From owner-svn-src-head@freebsd.org Sun Sep 13 19:56:53 2020 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C7BA63E6D3C; Sun, 13 Sep 2020 19:56:53 +0000 (UTC) (envelope-from cperciva@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BqKyF4vjmz3TGh; Sun, 13 Sep 2020 19:56:53 +0000 (UTC) (envelope-from cperciva@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8CFD4B89E; Sun, 13 Sep 2020 19:56:53 +0000 (UTC) (envelope-from cperciva@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 08DJurf7098029; Sun, 13 Sep 2020 19:56:53 GMT (envelope-from cperciva@FreeBSD.org) Received: (from cperciva@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 08DJur2Q098028; Sun, 13 Sep 2020 19:56:53 GMT (envelope-from cperciva@FreeBSD.org) Message-Id: <202009131956.08DJur2Q098028@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cperciva set sender to cperciva@FreeBSD.org using -f From: Colin Percival Date: Sun, 13 Sep 2020 19:56:53 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r365696 - head/release/tools X-SVN-Group: head X-SVN-Commit-Author: cperciva X-SVN-Commit-Paths: head/release/tools X-SVN-Commit-Revision: 365696 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Sep 2020 19:56:53 -0000 Author: cperciva Date: Sun Sep 13 19:56:53 2020 New Revision: 365696 URL: https://svnweb.freebsd.org/changeset/base/365696 Log: Spawn the DHCPv6 client in EC2 instances via rtsold. Prior to this commit, EC2 AMIs used a "dual-dhclient" tool which was launched in place of dhclient and spawned both the base system dhclient for IPv4 and the ISC dhclient from ports for IPv6. Now that rtsold supports the "M bit" (managed configuration), we can go back to having the base system dhclient spawned normally, and provide a script to rtsold which spawns the ISC dhclient from ports when rtsold decides that it is appropriate. Thanks to: bz MFC after: 1 week Sponsored by: https://www.patreon.com/cperciva Modified: head/release/tools/ec2.conf Modified: head/release/tools/ec2.conf ============================================================================== --- head/release/tools/ec2.conf Sun Sep 13 19:11:45 2020 (r365695) +++ head/release/tools/ec2.conf Sun Sep 13 19:56:53 2020 (r365696) @@ -6,7 +6,7 @@ # Packages to install into the image we're creating. This is a deliberately # minimalist set, providing only the packages necessary to bootstrap further # package installation as specified via EC2 user-data. -export VM_EXTRA_PACKAGES="ec2-scripts firstboot-freebsd-update firstboot-pkgs dual-dhclient-daemon ebsnvme-id" +export VM_EXTRA_PACKAGES="ec2-scripts firstboot-freebsd-update firstboot-pkgs isc-dhcp44-client ebsnvme-id" # Include the amazon-ssm-agent package in amd64 images, since some users want # to be able to use it on systems which are not connected to the Internet. @@ -63,9 +63,19 @@ vm_extra_pre_umount() { # via EC2 user-data. echo 'firstboot_pkgs_list="awscli"' >> ${DESTDIR}/etc/rc.conf - # Enable IPv6 on all interfaces, and use DHCP on both IPv4 and IPv6. + # Enable IPv6 on all interfaces, and spawn DHCPv6 via rtsold echo 'ipv6_activate_all_interfaces="YES"' >> ${DESTDIR}/etc/rc.conf - echo 'dhclient_program="/usr/local/sbin/dual-dhclient"' >> ${DESTDIR}/etc/rc.conf + echo 'rtsold_enable="YES"' >> ${DESTDIR}/etc/rc.conf + echo 'rtsold_flags="-M /usr/local/libexec/rtsold-M -a"' >> ${DESTDIR}/etc/rc.conf + + # Provide a script which rtsold can use to launch DHCPv6 + mkdir -p ${DESTDIR}/usr/local/libexec + cat > ${DESTDIR}/usr/local/libexec/rtsold-M <<'EOF' +#!/bin/sh + +/usr/local/sbin/dhclient -6 -nw -N -cf /dev/null $1 +EOF + chmod 755 ${DESTDIR}/usr/local/libexec/rtsold-M # The EC2 console is output-only, so while printing a backtrace can # be useful, there's no point dropping into a debugger or waiting