[master] Print out files used and move the dropping of privileges in paranoia

17551 - When starting up in verbose mode have the server print out
        the files it will use

25806 - Moving the paranoia code that drops the privileges to be after
        the server has written the PID file.

diff --git a/RELNOTES b/RELNOTES
index 2c39b66a7e518b70597e9f91f73eab49d23533e0..938a819ca75d0da39f9bf340b58f33cbf7164108 100644 (file)
--- a/RELNOTES
+++ b/RELNOTES
@@ -123,6 +123,16 @@ by Eric Young (eay@cryptsoft.com).
   Thanks to Tomas Hozza at Red Hat for the suggestion and a prototype fix.
   [ISC-Bugs #33098]
 
+- Several updates to the dhcp server code
+  When not in quiet mode print out the files being used.
+  [ISC-Bugs #17551]
+  As accessing some pid files may require privileges move the dropping
+  of permission bits due to the paranoia patch to be after the pid code.
+  Thanks to Jiri Popelka at Red Hat for the bug and fix.
+  [ISC-Bugs #25806]
+  When processing a "--version" request don't output the version information
+  to syslog.
+
                        Changes since 4.3.0rc1
 
 - None

diff --git a/server/dhcpd.c b/server/dhcpd.c
index 28cc56292b14bdbab6f1963bb7c236afe03cffcf..bd9e1efbc57e3a5b67a13739c05c92b763770c01 100644 (file)
--- a/server/dhcpd.c
+++ b/server/dhcpd.c
@@ -308,7 +308,13 @@ main(int argc, char **argv) {
                        local_family_set = 1;
 #endif /* DHCPv6 */
                } else if (!strcmp (argv [i], "--version")) {
-                       log_info("isc-dhcpd-%s", PACKAGE_VERSION);
+                       const char vstring[] = "isc-dhcpd-";
+                       IGNORE_RET(write(STDERR_FILENO, vstring,
+                                        strlen(vstring)));
+                       IGNORE_RET(write(STDERR_FILENO,
+                                        PACKAGE_VERSION,
+                                        strlen(PACKAGE_VERSION)));
+                       IGNORE_RET(write(STDERR_FILENO, "\n", 1));
                        exit (0);
 #if defined (TRACING)
                } else if (!strcmp (argv [i], "-tf")) {
@@ -394,6 +400,9 @@ main(int argc, char **argv) {
                log_info (copyright);
                log_info (arr);
                log_info (url);
+               log_info ("Config file: %s", path_dhcpd_conf);
+               log_info ("Database file: %s", path_dhcpd_db);
+               log_info ("PID file: %s", path_dhcpd_pid);
        } else {
                quiet = 0;
                log_perror = 0;
@@ -690,22 +699,6 @@ main(int argc, char **argv) {
                        exit (0);
        }
  
-#if defined (PARANOIA)
-       /* change uid to the specified one */
-
-       if (set_gid) {
-               if (setgroups (0, (void *)0))
-                       log_fatal ("setgroups: %m");
-               if (setgid (set_gid))
-                       log_fatal ("setgid(%d): %m", (int) set_gid);
-       }       
-
-       if (set_uid) {
-               if (setuid (set_uid))
-                       log_fatal ("setuid(%d): %m", (int) set_uid);
-       }
-#endif /* PARANOIA */
-
        /*
         * Deal with pid files.  If the user told us
         * not to write a file we don't read one either
@@ -742,6 +735,22 @@ main(int argc, char **argv) {
                }
        }
 
+#if defined (PARANOIA)
+       /* change uid to the specified one */
+
+       if (set_gid) {
+               if (setgroups (0, (void *)0))
+                       log_fatal ("setgroups: %m");
+               if (setgid (set_gid))
+                       log_fatal ("setgid(%d): %m", (int) set_gid);
+       }       
+
+       if (set_uid) {
+               if (setuid (set_uid))
+                       log_fatal ("setuid(%d): %m", (int) set_uid);
+       }
+#endif /* PARANOIA */
+
        /* If we were requested to log to stdout on the command line,
           keep doing so; otherwise, stop. */
        if (log_perror == -1)