]>
Commit | Line | Data |
---|---|---|
c1e9ba67 MF |
1 | diff -up dhcp-4.3.1b1/client/dhclient.c.dlTsyN dhcp-4.3.1b1/client/dhclient.c |
2 | --- dhcp-4.3.1b1/client/dhclient.c.dlTsyN 2014-07-10 17:49:49.882925843 +0200 | |
3 | +++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:50:26.922402550 +0200 | |
4 | @@ -1748,11 +1748,6 @@ int write_host (host) | |
5 | return 0; | |
6 | } | |
7 | ||
8 | -void db_startup (testp) | |
9 | - int testp; | |
10 | -{ | |
11 | -} | |
12 | - | |
13 | void bootp (packet) | |
14 | struct packet *packet; | |
15 | { | |
16 | diff -up dhcp-4.3.1b1/includes/dhcpd.h.dlTsyN dhcp-4.3.1b1/includes/dhcpd.h | |
17 | --- dhcp-4.3.1b1/includes/dhcpd.h.dlTsyN 2014-07-10 17:48:03.798424601 +0200 | |
18 | +++ dhcp-4.3.1b1/includes/dhcpd.h 2014-07-10 17:50:26.923402536 +0200 | |
19 | @@ -2866,7 +2866,11 @@ void commit_leases_timeout (void *); | |
20 | void commit_leases_readerdry(void *); | |
21 | int commit_leases (void); | |
22 | int commit_leases_timed (void); | |
23 | +#if defined (PARANOIA) | |
24 | +void db_startup (int, uid_t, gid_t); | |
25 | +#else | |
26 | void db_startup (int); | |
27 | +#endif /* PARANOIA */ | |
28 | int new_lease_file (void); | |
29 | int group_writer (struct group_object *); | |
30 | int write_ia(const struct ia_xx *); | |
31 | diff -up dhcp-4.3.1b1/server/confpars.c.dlTsyN dhcp-4.3.1b1/server/confpars.c | |
32 | --- dhcp-4.3.1b1/server/confpars.c.dlTsyN 2014-07-10 17:39:25.801764596 +0200 | |
33 | +++ dhcp-4.3.1b1/server/confpars.c 2014-07-10 17:50:26.924402522 +0200 | |
34 | @@ -219,7 +219,11 @@ void trace_conf_input (trace_type_t *tty | |
35 | } | |
36 | ||
37 | if (!leaseconf_initialized && ttype == trace_readleases_type) { | |
38 | +#if defined (PARANOIA) | |
39 | + db_startup (0, 0, 0); | |
40 | +#else | |
41 | db_startup (0); | |
42 | +#endif /* PARANOIA */ | |
43 | leaseconf_initialized = 1; | |
44 | postdb_startup (); | |
45 | } | |
46 | diff -up dhcp-4.3.1b1/server/db.c.dlTsyN dhcp-4.3.1b1/server/db.c | |
47 | --- dhcp-4.3.1b1/server/db.c.dlTsyN 2014-07-10 17:39:25.801764596 +0200 | |
48 | +++ dhcp-4.3.1b1/server/db.c 2014-07-10 17:50:26.925402508 +0200 | |
49 | @@ -42,6 +42,10 @@ static int counting = 0; | |
50 | static int count = 0; | |
51 | TIME write_time; | |
52 | int lease_file_is_corrupt = 0; | |
53 | +#if defined (PARANOIA) | |
54 | +uid_t global_set_uid = 0; | |
55 | +gid_t global_set_gid = 0; | |
56 | +#endif /* PARANOIA */ | |
57 | ||
58 | /* Write a single binding scope value in parsable format. | |
59 | */ | |
60 | @@ -1046,8 +1050,11 @@ int commit_leases_timed() | |
61 | return (1); | |
62 | } | |
63 | ||
64 | -void db_startup (testp) | |
65 | - int testp; | |
66 | +#if defined (PARANOIA) | |
67 | +void db_startup (int testp, uid_t set_uid, gid_t set_gid) | |
68 | +#else | |
69 | +void db_startup (int testp) | |
70 | +#endif /* PARANOIA */ | |
71 | { | |
72 | isc_result_t status; | |
73 | ||
74 | @@ -1066,6 +1073,11 @@ void db_startup (testp) | |
75 | } | |
76 | #endif | |
77 | ||
78 | +#if defined (PARANOIA) | |
79 | + global_set_uid = set_uid; | |
80 | + global_set_gid = set_gid; | |
81 | +#endif /* PARANOIA */ | |
82 | + | |
83 | #if defined (TRACING) | |
84 | /* If we're playing back, there is no lease file, so we can't | |
85 | append it, so we create one immediately (maybe this isn't | |
86 | @@ -1128,6 +1140,17 @@ int new_lease_file () | |
87 | log_error ("Can't create new lease file: %m"); | |
88 | return 0; | |
89 | } | |
90 | + | |
91 | +#if defined (PARANOIA) | |
92 | + if (global_set_uid && !geteuid() && | |
93 | + global_set_gid && !getegid()) | |
94 | + if (fchown(db_fd, global_set_uid, global_set_gid)) { | |
95 | + log_fatal ("Can't chown new lease file: %m"); | |
96 | + close(db_fd); | |
97 | + goto fdfail; | |
98 | + } | |
99 | +#endif /* PARANOIA */ | |
100 | + | |
101 | if ((new_db_file = fdopen(db_fd, "we")) == NULL) { | |
102 | log_error("Can't fdopen new lease file: %m"); | |
103 | close(db_fd); | |
104 | diff -up dhcp-4.3.1b1/server/dhcpd.8.dlTsyN dhcp-4.3.1b1/server/dhcpd.8 | |
105 | --- dhcp-4.3.1b1/server/dhcpd.8.dlTsyN 2014-07-02 19:58:39.000000000 +0200 | |
106 | +++ dhcp-4.3.1b1/server/dhcpd.8 2014-07-10 17:50:26.925402508 +0200 | |
107 | @@ -82,6 +82,18 @@ dhcpd - Dynamic Host Configuration Proto | |
108 | .I trace-output-file | |
109 | ] | |
110 | [ | |
111 | +.B -user | |
112 | +.I user | |
113 | +] | |
114 | +[ | |
115 | +.B -group | |
116 | +.I group | |
117 | +] | |
118 | +[ | |
119 | +.B -chroot | |
120 | +.I dir | |
121 | +] | |
122 | +[ | |
123 | .B -play | |
124 | .I trace-playback-file | |
125 | ] | |
126 | @@ -269,6 +281,15 @@ lease file. | |
127 | .TP | |
128 | .BI --version | |
129 | Print version number and exit. | |
130 | +.TP | |
131 | +.BI \-user \ user | |
132 | +Setuid to user after completing privileged operations, such as creating sockets that listen on privileged ports. | |
133 | +.TP | |
134 | +.BI \-group \ group | |
135 | +Setgid to group after completing privileged operations, such as creating sockets that listen on privileged ports. | |
136 | +.TP | |
137 | +.BI \-chroot \ dir | |
138 | +Chroot to directory after processing the command line arguments, but before reading the configuration file. | |
139 | .PP | |
140 | .I Modifying default file locations: | |
141 | The following options can be used to modify the locations | |
142 | diff -up dhcp-4.3.1b1/server/dhcpd.c.dlTsyN dhcp-4.3.1b1/server/dhcpd.c | |
143 | --- dhcp-4.3.1b1/server/dhcpd.c.dlTsyN 2014-07-10 17:39:25.802764582 +0200 | |
144 | +++ dhcp-4.3.1b1/server/dhcpd.c 2014-07-10 17:52:35.341588248 +0200 | |
145 | @@ -628,7 +628,11 @@ main(int argc, char **argv) { | |
146 | group_write_hook = group_writer; | |
147 | ||
148 | /* Start up the database... */ | |
149 | +#if defined (PARANOIA) | |
150 | + db_startup (lftest, set_uid, set_gid); | |
151 | +#else | |
152 | db_startup (lftest); | |
153 | +#endif /* PARANOIA */ | |
154 | ||
155 | if (lftest) | |
156 | exit (0); |