[Bug 1894172] Re: isc-dhcp-server using wrong env variable for INTERFACES
Utkarsh Gupta
1894172 at bugs.launchpad.net
Wed Mar 10 05:27:40 UTC 2021
** Description changed:
[Impact]
When checking isc-dhcp-server unit file it was seen that isc-dhcp-server
is being started by:
ConditionPathExists=/etc/default/isc-dhcp-server
ConditionPathExists=|/etc/ltsp/dhcpd.conf
ConditionPathExists=|/etc/dhcp/dhcpd.conf
[Service]
EnvironmentFile=/etc/default/isc-dhcp-server
RuntimeDirectory=dhcp-server
# The leases files need to be root:dhcpd even when dropping privileges
ExecStart=/bin/sh -ec '\
CONFIG_FILE=/etc/dhcp/dhcpd.conf; \
if [ -f /etc/ltsp/dhcpd.conf ]; then CONFIG_FILE=/etc/ltsp/dhcpd.conf; fi; \
[ -e /var/lib/dhcp/dhcpd.leases ] || touch /var/lib/dhcp/dhcpd.leases; \
chown root:dhcpd /var/lib/dhcp /var/lib/dhcp/dhcpd.leases; \
chmod 775 /var/lib/dhcp ; chmod 664 /var/lib/dhcp/dhcpd.leases; \
exec dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf $CONFIG_FILE $INTERFACES'
But the /etc/default/isc-dhcp-server file sets $INTERFACESv4 and
$INTERFACESv6.
This causes the service to listen on all interfaces, which is what the
user might not want. In case the user wants to use *only* IPv6 and not
IPv4, this could maybe lead to problems as what the user intended to do
could be really different from what the outcome turns out to be (because
of this bug).
The previous upload(er) forgot to mention (and split) the INTERFACES
variable to v4 and v6 and as a result, it has been this way for so long.
The SRU would split the variables into respective names, thereby making
sure that what /etc/default/isc-dhcp-serve sets, is available in the
respective service file.
[Test Plan]
- To reproduce, simply install isc-dhcp-server via apt.
- Now, if you see the /etc/default/isc-dhcp-server file, it sets 2 variables, namely, INTERFACESv4 and INTERFACESv6. However, if you check the respective services file, that is, /lib/systemd/system/isc-dhcp-server.service and /lib/systemd/system/isc-dhcp-server6.service, it is still using the INTERFACES variable.
+ To reproduce this bug, simply do the following:
+
+ $ lxc launch ubuntu-daily:focal isc-dhcp-lp1894172-focal
+
+ $ lxc shell isc-dhcp-lp1894172-focal
+
+ # apt update && apt install isc-dhcp-server -y
+
+ # grep "INTERFACES" /etc/default/isc-dhcp-server
+ INTERFACESv4=""
+ INTERFACESv6=""
+
+ grep "INTERFACES" /lib/systemd/system/isc-dhcp-server.service
+ exec dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf $CONFIG_FILE $INTERFACES'
+
+ # grep "INTERFACES" /lib/systemd/system/isc-dhcp-server6.service
+ exec dhcpd -user dhcpd -group dhcpd -f -6 -pf /run/dhcp-server/dhcpd6.pid -cf $CONFIG_FILE $INTERFACES'
+
+
+ With this, it is clearly visible that even though /lib/systemd/system/isc-dhcp-server{,6}.service file uses $INTERFACES variable but the /etc/default/isc-dhcp-server defines 2 different variables, INTERFACESv4 and INTERFACESv6.
After the SRU is performed, the respective services files should use
INTERFACESv4 and INTERFACESv6 variable, instead of just INTERFACES.
To ensure smooth upgrade of this package, we'd check if the user hasn't
manually set a INTERFACESv{4,6} variable to workaround this bug. If they
have, then we simply check and make sure, we use the correct variable.
[Where problems could occur]
The problem could occur if the user has manually set some different
workaround for this bug and so the usual upgrade could break some of
their old configuration(s).
** Description changed:
[Impact]
When checking isc-dhcp-server unit file it was seen that isc-dhcp-server
is being started by:
ConditionPathExists=/etc/default/isc-dhcp-server
ConditionPathExists=|/etc/ltsp/dhcpd.conf
ConditionPathExists=|/etc/dhcp/dhcpd.conf
[Service]
EnvironmentFile=/etc/default/isc-dhcp-server
RuntimeDirectory=dhcp-server
# The leases files need to be root:dhcpd even when dropping privileges
ExecStart=/bin/sh -ec '\
CONFIG_FILE=/etc/dhcp/dhcpd.conf; \
if [ -f /etc/ltsp/dhcpd.conf ]; then CONFIG_FILE=/etc/ltsp/dhcpd.conf; fi; \
[ -e /var/lib/dhcp/dhcpd.leases ] || touch /var/lib/dhcp/dhcpd.leases; \
chown root:dhcpd /var/lib/dhcp /var/lib/dhcp/dhcpd.leases; \
chmod 775 /var/lib/dhcp ; chmod 664 /var/lib/dhcp/dhcpd.leases; \
exec dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf $CONFIG_FILE $INTERFACES'
But the /etc/default/isc-dhcp-server file sets $INTERFACESv4 and
$INTERFACESv6.
This causes the service to listen on all interfaces, which is what the
user might not want. In case the user wants to use *only* IPv6 and not
IPv4, this could maybe lead to problems as what the user intended to do
could be really different from what the outcome turns out to be (because
of this bug).
The previous upload(er) forgot to mention (and split) the INTERFACES
variable to v4 and v6 and as a result, it has been this way for so long.
The SRU would split the variables into respective names, thereby making
sure that what /etc/default/isc-dhcp-serve sets, is available in the
respective service file.
[Test Plan]
To reproduce this bug, simply do the following:
$ lxc launch ubuntu-daily:focal isc-dhcp-lp1894172-focal
$ lxc shell isc-dhcp-lp1894172-focal
# apt update && apt install isc-dhcp-server -y
- # grep "INTERFACES" /etc/default/isc-dhcp-server
+ # grep "INTERFACES" /etc/default/isc-dhcp-server
INTERFACESv4=""
INTERFACESv6=""
grep "INTERFACES" /lib/systemd/system/isc-dhcp-server.service
- exec dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf $CONFIG_FILE $INTERFACES'
+ exec dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf $CONFIG_FILE $INTERFACES'
# grep "INTERFACES" /lib/systemd/system/isc-dhcp-server6.service
- exec dhcpd -user dhcpd -group dhcpd -f -6 -pf /run/dhcp-server/dhcpd6.pid -cf $CONFIG_FILE $INTERFACES'
+ exec dhcpd -user dhcpd -group dhcpd -f -6 -pf /run/dhcp-server/dhcpd6.pid -cf $CONFIG_FILE $INTERFACES'
-
- With this, it is clearly visible that even though /lib/systemd/system/isc-dhcp-server{,6}.service file uses $INTERFACES variable but the /etc/default/isc-dhcp-server defines 2 different variables, INTERFACESv4 and INTERFACESv6.
+ With this, it is clearly visible that even though /lib/systemd/system
+ /isc-dhcp-server{,6}.service file uses the INTERFACES variable but the
+ /etc/default/isc-dhcp-server defines 2 different variables, INTERFACESv4
+ and INTERFACESv6.
After the SRU is performed, the respective services files should use
INTERFACESv4 and INTERFACESv6 variable, instead of just INTERFACES.
To ensure smooth upgrade of this package, we'd check if the user hasn't
manually set a INTERFACESv{4,6} variable to workaround this bug. If they
have, then we simply check and make sure, we use the correct variable.
[Where problems could occur]
The problem could occur if the user has manually set some different
workaround for this bug and so the usual upgrade could break some of
their old configuration(s).
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/1894172
Title:
isc-dhcp-server using wrong env variable for INTERFACES
Status in isc-dhcp package in Ubuntu:
Fix Released
Status in isc-dhcp source package in Bionic:
Confirmed
Status in isc-dhcp source package in Focal:
Confirmed
Status in isc-dhcp source package in Groovy:
Confirmed
Bug description:
[Impact]
When checking isc-dhcp-server unit file it was seen that isc-dhcp-
server is being started by:
ConditionPathExists=/etc/default/isc-dhcp-server
ConditionPathExists=|/etc/ltsp/dhcpd.conf
ConditionPathExists=|/etc/dhcp/dhcpd.conf
[Service]
EnvironmentFile=/etc/default/isc-dhcp-server
RuntimeDirectory=dhcp-server
# The leases files need to be root:dhcpd even when dropping privileges
ExecStart=/bin/sh -ec '\
CONFIG_FILE=/etc/dhcp/dhcpd.conf; \
if [ -f /etc/ltsp/dhcpd.conf ]; then CONFIG_FILE=/etc/ltsp/dhcpd.conf; fi; \
[ -e /var/lib/dhcp/dhcpd.leases ] || touch /var/lib/dhcp/dhcpd.leases; \
chown root:dhcpd /var/lib/dhcp /var/lib/dhcp/dhcpd.leases; \
chmod 775 /var/lib/dhcp ; chmod 664 /var/lib/dhcp/dhcpd.leases; \
exec dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf $CONFIG_FILE $INTERFACES'
But the /etc/default/isc-dhcp-server file sets $INTERFACESv4 and
$INTERFACESv6.
This causes the service to listen on all interfaces, which is what the
user might not want. In case the user wants to use *only* IPv6 and not
IPv4, this could maybe lead to problems as what the user intended to
do could be really different from what the outcome turns out to be
(because of this bug).
The previous upload(er) forgot to mention (and split) the INTERFACES
variable to v4 and v6 and as a result, it has been this way for so
long.
The SRU would split the variables into respective names, thereby
making sure that what /etc/default/isc-dhcp-serve sets, is available
in the respective service file.
[Test Plan]
To reproduce this bug, simply do the following:
$ lxc launch ubuntu-daily:focal isc-dhcp-lp1894172-focal
$ lxc shell isc-dhcp-lp1894172-focal
# apt update && apt install isc-dhcp-server -y
# grep "INTERFACES" /etc/default/isc-dhcp-server
INTERFACESv4=""
INTERFACESv6=""
grep "INTERFACES" /lib/systemd/system/isc-dhcp-server.service
exec dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf $CONFIG_FILE $INTERFACES'
# grep "INTERFACES" /lib/systemd/system/isc-dhcp-server6.service
exec dhcpd -user dhcpd -group dhcpd -f -6 -pf /run/dhcp-server/dhcpd6.pid -cf $CONFIG_FILE $INTERFACES'
With this, it is clearly visible that even though /lib/systemd/system
/isc-dhcp-server{,6}.service file uses the INTERFACES variable but the
/etc/default/isc-dhcp-server defines 2 different variables,
INTERFACESv4 and INTERFACESv6.
After the SRU is performed, the respective services files should use
INTERFACESv4 and INTERFACESv6 variable, instead of just INTERFACES.
To ensure smooth upgrade of this package, we'd check if the user
hasn't manually set a INTERFACESv{4,6} variable to workaround this
bug. If they have, then we simply check and make sure, we use the
correct variable.
[Where problems could occur]
The problem could occur if the user has manually set some different
workaround for this bug and so the usual upgrade could break some of
their old configuration(s).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1894172/+subscriptions
More information about the foundations-bugs
mailing list