Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 15 Jan 2007 10:39:31 +0800 (CST)
From:      Tai-hwa Liang <avatar@mmlab.cse.yzu.edu.tw>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/107937: jailed net/isc-dhcp3-server wouldn't run with an immutable /etc/resolv.conf
Message-ID:  <20070115023932.261258C99DE@www.mmlab.cse.yzu.edu.tw>
Resent-Message-ID: <200701150310.l0F3ACb8092594@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         107937
>Category:       ports
>Synopsis:       jailed net/isc-dhcp3-server wouldn't run with an immutable /etc/resolv.conf
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 15 03:10:12 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Tai-hwa Liang
>Release:        FreeBSD 6.2-PRELEASE i386
>Organization:
>Environment:
Tested on 6.2-PRELEASE and 6-STABLE.
	
>Description:
	
	Given that "cp -p" will preserve immutable flag as well,
/usr/local/etc/rc.d/isc-dhcpd only bails out if /etc/resolv.conf is
immutable.
>How-To-Repeat:
	# chflags schg /etc/resolv.conf
	# /usr/local/etc/rc.d/isc-dhcpd start
	
>Fix:

	Please consider the following patch, thanks.

--- isc-dhcpd.in	Mon Nov  6 09:17:15 2006
+++ isc-dhcpd.in.new	Mon Jan 15 10:19:16 2007
@@ -106,6 +106,7 @@
 			if [ -e ${_entry} ] &&
 			   ! precious ${_entry} &&
 			   ! lsmod ${_user} ${_group} ${_entry} &&
+			   ! safe_run ${_rc} chflags noschg ${_entry} &&
 			   ! safe_run ${_rc} chown ${_usergroup} ${_entry}; then
 				warn "unable to change permissions of ${_entry}"
 				_rc=1
@@ -175,6 +176,10 @@
 	_rc=0
 	for _entry; do
 		if [ -f ${_entry} ]; then
+			if ! safe_run ${_rc} chflags noschg ${_entry}; then
+				warn "unable to change flags of ${_entry}"
+				_rc=1
+			fi
 			if ! safe_run ${_rc} rm -f ${_entry}; then
 				warn "unable to remove file ${_entry}"
 				_rc=1
@@ -182,6 +187,10 @@
 		elif [ -d ${_entry} ] &&
 		     ! precious ${_entry} &&
 		     ! mounted ${_entry}; then
+			if ! safe_run ${_rc} chflags -R noschg ${_entry}; then
+				warn "unable to change flags of ${_entry}"
+				_rc=1
+			fi
 			if ! safe_run ${_rc} rm -rf ${_entry}; then
 				warn "unable to remove directory ${_entry}"
 				_rc=1
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070115023932.261258C99DE>