From: florian Date: Tue, 2 Mar 2021 12:03:50 +0000 (+0000) Subject: Make unveiling the lease directory a warning instead of a fatal error X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=ae968ffd159a87bf1d6a452172c6c5cf1b154f48;p=openbsd Make unveiling the lease directory a warning instead of a fatal error when the lease directory does not exist. This means that dhcpleased(8) will no longer request a previously configured IP address from the dhcp server and will fall back to DHCPDISCOVER which requests any IP address from the dhcp server. This likely makes diskless(8) work with dhcpleased(8). A normal diskless(8) setup has only / mounted via nfs when dhcpleased(8) starts. /var exists but nothing is mounted there yet, meaning /var/db/dhcpleased does not exist so lease files are disabled. dhcpleased(8) sends a DHCPDISCOVER to request any IP address but since the dhcp server has (very likely) a 'fixed-address' configured we get the same IP back that is already configured. If /var/db/dhcpleased/ exists on / (and /var is *NOT* mounted later) in a diskless(8) setup, care must be taken that the root file system is not shared between machines. If /var/db/dhcpleased/ exists on / and /var on NFS is mounted over this later bad things probably happen. This is a configuration error and must befixed. discussed with deraadt@ Actuall tests on existing diskless(8) setups would be appreciated. --- diff --git a/sbin/dhcpleased/dhcpleased.c b/sbin/dhcpleased/dhcpleased.c index 27b70e1af0e..d2c936aab03 100644 --- a/sbin/dhcpleased/dhcpleased.c +++ b/sbin/dhcpleased/dhcpleased.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dhcpleased.c,v 1.5 2021/03/02 12:01:39 florian Exp $ */ +/* $OpenBSD: dhcpleased.c,v 1.6 2021/03/02 12:03:50 florian Exp $ */ /* * Copyright (c) 2017, 2021 Florian Obser @@ -90,7 +90,7 @@ static struct imsgev *iev_engine; pid_t frontend_pid; pid_t engine_pid; -int routesock, ioctl_sock, rtm_seq = 0; +int routesock, ioctl_sock, rtm_seq, no_lease_files; void main_sig_handler(int sig, short event, void *arg) @@ -267,8 +267,10 @@ main(int argc, char *argv[]) if (unveil("/dev/bpf", "rw") == -1) fatal("unveil /dev/bpf"); - if (unveil(_PATH_LEASE, "rwc") == -1) - fatal("unveil " _PATH_LEASE); + if (unveil(_PATH_LEASE, "rwc") == -1) { + no_lease_files = 1; + log_warn("disabling lease files, unveil " _PATH_LEASE); + } if (unveil(NULL, NULL) == -1) fatal("locking unveil"); @@ -714,6 +716,9 @@ configure_interface(struct imsg_configure_interface *imsg) main_imsg_compose_frontend(IMSG_UDPSOCK, udpsock, &imsg->if_index, sizeof(imsg->if_index)); + if (no_lease_files) + return; + if (inet_ntop(AF_INET, &imsg->addr, ntop_buf, sizeof(ntop_buf)) == NULL) { log_warn("%s: inet_ntop", __func__); @@ -965,6 +970,9 @@ read_lease_file(struct imsg_ifinfo *imsg_ifinfo) char if_name[IF_NAMESIZE]; char lease_file_buf[sizeof(_PATH_LEASE) + IF_NAMESIZE]; + if (no_lease_files) + return; + memset(imsg_ifinfo->lease, 0, sizeof(imsg_ifinfo->lease)); if (if_indextoname(imsg_ifinfo->if_index, if_name) == 0) {