[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: dhclient-script

To: tech_(_at_)_openbsd_(_dot_)_org
Subject: Re: dhclient-script
From: Okan Demirmen <okan_(_at_)_demirmen_(_dot_)_com>
Date: Sun, 9 May 2004 12:56:56 -0400
Mail-followup-to: tech_(_at_)_openbsd_(_dot_)_org

On Sun 2004.05.09 at 00:45 -0400, Chuck Yerkes wrote:
> I'd suggest that if you're going to need a temporary
> place for things that root owns, then I might be inclined
> to use /var/run/ rather than /tmp.  Or use a mktemp
> derived name and /tmp/.
> 
> The issue is that the machine could be multiuser when
> this script runs.  And there's a race condition.
> mktemp  and save the name and use THAT variable through
> the script.
> 
> Quoting Okan Demirmen (okan_(_at_)_demirmen_(_dot_)_com):
> > re-addressing read-only /'s, one thing always bothered me about
> > dhclient-script(8) - it uses /etc to do it's work. here is a
> > suggestion to allow for read-only /'s with /etc/resolv.conf staying
> > as a symlink. (mktemp could also be used for .std) - or i'll just
> > keep it a local patch or someone tell me why it's a bad idea.

Agreed - I should have done that in the first place. The following
uses mktemp(1) to replace /etc/resolv.conf.std "work" and replaces
/etc/resolv.conf.save with /var/db/resolv.conf.save.

It was also pointed out by the original implementer, krw@, that I
could just test if /etc/resolv.conf.std is a symlink and proceeding
accordingly, however I think that the script is unnecessarily using
/etc for temp work and saves. But in the end, it is not up to me ;)
I could provide that patch if that is the way it is going to go.

Index: dhclient-script
===================================================================
RCS file: /open/cvs/src/sbin/dhclient/dhclient-script,v
retrieving revision 1.6
diff -u -r1.6 dhclient-script
--- dhclient-script	6 May 2004 18:22:41 -0000	1.6
+++ dhclient-script	9 May 2004 16:41:50 -0000
@@ -100,21 +100,21 @@
 	# thus broke the script. This code creates the resolv.conf if either
 	# are provided.
 
-	rm -f /etc/resolv.conf.std
+	T=`mktemp /tmp/_resolv_conf.XXXXXXXXXX`
 
 	if [ -n "$new_domain_name" ]; then
-		echo "search $new_domain_name" >>/etc/resolv.conf.std
+		echo "search $new_domain_name" >>$T
 	fi
 
 	if [ -n "$new_domain_name_servers" ]; then
 		for nameserver in $new_domain_name_servers; do
-			echo "nameserver $nameserver" >>/etc/resolv.conf.std
+			echo "nameserver $nameserver" >>$T
 		done
 	fi
 
-	if [ -f /etc/resolv.conf.std ]; then
+	if [ -s /tmp/resolv.conf.std ]; then
 		if [ -f /etc/resolv.conf.tail ]; then
-			cat /etc/resolv.conf.tail >>/etc/resolv.conf.std
+			cat /etc/resolv.conf.tail >>$T
 		fi
 
 		# In case (e.g. during OpenBSD installs) /etc/resolv.conf
@@ -122,10 +122,9 @@
 		# the new data in the correct location.
 
 		if [ -f /etc/resolv.conf ]; then
-			cat /etc/resolv.conf > /etc/resolv.conf.save
+			cat /etc/resolv.conf > /var/db/resolv.conf.save
 		fi
-		cat /etc/resolv.conf.std > /etc/resolv.conf
-		rm -f /etc/resolv.conf.std
+		cat $T > /etc/resolv.conf
 
 		# Try to ensure correct ownership and permissions.
 		chown -RL root:wheel /etc/resolv.conf
@@ -134,6 +133,7 @@
 		return 0
 	fi
 
+	echo rm -f $T
 	return 1
 }
 
@@ -195,8 +195,8 @@
 	fi
 	# XXX Why add alias we just deleted above?
 	add_new_alias
-	if [ -f /etc/resolv.conf.save ]; then
-		cat /etc/resolv.conf.save > /etc/resolv.conf
+	if [ -f /var/db/resolv.conf.save ]; then
+		cat /var/db/resolv.conf.save > /etc/resolv.conf
 	fi
 	;;

References:
- dhclient-script
  - From: Okan Demirmen
- Re: dhclient-script
  - From: Chuck Yerkes

Prev by Date: Re: Your Amazon.com Inquiry
Next by Date: xl diff
Previous by thread: Re: dhclient-script
Next by thread: Addition to usbdevs: IBM Optical Travel Mouse
Index(es):
- Date
- Thread

Visit your host, monkey.org