]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - src/patches/dhcp-4.2.2-capability.patch
projects / people / pmueller / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge remote-tracking branch 'origin/next' into thirteen
[people/pmueller/ipfire-2.x.git] / src / patches / dhcp-4.2.2-capability.patch
1 diff -up dhcp-4.2.2b1/client/dhclient.8.capability dhcp-4.2.2b1/client/dhclient.8
2 --- dhcp-4.2.2b1/client/dhclient.8.capability 2011-07-01 15:09:06.603784531 +0200
3 +++ dhcp-4.2.2b1/client/dhclient.8 2011-07-01 15:09:06.663783913 +0200
4 @@ -118,6 +118,9 @@ dhclient - Dynamic Host Configuration Pr
5 .B -w
6 ]
7 [
8 +.B -nc
9 +]
10 +[
11 .B -B
12 ]
13 [
14 @@ -296,6 +299,32 @@ has been added or removed, so that the c
15 address on that interface.
16
17 .TP
18 +.BI \-nc
19 +Do not drop capabilities.
20 +
21 +Normally, if
22 +.B dhclient
23 +was compiled with libcap-ng support,
24 +.B dhclient
25 +drops most capabilities immediately upon startup. While more secure,
26 +this greatly restricts the additional actions that hooks in
27 +.B dhclient-script (8)
28 +can take. (For example, any daemons that
29 +.B dhclient-script (8)
30 +starts or restarts will inherit the restricted capabilities as well,
31 +which may interfere with their correct operation.) Thus, the
32 +.BI \-nc
33 +option can be used to prevent
34 +.B dhclient
35 +from dropping capabilities.
36 +
37 +The
38 +.BI \-nc
39 +option is ignored if
40 +.B dhclient
41 +was not compiled with libcap-ng support.
42 +
43 +.TP
44 .BI \-B
45 Set the BOOTP broadcast flag in request packets so servers will always
46 broadcast replies.
47 diff -up dhcp-4.2.2b1/client/dhclient.c.capability dhcp-4.2.2b1/client/dhclient.c
48 --- dhcp-4.2.2b1/client/dhclient.c.capability 2011-07-01 15:09:06.644784107 +0200
49 +++ dhcp-4.2.2b1/client/dhclient.c 2011-07-01 15:09:06.664783903 +0200
50 @@ -39,6 +39,10 @@
51 #include <limits.h>
52 #include <dns/result.h>
53
54 +#ifdef HAVE_LIBCAP_NG
55 +#include <cap-ng.h>
56 +#endif
57 +
58 /*
59 * Defined in stdio.h when _GNU_SOURCE is set, but we don't want to define
60 * that when building ISC code.
61 @@ -141,6 +145,9 @@ main(int argc, char **argv) {
62 int timeout_arg = 0;
63 char *arg_conf = NULL;
64 int arg_conf_len = 0;
65 +#ifdef HAVE_LIBCAP_NG
66 + int keep_capabilities = 0;
67 +#endif
68
69 /* Initialize client globals. */
70 memset(&default_duid, 0, sizeof(default_duid));
71 @@ -410,6 +417,10 @@ main(int argc, char **argv) {
72 }
73
74 dhclient_request_options = argv[i];
75 + } else if (!strcmp(argv[i], "-nc")) {
76 +#ifdef HAVE_LIBCAP_NG
77 + keep_capabilities = 1;
78 +#endif
79 } else if (argv[i][0] == '-') {
80 usage();
81 } else if (interfaces_requested < 0) {
82 @@ -458,6 +469,19 @@ main(int argc, char **argv) {
83 path_dhclient_script = s;
84 }
85
86 +#ifdef HAVE_LIBCAP_NG
87 + /* Drop capabilities */
88 + if (!keep_capabilities) {
89 + capng_clear(CAPNG_SELECT_CAPS);
90 + capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
91 + CAP_DAC_OVERRIDE); // Drop this someday
92 + capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
93 + CAP_NET_ADMIN, CAP_NET_RAW,
94 + CAP_NET_BIND_SERVICE, CAP_SYS_ADMIN, -1);
95 + capng_apply(CAPNG_SELECT_CAPS);
96 + }
97 +#endif
98 +
99 /* Set up the initial dhcp option universe. */
100 initialize_common_option_spaces();
101
102 diff -up dhcp-4.2.2b1/client/dhclient-script.8.capability dhcp-4.2.2b1/client/dhclient-script.8
103 --- dhcp-4.2.2b1/client/dhclient-script.8.capability 2011-07-01 15:09:06.604784521 +0200
104 +++ dhcp-4.2.2b1/client/dhclient-script.8 2011-07-01 15:09:06.666783883 +0200
105 @@ -239,6 +239,16 @@ repeatedly initialized to the values pro
106 the other. Assuming the information provided by both servers is
107 valid, this shouldn't cause any real problems, but it could be
108 confusing.
109 +.PP
110 +Normally, if dhclient was compiled with libcap-ng support,
111 +dhclient drops most capabilities immediately upon startup.
112 +While more secure, this greatly restricts the additional actions that
113 +hooks in dhclient-script can take. For example, any daemons that
114 +dhclient-script starts or restarts will inherit the restricted
115 +capabilities as well, which may interfere with their correct operation.
116 +Thus, the
117 +.BI \-nc
118 +option can be used to prevent dhclient from dropping capabilities.
119 .SH SEE ALSO
120 dhclient(8), dhcpd(8), dhcrelay(8), dhclient.conf(5) and
121 dhclient.leases(5).
122 diff -up dhcp-4.2.2b1/client/Makefile.am.capability dhcp-4.2.2b1/client/Makefile.am
123 --- dhcp-4.2.2b1/client/Makefile.am.capability 2011-07-01 15:09:06.526785327 +0200
124 +++ dhcp-4.2.2b1/client/Makefile.am 2011-07-01 15:09:06.667783873 +0200
125 @@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c
126 scripts/netbsd scripts/nextstep scripts/openbsd \
127 scripts/solaris scripts/openwrt
128 dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
129 - $(BIND9_LIBDIR) -ldns-export -lisc-export
130 + $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
131 man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
132 EXTRA_DIST = $(man_MANS)
133
134 diff -up dhcp-4.2.2b1/configure.ac.capability dhcp-4.2.2b1/configure.ac
135 --- dhcp-4.2.2b1/configure.ac.capability 2011-07-01 15:09:06.527785317 +0200
136 +++ dhcp-4.2.2b1/configure.ac 2011-07-01 15:09:06.667783873 +0200
137 @@ -449,6 +449,41 @@ AC_TRY_LINK(
138 # Look for optional headers.
139 AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)
140
141 +# look for capabilities library
142 +AC_ARG_WITH(libcap-ng,
143 + [ --with-libcap-ng=[auto/yes/no] Add Libcap-ng support [default=auto]],,
144 + with_libcap_ng=auto)
145 +
146 +# Check for Libcap-ng API
147 +#
148 +# libcap-ng detection
149 +if test x$with_libcap_ng = xno ; then
150 + have_libcap_ng=no;
151 +else
152 + # Start by checking for header file
153 + AC_CHECK_HEADER(cap-ng.h, capng_headers=yes, capng_headers=no)
154 +
155 + # See if we have libcap-ng library
156 + AC_CHECK_LIB(cap-ng, capng_clear,
157 + CAPNG_LDADD=-lcap-ng,)
158 +
159 + # Check results are usable
160 + if test x$with_libcap_ng = xyes -a x$CAPNG_LDADD = x ; then
161 + AC_MSG_ERROR(libcap-ng support was requested and the library was not found)
162 + fi
163 + if test x$CAPNG_LDADD != x -a $capng_headers = no ; then
164 + AC_MSG_ERROR(libcap-ng libraries found but headers are missing)
165 + fi
166 +fi
167 +AC_SUBST(CAPNG_LDADD)
168 +AC_MSG_CHECKING(whether to use libcap-ng)
169 +if test x$CAPNG_LDADD != x ; then
170 + AC_DEFINE(HAVE_LIBCAP_NG,1,[libcap-ng support])
171 + AC_MSG_RESULT(yes)
172 +else
173 + AC_MSG_RESULT(no)
174 +fi
175 +
176 # Solaris needs some libraries for functions
177 AC_SEARCH_LIBS(socket, [socket])
178 AC_SEARCH_LIBS(inet_ntoa, [nsl])
179 diff -up dhcp-4.2.2b1/relay/dhcrelay.c.capability dhcp-4.2.2b1/relay/dhcrelay.c
180 --- dhcp-4.2.2b1/relay/dhcrelay.c.capability 2011-07-01 15:09:06.626784295 +0200
181 +++ dhcp-4.2.2b1/relay/dhcrelay.c 2011-07-01 15:12:05.362223794 +0200
182 @@ -36,6 +36,11 @@
183 #include <syslog.h>
184 #include <sys/time.h>
185
186 +#ifdef HAVE_LIBCAP_NG
187 +# include <cap-ng.h>
188 + int keep_capabilities = 0;
189 +#endif
190 +
191 TIME default_lease_time = 43200; /* 12 hours... */
192 TIME max_lease_time = 86400; /* 24 hours... */
193 struct tree_cache *global_options[256];
194 @@ -356,6 +361,10 @@ main(int argc, char **argv) {
195 sl->next = upstreams;
196 upstreams = sl;
197 #endif
198 + } else if (!strcmp(argv[i], "-nc")) {
199 +#ifdef HAVE_LIBCAP_NG
200 + keep_capabilities = 1;
201 +#endif
202 } else if (!strcmp(argv[i], "-pf")) {
203 if (++i == argc)
204 usage();
205 @@ -426,6 +435,17 @@ main(int argc, char **argv) {
206 #endif
207 }
208
209 +#ifdef HAVE_LIBCAP_NG
210 + /* Drop capabilities */
211 + if (!keep_capabilities) {
212 + capng_clear(CAPNG_SELECT_BOTH);
213 + capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
214 + CAP_NET_RAW, CAP_NET_BIND_SERVICE, -1);
215 + capng_apply(CAPNG_SELECT_BOTH);
216 + log_info ("Dropped all unnecessary capabilities.");
217 + }
218 +#endif
219 +
220 if (!quiet) {
221 log_info("%s %s", message, PACKAGE_VERSION);
222 log_info(copyright);
223 @@ -573,6 +593,15 @@ main(int argc, char **argv) {
224 dhcpv6_packet_handler = do_packet6;
225 #endif
226
227 +#ifdef HAVE_LIBCAP_NG
228 + /* Drop all capabilities */
229 + if (!keep_capabilities) {
230 + capng_clear(CAPNG_SELECT_BOTH);
231 + capng_apply(CAPNG_SELECT_BOTH);
232 + log_info ("Dropped all capabilities.");
233 + }
234 +#endif
235 +
236 /* Start dispatching packets and timeouts... */
237 dispatch();
238
239 diff -up dhcp-4.2.2b1/relay/Makefile.am.capability dhcp-4.2.2b1/relay/Makefile.am
240 --- dhcp-4.2.2b1/relay/Makefile.am.capability 2011-07-01 15:09:06.546785121 +0200
241 +++ dhcp-4.2.2b1/relay/Makefile.am 2011-07-01 15:09:06.670783841 +0200
242 @@ -3,7 +3,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
243 sbin_PROGRAMS = dhcrelay
244 dhcrelay_SOURCES = dhcrelay.c
245 dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
246 - $(BIND9_LIBDIR) -ldns-export -lisc-export
247 + $(BIND9_LIBDIR) -ldns-export -lisc-export $(CAPNG_LDADD)
248 man_MANS = dhcrelay.8
249 EXTRA_DIST = $(man_MANS)
250
251 diff -up dhcp-4.2.2b1/server/dhcpd.c.capability dhcp-4.2.2b1/server/dhcpd.c
252 --- dhcp-4.2.2b1/server/dhcpd.c.capability 2011-07-01 15:09:06.636784192 +0200
253 +++ dhcp-4.2.2b1/server/dhcpd.c 2011-07-01 15:09:06.670783841 +0200
254 @@ -58,6 +58,11 @@ static const char url [] =
255 # undef group
256 #endif /* PARANOIA */
257
258 +#ifdef HAVE_LIBCAP_NG
259 +# include <cap-ng.h>
260 + int keep_capabilities = 0;
261 +#endif
262 +
263 static void usage(void);
264
265 struct iaddr server_identifier;
266 @@ -403,6 +408,10 @@ main(int argc, char **argv) {
267 traceinfile = argv [i];
268 trace_replay_init ();
269 #endif /* TRACING */
270 + } else if (!strcmp(argv[i], "-nc")) {
271 +#ifdef HAVE_LIBCAP_NG
272 + keep_capabilities = 1;
273 +#endif
274 } else if (argv [i][0] == '-') {
275 usage ();
276 } else {
277 @@ -459,6 +468,17 @@ main(int argc, char **argv) {
278 }
279 #endif /* DHCPv6 */
280
281 +#ifdef HAVE_LIBCAP_NG
282 + /* Drop capabilities */
283 + if (!keep_capabilities) {
284 + capng_clear(CAPNG_SELECT_BOTH);
285 + capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
286 + CAP_NET_RAW, CAP_NET_BIND_SERVICE, CAP_SYS_CHROOT, CAP_SETUID, CAP_SETGID, -1);
287 + capng_apply(CAPNG_SELECT_BOTH);
288 + log_info ("Dropped all unnecessary capabilities.");
289 + }
290 +#endif
291 +
292 /*
293 * convert relative path names to absolute, for files that need
294 * to be reopened after chdir() has been called
295 @@ -859,6 +879,15 @@ main(int argc, char **argv) {
296 omapi_set_int_value ((omapi_object_t *)dhcp_control_object,
297 (omapi_object_t *)0, "state", server_running);
298
299 +#ifdef HAVE_LIBCAP_NG
300 + /* Drop all capabilities */
301 + if (!keep_capabilities) {
302 + capng_clear(CAPNG_SELECT_BOTH);
303 + capng_apply(CAPNG_SELECT_BOTH);
304 + log_info ("Dropped all capabilities.");
305 + }
306 +#endif
307 +
308 /* Receive packets and dispatch them... */
309 dispatch ();
310
311 diff -up dhcp-4.2.2b1/server/Makefile.am.capability dhcp-4.2.2b1/server/Makefile.am
312 --- dhcp-4.2.2b1/server/Makefile.am.capability 2011-07-01 15:09:06.546785121 +0200
313 +++ dhcp-4.2.2b1/server/Makefile.am 2011-07-01 15:09:06.671783830 +0200
314 @@ -8,7 +8,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
315
316 dhcpd_CFLAGS = $(LDAP_CFLAGS)
317 dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
318 - ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export
319 + ../dhcpctl/libdhcpctl.a $(BIND9_LIBDIR) -ldns-export -lisc-export \
320 + $(CAPNG_LDADD)
321
322 man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
323 EXTRA_DIST = $(man_MANS)
Peter's tree of IPFire 2.x