Date: Sun, 31 May 2020 14:25:02 +0000 (UTC) From: Ben Woods <woodsb02@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r537164 - in head/net/dhcpcd: . files Message-ID: <202005311425.04VEP2Ks004857@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: woodsb02 Date: Sun May 31 14:25:02 2020 New Revision: 537164 URL: https://svnweb.freebsd.org/changeset/ports/537164 Log: net/dhcpcd: Update to 9.1.0 Now with privilege separation and capsicumized. Changes this release: https://roy.marples.name/archives/dhcpcd-discuss/0003007.html https://roy.marples.name/archives/dhcpcd-discuss/0002881.html Modified: head/net/dhcpcd/Makefile head/net/dhcpcd/distinfo head/net/dhcpcd/files/dhcpcd.in head/net/dhcpcd/pkg-descr head/net/dhcpcd/pkg-plist Modified: head/net/dhcpcd/Makefile ============================================================================== --- head/net/dhcpcd/Makefile Sun May 31 13:52:53 2020 (r537163) +++ head/net/dhcpcd/Makefile Sun May 31 14:25:02 2020 (r537164) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= dhcpcd -PORTVERSION= 8.1.9 +PORTVERSION= 9.1.0 CATEGORIES= net MASTER_SITES= https://roy.marples.name/downloads/dhcpcd/ \ https://cflags.cc/roy/dhcpcd/ @@ -19,12 +19,14 @@ USES= compiler:c11 cpe tar:xz CPE_VENDOR= dhcpcd_project GNU_CONFIGURE= yes -CONFIGURE_ARGS= --datadir=${PREFIX}/share/examples +CONFIGURE_ARGS= --datadir=${PREFIX}/share/examples \ + --privsepuser="_dhcp" USE_RC_SUBR= dhcpcd post-install: ${MV} ${STAGEDIR}${PREFIX}/etc/dhcpcd.conf \ ${STAGEDIR}${PREFIX}/share/examples/dhcpcd @${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/dhcpcd + ${MKDIR} ${STAGEDIR}/var/db/dhcpcd .include <bsd.port.mk> Modified: head/net/dhcpcd/distinfo ============================================================================== --- head/net/dhcpcd/distinfo Sun May 31 13:52:53 2020 (r537163) +++ head/net/dhcpcd/distinfo Sun May 31 14:25:02 2020 (r537164) @@ -1,3 +1,3 @@ -TIMESTAMP = 1589539562 -SHA256 (dhcpcd-8.1.9.tar.xz) = 8e2a505eb2bd8007d7c6fd855fcb4dd28cced8fc28886c7ce41fb4fc5630fbcf -SIZE (dhcpcd-8.1.9.tar.xz) = 230288 +TIMESTAMP = 1590934886 +SHA256 (dhcpcd-9.1.0.tar.xz) = 2d51bbf1780824cfb41c30d391ddeea43ab515a874bb2e74508939169ba93bf7 +SIZE (dhcpcd-9.1.0.tar.xz) = 247460 Modified: head/net/dhcpcd/files/dhcpcd.in ============================================================================== --- head/net/dhcpcd/files/dhcpcd.in Sun May 31 13:52:53 2020 (r537163) +++ head/net/dhcpcd/files/dhcpcd.in Sun May 31 14:25:02 2020 (r537164) @@ -16,7 +16,7 @@ if [ -n "$ifn" ]; then if [ -z "$flags" -a -n "$specific" ]; then rc_flags="$specific" fi - pidfile="/var/run/dhcpcd-$ifn.pid" + pidfile="/var/run/dhcpcd/dhcpcd-$ifn.pid" else pidfile="$($command -P $rc_flags)" : ${dhcpcd_enable:=NO} Modified: head/net/dhcpcd/pkg-descr ============================================================================== --- head/net/dhcpcd/pkg-descr Sun May 31 13:52:53 2020 (r537163) +++ head/net/dhcpcd/pkg-descr Sun May 31 14:25:02 2020 (r537164) @@ -2,4 +2,12 @@ dhcpcd is a DHCP/IPv4LL/IPv6RS/DHCPv6 client. It can also act as a network manager, responding to new interfaces, listening for carrier up/down events and managing routes. +dhcpcd-9 introduces a number of security improvements: +- privilege separation + operations are performed across multiple processes, and those which do + not require root privileges are run as the unprivileged _dhcp user +- sanboxed with capsicum(4) + processes run in capability mode, limiting their access and therefore + the potential impact of security vulnerabilities + WWW: https://roy.marples.name/projects/dhcpcd Modified: head/net/dhcpcd/pkg-plist ============================================================================== --- head/net/dhcpcd/pkg-plist Sun May 31 13:52:53 2020 (r537163) +++ head/net/dhcpcd/pkg-plist Sun May 31 14:25:02 2020 (r537164) @@ -1,5 +1,4 @@ libexec/dhcpcd-hooks/01-test -libexec/dhcpcd-hooks/02-dump libexec/dhcpcd-hooks/20-resolv.conf libexec/dhcpcd-hooks/30-hostname libexec/dhcpcd-hooks/50-ntp.conf @@ -12,5 +11,5 @@ sbin/dhcpcd %%EXAMPLESDIR%%/hooks/15-timezone %%EXAMPLESDIR%%/hooks/29-lookup-hostname %%EXAMPLESDIR%%/hooks/50-ypbind -@dir /var/db/dhcpcd @sample %%EXAMPLESDIR%%/dhcpcd.conf etc/dhcpcd.conf +@dir(_dhcp,_dhcp,) /var/db/dhcpcd
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202005311425.04VEP2Ks004857>