~ubuntu-branches/ubuntu/dapper/dhcp3/dapper : contents of debian/patches/deroot-client.dpatch at revision 9

~ubuntu-branches/ubuntu/dapper/dhcp3/dapper : (revision 9)

#! /bin/sh /usr/share/dpatch/dpatch-run
## deroot-client.dpatch by Martin Pitt <martin.pitt@ubuntu.com>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.

@DPATCH@
diff -urNad dhcp3-3.0.3~/client/Makefile.dist dhcp3-3.0.3/client/Makefile.dist
--- dhcp3-3.0.3~/client/Makefile.dist	2006-05-05 00:58:40.000000000 +0200
+++ dhcp3-3.0.3/client/Makefile.dist	2006-05-05 00:58:42.000000000 +0200
@@ -25,8 +25,9 @@
 	      dhclient.leases.cat5
 SEDMANPAGES = dhclient.man8 dhclient.conf.man5 dhclient-script.man8 \
 	      dhclient.leases.man5
-SRCS   = dhclient.c clparse.c
+SRCS   = dhclient.c clparse.c call-dhclient-script.c
 OBJS   = dhclient.o clparse.o
+LIBS   = -lcap
 PROG   = dhclient
 MAN    = dhclient.8 dhclient.conf.5 dhclient-script.8 dhclient.leases.5
 
@@ -35,7 +36,7 @@
 CFLAGS = $(DEBUG) $(PREDEFINES) $(INCLUDES) $(COPTS) \
 		-DCLIENT_PATH=${CLIENT_PATH}
 
-all:	$(PROG) $(CATMANPAGES)
+all:	$(PROG) $(CATMANPAGES) call-dhclient-script
 
 install: all
 	for dir in $(CLIENTBINDIR) $(ETC) $(FFMANDIR) $(ADMMANDIR) $(VARDB); \
@@ -51,6 +52,8 @@
 	done
 	$(INSTALL) dhclient $(DESTDIR)$(CLIENTBINDIR)
 	$(CHMOD) 755 $(DESTDIR)$(CLIENTBINDIR)/dhclient
+	$(INSTALL) -D call-dhclient-script $(DESTDIR)/lib/dhcp3-client/call-dhclient-script
+	$(CHMOD) 755 $(DESTDIR)/lib/dhcp3-client/call-dhclient-script
 	if [ x$(SCRIPT) = xnone ]; then \
 	  echo "No client script available."; \
 	else \
@@ -126,4 +129,7 @@
 dhclient:	$(OBJS) $(DHCPLIB)
 	$(CC) $(LFLAGS) -o $(PROG) $(OBJS) $(DHCPLIB) $(LIBS)
 
+call-dhclient-script: call-dhclient-script.c
+	$(CC) $(COPTS) $(LFLAGS) -o call-dhclient-script call-dhclient-script.c
+
 # Dependencies (semi-automatically-generated)
diff -urNad dhcp3-3.0.3~/client/call-dhclient-script.c dhcp3-3.0.3/client/call-dhclient-script.c
--- dhcp3-3.0.3~/client/call-dhclient-script.c	1970-01-01 01:00:00.000000000 +0100
+++ dhcp3-3.0.3/client/call-dhclient-script.c	2006-05-05 00:58:42.000000000 +0200
@@ -0,0 +1,11 @@
+#include <unistd.h>
+#include <stdio.h>
+
+int
+main()
+{
+    setreuid(0, 0);
+    execl("/etc/dhcp3/dhclient-script", "/etc/dhcp3/dhclient-script", NULL);
+    perror("could not execute /etc/dhcp3/dhclient-script");
+    return -1;
+}
diff -urNad dhcp3-3.0.3~/client/dhclient.c dhcp3-3.0.3/client/dhclient.c
--- dhcp3-3.0.3~/client/dhclient.c	2006-05-05 00:58:41.000000000 +0200
+++ dhcp3-3.0.3/client/dhclient.c	2006-05-05 00:58:56.000000000 +0200
@@ -37,6 +37,10 @@
 
 #include "dhcpd.h"
 #include "version.h"
+#include "droppriv.h"
+#include <unistd.h> /* for ftruncate() */
+#include <pwd.h>
+void open_client_pid_file(void);
 
 TIME default_lease_time = 43200; /* 12 hours... */
 TIME max_lease_time = 86400; /* 24 hours... */
@@ -346,6 +350,14 @@
 	/* Rewrite the lease database... */
 	rewrite_client_leases ();
 
+        /* Open the client pidfile since we cannot do that after dropping
+         * privileges */
+        open_client_pid_file ();
+
+        /* drop privileges */
+        cap_value_t capsneeded[] = { CAP_NET_RAW, CAP_NET_BIND_SERVICE };
+        drop_privileges( "dhcp", "dhcp", 2, capsneeded, -1 );
+
 	/* XXX */
 /* 	config_counter(&snd_counter, &rcv_counter); */
 
@@ -2149,7 +2161,7 @@
 	free_client_lease (lease, MDL);
 }
 
-FILE *leaseFile;
+FILE *leaseFile = NULL;
 
 void rewrite_client_leases ()
 {
@@ -2157,9 +2169,18 @@
 	struct client_state *client;
 	struct client_lease *lp;
 
-	if (leaseFile)
-		fclose (leaseFile);
-	leaseFile = fopen (path_dhclient_db, "w");
+	if (leaseFile) {
+                rewind (leaseFile);
+		ftruncate (fileno (leaseFile), 0);
+        } else {
+		/* create lease file and chown it to dhcp, so that forked
+		 * instances can open it for writing, too */
+		struct passwd *pwd = getpwnam ("dhcp");
+                leaseFile = fopen (path_dhclient_db, "w");
+		if (pwd && leaseFile) {
+		    chown (path_dhclient_db, pwd->pw_uid, -1);
+		}
+	}
 	if (!leaseFile) {
 		log_error ("can't create %s: %m", path_dhclient_db);
 		return;
@@ -2745,9 +2766,10 @@
 	write_client_pid_file ();
 }
 
-void write_client_pid_file ()
+FILE *pf;
+
+void open_client_pid_file ()
 {
-	FILE *pf;
 	int pfdesc;
 
 	pfdesc = open (path_dhclient_pid, O_CREAT | O_TRUNC | O_WRONLY, 0644);
@@ -2760,9 +2782,14 @@
 	pf = fdopen (pfdesc, "w");
 	if (!pf)
 		log_error ("Can't fdopen %s: %m", path_dhclient_pid);
-	else {
+}
+
+void write_client_pid_file ()
+{
+	if (pf) {
 		fprintf (pf, "%ld\n", (long)getpid ());
 		fclose (pf);
+               pf = NULL;
 	}
 }
 

4 by Oliver Grawert added the missing dependency on lsb-base to dhcp3-server	1	#! /bin/sh /usr/share/dpatch/dpatch-run
	2	## deroot-client.dpatch by Martin Pitt <martin.pitt@ubuntu.com>
	3	##
	4	## All lines beginning with `## DP:' are a description of the patch.
	5	## DP: No description.
	6
	7	@DPATCH@
9 by Martin Pitt * debian/patches/deroot-client.dpatch: Fixed major thinko in lease file	8	diff -urNad dhcp3-3.0.3~/client/Makefile.dist dhcp3-3.0.3/client/Makefile.dist
	9	--- dhcp3-3.0.3~/client/Makefile.dist 2006-05-05 00:58:40.000000000 +0200
	10	+++ dhcp3-3.0.3/client/Makefile.dist 2006-05-05 00:58:42.000000000 +0200
	11	@@ -25,8 +25,9 @@
	12	dhclient.leases.cat5
	13	SEDMANPAGES = dhclient.man8 dhclient.conf.man5 dhclient-script.man8 \
	14	dhclient.leases.man5
	15	-SRCS = dhclient.c clparse.c
	16	+SRCS = dhclient.c clparse.c call-dhclient-script.c
	17	OBJS = dhclient.o clparse.o
	18	+LIBS = -lcap
	19	PROG = dhclient
	20	MAN = dhclient.8 dhclient.conf.5 dhclient-script.8 dhclient.leases.5
	21
	22	@@ -35,7 +36,7 @@
	23	CFLAGS = $(DEBUG) $(PREDEFINES) $(INCLUDES) $(COPTS) \
	24	-DCLIENT_PATH=${CLIENT_PATH}
	25
	26	-all: $(PROG) $(CATMANPAGES)
	27	+all: $(PROG) $(CATMANPAGES) call-dhclient-script
	28
	29	install: all
	30	for dir in $(CLIENTBINDIR) $(ETC) $(FFMANDIR) $(ADMMANDIR) $(VARDB); \
	31	@@ -51,6 +52,8 @@
	32	done
	33	$(INSTALL) dhclient $(DESTDIR)$(CLIENTBINDIR)
	34	$(CHMOD) 755 $(DESTDIR)$(CLIENTBINDIR)/dhclient
	35	+ $(INSTALL) -D call-dhclient-script $(DESTDIR)/lib/dhcp3-client/call-dhclient-script
	36	+ $(CHMOD) 755 $(DESTDIR)/lib/dhcp3-client/call-dhclient-script
	37	if [ x$(SCRIPT) = xnone ]; then \
	38	echo "No client script available."; \
	39	else \
	40	@@ -126,4 +129,7 @@
	41	dhclient: $(OBJS) $(DHCPLIB)
	42	$(CC) $(LFLAGS) -o $(PROG) $(OBJS) $(DHCPLIB) $(LIBS)
	43
	44	+call-dhclient-script: call-dhclient-script.c
	45	+ $(CC) $(COPTS) $(LFLAGS) -o call-dhclient-script call-dhclient-script.c
	46	+
	47	# Dependencies (semi-automatically-generated)
5 by Martin Pitt * debian/patches/deroot-client.dpatch:	48	diff -urNad dhcp3-3.0.3~/client/call-dhclient-script.c dhcp3-3.0.3/client/call-dhclient-script.c
5 by Martin Pitt * debian/patches/deroot-client.dpatch:	49	--- dhcp3-3.0.3~/client/call-dhclient-script.c 1970-01-01 01:00:00.000000000 +0100
9 by Martin Pitt * debian/patches/deroot-client.dpatch: Fixed major thinko in lease file	50	+++ dhcp3-3.0.3/client/call-dhclient-script.c 2006-05-05 00:58:42.000000000 +0200
4 by Oliver Grawert added the missing dependency on lsb-base to dhcp3-server	51	@@ -0,0 +1,11 @@
	52	+#include <unistd.h>
	53	+#include <stdio.h>
	54	+
	55	+int
	56	+main()
	57	+{
	58	+ setreuid(0, 0);
	59	+ execl("/etc/dhcp3/dhclient-script", "/etc/dhcp3/dhclient-script", NULL);
	60	+ perror("could not execute /etc/dhcp3/dhclient-script");
	61	+ return -1;
	62	+}
5 by Martin Pitt * debian/patches/deroot-client.dpatch:	63	diff -urNad dhcp3-3.0.3~/client/dhclient.c dhcp3-3.0.3/client/dhclient.c
9 by Martin Pitt * debian/patches/deroot-client.dpatch: Fixed major thinko in lease file	64	--- dhcp3-3.0.3~/client/dhclient.c 2006-05-05 00:58:41.000000000 +0200
	65	+++ dhcp3-3.0.3/client/dhclient.c 2006-05-05 00:58:56.000000000 +0200
	66	@@ -37,6 +37,10 @@
4 by Oliver Grawert added the missing dependency on lsb-base to dhcp3-server	67
	68	#include "dhcpd.h"
	69	#include "version.h"
	70	+#include "droppriv.h"
5 by Martin Pitt * debian/patches/deroot-client.dpatch:	71	+#include <unistd.h> /* for ftruncate() */
9 by Martin Pitt * debian/patches/deroot-client.dpatch: Fixed major thinko in lease file	72	+#include <pwd.h>
4 by Oliver Grawert added the missing dependency on lsb-base to dhcp3-server	73	+void open_client_pid_file(void);
	74
	75	TIME default_lease_time = 43200; /* 12 hours... */
	76	TIME max_lease_time = 86400; /* 24 hours... */
9 by Martin Pitt * debian/patches/deroot-client.dpatch: Fixed major thinko in lease file	77	@@ -346,6 +350,14 @@
4 by Oliver Grawert added the missing dependency on lsb-base to dhcp3-server	78	/* Rewrite the lease database... */
	79	rewrite_client_leases ();
	80
	81	+ /* Open the client pidfile since we cannot do that after dropping
	82	+ * privileges */
	83	+ open_client_pid_file ();
	84	+
	85	+ /* drop privileges */
	86	+ cap_value_t capsneeded[] = { CAP_NET_RAW, CAP_NET_BIND_SERVICE };
	87	+ drop_privileges( "dhcp", "dhcp", 2, capsneeded, -1 );
	88	+
	89	/* XXX */
	90	/* config_counter(&snd_counter, &rcv_counter); */
	91
9 by Martin Pitt * debian/patches/deroot-client.dpatch: Fixed major thinko in lease file	92	@@ -2149,7 +2161,7 @@
5 by Martin Pitt * debian/patches/deroot-client.dpatch:	93	free_client_lease (lease, MDL);
	94	}
	95
	96	-FILE *leaseFile;
	97	+FILE *leaseFile = NULL;
	98
	99	void rewrite_client_leases ()
	100	{
9 by Martin Pitt * debian/patches/deroot-client.dpatch: Fixed major thinko in lease file	101	@@ -2157,9 +2169,18 @@
5 by Martin Pitt * debian/patches/deroot-client.dpatch:	102	struct client_state *client;
	103	struct client_lease *lp;
	104
	105	- if (leaseFile)
	106	- fclose (leaseFile);
	107	- leaseFile = fopen (path_dhclient_db, "w");
	108	+ if (leaseFile) {
	109	+ rewind (leaseFile);
	110	+ ftruncate (fileno (leaseFile), 0);
9 by Martin Pitt * debian/patches/deroot-client.dpatch: Fixed major thinko in lease file	111	+ } else {
	112	+ /* create lease file and chown it to dhcp, so that forked
	113	+ * instances can open it for writing, too */
	114	+ struct passwd *pwd = getpwnam ("dhcp");
5 by Martin Pitt * debian/patches/deroot-client.dpatch:	115	+ leaseFile = fopen (path_dhclient_db, "w");
9 by Martin Pitt * debian/patches/deroot-client.dpatch: Fixed major thinko in lease file	116	+ if (pwd && leaseFile) {
	117	+ chown (path_dhclient_db, pwd->pw_uid, -1);
	118	+ }
	119	+ }
5 by Martin Pitt * debian/patches/deroot-client.dpatch:	120	if (!leaseFile) {
	121	log_error ("can't create %s: %m", path_dhclient_db);
	122	return;
9 by Martin Pitt * debian/patches/deroot-client.dpatch: Fixed major thinko in lease file	123	@@ -2745,9 +2766,10 @@
4 by Oliver Grawert added the missing dependency on lsb-base to dhcp3-server	124	write_client_pid_file ();
	125	}
	126
	127	-void write_client_pid_file ()
	128	+FILE *pf;
	129	+
	130	+void open_client_pid_file ()
	131	{
	132	- FILE *pf;
	133	int pfdesc;
	134
	135	pfdesc = open (path_dhclient_pid, O_CREAT \| O_TRUNC \| O_WRONLY, 0644);
9 by Martin Pitt * debian/patches/deroot-client.dpatch: Fixed major thinko in lease file	136	@@ -2760,9 +2782,14 @@
4 by Oliver Grawert added the missing dependency on lsb-base to dhcp3-server	137	pf = fdopen (pfdesc, "w");
	138	if (!pf)
	139	log_error ("Can't fdopen %s: %m", path_dhclient_pid);
	140	- else {
	141	+}
	142	+
	143	+void write_client_pid_file ()
	144	+{
	145	+ if (pf) {
	146	fprintf (pf, "%ld\n", (long)getpid ());
	147	fclose (pf);
	148	+ pf = NULL;
	149	}
5 by Martin Pitt * debian/patches/deroot-client.dpatch:	150	}
5 by Martin Pitt * debian/patches/deroot-client.dpatch:	151