Date: Wed, 9 Mar 2005 11:36:23 +0100 (CET) From: Joerg Pulz <Joerg.Pulz@frm2.tum.de> To: FreeBSD-gnats-submit@FreeBSD.org Cc: Maintainer <cyrille.lefevre@laposte.net> Subject: ports/78613: [UPDATE] bring net/isc-dhcp3-* ports to 3.0.2 Message-ID: <200503091036.j29AaNYZ026762@hades.admin.frm2> Resent-Message-ID: <200503091040.j29Ae2Pp004557@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 78613 >Category: ports >Synopsis: [UPDATE] bring net/isc-dhcp3-* ports to 3.0.2 >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Wed Mar 09 10:40:02 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Joerg Pulz >Release: FreeBSD 5.3-RELEASE-p5 i386 >Organization: ZWE FRM-II / TU-Munich >Environment: System: FreeBSD hades.admin.frm2 5.3-RELEASE-p5 FreeBSD 5.3-RELEASE-p5 #2: Mon Jan 17 08:13:26 CET 2005 root@hades.admin.frm2:/usr/obj/usr/src/sys/HADES i386 >Description: - update the net/isc-dhcp3-* ports to version 3.0.2 - uncommented some lines of the PORTVERSION to DISTNAME magic - otherwise 3.0.2 would be converted to 3.0pl2 which is wrong - uncommented only as it may be of use in for future versions - small typo in the OPENSSL_PORT OPTION fixed - regenerated files/patch-client::dhclient.c to match 3.0.2 previous PR's: - fix for ports/75889 included - mounting devfs inside jails not possible - added a test for mounted devfs to prevent directory creation - security.jail.getfsstatroot_only MIB has to be set to 1 otherwise the jail will not see the mounted devfs! thanks to Simson L. Garfinkel <simsong@csail.mit.edu> for reporting - fix for ports/76811 included - added an addtional test to prevent the warning about the missing devfs capabilities in FreeBSD 4.x - added a MAKEDEV(8) variant for device creation in chroot env useful on FreeBSD 4.x systems - copy some files from /etc to the chroot env - this fixes wrong timestamps in logfiles and enables DNS thanks to Rob <listone@deathbeforedecaf.net> for pointing this out - ports/76820 ignored - i can't test this because i have no FreeBSD 4.x system running jail(8) - however, on FreeBSD 5.3 i have access to bpf(4) devices inside jail(8) using tcpdump(1) - i will investigate this on a FreeBSD 4.x test system thanks to Andrew Clark <andrew.clark@ucsb.edu> for pointing this out - ports/76825 ignored - i don't see any real use for listening on lo(4) interfaces - additionally, defining USO_SOCKETS would disable the default USE_BPF handling which is in my opinion the most common use - anyway, i'm thinking about an additional OPTION to enable lo(4) device support, but this needs testing thanks to Andrew Clark <andrew.clark@ucsb.edu> for this feature request - fix for ports/76834 included - this PR is nearly the same as ports/76811 - added handling of dhcpd_includedir - it is possible to split dhcpd.conf in several files and include these files from the main conf file - to make this working in a chroot env these files must be copied into the chroot thanks to Andrew Clark <andrew.clark@ucsb.edu> for pointing this out on my TODO list: - i will further investigate PR's ports/76820 and ports/76825 but this will take some time as i must prepare a testbed for this - additionally, i think the isc-dhcpd.sh rcNG script needs some simplification, but this will take some time too >How-To-Repeat: >Fix: --- isc-dhcp3-server.diff begins here --- Index: Makefile =================================================================== RCS file: /home/ncvs/ports/net/isc-dhcp3-server/Makefile,v retrieving revision 1.105 diff -u -r1.105 Makefile --- Makefile 27 Feb 2005 17:15:21 -0000 1.105 +++ Makefile 9 Mar 2005 08:13:41 -0000 @@ -7,7 +7,7 @@ # PORTNAME= dhcp -PORTVERSION= 3.0.1.r14 +PORTVERSION= 3.0.2 PORTREVISION= 6 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_ISC} @@ -34,7 +34,7 @@ DHCP_LDAP "add experimental LDAP backend support" off \ DHCP_LDAP_SSL "support LDAP connection over SSL/TLS" on \ OPENSSL_BASE "use the base system OpenSSL (required by TLS)" on \ - OPENSSL_PORT "use OpenSSL from ports (requires by TLS)" off + OPENSSL_PORT "use OpenSSL from ports (required by TLS)" off .endif .include <bsd.port.pre.mk> @@ -94,7 +94,7 @@ # for instance, possible versions are: # 1.2.r3.4 (or 1.2.b3.4), 1.2.r3 (or 1.2.b3), 1.2.3, 1.2 # which have to become: -# 1.2rc3pl4 (or 1.2beta3pl4), 1.2rc3 (or 1.2beta3), 1.2pl3, 1.2 +# 1.2rc3pl4 (or 1.2beta3pl4), 1.2rc3 (or 1.2beta3), 1.2.3, 1.2 # so, the magic things are: VERSION= PATCHLEVEL= @@ -105,9 +105,9 @@ .elif ${PORTVERSION:E:M[br]*} != "" RELEASE= ${PORTVERSION:R} VERSION= ${PORTVERSION:E:S/b/beta/:S/r/rc/} -.elif ${PORTVERSION:R:E} != "" -RELEASE= ${PORTVERSION:R} -PATCHLEVEL= pl${PORTVERSION:E} +#.elif ${PORTVERSION:R:E} != "" +#RELEASE= ${PORTVERSION:R} +#PATCHLEVEL= pl${PORTVERSION:E} .else RELEASE= ${PORTVERSION} .endif Index: distinfo =================================================================== RCS file: /home/ncvs/ports/net/isc-dhcp3-server/distinfo,v retrieving revision 1.48 diff -u -r1.48 distinfo --- distinfo 13 Oct 2004 00:15:01 -0000 1.48 +++ distinfo 9 Mar 2005 08:13:41 -0000 @@ -1,4 +1,4 @@ -MD5 (dhcp-3.0.1rc14.tar.gz) = a68074d9ebdeb355c293d9b3645b3c2c -SIZE (dhcp-3.0.1rc14.tar.gz) = 842712 -MD5 (dhcp-3.0.1rc14-ldap-patch) = 38fde70e0f27758da2be70ce46c17f8b -SIZE (dhcp-3.0.1rc14-ldap-patch) = 152494 +MD5 (dhcp-3.0.2.tar.gz) = 04800a111521e7442749b2ce883f962b +SIZE (dhcp-3.0.2.tar.gz) = 853313 +MD5 (dhcp-3.0.2-ldap-patch) = 08908b2f06b5e985d78d7c28797c5a37 +SIZE (dhcp-3.0.2-ldap-patch) = 229453 Index: pkg-message =================================================================== RCS file: /home/ncvs/ports/net/isc-dhcp3-server/pkg-message,v retrieving revision 1.9 diff -u -r1.9 pkg-message --- pkg-message 13 Oct 2004 00:17:49 -0000 1.9 +++ pkg-message 9 Mar 2005 08:13:41 -0000 @@ -17,11 +17,18 @@ dhcpd_withuser="dhcpd" # user name to run as dhcpd_withgroup="dhcpd" # group name to run as dhcpd_chroot_enable="YES" # runs chrooted? - dhcpd_devfs_enable="YES" # uses devfs if available? + dhcpd_devfs_enable="YES" # use devfs if available? + dhcpd_makedev_enable="YES" # use MAKEDEV instead? dhcpd_rootdir="/var/db/dhcpd" # directory to run in + dhcpd_includedir="<some_dir>" # directory with config- + files to include dhcpd_flags="-early_chroot" # needs full root - WARNING: -early_chroot requires a jail(8) like environment to works. + WARNING: -early_chroot requires a jail(8) like environment to work. + + WARNING: dhcpd_devfs_enable and dhcpd_makedev_enable are mutually + exclusive + dhcpd_makedev_enable make NO sense on FreeBSD 5.x and up! **** If compiled with jail support (the default), the following lines are also supported (-early_chroot and dhcpd_chroot_enable=YES are implied): Index: files/isc-dhcpd.sh.sample =================================================================== RCS file: /home/ncvs/ports/net/isc-dhcp3-server/files/isc-dhcpd.sh.sample,v retrieving revision 1.11 diff -u -r1.11 isc-dhcpd.sh.sample --- files/isc-dhcpd.sh.sample 17 Oct 2004 12:54:35 -0000 1.11 +++ files/isc-dhcpd.sh.sample 9 Mar 2005 08:13:41 -0000 @@ -30,7 +30,9 @@ dhcpd_chroot_enable=${dhcpd_chroot_enable:-"NO"} # runs chrooted? dhcpd_devfs_enable=${dhcpd_devfs_enable:-"YES"} # devfs if available? +dhcpd_makedev_enable=${dhcpd_makedev_enable:-"NO"} # MAKEDEV instead of devfs? dhcpd_rootdir=${dhcpd_rootdir:-/var/db/${name}} # directory to run in +dhcpd_includedir=${dhcpd_includedir:-} # directory for included config files # untested dhcpd_jail_enable=${dhcpd_jail_enable:-"NO"} # runs imprisoned? @@ -221,7 +223,8 @@ local _rc _rc=1 - if checkyesno dhcpd_devfs_enable; then + if checkyesno dhcpd_devfs_enable || + checkyesno dhcpd_jail_enable; then mount -t devfs | awk ' BEGIN { n = ARGC; ARGC = 2 } { for (i = 2; i != n; i++) if ($3 == ARGV[i]) exit 1 } @@ -343,13 +346,26 @@ err 1 "dhcpd_rootdir must be set" \ "if dhcpd_chroot_enable is enabled" fi - if ! ( type mount_devfs ) > /dev/null 2>&1; then + if checkyesno dhcpd_devfs_enable && + checkyesno dhcpd_makedev_enable; then + err 1 "dhcpd_devfs_enable and dhcpd_makedev_enable" \ + "are mutually exclusive. enable only one!" + fi + if checkyesno dhcpd_devfs_enable && + ! ( type mount_devfs ) > /dev/null 2>&1; then warn "dhcpd_devfs_enable disabled" \ "-- not available" dhcpd_devfs_enable=NO fi + if checkyesno dhcpd_makedev_enable && + ! [ -x ${__dhcpd_devdir}/MAKEDEV ]; then + warn "dhcpd_makedev_enable disabled" \ + "-- not available" + dhcpd_makedev_enable=NO + fi else dhcpd_devfs_enable=NO + dhcpd_makedev_enable=NO fi else if checkyesno dhcpd_chroot_enable; then @@ -357,6 +373,7 @@ dhcpd_chroot_enable=NO fi dhcpd_devfs_enable=NO + dhcpd_makedev_enable=NO fi } @@ -384,6 +401,7 @@ dhcpd_rootdir= elif checkyesno paranoia && checkyesno dhcpd_chroot_enable; then dhcpd_devdir=${__dhcpd_devdir} + dhcpd_etcdir=${__dhcpd_etcdir} fi } @@ -403,7 +421,9 @@ { _dhcpd_rootdir=${dhcpd_rootdir} _dhcpd_devdir=${dhcpd_rootdir}${dhcpd_devdir} + _dhcpd_etcdir=${dhcpd_rootdir}${dhcpd_etcdir} _dhcpd_confdir=${dhcpd_rootdir}${dhcpd_confdir} + _dhcpd_includedir=${dhcpd_rootdir}${dhcpd_includedir} _dhcpd_piddir=${dhcpd_rootdir}${dhcpd_piddir} _dhcpd_leasesdir=${dhcpd_rootdir}${dhcpd_leasesdir} _dhcpd_conffile=${dhcpd_rootdir}${dhcpd_conffile} @@ -441,15 +461,39 @@ setup_chroot () { + local _mdev _hconf _hosts _ltime _rconf + + _mdev=MAKEDEV + _hconf=host.conf + _hosts=hosts + _ltime=localtime + _rconf=resolv.conf + if checkyesno paranoia && checkyesno dhcpd_chroot_enable; then - safe_mkdir ${_dhcpd_rootdir} ${_dhcpd_devdir}/_ ${_dhcpd_confdir} - # XXX /_ hack! so, .../dev is root owned. + if ! mounted ${_dhcpd_devdir}; then + safe_mkdir ${_dhcpd_devdir}/_ + # XXX /_ hack! so, .../dev is root owned. + fi + safe_mkdir ${_dhcpd_rootdir} ${_dhcpd_etcdir}/_ ${_dhcpd_confdir} + # XXX /_ hack! so, .../etc is root owned. if checkyesno dhcpd_devfs_enable; then safe_mount ${_dhcpd_devdir} + elif checkyesno dhcpd_makedev_enable; then + safe_copy ${dhcpd_devdir}/$_mdev ${_dhcpd_devdir}/$_mdev + safe_run 0 sh -c "cd ${_dhcpd_devdir} && ./$_mdev jail bpf4" else safe_copy ${dhcpd_devdir} ${_dhcpd_devdir} fi safe_copy ${dhcpd_conffile} ${_dhcpd_conffile} + safe_copy ${dhcpd_etcdir}/$_hconf ${_dhcpd_etcdir}/$_hconf + safe_copy ${dhcpd_etcdir}/$_hosts ${_dhcpd_etcdir}/$_hosts + safe_copy ${dhcpd_etcdir}/$_ltime ${_dhcpd_etcdir}/$_ltime + safe_copy ${dhcpd_etcdir}/$_rconf ${_dhcpd_etcdir}/$_rconf + # copy dhcpd_includedir if defined and available + if [ -d "${dhcpd_includedir}" ]; then + safe_mkdir ${_dhcpd_includedir} + safe_copy ${dhcpd_includedir} ${_dhcpd_includedir} + fi fi } @@ -537,14 +581,19 @@ remove_chroot () { if checkyesno paranoia && checkyesno dhcpd_chroot_enable; then - safe_remove ${_dhcpd_conffile} + safe_remove ${_dhcpd_conffile} ${_dhcpd_includedir} \ + ${_dhcpd_etcdir} if checkyesno dhcpd_devfs_enable; then safe_umount ${_dhcpd_devdir} safe_rmdir ${_dhcpd_devdir}/_ # XXX /_ hack! + elif checkyesno dhcpd_jail_enable; then + if ! mounted ${_dhcpd_devdir}; then + safe_remove ${_dhcpd_devdir} + fi else safe_remove ${_dhcpd_devdir} fi - safe_rmdir ${_dhcpd_confdir} ${_dhcpd_rootdir} + safe_rmdir ${_dhcpd_confdir} ${_dhcpd_rootdir} # XXX /_ hack! fi } @@ -650,6 +699,7 @@ __dhcpd_uninstall="NO" # internal use only __dhcpd_devdir=/dev # devices directory +__dhcpd_etcdir=/etc # etc directory __dhcpd_piddir=/var/run # pid file directory __dhcpd_leasesdir=/var/db # leases file directory #__dhcpd_rootdir=/var/db/${name} # root directory Index: files/patch-client::dhclient.c =================================================================== RCS file: /home/ncvs/ports/net/isc-dhcp3-server/files/patch-client::dhclient.c,v retrieving revision 1.3 diff -u -r1.3 patch-client::dhclient.c --- files/patch-client::dhclient.c 22 Mar 2004 23:33:09 -0000 1.3 +++ files/patch-client::dhclient.c 9 Mar 2005 08:13:41 -0000 @@ -1,6 +1,6 @@ ---- client/dhclient.c.orig Sat Apr 26 23:51:39 2003 -+++ client/dhclient.c Wed Mar 3 16:21:02 2004 -@@ -47,6 +47,13 @@ +--- client/dhclient.c.orig Wed Nov 24 18:39:14 2004 ++++ client/dhclient.c Tue Mar 8 14:06:59 2005 +@@ -38,6 +38,13 @@ #include "dhcpd.h" #include "version.h" @@ -11,10 +11,10 @@ +#include <net80211/ieee80211.h> +#endif + - TIME cur_time; TIME default_lease_time = 43200; /* 12 hours... */ TIME max_lease_time = 86400; /* 24 hours... */ -@@ -82,8 +89,11 @@ + +@@ -72,8 +79,11 @@ struct string_list *client_env=NULL; int client_env_count=0; int onetry=0; @@ -27,7 +27,7 @@ static void usage PROTO ((void)); -@@ -184,6 +194,9 @@ +@@ -174,6 +184,9 @@ } else if (!strcmp (argv [i], "-q")) { quiet = 1; quiet_interface_discovery = 1; @@ -37,7 +37,7 @@ } else if (!strcmp (argv [i], "-s")) { if (++i == argc) usage (); -@@ -197,6 +210,19 @@ +@@ -187,6 +200,19 @@ } else if (!strcmp (argv [i], "-n")) { /* do not start up any interfaces */ interfaces_requested = 1; @@ -57,7 +57,7 @@ } else if (!strcmp (argv [i], "-w")) { /* do not exit if there are no broadcast interfaces. */ persist = 1; -@@ -225,7 +251,16 @@ +@@ -215,7 +241,16 @@ if (strlen (argv [i]) > sizeof tmp -> name) log_fatal ("%s: interface name too long (max %ld)", argv [i], (long)strlen (argv [i])); @@ -75,7 +75,7 @@ if (interfaces) { interface_reference (&tmp -> next, interfaces, MDL); -@@ -385,6 +420,16 @@ +@@ -375,6 +410,16 @@ INTERFACE_AUTOMATIC)) != INTERFACE_REQUESTED)) continue; @@ -92,7 +92,7 @@ script_init (ip -> client, "PREINIT", (struct string_list *)0); if (ip -> client -> alias) -@@ -427,8 +472,13 @@ +@@ -417,8 +462,13 @@ client -> state = S_INIT; /* Set up a timeout to start the initialization process. */ @@ -106,7 +106,7 @@ } } } -@@ -486,9 +536,9 @@ +@@ -476,9 +526,9 @@ log_info (arr); log_info (url); @@ -119,7 +119,7 @@ "[-pf pid-file] [-e VAR=val]"); log_fatal (" [-sf script-file] [interface]"); } -@@ -876,6 +926,15 @@ +@@ -881,6 +931,15 @@ /* Write out the new lease. */ write_client_lease (client, client -> new, 0, 0); @@ -135,7 +135,7 @@ /* Replace the old active lease with the new one. */ if (client -> active) destroy_client_lease (client -> active); -@@ -890,6 +949,12 @@ +@@ -895,6 +954,12 @@ piaddr (client -> active -> address), (long)(client -> active -> renewal - cur_time)); client -> state = S_BOUND; @@ -148,7 +148,7 @@ reinitialize_interfaces (); go_daemon (); if (client -> config -> do_forward_update) { -@@ -1352,6 +1417,11 @@ +@@ -1359,6 +1424,11 @@ int interval; int increase = 1; @@ -160,7 +160,7 @@ /* Figure out how long it's been since we started transmitting. */ interval = cur_time - client -> first_sending; -@@ -1457,6 +1527,9 @@ +@@ -1464,6 +1534,9 @@ struct client_lease *loop; struct client_lease *lp; @@ -170,7 +170,7 @@ loop = lp = client -> active; log_info ("No DHCPOFFERS received."); -@@ -1489,6 +1562,10 @@ +@@ -1496,6 +1569,10 @@ log_info ("bound: renewal in %ld %s.", (long)(client -> active -> renewal - cur_time), "seconds"); @@ -181,7 +181,7 @@ add_timeout (client -> active -> renewal, state_bound, client, 0, 0); } else { -@@ -1496,6 +1573,11 @@ +@@ -1503,6 +1580,11 @@ log_info ("bound: immediate renewal."); state_bound (client); } @@ -193,7 +193,7 @@ reinitialize_interfaces (); go_daemon (); return; -@@ -1541,6 +1623,12 @@ +@@ -1548,6 +1630,12 @@ } log_info ("No working leases in persistent database - sleeping."); @@ -206,7 +206,7 @@ script_init (client, "FAIL", (struct string_list *)0); if (client -> alias) script_write_params (client, "alias_", client -> alias); -@@ -1681,6 +1769,18 @@ +@@ -1689,6 +1777,18 @@ client -> packet.secs = htons (65535); } @@ -225,7 +225,7 @@ log_info ("DHCPREQUEST on %s to %s port %d", client -> name ? client -> name : client -> interface -> name, inet_ntoa (destination.sin_addr), -@@ -1702,6 +1802,16 @@ +@@ -1710,6 +1810,16 @@ from, &destination, (struct hardware *)0); @@ -242,7 +242,7 @@ add_timeout (cur_time + client -> interval, send_request, client, 0, 0); } -@@ -2597,6 +2707,13 @@ +@@ -2607,6 +2717,13 @@ wstatus = 0; } } else { @@ -256,7 +256,7 @@ execve (scriptName, argv, envp); log_error ("execve (%s, ...): %m", scriptName); exit (0); -@@ -2783,8 +2900,10 @@ +@@ -2793,8 +2910,10 @@ case S_STOPPED: break; } @@ -267,7 +267,7 @@ } } } -@@ -3010,7 +3129,9 @@ +@@ -3022,7 +3141,9 @@ break; case server_awaken: @@ -277,7 +277,7 @@ break; } } -@@ -3147,3 +3268,265 @@ +@@ -3160,3 +3281,265 @@ data_string_forget (&ddns_dhcid, MDL); return rcode; } --- isc-dhcp3-server.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503091036.j29AaNYZ026762>