Date: Mon, 15 Jan 2007 10:39:31 +0800 (CST) From: Tai-hwa Liang <avatar@mmlab.cse.yzu.edu.tw> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/107937: jailed net/isc-dhcp3-server wouldn't run with an immutable /etc/resolv.conf Message-ID: <20070115023932.261258C99DE@www.mmlab.cse.yzu.edu.tw> Resent-Message-ID: <200701150310.l0F3ACb8092594@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 107937 >Category: ports >Synopsis: jailed net/isc-dhcp3-server wouldn't run with an immutable /etc/resolv.conf >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Jan 15 03:10:12 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Tai-hwa Liang >Release: FreeBSD 6.2-PRELEASE i386 >Organization: >Environment: Tested on 6.2-PRELEASE and 6-STABLE. >Description: Given that "cp -p" will preserve immutable flag as well, /usr/local/etc/rc.d/isc-dhcpd only bails out if /etc/resolv.conf is immutable. >How-To-Repeat: # chflags schg /etc/resolv.conf # /usr/local/etc/rc.d/isc-dhcpd start >Fix: Please consider the following patch, thanks. --- isc-dhcpd.in Mon Nov 6 09:17:15 2006 +++ isc-dhcpd.in.new Mon Jan 15 10:19:16 2007 @@ -106,6 +106,7 @@ if [ -e ${_entry} ] && ! precious ${_entry} && ! lsmod ${_user} ${_group} ${_entry} && + ! safe_run ${_rc} chflags noschg ${_entry} && ! safe_run ${_rc} chown ${_usergroup} ${_entry}; then warn "unable to change permissions of ${_entry}" _rc=1 @@ -175,6 +176,10 @@ _rc=0 for _entry; do if [ -f ${_entry} ]; then + if ! safe_run ${_rc} chflags noschg ${_entry}; then + warn "unable to change flags of ${_entry}" + _rc=1 + fi if ! safe_run ${_rc} rm -f ${_entry}; then warn "unable to remove file ${_entry}" _rc=1 @@ -182,6 +187,10 @@ elif [ -d ${_entry} ] && ! precious ${_entry} && ! mounted ${_entry}; then + if ! safe_run ${_rc} chflags -R noschg ${_entry}; then + warn "unable to change flags of ${_entry}" + _rc=1 + fi if ! safe_run ${_rc} rm -rf ${_entry}; then warn "unable to remove directory ${_entry}" _rc=1 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070115023932.261258C99DE>