Comment 0 for bug 2019191
Revision history for this message
| Shengjing Zhu (zhsj) wrote [MIR] dhcpcd5 | #0 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
[Availability]
The package dhcpcd5 is already in Ubuntu universe.
The package dhcpcd5 builds for the architectures it is designed to work on.
It currently builds and works for architectures: amd64, arm64, armhf, ppc64el, riscv64, s390x
Link to package https:/
[Rationale]
The package dhcpcd5 is required in Ubuntu main to replace isc-dhcp-client.
ISC has announced the end of life for ISC DHCP as of the end of 2022.
In FO092 specification, we compare the alternatives among dhcpcd, udhcpc,
ipconfig, dhclient, systemd-networkd, network-manager, dhcpcanon.
dhcpcd is small (to be included in initramfs), supports DHCPv6, can be called
from shell (to be used in initramfs and cloud-init). It’s the best candidate currently.
The package dhcpcd5 is required in Ubuntu main no later than 23.10 release.
So in 24.04 we can have sufficient time to replace the usage of isc-dhcp-client,
and finally demote isc-dhcp-client to universe.
[Security]
- Had 15 security issues in the past
- links to such security issues in trackers
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
https:/
- context that shows how these issues got handled in
the past
https:/
A fakesync from Debian to trusty-security for CVE-2014-6060
- no `suid` or `sgid` binaries
- Binary dhcpcd in /usr/sbin/dhcpcd is no problem because it’s expected to be executed by daemon scripts or services.
- Package dhcpcd-base does not install services, timers or recurring jobs
- Package dhcpcd does install services, timers or recurring jobs
- dhcpcd.service
Hardened systemd service, Protect{System, Home, Clock, KernelModules, KernelLogs, ControlGroups},
Restrict{
PrivateDe
- dhcpcd@.service
Not used by default, for single network interface.
- Package does open privileged ports (ports < 1024).
- DHCPv6 client port: 546/UDP
- BOOTP client port: 68/UDP
- Packages contains extensions to security-sensitive software
hook plugins in /usr/lib/
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/
not have too many, long-term & critical, open bugs
- Ubuntu https:/
- Debian https:/
- Upstream's bug tracker
https:/
- The package has important open bugs, listing them:
- https:/
Fixed in the new release, but it’s not uploaded due to freeze in Debian.
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
it makes the build fail, link to build log
https:/
The tests are very trivial, not related to its core functionality.
https:/
- The package does have failing autopkgtests tests right now, but since
they always fail, they are handled as "ignored failure".
https:/
dhcpcd itself conflicts/replaces isc-dhcp-client, which is needed by ubuntu-minimal.
So Ubuntu autopkgtest can't run the tests.
We want to drop isc-dhcp-client in the future, so it should be ok currently.
Notably, the tests pass on Debian, https:/
[Quality assurance - packaging]
- debian/watch is present but not works because upstream no longer provides
tarball on their website.
It has been fixed in https:/
not uploaded yet.
- debian/control defines a correct Maintainer field (no Ubuntu delta)
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https:/
- Please attach the full output you have got from
W: dhcpcd: changelog-
W: dhcpcd-base: changelog-
W: dhcpcd5: changelog-
W: dhcpcd5 changes: distribution-
W: dhcpcd-base: groff-message command exited with status 1: /usr/libexec/
W: dhcpcd-base: groff-message command exited with status 1: /usr/libexec/
W: dhcpcd-base: groff-message command exited with status 1: /usr/libexec/
- Lintian overrides are not present
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf
questions higher than medium (no debconf questions)
- Packaging and build is easy, link to debian/rules
https:/
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Owning Team will be Foundations team
- Team is not yet, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last
test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is dhcpcd
- Link to upstream project https:/
- The source package may be renamed to dhcpcd as requested in
https:/