1 diff -up dhcp-4.3.1b1/client/dhclient.8.zzftXp dhcp-4.3.1b1/client/dhclient.8
2 --- dhcp-4.3.1b1/client/dhclient.8.zzftXp 2014-07-10 17:38:26.938599402 +0200
3 +++ dhcp-4.3.1b1/client/dhclient.8 2014-07-10 17:39:25.852763873 +0200
4 @@ -128,6 +128,9 @@ dhclient - Dynamic Host Configuration Pr
14 @@ -304,6 +307,32 @@ has been added or removed, so that the c
15 address on that interface.
19 +Do not drop capabilities.
23 +was compiled with libcap-ng support,
25 +drops most capabilities immediately upon startup. While more secure,
26 +this greatly restricts the additional actions that hooks in
27 +.B dhclient-script (8)
28 +can take. (For example, any daemons that
29 +.B dhclient-script (8)
30 +starts or restarts will inherit the restricted capabilities as well,
31 +which may interfere with their correct operation.) Thus, the
33 +option can be used to prevent
35 +from dropping capabilities.
41 +was not compiled with libcap-ng support.
45 Set the BOOTP broadcast flag in request packets so servers will always
47 diff -up dhcp-4.3.1b1/client/dhclient.c.zzftXp dhcp-4.3.1b1/client/dhclient.c
48 --- dhcp-4.3.1b1/client/dhclient.c.zzftXp 2014-07-10 17:39:25.797764653 +0200
49 +++ dhcp-4.3.1b1/client/dhclient.c 2014-07-10 17:39:25.853763858 +0200
52 #include <dns/result.h>
54 +#ifdef HAVE_LIBCAP_NG
59 * Defined in stdio.h when _GNU_SOURCE is set, but we don't want to define
60 * that when building ISC code.
61 @@ -143,6 +147,9 @@ main(int argc, char **argv) {
63 char *arg_conf = NULL;
65 +#ifdef HAVE_LIBCAP_NG
66 + int keep_capabilities = 0;
69 /* Initialize client globals. */
70 memset(&default_duid, 0, sizeof(default_duid));
71 @@ -425,6 +432,10 @@ main(int argc, char **argv) {
74 dhclient_request_options = argv[i];
75 + } else if (!strcmp(argv[i], "-nc")) {
76 +#ifdef HAVE_LIBCAP_NG
77 + keep_capabilities = 1;
79 } else if (argv[i][0] == '-') {
81 } else if (interfaces_requested < 0) {
82 @@ -473,6 +484,19 @@ main(int argc, char **argv) {
83 path_dhclient_script = s;
86 +#ifdef HAVE_LIBCAP_NG
87 + /* Drop capabilities */
88 + if (!keep_capabilities) {
89 + capng_clear(CAPNG_SELECT_CAPS);
90 + capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
91 + CAP_DAC_OVERRIDE); // Drop this someday
92 + capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
93 + CAP_NET_ADMIN, CAP_NET_RAW,
94 + CAP_NET_BIND_SERVICE, CAP_SYS_ADMIN, -1);
95 + capng_apply(CAPNG_SELECT_CAPS);
99 /* Set up the initial dhcp option universe. */
100 initialize_common_option_spaces();
102 diff -up dhcp-4.3.1b1/client/dhclient-script.8.zzftXp dhcp-4.3.1b1/client/dhclient-script.8
103 --- dhcp-4.3.1b1/client/dhclient-script.8.zzftXp 2014-07-10 17:39:25.761765163 +0200
104 +++ dhcp-4.3.1b1/client/dhclient-script.8 2014-07-10 17:39:25.851763887 +0200
105 @@ -243,6 +243,16 @@ repeatedly initialized to the values pro
106 the other. Assuming the information provided by both servers is
107 valid, this shouldn't cause any real problems, but it could be
110 +Normally, if dhclient was compiled with libcap-ng support,
111 +dhclient drops most capabilities immediately upon startup.
112 +While more secure, this greatly restricts the additional actions that
113 +hooks in dhclient-script can take. For example, any daemons that
114 +dhclient-script starts or restarts will inherit the restricted
115 +capabilities as well, which may interfere with their correct operation.
118 +option can be used to prevent dhclient from dropping capabilities.
120 dhclient(8), dhcpd(8), dhcrelay(8), dhclient.conf(5) and
122 diff -up dhcp-4.3.1b1/client/Makefile.am.zzftXp dhcp-4.3.1b1/client/Makefile.am
123 --- dhcp-4.3.1b1/client/Makefile.am.zzftXp 2014-07-10 17:38:10.778828583 +0200
124 +++ dhcp-4.3.1b1/client/Makefile.am 2014-07-10 17:39:25.851763887 +0200
125 @@ -10,7 +10,7 @@ dhclient_SOURCES = clparse.c dhclient.c
126 scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
127 scripts/netbsd scripts/nextstep scripts/openbsd \
128 scripts/solaris scripts/openwrt
129 -dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
130 +dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \
131 $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
132 man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
133 EXTRA_DIST = $(man_MANS)
134 diff -up dhcp-4.3.1b1/configure.ac.zzftXp dhcp-4.3.1b1/configure.ac
135 --- dhcp-4.3.1b1/configure.ac.zzftXp 2014-07-10 17:38:10.779828569 +0200
136 +++ dhcp-4.3.1b1/configure.ac 2014-07-10 17:39:25.854763844 +0200
137 @@ -499,6 +499,41 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]],
138 # Look for optional headers.
139 AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)
141 +# look for capabilities library
142 +AC_ARG_WITH(libcap-ng,
143 + [ --with-libcap-ng=[auto/yes/no] Add Libcap-ng support [default=auto]],,
144 + with_libcap_ng=auto)
146 +# Check for Libcap-ng API
148 +# libcap-ng detection
149 +if test x$with_libcap_ng = xno ; then
152 + # Start by checking for header file
153 + AC_CHECK_HEADER(cap-ng.h, capng_headers=yes, capng_headers=no)
155 + # See if we have libcap-ng library
156 + AC_CHECK_LIB(cap-ng, capng_clear,
157 + CAPNG_LDADD=-lcap-ng,)
159 + # Check results are usable
160 + if test x$with_libcap_ng = xyes -a x$CAPNG_LDADD = x ; then
161 + AC_MSG_ERROR(libcap-ng support was requested and the library was not found)
163 + if test x$CAPNG_LDADD != x -a $capng_headers = no ; then
164 + AC_MSG_ERROR(libcap-ng libraries found but headers are missing)
167 +AC_SUBST(CAPNG_LDADD)
168 +AC_MSG_CHECKING(whether to use libcap-ng)
169 +if test x$CAPNG_LDADD != x ; then
170 + AC_DEFINE(HAVE_LIBCAP_NG,1,[libcap-ng support])
176 # Solaris needs some libraries for functions
177 AC_SEARCH_LIBS(socket, [socket])
178 AC_SEARCH_LIBS(inet_ntoa, [nsl])
179 diff -up dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp dhcp-4.3.1b1/relay/dhcrelay.c
180 --- dhcp-4.3.1b1/relay/dhcrelay.c.zzftXp 2014-07-10 17:39:25.799764624 +0200
181 +++ dhcp-4.3.1b1/relay/dhcrelay.c 2014-07-10 17:40:19.191007421 +0200
184 #include <sys/time.h>
186 +#ifdef HAVE_LIBCAP_NG
187 +# include <cap-ng.h>
188 + int keep_capabilities = 0;
191 TIME default_lease_time = 43200; /* 12 hours... */
192 TIME max_lease_time = 86400; /* 24 hours... */
193 struct tree_cache *global_options[256];
194 @@ -376,6 +381,10 @@ main(int argc, char **argv) {
196 dhcrelay_sub_id = argv[i];
198 + } else if (!strcmp(argv[i], "-nc")) {
199 +#ifdef HAVE_LIBCAP_NG
200 + keep_capabilities = 1;
202 } else if (!strcmp(argv[i], "-pf")) {
205 @@ -446,6 +455,17 @@ main(int argc, char **argv) {
209 +#ifdef HAVE_LIBCAP_NG
210 + /* Drop capabilities */
211 + if (!keep_capabilities) {
212 + capng_clear(CAPNG_SELECT_BOTH);
213 + capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
214 + CAP_NET_RAW, CAP_NET_BIND_SERVICE, -1);
215 + capng_apply(CAPNG_SELECT_BOTH);
216 + log_info ("Dropped all unnecessary capabilities.");
221 log_info("%s %s", message, PACKAGE_VERSION);
223 @@ -598,6 +618,15 @@ main(int argc, char **argv) {
224 signal(SIGTERM, dhcp_signal_handler); /* kill */
227 +#ifdef HAVE_LIBCAP_NG
228 + /* Drop all capabilities */
229 + if (!keep_capabilities) {
230 + capng_clear(CAPNG_SELECT_BOTH);
231 + capng_apply(CAPNG_SELECT_BOTH);
232 + log_info ("Dropped all capabilities.");
236 /* Start dispatching packets and timeouts... */
239 diff -up dhcp-4.3.1b1/relay/Makefile.am.zzftXp dhcp-4.3.1b1/relay/Makefile.am
240 --- dhcp-4.3.1b1/relay/Makefile.am.zzftXp 2014-07-10 17:38:10.780828554 +0200
241 +++ dhcp-4.3.1b1/relay/Makefile.am 2014-07-10 17:39:25.854763844 +0200
242 @@ -2,7 +2,7 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
244 sbin_PROGRAMS = dhcrelay
245 dhcrelay_SOURCES = dhcrelay.c
246 -dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
247 +dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la $(CAPNG_LDADD) \
248 $(BIND9_LIBDIR) -lirs -ldns -lisccfg -lisc
249 man_MANS = dhcrelay.8
250 EXTRA_DIST = $(man_MANS)
projects / people / pmueller / ipfire-2.x.git / blob