From: "Lars Wendler" <polynomial-c@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/dhcp/
Date: Tue, 8 Jun 2021 14:10:39 +0000 (UTC) [thread overview]
Message-ID: <1623161421.70d1fc386a3c3e1b3af78c11aa32438ce6e6d624.polynomial-c@gentoo> (raw)
commit: 70d1fc386a3c3e1b3af78c11aa32438ce6e6d624
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Tue Jun 8 14:09:56 2021 +0000
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Tue Jun 8 14:10:21 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=70d1fc38
net-misc/dhcp: Security cleanup
Bug: https://bugs.gentoo.org/792324
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
net-misc/dhcp/Manifest | 1 -
net-misc/dhcp/dhcp-4.4.2-r3.ebuild | 277 -------------------------------------
2 files changed, 278 deletions(-)
diff --git a/net-misc/dhcp/Manifest b/net-misc/dhcp/Manifest
index ccdfdad09e7..bc614fc3a8d 100644
--- a/net-misc/dhcp/Manifest
+++ b/net-misc/dhcp/Manifest
@@ -1,2 +1 @@
DIST dhcp-4.4.2-P1.tar.gz 9898311 BLAKE2B 7cc40dfbe578bee13c7dd7868a25d0d88358bf82b02539e933a4eba06039a43f0d99b3ef6ce811b60ed3a991b222844f4a5bd9e597c11d83b09ff551ba0380a6 SHA512 924e8b44f288361dbe837987869e57b929c73cb5e4af37cb2d7b19bca5ea8594048fb41c0792fede003188185f61b25befbc2ccda42f1f68e6b6bc22ef44b040
-DIST dhcp-4.4.2.tar.gz 9906235 BLAKE2B b2233aafdefebc2d907dc83acbefc8df8aeb35791261343e2880168a59056d4b92ef030745fac16dd9a0c2f088d90cf8d420b1c2a7b0fc53d5ed11cffd4b8f18 SHA512 c3dee2cf6e4b43d519d4bc89e9b8b12a6e3747d8c4edc0f83d4a88355a483b91a5f7d2353a3c0a2f37f88704fd2f64478ac5161ca72b10c42cebcb92907afa40
diff --git a/net-misc/dhcp/dhcp-4.4.2-r3.ebuild b/net-misc/dhcp/dhcp-4.4.2-r3.ebuild
deleted file mode 100644
index 0cb341b0cec..00000000000
--- a/net-misc/dhcp/dhcp-4.4.2-r3.ebuild
+++ /dev/null
@@ -1,277 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit systemd toolchain-funcs flag-o-matic tmpfiles
-
-MY_PV="${PV//_alpha/a}"
-MY_PV="${MY_PV//_beta/b}"
-MY_PV="${MY_PV//_rc/rc}"
-MY_PV="${MY_PV//_p/-P}"
-MY_P="${PN}-${MY_PV}"
-
-DESCRIPTION="ISC Dynamic Host Configuration Protocol (DHCP) client/server"
-HOMEPAGE="https://www.isc.org/dhcp"
-SRC_URI="ftp://ftp.isc.org/isc/dhcp/${MY_P}.tar.gz
- ftp://ftp.isc.org/isc/dhcp/${MY_PV}/${MY_P}.tar.gz"
-
-LICENSE="MPL-2.0 BSD SSLeay GPL-2" # GPL-2 only for init script
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 sparc x86"
-IUSE="+client ipv6 kernel_linux ldap selinux +server ssl vim-syntax"
-
-DEPEND="
- acct-group/dhcp
- acct-user/dhcp
- client? (
- kernel_linux? (
- ipv6? ( sys-apps/iproute2 )
- sys-apps/net-tools
- )
- )
- ldap? (
- net-nds/openldap
- ssl? ( dev-libs/openssl:0= )
- )"
-RDEPEND="${DEPEND}
- selinux? ( sec-policy/selinux-dhcp )
- vim-syntax? ( app-vim/dhcpd-syntax )"
-
-S="${WORKDIR}/${MY_P}"
-
-src_unpack() {
- unpack ${A}
- # handle local bind hell
- cd "${S}"/bind
- unpack ./bind.tar.gz
-}
-
-PATCHES=(
- # Gentoo patches - these will probably never be accepted upstream
- # Fix some permission issues
- "${FILESDIR}/${PN}-3.0-fix-perms.patch"
-
- # Enable dhclient to equery NTP servers
- "${FILESDIR}/${PN}-4.3.6-dhclient-ntp.patch"
- "${FILESDIR}/${PN}-4.3.6-dhclient-resolvconf.patch"
-
- # Enable dhclient to get extra configuration from stdin
- "${FILESDIR}/${PN}-4.2.2-dhclient-stdin-conf.patch"
- "${FILESDIR}/${PN}-4.3.6-nogateway.patch" #265531
- "${FILESDIR}/${PN}-4.3.6-quieter-ping.patch" #296921
- "${FILESDIR}/${PN}-4.4.0-always-accept-4.patch" #437108
- "${FILESDIR}/${PN}-4.3.6-iproute2-path.patch" #480636
- "${FILESDIR}/${PN}-4.2.5-bindtodevice-inet6.patch" #471142
- "${FILESDIR}/${PN}-4.3.3-ldap-ipv6-client-id.patch" #559832
-
- # Possible upstream candidates
- "${FILESDIR}/${PN}-4.4.2-fno-common.patch" #710194
- "${FILESDIR}/dhcp-4.4.2-variable-name.patch" #752402
-)
-
-src_prepare() {
- default
-
- # Brand the version with Gentoo
- sed -i \
- -e "/VERSION=/s:'$: Gentoo-${PR}':" \
- configure || die
-
- # Change the hook script locations of the scripts
- sed -i \
- -e 's,/etc/dhclient-exit-hooks,/etc/dhcp/dhclient-exit-hooks,g' \
- -e 's,/etc/dhclient-enter-hooks,/etc/dhcp/dhclient-enter-hooks,g' \
- client/scripts/* || die
-
- # No need for the linux script to force bash #158540
- sed -i -e 's,#!/bin/bash,#!/bin/sh,' client/scripts/linux || die
-
- # Quiet the freebsd logger a little
- sed -i -e '/LOGGER=/ s/-s -p user.notice //g' client/scripts/freebsd || die
-
- # Remove these options from the sample config
- sed -i -r \
- -e "/(script|host-name|domain-name) /d" \
- client/dhclient.conf.example || die
-
- if use client && ! use server ; then
- sed -i -r \
- -e '/^SUBDIRS/s:\<(dhcpctl|relay|server)\>::g' \
- Makefile.in || die
- elif ! use client && use server ; then
- sed -i -r \
- -e '/^SUBDIRS/s:\<client\>::' \
- Makefile.in || die
- fi
-
- # Only install different man pages if we don't have en
- if [[ " ${LINGUAS} " != *" en "* ]]; then
- # Install Japanese man pages
- if [[ " ${LINGUAS} " == *" ja "* && -d doc/ja_JP.eucJP ]]; then
- einfo "Installing Japanese documention"
- cp doc/ja_JP.eucJP/dhclient* client || die
- cp doc/ja_JP.eucJP/dhcp* common || die
- fi
- fi
- # Now remove the non-english docs so there are no errors later
- rm -r doc/ja_JP.eucJP || die
-
- # make the bind build work - do NOT make "binddir" local!
- binddir="${S}/bind"
- cd "${binddir}" || die
- cat <<-EOF > bindvar.tmp
- binddir=${binddir}
- GMAKE=${MAKE:-gmake}
- EOF
- eapply -p2 "${FILESDIR}"/${PN}-4.4.0-bind-disable.patch
- # Only use the relevant subdirs now that ISC
- #removed the lib/export structure in bind.
- sed '/^SUBDIRS/s@=.*$@= isc dns isccfg irs samples@' \
- -i bind-*/lib/Makefile.in || die
-}
-
-src_configure() {
- # bind defaults to stupid `/usr/bin/ar`
- tc-export AR BUILD_CC
- export ac_cv_path_AR=${AR}
-
- # this is tested for by the bind build system, and can cause trouble
- # when cross-building; since dhcp itself doesn't make use of libcap,
- # simply disable it.
- export ac_cv_lib_cap_cap_set_proc=no
-
- # Use FHS sane paths ... some of these have configure options,
- # but not all, so just do it all here.
- local e="/etc/dhcp" r="/var/run/dhcp" l="/var/lib/dhcp"
- cat <<-EOF >> includes/site.h
- #define _PATH_DHCPD_CONF "${e}/dhcpd.conf"
- #define _PATH_DHCLIENT_CONF "${e}/dhclient.conf"
- #define _PATH_DHCPD_DB "${l}/dhcpd.leases"
- #define _PATH_DHCPD6_DB "${l}/dhcpd6.leases"
- #define _PATH_DHCLIENT_DB "${l}/dhclient.leases"
- #define _PATH_DHCLIENT6_DB "${l}/dhclient6.leases"
- #define _PATH_DHCPD_PID "${r}/dhcpd.pid"
- #define _PATH_DHCPD6_PID "${r}/dhcpd6.pid"
- #define _PATH_DHCLIENT_PID "${r}/dhcpclient.pid"
- #define _PATH_DHCLIENT6_PID "${r}/dhcpclient6.pid"
- #define _PATH_DHCRELAY_PID "${r}/dhcrelay.pid"
- #define _PATH_DHCRELAY6_PID "${r}/dhcrelay6.pid"
- EOF
-
- # https://bugs.gentoo.org/720806
- if use ppc || use arm || use hppa; then
- append-libs -latomic
- fi
-
- local myeconfargs=(
- --enable-paranoia
- --enable-early-chroot
- --sysconfdir=${e}
- --with-randomdev=/dev/random
- $(use_enable ipv6 dhcpv6)
- $(use_with ldap)
- $(use ldap && use_with ssl ldapcrypto || echo --without-ldapcrypto)
- LIBS="${LIBS}"
- )
- econf "${myeconfargs[@]}"
-
- # configure local bind cruft. symtable option requires
- # perl and we don't want to require that #383837.
- cd bind/bind-*/ || die
- local el
- eval econf \
- $(for el in $(awk '/^bindconfig/,/^$/ {print}' ../Makefile.in) ; do if [[ ${el} =~ ^-- ]] ; then printf ' %s' ${el//\\} ; fi ; done | sed 's,@\([[:alpha:]]\+\)dir@,${binddir}/\1,g') \
- --with-randomdev=/dev/random \
- --disable-symtable \
- --without-make-clean
-}
-
-src_compile() {
- # build local bind cruft first
- emake -C bind/bind-*/lib install
- # then build standard dhcp code
- emake AR="$(tc-getAR)"
-}
-
-src_install() {
- default
-
- dodoc README RELNOTES doc/{api+protocol,IANA-arp-parameters}
- docinto html
- dodoc doc/References.html
-
- if [[ -e client/dhclient ]] ; then
- # move the client to /
- dodir /sbin
- mv "${ED}"/usr/sbin/dhclient "${ED}"/sbin/ || die
-
- exeinto /sbin
- if use kernel_linux ; then
- newexe "${S}"/client/scripts/linux dhclient-script
- else
- newexe "${S}"/client/scripts/freebsd dhclient-script
- fi
- fi
-
- if [[ -e server/dhcpd ]] ; then
- if use ldap ; then
- insinto /etc/openldap/schema
- doins contrib/ldap/dhcp.*
- dosbin contrib/ldap/dhcpd-conf-to-ldap
- fi
-
- newinitd "${FILESDIR}"/dhcpd.init5 dhcpd
- newconfd "${FILESDIR}"/dhcpd.conf2 dhcpd
- newinitd "${FILESDIR}"/dhcrelay.init3 dhcrelay
- newconfd "${FILESDIR}"/dhcrelay.conf dhcrelay
- newinitd "${FILESDIR}"/dhcrelay.init3 dhcrelay6
- newconfd "${FILESDIR}"/dhcrelay6.conf dhcrelay6
-
- newtmpfiles "${FILESDIR}"/dhcpd.tmpfiles dhcpd.conf
- systemd_dounit "${FILESDIR}"/dhcpd4.service
- systemd_dounit "${FILESDIR}"/dhcpd6.service
- systemd_dounit "${FILESDIR}"/dhcrelay4.service
- systemd_dounit "${FILESDIR}"/dhcrelay6.service
- systemd_install_serviced "${FILESDIR}"/dhcrelay4.service.conf
- systemd_install_serviced "${FILESDIR}"/dhcrelay6.service.conf
-
- sed -i "s:#@slapd@:$(usex ldap slapd ''):" "${ED}"/etc/init.d/* || die #442560
- fi
-
- # the default config files aren't terribly useful #384087
- local f
- for f in "${ED}"/etc/dhcp/*.conf.example ; do
- mv "${f}" "${f%.example}" || die
- done
- sed -i '/^[^#]/s:^:#:' "${ED}"/etc/dhcp/*.conf || die
-
- diropts -m0750 -o dhcp -g dhcp
- keepdir /var/lib/dhcp
-}
-
-pkg_preinst() {
- # Keep the user files over the sample ones. The
- # hashing is to ignore the crappy defaults #384087.
- local f h
- for f in dhclient:da7c8496a96452190aecf9afceef4510 dhcpd:10979e7b71134bd7f04d2a60bd58f070 ; do
- h=${f#*:}
- f="/etc/dhcp/${f%:*}.conf"
- if [ -e "${EROOT}"${f} ] ; then
- case $(md5sum "${EROOT}"${f}) in
- ${h}*) ;;
- *) cp -p "${EROOT}"${f} "${ED}"${f};;
- esac
- fi
- done
-}
-
-pkg_postinst() {
- if [[ -e "${ROOT}"/etc/init.d/dhcp ]] ; then
- ewarn
- ewarn "WARNING: The dhcp init script has been renamed to dhcpd"
- ewarn "/etc/init.d/dhcp and /etc/conf.d/dhcp need to be removed and"
- ewarn "and dhcp should be removed from the default runlevel"
- ewarn
- fi
-}
next reply other threads:[~2021-06-08 14:10 UTC|newest]
Thread overview: 128+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-08 14:10 Lars Wendler [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-07-24 15:06 [gentoo-commits] repo/gentoo:master commit in: net-misc/dhcp/ Eli Schwartz
2025-07-24 4:52 Eli Schwartz
2025-02-23 1:45 Sam James
2024-11-26 3:10 Sam James
2024-05-26 22:43 Sam James
2024-03-24 11:35 Sam James
2024-03-24 11:35 Sam James
2024-03-24 11:35 Sam James
2024-03-24 11:35 Sam James
2024-03-24 11:35 Sam James
2024-03-24 11:35 Sam James
2024-03-24 11:29 Sam James
2024-02-18 11:29 Sam James
2024-02-18 11:29 Sam James
2024-02-18 11:29 Sam James
2023-07-14 12:09 Sam James
2023-06-17 22:48 Sam James
2023-06-17 15:13 Sam James
2023-06-17 10:42 Arthur Zamarin
2023-06-17 7:43 Arthur Zamarin
2023-06-17 6:12 Sam James
2023-06-17 5:57 Sam James
2023-06-17 5:57 Sam James
2023-05-27 15:29 Mike Gilbert
2023-05-21 20:38 Mike Gilbert
2023-04-28 6:27 Sam James
2023-03-04 10:15 Arthur Zamarin
2023-03-04 9:55 Arthur Zamarin
2023-03-04 8:07 Arthur Zamarin
2023-03-04 7:04 Arthur Zamarin
2023-03-04 5:47 Arthur Zamarin
2023-03-04 5:41 Arthur Zamarin
2023-03-04 5:38 Arthur Zamarin
2022-10-24 15:51 Mike Gilbert
2022-10-14 4:30 Arthur Zamarin
2022-10-14 4:14 Arthur Zamarin
2022-10-14 4:14 Arthur Zamarin
2022-10-13 23:20 Sam James
2022-10-13 23:19 Sam James
2022-10-13 23:01 Sam James
2022-10-13 22:37 Sam James
2022-10-05 19:21 Sam James
2022-09-16 17:17 Arthur Zamarin
2022-09-15 19:58 Arthur Zamarin
2022-09-08 11:35 Agostino Sarubbo
2022-09-08 10:52 Agostino Sarubbo
2022-09-08 10:32 Agostino Sarubbo
2022-09-08 3:31 Sam James
2022-09-08 3:31 Sam James
2022-04-28 18:00 Sam James
2022-04-28 17:52 Sam James
2022-03-22 23:32 Sam James
2022-01-04 10:30 David Seifert
2021-07-30 23:31 Sam James
2021-07-28 2:59 Sam James
2021-06-17 9:59 Yixun Lan
2021-06-07 6:25 Sergei Trofimovich
2021-06-03 23:38 Sam James
2021-06-03 15:52 Sergei Trofimovich
2021-06-03 8:23 Sam James
2021-06-02 22:42 Sam James
2021-06-02 19:01 Sam James
2021-06-02 19:01 Sam James
2021-05-26 21:49 Lars Wendler
2021-04-29 18:00 Mikle Kolyada
2021-03-07 11:58 David Seifert
2021-02-26 11:38 Lars Wendler
2021-02-25 1:29 Sam James
2021-02-25 1:28 Sam James
2021-01-21 20:51 Mike Gilbert
2020-05-06 17:34 Sergei Trofimovich
2020-05-04 6:16 Mart Raudsepp
2020-05-03 12:30 Agostino Sarubbo
2020-05-03 10:30 Agostino Sarubbo
2020-05-03 10:25 Agostino Sarubbo
2020-05-03 10:12 Agostino Sarubbo
2020-05-03 10:01 Agostino Sarubbo
2020-02-18 8:23 Lars Wendler
2020-01-24 21:52 Lars Wendler
2020-01-23 9:08 Lars Wendler
2019-07-31 22:03 Lars Wendler
2019-02-16 23:38 Mart Raudsepp
2019-02-07 11:53 Mikle Kolyada
2019-02-04 20:16 Markus Meier
2019-01-30 13:20 Tobias Klausmann
2019-01-30 8:13 Sergei Trofimovich
2019-01-27 12:13 Sergei Trofimovich
2019-01-27 10:08 Lars Wendler
2018-09-08 13:57 Mart Raudsepp
2018-03-16 22:50 Lars Wendler
2018-03-13 19:51 Mikle Kolyada
2018-03-13 18:01 Markus Meier
2018-03-12 4:41 Matt Turner
2018-03-12 4:41 Matt Turner
2018-03-11 5:20 Matt Turner
2018-03-05 17:13 Tobias Klausmann
2018-03-04 11:13 Sergei Trofimovich
2018-03-02 23:21 Sergei Trofimovich
2018-03-02 14:15 Jason Zaman
2018-02-28 16:35 Lars Wendler
2018-02-08 13:40 Lars Wendler
2018-02-02 11:20 Lars Wendler
2017-11-08 22:27 Sergei Trofimovich
2017-10-09 14:29 Sergei Trofimovich
2017-08-29 21:39 Thomas Deutschmann
2017-08-25 13:28 Mikle Kolyada
2017-08-10 4:40 Markus Meier
2017-08-05 18:07 Sergei Trofimovich
2017-01-12 16:10 Jeroen Roovers
2016-11-30 19:32 Markus Meier
2016-11-27 16:43 Tobias Klausmann
2016-11-26 10:44 Agostino Sarubbo
2016-11-26 10:36 Agostino Sarubbo
2016-10-04 18:20 Lars Wendler
2016-10-04 18:20 Lars Wendler
2016-03-30 10:23 Lars Wendler
2016-03-20 11:53 Agostino Sarubbo
2016-03-19 11:35 Agostino Sarubbo
2016-01-18 4:52 Jeroen Roovers
2016-01-17 17:02 Agostino Sarubbo
2016-01-17 16:13 Tobias Klausmann
2016-01-17 11:30 Markus Meier
2016-01-15 13:00 Andreas Schuerch
2016-01-14 11:56 Agostino Sarubbo
2016-01-13 9:45 Lars Wendler
2015-10-04 21:47 Julian Ospald
2015-09-06 15:37 Lars Wendler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1623161421.70d1fc386a3c3e1b3af78c11aa32438ce6e6d624.polynomial-c@gentoo \
--to=polynomial-c@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox