + +my $LastLease = ''; +my $savelease = 0; +my $prlease = 0; +my $LFILE = "/var/lib/dhcp/dhcpd.leases"; +$LFILE = $ARGV[1] if ($ARGV[1] ne ''); + +open(FILE, $LFILE); +while(my $a = ) { + if ($a =~ /^lease /) { + print $LastLease if ($prlease); + $savelease = 1; + $prlease = 0; + $LastLease = $a; + }else{ + $LastLease .= $a if ($savelease); + } + if ($a =~ /^\}/) { + $savelease = 0; + } + $prlease = 1 if ($a =~ /$ARGV[0]/); +} +close(FILE); +print $LastLease if ($prlease); diff --git a/makefile.diff b/makefile.diff new file mode 100644 index 0000000..766a372 --- /dev/null +++ b/makefile.diff @@ -0,0 +1,15 @@ +--- Makefile.conf.ORG 2002-04-29 08:03:28.000000000 +0000 ++++ Makefile.conf 2002-04-29 08:04:48.000000000 +0000 +@@ -38,7 +38,11 @@ + ETC = /etc + VARRUN = /var/run + VARDB = /var/db +-LIBDIR=/usr/lib ++ ++ifeq (${LIBDIR},) ++ LIBDIR=/usr/lib ++endif ++ + INCDIR=/usr/include + LIBS = + COPTS = $(BINDDEF) $(CC_OPTIONS) diff --git a/rc.dhcpd b/rc.dhcpd new file mode 100644 index 0000000..8a2343e --- /dev/null +++ b/rc.dhcpd @@ -0,0 +1,362 @@ +#! /bin/sh +# Copyright (c) 1996, 1997, 1998 S.u.S.E. GmbH +# Copyright (c) 1998, 1999, 2000, 2001 SuSE GmbH +# Copyright (c) 2002, 2003 SuSE Linux AG +# +# Author: Rolf Haberrecker , 1997, 1998, 1999 +# Peter Poeml , 2000, 2001, 2002, 2003 +# +# /etc/init.d/dhcpd +# and its symbolic link +# /usr/sbin/rcdhcpd +# +### BEGIN INIT INFO +# Provides: dhcpd +# Required-Start: $local_fs $remote_fs $network +# X-UnitedLinux-Should-Start: $named $syslog $time +# Required-Stop: $local_fs $remote_fs $network +# X-UnitedLinux-Should-Stop: $named $syslog +# Default-Start: 3 5 +# Default-Stop: 0 1 2 6 +# Short-Description: DHCP Server +# Description: Start DHCP (Dynamic Host Configuration Protocol) +# server. (Note: if configured for failover it +# needs to rely on time synchronisation.) +### END INIT INFO + + +if [ -s /etc/sysconfig/dhcpd ]; then + + . /etc/sysconfig/dhcpd + +else + # pre 8.0 + + # Source SuSE config + . /etc/rc.config + + test -s /etc/rc.config.d/dhcpd.rc.config && \ + . /etc/rc.config.d/dhcpd.rc.config + + # Determine the base and follow a runlevel link name. + base=${0##*/} + link=${base#*[SK][0-9][0-9]} + + # Force execution if not called by a runlevel directory. + test $link = $base && START_DHCPD=yes + test "$START_DHCPD" = yes || exit 0 + +fi + + +test "$DHCPD_RUN_CHROOTED" = "yes" && CHROOT_PREFIX=/var/lib/dhcp/ +DAEMON="DHCP server" +[ "$DHCPD_BINARY" = /usr/sbin/dhcpd.lpf ] && DHCPD_BINARY=/usr/sbin/dhcpd +DAEMON_BIN=${DHCPD_BINARY:=/usr/sbin/dhcpd} +DAEMON_CONF=/etc/dhcpd.conf +DAEMON_PIDFILE=/var/run/dhcpd.pid +STARTPROC_LOGFILE=/var/log/rc.dhcpd.log +SUPPORTS_HUP="no" + +# Shell functions sourced from /etc/rc.status: +# rc_check check and set local and overall rc status +# rc_status check and set local and overall rc status +# rc_status -v ditto but be verbose in local rc status +# rc_status -v -r ditto and clear the local rc status +# rc_failed set local and overall rc status to failed +# rc_failed set local and overall rc status to +# rc_reset clear local rc status (overall remains) +# rc_exit exit appropriate to overall rc status +. /etc/rc.status + +# First reset status of this service +rc_reset + +# Return values acc. to LSB for all commands but status: +# 0 - success +# 1 - generic or unspecified error +# 2 - invalid or excess argument(s) +# 3 - unimplemented feature (e.g. "reload") +# 4 - insufficient privilege +# 5 - program is not installed +# 6 - program is not configured +# 7 - program is not running +# +# Note that starting an already running service, stopping +# or restarting a not-running service as well as the restart +# with force-reload (in case signalling is not supported) are +# considered a success. + +if ! [ -x $DAEMON_BIN ]; then + echo >&2 "$0: \"$DAEMON_BIN\" is not an executable file. Exiting." + rc_failed 1 + rc_status -v1 + rc_exit +fi + +# remove empty pid files to avoid disturbing warnings by checkproc/killproc +# (these can occur if dhcpd does not start correctly) +test -e $DAEMON_PIDFILE && ! test -s $DAEMON_PIDFILE && rm $DAEMON_PIDFILE +test -e $CHROOT_PREFIX/$DAEMON_PIDFILE && ! test -s $CHROOT_PREFIX/$DAEMON_PIDFILE && rm $CHROOT_PREFIX/$DAEMON_PIDFILE + +case "$1" in + start) + echo -n "Starting $DAEMON " + + ## If there is no conf file, skip starting of dhcpd + ## and return with "program not configured" + if ! [ -f $DAEMON_CONF ]; then + echo -e -n "... no configuration file found"; + # Tell the user this has skipped + rc_status -s + # service is not configured + exit 6; + fi + + ## If the interfaces are not set, skip starting of dhcpd + ## and return with "program not configured" + if [ -z "$DHCPD_INTERFACE" ]; then + echo -n "... cannot... DHCPD_INTERFACE in /etc/sysconfig/dhcpd is empty!" + # Tell the user this has skipped + rc_status -s + # service is not configured + exit 6; + fi + + if [ "$DHCPD_INTERFACE" = "ANY" ]; then + DHCPD_INTERFACE="" + fi + + # it might be necessary to convert "configuration names" (as in + # /etc/sysconfig/network/ifcfg-* into "interface names" (like eth*) + if [ -x /sbin/getcfg-interface ]; then + unset interfaces + for i in $DHCPD_INTERFACE; do + interfaces="$interfaces$(/sbin/getcfg-interface $i) " + done + DHCPD_INTERFACE=$interfaces + fi + + jail=/var/lib/dhcp; leases=dhcpd.leases + if ! [ -e $jail/db/$leases ]; then + # until 9.0, the lease file was in /var/lib/dhcp and part of the package + if test -e $jail/$leases -a '!' -L $jail/$leases; then + # this is the case where the %post script runs _before_ the old package is + # removed (i.e., dhcpd.leases has not renamed to .rpmsave yet) + mv $jail/$leases $jail/db/$leases && \ + ln -s db/$leases $jail/ + elif test -e $jail/$leases.rpmsave; then + # this is what's left when the package is already gone. + mv $jail/$leases.rpmsave $jail/db/$leases && \ + ln -s db/$leases $jail/ + else + # fresh installation: + # a lease file must be present. the server won't start without + touch $jail/db/$leases + fi + fi + + if test "$DHCPD_RUN_CHROOTED" = "yes" ; then + ## copy the conf file to the chroot jail (dhcpd has to be restarted anyway, + ## when it has changed) and change path to leases file + for i in $DAEMON_CONF $DHCPD_CONF_INCLUDE_FILES; do + test -d $CHROOT_PREFIX/${i%/*} || mkdir -p $CHROOT_PREFIX/${i%/*} + done + for i in $DAEMON_CONF $DHCPD_CONF_INCLUDE_FILES /etc/{resolv.conf,host.conf,hosts,localtime}; do + if ! test -e $i; then continue; fi # neither of them is absolutely necessary + cp -aL $i $CHROOT_PREFIX/$i &>/dev/null \ + || { echo "...$0:$LINENO: could not copy $i to chroot jail"; rc_failed; rc_status -v1; exit 6; } + done + libdir=/$(basename $(echo /var/lib/dhcp/lib*)) + for i in /$libdir/{libresolv.so.2,libnss_dns{,6}.so.2}; do + if [ -s $i ]; then + cp -pL $i /var/lib/dhcp/$libdir/ \ + || { echo "...$0:$LINENO: could not copy $i to chroot jail"; rc_failed; rc_status -v1; exit 6; } + fi + done + DHCPD_ARGS="-chroot $CHROOT_PREFIX -lf /db/dhcpd.leases" + + ## If there is a pid file containing a pid, the machine might have crashed. pid files in + ## /var/run are always cleaned up at boot time, but this is not the case for the pid file in + ## the chroot jail. Therefore, and old pid file may exist. This is only a problem if it + ## incidentally contains the pid of a running process. If this process is not a 'dhcpd', + ## we remove the pid. (dhcpd itself only checks whether the pid is alive or not.) + if test -e $CHROOT_PREFIX/$DAEMON_PIDFILE -a -s $CHROOT_PREFIX/$DAEMON_PIDFILE; then + i=$(<$CHROOT_PREFIX/$DAEMON_PIDFILE) + if pidof dhcpd &>/dev/null; then + echo -n "(already running) " + else + rm $CHROOT_PREFIX/$DAEMON_PIDFILE + fi + fi + + fi + + if [ -n "$DHCPD_RUN_AS" ]; then + DHCPD_RUN_AS_GROUP="$(getent group $(getent passwd $DHCPD_RUN_AS | cut -d: -f4) | cut -d: -f1)" + DHCPD_ARGS="$DHCPD_ARGS -user $DHCPD_RUN_AS -group $DHCPD_RUN_AS_GROUP" + fi + + + ## check syntax with -t (output to log file) and start only when the syntax is okay + rm -f $STARTPROC_LOGFILE # start log + error=0 + if ! $DAEMON_BIN -t -cf $CHROOT_PREFIX/$DAEMON_CONF > $STARTPROC_LOGFILE 2>&1 ; then + error=1 + else + ## Start daemon. If this fails the return value is set appropriate. + ## The init script should return 0, even if service is already running, + ## to match the LSB spec. + + test "$2" = "-v" && echo -en \ + "\nexecuting '$DAEMON_BIN $DHCPD_ARGS $DHCPD_OTHER_ARGS $DHCPD_INTERFACE'" + + $DAEMON_BIN $DHCPD_ARGS $DHCPD_OTHER_ARGS $DHCPD_INTERFACE &> $STARTPROC_LOGFILE + ret=$? + fi + + if [ $error -gt 0 -o ${ret:-0} -gt 0 ]; then + cat $STARTPROC_LOGFILE + ## set status to failed + rc_failed + else + [ "$DHCPD_RUN_CHROOTED" = "yes" ] && echo -n "[chroot]" || : + fi + + # Remember status and be verbose + rc_status -v + ;; + stop) + echo -n "Shutting down $DAEMON " + + ## Stop daemon with killproc(8) and if this fails + ## set echo the echo return value. + + killproc -p $CHROOT_PREFIX/$DAEMON_PIDFILE -TERM $DAEMON_BIN + ret=$? + if test -s $CHROOT_PREFIX/$DAEMON_PIDFILE; then + kill $(<$CHROOT_PREFIX/$DAEMON_PIDFILE) 2>/dev/null + fi + + # remove libraries from the chroot jail, just so they are not left over + # if the server is deinstalled + if [ "$DHCPD_RUN_CHROOTED" = yes ]; then + rm -f $CHROOT_PREFIX/lib*/* + fi + + # Remember status and be verbose + rc_failed $ret + rc_status -v + ;; + try-restart) + ## Do a restart only if the service was active before. + ## Note: try-restart is now part of LSB (as of 1.9). + ## RH has a similar command named condrestart. + $0 status + if test $? = 0; then + $0 restart + else + rc_reset # Not running is not a failure. + fi + # Remember status and be quiet + rc_status + ;; + restart) + ## Stop the service and regardless of whether it was + ## running or not, start it again. + $0 stop + sleep 3 + $0 start + + # Remember status and be quiet + rc_status + ;; + force-reload) + ## Signal the daemon to reload its config. Most daemons + ## do this on signal 1 (SIGHUP). + ## If it does not support it, restart. + + echo -n "Reload service $DAEMON" + + if [ "$SUPPORTS_HUP" = "yes" ]; then + killproc -p $DAEMON_PIDFILE -HUP $DAEMON_BIN + #touch $DAEMON_PIDFILE + rc_status -v + else + $0 stop && sleep 3 && $0 start + rc_status + fi + ;; + reload) + ## Like force-reload, but if daemon does not support + ## signalling, do nothing (!) + + if [ "$SUPPORTS_HUP" = "yes" ]; then + # If it supports signalling: + echo -n "Reload service $DAEMON" + killproc -p $DAEMON_PIDFILE -HUP $DAEMON_BIN + #touch $DAEMON_PIDFILE + rc_status -v + else + ## Otherwise if it does not support reload: + rc_failed 3 + rc_status -v + fi + ;; + status) + echo -n "Checking for $DAEMON: " + ## Check status with checkproc(8), if process is running + ## checkproc will return with exit status 0. + + # Status has a slightly different for the status command: + # 0 - service running + # 1 - service dead, but /var/run/ pid file exists + # 2 - service dead, but /var/lock/ lock file exists + # 3 - service not running + + # NOTE: checkproc returns LSB compliant status values. + checkproc -p $CHROOT_PREFIX/$DAEMON_PIDFILE $DAEMON_BIN + rc_status -v + ;; + probe) + ## Optional: Probe for the necessity of a reload, + ## give out the argument which is required for a reload. + + rc=0 + for i in /etc/sysconfig/dhcpd $DAEMON_CONF $DHCPD_CONF_INCLUDE_FILES; do + test $i -nt $CHROOT_PREFIX/$DAEMON_PIDFILE && rc=1 + done + test $rc = 1 && echo restart + ;; + check-syntax|syntax-check) + echo "Checking syntax of $DAEMON_CONF: " + + ## this nice bit is from Edwin Groothuis: + ## check syntax (quiet) + $DAEMON_BIN -q -t -cf $DAEMON_CONF + if ! [ $? -eq 0 ]; then + ## check syntax (verbose) + $DAEMON_BIN -t -cf $DAEMON_CONF + echo -e '\nConfig is NOT okay\n' + else + echo 'Config is okay. Hope you also specified existent network devices ;) ' + + ## in v3, lease file checking is also implemented + if [ $DAEMON_BIN != "/usr/sbin/dhcpd-2" ]; then + ## check leases file (quiet) + $DAEMON_BIN -q -T -cf $DAEMON_CONF -lf /var/lib/dhcp/db/dhcpd.leases + if ! [ $? -eq 0 ]; then + ## check leases file (verbose) + $DAEMON_BIN -T -cf $DAEMON_CONF -lf /var/lib/dhcp/db/dhcpd.leases + echo -e '\nLease file is NOT okay' + else + echo 'Lease file is okay' + fi + fi + fi + ;; + *) + echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe|check-syntax} [-v]" + exit 1 +esac +rc_exit diff --git a/rc.dhcrelay b/rc.dhcrelay new file mode 100644 index 0000000..133cd67 --- /dev/null +++ b/rc.dhcrelay @@ -0,0 +1,220 @@ +#! /bin/sh +# Copyright (c) 1996, 1997, 1998 S.u.S.E. GmbH +# Copyright (c) 1998, 1999, 2000, 2001 SuSE GmbH +# Copyright (c) 2002 SuSE Linux AG +# +# Author: Peter Poeml , 2001 +# +# /etc/init.d/dhcrelay +# and its symbolic link +# /usr/sbin/rcdhcrelay +# +### BEGIN INIT INFO +# Provides: dhcrelay +# Required-Start: $local_fs $remote_fs $network +# X-UnitedLinux-Should-Start: $named $syslog +# Required-Stop: +# X-UnitedLinux-Should-Stop: +# Default-Start: 3 5 +# Default-Stop: 0 1 2 6 +# Short-Description: DHCP Relay +# Description: Start DHCP (Dynamic Host Configuration Protocol) +# gateway, relaying DHCP requests from one +# physical network segment to another. +### END INIT INFO + + +test -s /etc/sysconfig/dhcrelay && \ + . /etc/sysconfig/dhcrelay + +DAEMON="dhcp relay agent" +DAEMON_BIN=/usr/sbin/dhcrelay +DAEMON_CONF=/etc/sysconfig/dhcrelay +DAEMON_PIDFILE=/var/run/dhcrelay.pid +STARTPROC_LOGFILE=/var/log/rc.dhcrelay.log +SUPPORTS_HUP="no" + +test -x $DAEMON_BIN || exit 5 + +# Shell functions sourced from /etc/rc.status: +# rc_check check and set local and overall rc status +# rc_status check and set local and overall rc status +# rc_status -v ditto but be verbose in local rc status +# rc_status -v -r ditto and clear the local rc status +# rc_failed set local and overall rc status to failed +# rc_failed set local and overall rc status to +# rc_reset clear local rc status (overall remains) +# rc_exit exit appropriate to overall rc status +. /etc/rc.status + +# First reset status of this service +rc_reset + +# Return values acc. to LSB for all commands but status: +# 0 - success +# 1 - generic or unspecified error +# 2 - invalid or excess argument(s) +# 3 - unimplemented feature (e.g. "reload") +# 4 - insufficient privilege +# 5 - program is not installed +# 6 - program is not configured +# 7 - program is not running +# +# Note that starting an already running service, stopping +# or restarting a not-running service as well as the restart +# with force-reload (in case signalling is not supported) are +# considered a success. + +case "$1" in + start) + echo -n "Starting $DAEMON" + checkproc $DAEMON_BIN && { echo -n "... already running"; rc_status -v; exit 0; } + + ## If interfaces or servers are not set, skip starting of dhcrelay + ## and return with "program not configured" + if [ -z "$DHCRELAY_INTERFACES" -o -z "$DHCRELAY_SERVERS" ]; then + # Tell the user this has skipped + rc_status -s + # service is not configured + exit 6; + fi + + # it might be necessary to convert "configuration names" (as in + # /etc/sysconfig/network/ifcfg-* into "interface names" (like eth*) + if [ -x /sbin/getcfg-interface ]; then + unset interfaces + for i in $DHCRELAY_INTERFACES; do + interfaces="$interfaces$(/sbin/getcfg-interface $i) " + done + DHCRELAY_INTERFACES=$interfaces + fi + + for i in $DHCRELAY_INTERFACES ; do + DHCRELAY_INTERFACES_ARGS="$DHCRELAY_INTERFACES_ARGS -i $i" + done + + ## Start daemon with startproc(8). If this fails + ## the echo return value is set appropriate. + + # startproc should return 0, even if service is + # already running to match LSB spec. + test "$2" = "-v" && echo -en \ + "\nexecuting '$DAEMON_BIN $DHCRELAY_OPTIONS $DHCRELAY_INTERFACES_ARGS $DHCRELAY_SERVERS'" + startproc -q -l $STARTPROC_LOGFILE $DAEMON_BIN $DHCRELAY_OPTIONS $DHCRELAY_INTERFACES_ARGS $DHCRELAY_SERVERS + rc=$? + if ! [ $rc -eq 0 ]; then + if [ $link = $base ] ; then + ## be quiet + cat $STARTPROC_LOGFILE + else + ## be verbose + echo -e -n " please see $STARTPROC_LOGFILE for details "; + fi + ## set status to failed + rc_failed + fi + + # Remember status and be verbose + rc_status -v + ;; + stop) + echo -n "Shutting down $DAEMON" + ## Stop daemon with killproc(8) and if this fails + ## set echo the echo return value. + + killproc -p $DAEMON_PIDFILE -TERM $DAEMON_BIN + + # Remember status and be verbose + rc_status -v + ;; + try-restart) + ## Do a restart only if the service was active before. + ## Note: try-restart is now part of LSB (as of 1.9). + ## RH has a similar command named condrestart. + $0 status + if test $? = 0; then + $0 restart + else + rc_reset # Not running is not a failure. + fi + # Remember status and be quiet + rc_status + ;; + restart) + ## Stop the service and regardless of whether it was + ## running or not, start it again. + $0 stop + sleep 1 + $0 start + + # Remember status and be quiet + rc_status + ;; + force-reload) + ## Signal the daemon to reload its config. Most daemons + ## do this on signal 1 (SIGHUP). + ## If it does not support it, restart. + + $0 stop && sleep 1 && $0 start + rc_status + + echo -n "Reload service $DAEMON" + + if "$SUPPORTS_HUP" = "yes" ; then + killproc -p $DAEMON_PIDFILE -HUP $DAEMON_BIN + #touch $DAEMON_PIDFILE + rc_status -v + else + $0 stop && $0 start + rc_status + fi + ;; + reload) + ## Like force-reload, but if daemon does not support + ## signalling, do nothing (!) + + if "$SUPPORTS_HUP" = "yes" ; then + # If it supports signalling: + echo -n "Reload service $DAEMON" + killproc -p $DAEMON_PIDFILE -HUP $DAEMON_BIN + #touch $DAEMON_PIDFILE + rc_status -v + else + ## Otherwise if it does not support reload: + rc_failed 3 + rc_status -v + fi + ;; + status) + echo -n "Checking for dhcp relay agent: " + ## Check status with checkproc(8), if process is running + ## checkproc will return with exit status 0. + + # Status has a slightly different for the status command: + # 0 - service running + # 1 - service dead, but /var/run/ pid file exists + # 2 - service dead, but /var/lock/ lock file exists + # 3 - service not running + + # NOTE: checkproc returns LSB compliant status values. + checkproc -p $DAEMON_PIDFILE $DAEMON_BIN + rc_status -v + ;; + probe) + ## Optional: Probe for the necessity of a reload, + ## give out the argument which is required for a reload. + + if [ "$DAEMON_CONF" -nt "$DAEMON_PIDFILE" ]; then + if [ "$SUPPORTS_HUP" = "yes" ]; then + echo reload + else + echo restart + fi + fi + ;; + *) + echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe} [-v]" + exit 1 + ;; +esac +rc_exit diff --git a/ready b/ready new file mode 100644 index 0000000..473a0f4 diff --git a/reset-ip b/reset-ip new file mode 100644 index 0000000..984c64b --- /dev/null +++ b/reset-ip @@ -0,0 +1,142 @@ +#! /usr/bin/perl + +# +# Author: Kevin C. Miller +# http://www.andrew.cmu.edu/~kevinm/dhcp/failover.html +# +# The copyright is with the author. We (SuSE) include this script +# with his permission. +# + +# NOTE: you have to edit this script to make it functional for you. + +## Reset IPs that are stuck in some weird state on the DHCP servers +## You can run it standalone, and it just reports statistics +## +## Or run with option '-reset' to reset many of the problem IPs +## Or run with option '-primary' to only reset problem IPs on the primary +## +## ** Note: You probably want to run -primary if you are in a low-free-IP +## situation. In this case -reset may enter a race condition and +## reset valid IPs on the secondary. + +use strict; + +my $PRIMARY = "/afs/andrew/usr/kevinm/dhcp1"; +my $PRIMARY_IP = '128.2.4.2'; +my $SEC = "/afs/andrew/usr/kevinm/dhcp3"; +my $SEC_IP = '128.2.32.38'; + +my $RESET = "/afs/andrew/usr/kevinm/bin/clearip"; +my %curstate; +my %nextstate; + +my ($TotalPrimary, $TotalSecondary) = (0,0); +my ($LeasesDiff, $LeasesEq) = (0,0); +open(FILE, $PRIMARY) + || die "Cannot open primary $PRIMARY"; +while() { + next if ($_ =~ /^\#/); + my @a = split(/\s+/, $_); + $curstate{$a[0]} = $a[1]; + $nextstate{$a[0]} = $a[3]; + $TotalPrimary++; +} +close(FILE); + +my @ResetPrimary; +my @ResetSecondary; +open(FILE, $SEC) + || die "Cannot open secondary $SEC"; +while() { + next if ($_ =~ /^\#/); + my @a = split(/\s+/, $_); + my ($key, $cur, $next) = ($a[0], $a[1], $a[3]); + $TotalSecondary++; + if ($curstate{$key} ne $cur && + ($nextstate{$key} ne $next || + $nextstate{$key} eq '' && $next eq '')) { + ## There is some difference + $LeasesDiff++; + if ($curstate{$key} eq 'active' && + $nextstate{$key} eq 'expired' && + $cur eq 'expired' && $next eq 'free') { + # Reset both + push(@ResetPrimary, $key); + push(@ResetSecondary, $key); + }elsif($curstate{$key} eq 'expired' && + $nextstate{$key} eq 'free' && + $cur eq 'active' && + $next eq 'expired') { + # Reset both + push(@ResetPrimary, $key); + push(@ResetSecondary, $key); + }elsif( ($curstate{$key} eq 'backup' && + $cur eq 'free') ) { + # Reset both + push(@ResetPrimary, $key); + push(@ResetSecondary, $key); + }elsif($curstate{$key} eq 'expired' && + $nextstate{$key} eq 'free' && + $cur eq 'free') { + # Reset both + push(@ResetPrimary, $key); + push(@ResetSecondary, $key); + }elsif(!defined $curstate{$key} && + !defined $nextstate{$key}) { + push(@ResetSecondary, $key); + } + + # There are other tests that could be made (primary + # thinks the lease is 'backup', secondary doesn't know + # about it).. etc. + }else{ + # No difference in state + $LeasesEq++; + } + delete $curstate{$key}; + delete $nextstate{$key}; +} + +# Go through all the IPs on the primary that aren't defined +# on the secondary at all. +foreach my $key (keys %curstate) { + if ($curstate{$key} eq 'backup') { + push(@ResetPrimary, $key); + } +} + +if ($ARGV[0] eq '-reset') { + reset_ips($PRIMARY_IP, $SEC_IP, \@ResetPrimary, + \@ResetSecondary, $RESET); +}elsif($ARGV[0] eq '-primary') { + reset_ips($PRIMARY_IP, '', \@ResetPrimary, [], $RESET); +} + +# Print statistics +print "Leases compared. Primary: $TotalPrimary Secondary: $TotalSecondary\n"; +print " Different: $LeasesDiff Equal: $LeasesEq\n"; +print " (Different+Equal may not add up to Primary, due to \n"; +print " missing entries in the leases file.)\n"; + +exit(1); + +## *********************************************************************** +# Arguments: +# - IP Address of primary DHCP server +# - IP Address of secondary DHCP server +# - Reference to an array of IPs to reset on the primary +# - Reference to an array of IPs to reset on the secondary +# - Reset script +sub reset_ips { + my ($PrimaryIP, $SecIP, $rResetPrimary, $rResetSec, $Prog) = @_; + + foreach my $IP (@$rResetPrimary) { + print "Resetting $IP on $PrimaryIP\n"; + `$Prog $IP $PrimaryIP`; + } + foreach my $IP (@$rResetSec) { + print "Resetting $IP on $SecIP\n"; + `$Prog $IP $SecIP`; + } +} diff --git a/sysconfig.dhcpd b/sysconfig.dhcpd new file mode 100644 index 0000000..e660632 --- /dev/null +++ b/sysconfig.dhcpd @@ -0,0 +1,87 @@ +## Path: Network/DHCP/DHCP server +## Description: DHCP server settings +## Type: string +## Default: "" +## ServiceRestart: dhcpd +# +# Interface(s) for the DHCP server to listen on. +# +# Instead of the interface name, the name of its configuration can be given. +# If the configuration file is named +# /etc/sysconfig/network/ifcfg-eth-id-00:50:fc:e4:f2:65 +# then id-00:50:fc:e4:f2:65 would be suitable to identify the configuration. +# +# A special keyword is ANY, it will cause dhcpd to autodetect available +# interfaces. +# +# Examples: DHCPD_INTERFACE="eth0" +# DHCPD_INTERFACE="eth0 eth1 eth2 tr0 wlan0" +# DHCPD_INTERFACE="internal0 internal1" +# DHCPD_INTERFACE="id-00:50:fc:e4:f2:65 id-00:a0:24:cb:cc:5c wlan0" +# DHCPD_INTERFACE="ANY" +# +DHCPD_INTERFACE="" + +## Type: yesno +## Default: yes +## ServiceRestart: dhcpd +# +# Shall the DHCP server dhcpd run in a chroot jail (/var/lib/dhcp)? +# +# Each time you start dhcpd with the init script, /etc/dhcpd.conf will +# be copied to /var/lib/dhcp/etc/. +# +# Some files that are important for hostname to IP address resolution +# (/etc/{hosts,host.conf,resolv.conf,localtime}, /lib/libnss_dns.so.2, +# /lib/libresolv.so.2) will also be copied to the chroot jail by the +# init script when you start it (about 100kB altogether). +# +# The pid file will be in /var/lib/dhcp/var/run/dhcpd.pid. +# +DHCPD_RUN_CHROOTED="yes" + +## Type: string +## Default: "" +## ServiceRestart: dhcpd +# +# Since version 3, dhcpd.conf can contain include statements. +# If you enter the names of any include files here, _all_ conf +# files will be copied to $chroot/etc/, when dhcpd is started in the +# chroot jail. (/etc/dhcpd.conf is always copied.) +# +# For your convenience, you can also specify entire directories, like +# "/etc/dhcpd.conf.d". +# +# Example: "/etc/dhcpd.conf.shared /etc/dhcpd.conf.bootp-clients" +# +DHCPD_CONF_INCLUDE_FILES="" + +## Type: string +## Default: "dhcpd" +## ServiceRestart: dhcpd +# +# Leave empty or enter "root" to let dhcpd run as root. +# Enter "dhcpd" to run dhcpd as user 'dhcpd'. +# +DHCPD_RUN_AS="dhcpd" + +## Type: string +## Default: "" +## ServiceRestart: dhcpd +# +# Other arguments that you want dhcpd to be started with +# (e.g. "-p 1234" for a non-standard port to listen on) +# +DHCPD_OTHER_ARGS="" + +## Type: string +## Default: "" +## ServiceRestart: dhcpd +# +# You may specify another dhcpd binary to be run. +# The full path needs to be specified. +# +# If empty, the default applies. +# +DHCPD_BINARY="" + diff --git a/sysconfig.dhcrelay b/sysconfig.dhcrelay new file mode 100644 index 0000000..78143d6 --- /dev/null +++ b/sysconfig.dhcrelay @@ -0,0 +1,38 @@ +## Path: Network/DHCP/DHCP Relay agent +## Description: Configuration file for DHCP relay agent +## Type: string +## Default: "" +## ServiceRestart: dhcrelay +# +# Interface(s) for DHCP relay agent to listen on +# +# Instead of the interface name, the name of its configuration can be given. +# If the configuration file is named +# /etc/sysconfig/network/ifcfg-eth-id-00:50:fc:e4:f2:65 +# then id-00:50:fc:e4:f2:65 would be suitable to identify the configuration. +# +# Examples: DHCPD_INTERFACE="eth0" +# DHCPD_INTERFACE="eth0 eth1 eth2 tr0 wlan0" +# DHCPD_INTERFACE="internal0 internal1" +# DHCPD_INTERFACE="id-00:50:fc:e4:f2:65 id-00:a0:24:cb:cc:5c wlan0" +# +DHCRELAY_INTERFACES="" + +## Type: string +## Default: "" +## ServiceRestart: dhcrelay +# +# DHCP servers to be used by DHCP relay agent +# (separated by spaces, e.g. "192.168.0.11 191.168.0.12") +# +DHCRELAY_SERVERS="" + +## Type: string +## Default: "" +## ServiceRestart: dhcrelay +# +# Additional options +# Example: "-c 8" +# +DHCRELAY_OPTIONS="" + diff --git a/sysconfig.syslog-dhcpd b/sysconfig.syslog-dhcpd new file mode 100644 index 0000000..3da1710 --- /dev/null +++ b/sysconfig.syslog-dhcpd @@ -0,0 +1,12 @@ +## Type: string +## Default: "/var/lib/dhcp/dev/log" +## ServiceRestart: syslog +# +# The filename mentioned here will be added with the "-a ..." option as +# additional socket via SYSLOGD_PARAMS when syslogd is started. +# +# This additional socket is needed in case that syslogd is restarted. Otherwise +# a chrooted dhcpd won't be able to continue logging. +# +SYSLOGD_ADDITIONAL_SOCKET_DHCP="/var/lib/dhcp/dev/log" + diff --git a/test.c.dif b/test.c.dif new file mode 100644 index 0000000..498563d --- /dev/null +++ b/test.c.dif @@ -0,0 +1,10 @@ +--- omapip/test.c.orig Wed May 17 18:04:19 2000 ++++ omapip/test.c Wed May 16 19:06:18 2001 +@@ -48,6 +48,7 @@ + #include + #include + #include ++#include + + int main (int argc, char **argv) + {