Ubuntu
isc-dhcp package

dhclient-script will not work with read-only /etc

Bug #857524 reported by Scott Moser
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
isc-dhcp (Debian)
Fix Released
Unknown
isc-dhcp (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

dhclient-script attempts to support read-only root , but it wont correctly work.
For a read-only root to work, and support dhclient-script writing to /etc/resolv.conf, then /etc/resolv.conf would have to be a symlink to a writeable location (ie, /run).

To that end, dhclient-script attempts to check and see if / is going to be mounted 'rw' and only wait for that case if it is.

The problem is that it basically has the following logic:
  if root_will_be_mounted_rw; then
      wait-for-writable /etc/
  fi
  new_resolv_conf=/etc/resolv.conf.dhclient-new
  write new file to to $new_resolv_conf
  change attributes of $new_resolv_conf to match resolv.conf
  mv $new_resolv_conf /etc/resolv.conf

That doesn't work if /etc is read-only and /etc/resolv.conf is a symlink for the following reasons:
 * $new_resolv_conf is being written to /etc/ (and wont be writable)
 * the mv will actually break the symlink and try to create a new file in /etc

ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: isc-dhcp-client 4.1.1-P1-17ubuntu9
ProcVersionSignature: Ubuntu 3.0.0-11.18-generic 3.0.4
Uname: Linux 3.0.0-11-generic x86_64
ApportVersion: 1.23-0ubuntu1
Architecture: amd64
Date: Fri Sep 23 11:50:56 2011
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 10.04 "Lucid Lynx" - Beta amd64 (20100318)
ProcEnviron:
 SHELL=/bin/bash
 PATH=(custom, user)
 LANG=en_US.UTF-8
SourcePackage: isc-dhcp
UpgradeStatus: Upgraded to oneiric on 2010-11-15 (311 days ago)

Related branches

lp:~smoser/ubuntu/oneiric/isc-dhcp/lp857524
Colin Watson: Approve
Diff: 134 lines (+41/-28)
2 files modified
debian/changelog (+6/-0)
debian/dhclient-script.linux (+35/-28)
Revision history for this message
Scott Moser (smoser) wrote :
Revision history for this message
Scott Moser (smoser) wrote :

I'm attaching this as a patch rather than a merge proposal as there is a upload in the queue right now for oneiric, and I would not suggest this until the opening of 'p'.

Revision history for this message
Scott Moser (smoser) wrote :

The following are comments on the changes in the patch

fix updating of /etc/resolv.conf for read-only

This patch makes the following changes:
 * instead of writing to a temp file in /etc/, write directly to
   /etc/resolv.conf
 * replace the multiple '>>' with a single '>' and braces. This means
   the file will be opened for write once rather than append many times.
 * opening for write (truncate) keeps the ownership of the file if it exists,
   and correctly follows a symlink.
   This makes the chmod and chown --reference un-necessary
 * use 'grep -i' rather than 'sed' to get the old nameserver entries from
   existing resolv.conf. This is how the linux.udeb does it, and I find it more clean.
 * changes 'wait_for_rw' to take a file argument rather than hard coding /etc

Note, there is an issue with this patch if /etc/resolv.conf is a symlink and
is the symlink (*not the target*) is not owned by root. To demonstrate:
  $ rm -f /tmp/foo /tmp/bar
  $ ln -s /tmp/foo /tmp/bar
  $ sudo sh -c 'echo hi > /tmp/foo'
  $ sudo sh -c 'echo himom > /tmp/bar'
  sh: /tmp/bar: Permission denied

The only solution I see for this is to attempt to resolve the target of the
symlink (readlink -f) and writing directly there instead of through the
symlink.

Bug Watch Updater (bug-watch-updater)
Changed in isc-dhcp (Debian):
status: Unknown → New
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "proposed patch" of this bug report has been identified as being a patch in the form of a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-sponsors please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

tags: added: patch
Brian Murray (brian-murray)
Changed in isc-dhcp (Ubuntu):
assignee: nobody → Canonical Foundations Team (canonical-foundations)
Steve Langasek (vorlon)
Changed in isc-dhcp (Ubuntu):
assignee: Canonical Foundations Team (canonical-foundations) → nobody
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package isc-dhcp - 4.1.1-P1-17ubuntu11

---------------
isc-dhcp (4.1.1-P1-17ubuntu11) precise; urgency=low

  * debian/dhclient-script.linux: fix for read-only /etc (LP: #857524)
 -- Scott Moser <email address hidden> Mon, 24 Oct 2011 22:28:35 -0400

Changed in isc-dhcp (Ubuntu):
status: New → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in isc-dhcp (Debian):
status: New → Fix Released
Revision history for this message
laszlo gombos (gombi) wrote :

This change makes dhclient-script dependent on the existence of /etc/fstab. If /etc/fstab does not exist, dhclient fails to grab an IP.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.