diff options
author | Mike Frysinger <vapier@gentoo.org> | 2004-07-18 06:02:28 +0000 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2004-07-18 06:02:28 +0000 |
commit | 0d1636626d8ced4959f7a0fc8a3ad1f408715fe1 (patch) | |
tree | 4670b42d886d6f1c12afdafdb8d8ec164a84ab27 /net-misc/dhcp | |
parent | x86 stable (Manifest recommit) (diff) | |
download | gentoo-2-0d1636626d8ced4959f7a0fc8a3ad1f408715fe1.tar.gz gentoo-2-0d1636626d8ced4959f7a0fc8a3ad1f408715fe1.tar.bz2 gentoo-2-0d1636626d8ced4959f7a0fc8a3ad1f408715fe1.zip |
ver bump #57347
Diffstat (limited to 'net-misc/dhcp')
-rw-r--r-- | net-misc/dhcp/ChangeLog | 10 | ||||
-rw-r--r-- | net-misc/dhcp/dhcp-3.0.1.ebuild | 130 | ||||
-rw-r--r-- | net-misc/dhcp/dhcp-3.0_p2-r5.ebuild | 7 | ||||
-rw-r--r-- | net-misc/dhcp/dhcp-3.0_p2-r6.ebuild | 7 | ||||
-rw-r--r-- | net-misc/dhcp/files/dhcp-3.0+paranoia.patch | 207 | ||||
-rw-r--r-- | net-misc/dhcp/files/digest-dhcp-3.0.1 | 1 | ||||
-rw-r--r-- | net-misc/dhcp/files/digest-dhcp-3.0_p2-r5 | 1 | ||||
-rw-r--r-- | net-misc/dhcp/files/digest-dhcp-3.0_p2-r6 | 1 |
8 files changed, 353 insertions, 11 deletions
diff --git a/net-misc/dhcp/ChangeLog b/net-misc/dhcp/ChangeLog index 901c155548b9..9f7dd03a741f 100644 --- a/net-misc/dhcp/ChangeLog +++ b/net-misc/dhcp/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-misc/dhcp # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/ChangeLog,v 1.41 2004/07/01 20:56:39 squinky86 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/ChangeLog,v 1.42 2004/07/18 06:02:28 vapier Exp $ + +*dhcp-3.0.1 (18 Jul 2004) + + 18 Jul 2004; Mike Frysinger <vapier@gentoo.org> + +files/dhcp-3.0+paranoia.patch, +dhcp-3.0.1.ebuild, dhcp-3.0_p2-r5.ebuild, + dhcp-3.0_p2-r6.ebuild: + Version bump #57347 by Martin Jackson. Also move paranoia patch out of + $DISTDIR and into $FILESDIR. 01 Jul 2004; Jon Hood <squinky86@gentoo.org> dhcp-3.0_p2-r4.ebuild, dhcp-3.0_p2-r5.ebuild, dhcp-3.0_p2-r6.ebuild: diff --git a/net-misc/dhcp/dhcp-3.0.1.ebuild b/net-misc/dhcp/dhcp-3.0.1.ebuild new file mode 100644 index 000000000000..acfc44064cc2 --- /dev/null +++ b/net-misc/dhcp/dhcp-3.0.1.ebuild @@ -0,0 +1,130 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/dhcp-3.0.1.ebuild,v 1.1 2004/07/18 06:02:28 vapier Exp $ + +inherit eutils flag-o-matic + +DESCRIPTION="ISC Dynamic Host Configuration Protocol" +HOMEPAGE="http://www.isc.org/products/DHCP" +SRC_URI="ftp://ftp.isc.org/isc/dhcp/${P}.tar.gz" + +LICENSE="isc-dhcp" +SLOT="0" +KEYWORDS="~x86 ~ppc ~sparc ~mips ~hppa ~ppc64" +IUSE="static selinux" + +RDEPEND="virtual/libc + selinux? ( sec-policy/selinux-dhcp )" +DEPEND="${RDEPEND} + >=sys-apps/sed-4" +PROVIDE="virtual/dhcpc" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/dhcp-3.0+paranoia.patch + epatch ${FILESDIR}/dhcp-3.0pl2-fix-perms.patch +} + +src_compile() { + # 01/Mar/2003: Fix for bug #11960 by Jason Wever <weeve@gentoo.org> + [ "${ARCH}" == "sparc" ] && filter-flags -O3 -O2 -O + + use static && append-flags -static + + cat <<-END >> includes/site.h + #define _PATH_DHCPD_CONF "/etc/dhcp/dhcpd.conf" + #define _PATH_DHCPD_PID "/var/run/dhcp/dhcpd.pid" + #define _PATH_DHCPD_DB "/var/lib/dhcp/dhcpd.leases" + #define _PATH_DHCLIENT_DB "/var/lib/dhcp/dhclient.leases" + #define DHCPD_LOG_FACILITY LOG_LOCAL1 + END + + cat <<-END > site.conf + CC = gcc + LIBDIR = /usr/lib + INCDIR = /usr/include + ETC = /etc/dhcp + VARDB = /var/lib/dhcp + VARRUN = /var/run/dhcp + ADMMANDIR = /usr/share/man/man8 + FFMANDIR = /usr/share/man/man5 + LIBMANDIR = /usr/share/man/man3 + USRMANDIR = /usr/share/man/man1 + END + + ./configure \ + --with-nsupdate \ + --copts "-DPARANOIA -DEARLY_CHROOT ${CFLAGS}" \ + || die "configure failed" + + emake || die "compile problem" +} + +src_install() { + make install DESTDIR="${D}" || die + + insinto /etc/dhcp + newins server/dhcpd.conf dhcpd.conf.sample + newins client/dhclient.conf dhclient.conf.sample + dosed "s:/etc/dhclient-script:/etc/dhcp/dhclient-script:" \ + /etc/dhcp/dhclient.conf.sample + mv "${D}/sbin/dhclient-script" "${D}/etc/dhcp/dhclient-script.sample" + + dodoc ANONCVS CHANGES README RELNOTES doc/* + newdoc client/dhclient.conf dhclient.conf.sample + newdoc client/scripts/linux dhclient-script.sample + newdoc server/dhcpd.conf dhcpd.conf.sample + + exeinto /etc/init.d + newexe "${FILESDIR}/dhcp.rc6" dhcp + newexe "${FILESDIR}/dhcrelay.rc6" dhcrelay + insinto /etc/conf.d + newins "${FILESDIR}/dhcp.conf" dhcp + newins "${FILESDIR}/dhcrelay.conf" dhcrelay + + keepdir /var/{lib,run}/dhcp +} + +pkg_preinst() { + enewgroup dhcp + enewuser dhcp -1 /bin/false /var/lib/dhcp dhcp +} + +pkg_postinst() { + chown dhcp:dhcp "${ROOT}/var/lib/dhcp" "${ROOT}/var/run/dhcp" + + einfo "You can edit /etc/conf.d/dhcp to customize dhcp settings" + einfo + einfo "The DHCP ebuild now includes chroot support." + einfo "If you like to run dhcpd in chroot AND this is a new install OR" + einfo "your dhcpd doesn't already run in chroot, simply run:" + einfo " ebuild /var/db/pkg/${CATEGORY}/${PF}/${PF}.ebuild config" + einfo "Before running the above command you might want to change the chroot" + einfo "dir in /etc/conf.d/dhcp, otherwise /chroot/dhcp will be used." + echo +} + +pkg_config() { + CHROOT=`sed -n 's/^[[:blank:]]\?CHROOT="\([^"]\+\)"/\1/p' /etc/conf.d/dhcp 2>/dev/null` + + if [ ! -d "${CHROOT:=/chroot/dhcp}" ] ; then + ebegin "Setting up the chroot directory" + mkdir -m 0755 -p "${CHROOT}/"{dev,etc,var/lib,var/run/dhcp} + cp -R /etc/dhcp "${CHROOT}/etc/" + cp -R /var/lib/dhcp "${CHROOT}/var/lib" + chown -R dhcp:dhcp "${CHROOT}/var/lib" "${CHROOT}/var/run/dhcp" + eend + + if [ "`grep '^#[[:blank:]]\?CHROOT' /etc/conf.d/dhcp`" ] ; then + sed -e '/^#[[:blank:]]\?CHROOT/s/^#[[:blank:]]\?//' -i /etc/conf.d/dhcp + fi + + einfo "To enable logging from the DHCP server, configure your" + einfo "logger (`best_version virtual/logger`) to listen on ${CHROOT}/dev/log" + else + eerror + eerror "${CHROOT} already exists. Quitting." + eerror + fi +} diff --git a/net-misc/dhcp/dhcp-3.0_p2-r5.ebuild b/net-misc/dhcp/dhcp-3.0_p2-r5.ebuild index 2a67492b66de..b72fcaf3c7a1 100644 --- a/net-misc/dhcp/dhcp-3.0_p2-r5.ebuild +++ b/net-misc/dhcp/dhcp-3.0_p2-r5.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/dhcp-3.0_p2-r5.ebuild,v 1.4 2004/07/01 20:56:39 squinky86 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/dhcp-3.0_p2-r5.ebuild,v 1.5 2004/07/18 06:02:28 vapier Exp $ IUSE="static selinux" @@ -10,8 +10,7 @@ MY_P=${P/_p/pl} S=${WORKDIR}/${MY_P} DESCRIPTION="ISC Dynamic Host Configuration Protocol." HOMEPAGE="http://www.isc.org/products/DHCP" -SRC_URI="ftp://ftp.isc.org/isc/dhcp/${MY_P}.tar.gz - http://www.episec.com/people/edelkind/patches/dhcp/dhcp-3.0+paranoia.patch" +SRC_URI="ftp://ftp.isc.org/isc/dhcp/${MY_P}.tar.gz" LICENSE="isc-dhcp" SLOT="0" @@ -28,7 +27,7 @@ src_unpack() { unpack ${A} && cd "${S}" epatch "${FILESDIR}/dhcp-3.0pl2-user-option-fix.patch" epatch "${FILESDIR}/dhclient.c-3.0-dw-cli-fix.patch" - epatch "${DISTDIR}/dhcp-3.0+paranoia.patch" + epatch "${FILESDIR}/dhcp-3.0+paranoia.patch" } src_compile() { diff --git a/net-misc/dhcp/dhcp-3.0_p2-r6.ebuild b/net-misc/dhcp/dhcp-3.0_p2-r6.ebuild index bf8bef4c7bdc..aa3c9b3318eb 100644 --- a/net-misc/dhcp/dhcp-3.0_p2-r6.ebuild +++ b/net-misc/dhcp/dhcp-3.0_p2-r6.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/dhcp-3.0_p2-r6.ebuild,v 1.4 2004/07/01 20:56:39 squinky86 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/dhcp-3.0_p2-r6.ebuild,v 1.5 2004/07/18 06:02:28 vapier Exp $ IUSE="static selinux" @@ -10,8 +10,7 @@ MY_P=${P/_p/pl} S=${WORKDIR}/${MY_P} DESCRIPTION="ISC Dynamic Host Configuration Protocol." HOMEPAGE="http://www.isc.org/products/DHCP" -SRC_URI="ftp://ftp.isc.org/isc/dhcp/${MY_P}.tar.gz - http://www.episec.com/people/edelkind/patches/dhcp/dhcp-3.0+paranoia.patch" +SRC_URI="ftp://ftp.isc.org/isc/dhcp/${MY_P}.tar.gz" SLOT="0" LICENSE="isc-dhcp" @@ -29,7 +28,7 @@ src_unpack() { unpack ${A} && cd "${S}" epatch "${FILESDIR}/dhcp-3.0pl2-user-option-fix.patch" epatch "${FILESDIR}/dhclient.c-3.0-dw-cli-fix.patch" - epatch "${DISTDIR}/dhcp-3.0+paranoia.patch" + epatch "${FILESDIR}/dhcp-3.0+paranoia.patch" epatch "${FILESDIR}/dhcp-3.0pl2-fix-perms.patch" } diff --git a/net-misc/dhcp/files/dhcp-3.0+paranoia.patch b/net-misc/dhcp/files/dhcp-3.0+paranoia.patch new file mode 100644 index 000000000000..886f5cb5ffe3 --- /dev/null +++ b/net-misc/dhcp/files/dhcp-3.0+paranoia.patch @@ -0,0 +1,207 @@ + +paranoia (non-root/chroot) patch for ISC dhcp 3.0 +file to patch: dhcp-3.0/server/dhcpd.c + +update from paranoia patch for ISC dhcp 2.0 + +Adds 3 options: + + -user <user> + -group <group> + -chroot <chroot_dir> + +Notes: + -DPARANOIA must be passed as an argument to the --copts option + of configure. Otherwise, the paranoia code will not be compiled + in. Example: ./configure --copts -DPARANOIA + + The chroot() call has been delayed in order to allow /dev/log to + be reopened after the configuration file has been read. This is + beneficial for systems on which /dev/log is a unix domain socket. + The main side effect is that dhcpd.conf should be placed in /etc, + instead of <chroot_dir>/etc. + + If dhcpd is to be run on a sysV-style architecture (or, more + generally, if /dev/log is a character device), one may opt to + create the <chroot_dir>/dev/log character device and add + -DEARLY_CHROOT to the --copts option of configure (in addition to + -DPARANOIA). This will perform the chroot() call at the earliest + convenience (before reading the configuration file). + + If the -user option is used, the lease and pid file directories + should be writable to the server process after it drops + privileges. + + +ari edelkind (12/10/2001) +last modified 12/10/2001 + + +--- dhcp-3.0/server/dhcpd.c Thu Jun 21 22:12:58 2001 ++++ dhcp-3.0+paranoia/server/dhcpd.c Wed Oct 17 08:23:00 2001 +@@ -56,6 +56,16 @@ + #include "version.h" + #include <omapip/omapip_p.h> + ++#if defined (PARANOIA) ++# include <sys/types.h> ++# include <unistd.h> ++# include <pwd.h> ++/* get around the ISC declaration of group */ ++# define group real_group ++# include <grp.h> ++# undef group ++#endif /* PARANOIA */ ++ + static void usage PROTO ((void)); + + TIME cur_time; +@@ -204,6 +214,22 @@ + omapi_object_dereference (&listener, MDL); + } + ++#if defined (PARANOIA) ++/* to be used in one of two possible scenarios */ ++static void setup_chroot (char *chroot_dir) { ++ if (geteuid()) ++ log_fatal ("you must be root to use chroot"); ++ ++ if (chroot(chroot_dir)) { ++ log_fatal ("chroot(\"%s\"): %m", chroot_dir); ++ } ++ if (chdir ("/")) { ++ /* probably permission denied */ ++ log_fatal ("chdir(\"/\"): %m"); ++ } ++} ++#endif /* PARANOIA */ ++ + int main (argc, argv, envp) + int argc; + char **argv, **envp; +@@ -236,6 +262,14 @@ + char *traceinfile = (char *)0; + char *traceoutfile = (char *)0; + #endif ++#if defined (PARANOIA) ++ char *set_user = 0; ++ char *set_group = 0; ++ char *set_chroot = 0; ++ ++ uid_t set_uid = 0; ++ gid_t set_gid = 0; ++#endif /* PARANOIA */ + + /* Make sure we have stdin, stdout and stderr. */ + status = open ("/dev/null", O_RDWR); +@@ -298,6 +332,20 @@ + if (++i == argc) + usage (); + server = argv [i]; ++#if defined (PARANOIA) ++ } else if (!strcmp (argv [i], "-user")) { ++ if (++i == argc) ++ usage (); ++ set_user = argv [i]; ++ } else if (!strcmp (argv [i], "-group")) { ++ if (++i == argc) ++ usage (); ++ set_group = argv [i]; ++ } else if (!strcmp (argv [i], "-chroot")) { ++ if (++i == argc) ++ usage (); ++ set_chroot = argv [i]; ++#endif /* PARANOIA */ + } else if (!strcmp (argv [i], "-cf")) { + if (++i == argc) + usage (); +@@ -397,6 +445,44 @@ + trace_seed_stop, MDL); + #endif + ++#if defined (PARANOIA) ++ /* get user and group info if those options were given */ ++ if (set_user) { ++ struct passwd *tmp_pwd; ++ ++ if (geteuid()) ++ log_fatal ("you must be root to set user"); ++ ++ if (!(tmp_pwd = getpwnam(set_user))) ++ log_fatal ("no such user: %s", set_user); ++ ++ set_uid = tmp_pwd->pw_uid; ++ ++ /* use the user's group as the default gid */ ++ if (!set_group) ++ set_gid = tmp_pwd->pw_gid; ++ } ++ ++ if (set_group) { ++/* get around the ISC declaration of group */ ++#define group real_group ++ struct group *tmp_grp; ++ ++ if (geteuid()) ++ log_fatal ("you must be root to set group"); ++ ++ if (!(tmp_grp = getgrnam(set_group))) ++ log_fatal ("no such group: %s", set_group); ++ ++ set_gid = tmp_grp->gr_gid; ++#undef group ++ } ++ ++# if defined (EARLY_CHROOT) ++ if (set_chroot) setup_chroot (set_chroot); ++# endif /* EARLY_CHROOT */ ++#endif /* PARANOIA */ ++ + /* Default to the DHCP/BOOTP port. */ + if (!local_port) + { +@@ -500,6 +586,10 @@ + + postconf_initialization (quiet); + ++#if defined (PARANOIA) && !defined (EARLY_CHROOT) ++ if (set_chroot) setup_chroot (set_chroot); ++#endif /* PARANOIA && !EARLY_CHROOT */ ++ + /* test option should cause an early exit */ + if (cftest && !lftest) + exit(0); +@@ -543,6 +633,22 @@ + exit (0); + } + ++#if defined (PARANOIA) ++ /* change uid to the specified one */ ++ ++ if (set_gid) { ++ if (setgroups (0, (void *)0)) ++ log_fatal ("setgroups: %m"); ++ if (setgid (set_gid)) ++ log_fatal ("setgid(%d): %m", (int) set_gid); ++ } ++ ++ if (set_uid) { ++ if (setuid (set_uid)) ++ log_fatal ("setuid(%d): %m", (int) set_uid); ++ } ++#endif /* PARANOIA */ ++ + /* Read previous pid file. */ + if ((i = open (path_dhcpd_pid, O_RDONLY)) >= 0) { + status = read (i, pbuf, (sizeof pbuf) - 1); +@@ -888,6 +994,10 @@ + + log_fatal ("Usage: dhcpd [-p <UDP port #>] [-d] [-f]%s%s%s%s", + "\n [-cf config-file] [-lf lease-file]", ++#if defined (PARANOIA) ++ /* meld into the following string */ ++ "\n [-user user] [-group group] [-chroot dir]" ++#endif /* PARANOIA */ + #if defined (TRACING) + "\n [-tf trace-output-file]", + "\n [-play trace-input-file]", diff --git a/net-misc/dhcp/files/digest-dhcp-3.0.1 b/net-misc/dhcp/files/digest-dhcp-3.0.1 new file mode 100644 index 000000000000..161149e2312c --- /dev/null +++ b/net-misc/dhcp/files/digest-dhcp-3.0.1 @@ -0,0 +1 @@ +MD5 44f72d16a12acc3fbe09703157aa42d2 dhcp-3.0.1.tar.gz 848296 diff --git a/net-misc/dhcp/files/digest-dhcp-3.0_p2-r5 b/net-misc/dhcp/files/digest-dhcp-3.0_p2-r5 index 5c34b82115a3..69ed0169648a 100644 --- a/net-misc/dhcp/files/digest-dhcp-3.0_p2-r5 +++ b/net-misc/dhcp/files/digest-dhcp-3.0_p2-r5 @@ -1,2 +1 @@ MD5 2cb5db7a0c23deaef4724b5fc3f9a869 dhcp-3.0pl2.tar.gz 865196 -MD5 66becf9870e0293bbd35d1fba770751a dhcp-3.0+paranoia.patch 5366 diff --git a/net-misc/dhcp/files/digest-dhcp-3.0_p2-r6 b/net-misc/dhcp/files/digest-dhcp-3.0_p2-r6 index 5c34b82115a3..69ed0169648a 100644 --- a/net-misc/dhcp/files/digest-dhcp-3.0_p2-r6 +++ b/net-misc/dhcp/files/digest-dhcp-3.0_p2-r6 @@ -1,2 +1 @@ MD5 2cb5db7a0c23deaef4724b5fc3f9a869 dhcp-3.0pl2.tar.gz 865196 -MD5 66becf9870e0293bbd35d1fba770751a dhcp-3.0+paranoia.patch 5366 |