Ubuntu
ifupdown package

Merge ~vorlon/ubuntu/+source/ifupdown:ubuntu/devel into ubuntu/+source/ifupdown:ubuntu/devel

  1. Git
  2. lp:~vorlon/ubuntu/+source/ifupdown
  3. ubuntu/devel
  4. Merge into ubuntu/devel
Proposed by Steve Langasek
Status: Needs review
Proposed branch: ~vorlon/ubuntu/+source/ifupdown:ubuntu/devel
Merge into: ubuntu/+source/ifupdown:ubuntu/devel
Diff against target: 202 lines (+153/-1)
6 files modified
debian/changelog (+18/-0)
debian/control (+1/-1)
debian/ifupdown.dhclient-enter-hook (+20/-0)
debian/ifupdown.dhclient-exit-hook (+110/-0)
debian/ifupdown.maintscript (+1/-0)
debian/install (+3/-0)
Reviewer Review Type Date Requested Status
Dimitri John Ledkov (community) code-review Approve
Review via email: mp+382729@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Steve Langasek (vorlon) wrote :

We will also need a corresponding upload of resolvconf, and we will also need to SRU systemd asap to remove its dhclient hook from the package, then add appropriate breaks in various places.

Reply
~vorlon/ubuntu/+source/ifupdown:ubuntu/devel updated
2a6b134... by Steve Langasek

add bug link

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

code-review is good. Some minor comments.

will proceed to test builds & interactive testing.

review: Approve (code-review)
Reply
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Do we need any breaks/reaplaces on systemd? or like just drop conffile in systemd too?

Reply
Revision history for this message
Steve Langasek (vorlon) wrote :

On Thu, Apr 23, 2020 at 02:11:15PM -0000, Dimitri John Ledkov wrote:

> Do we need any breaks/reaplaces on systemd? or like just drop conffile in
> systemd too?

Yes we should, but we don't know the versions to use in the field until
systemd is uploaded.

>
> Diff comments:
>
> > diff --git a/debian/ifupdown.maintscript b/debian/ifupdown.maintscript
> > index 2203f84..11fd04c 100644
> > --- a/debian/ifupdown.maintscript
> > +++ b/debian/ifupdown.maintscript
> > @@ -7,3 +7,4 @@ rm_conffile /etc/init/network-interface-security.conf 0.8.25~ ifupdown
> > rm_conffile /etc/init/network-interface.conf 0.8.25~ ifupdown
> > rm_conffile /etc/network/if-up.d/upstart 0.8.29~ ifupdown
> > rm_conffile /etc/network/if-down.d/upstart 0.8.29~ ifupdown
> > +rm_conffile /etc/dhcp/dhclient-enter-hooks.d/resolved 0.8.35ubuntu2 systemd

> Given we do this, we need to also want systemd upload to remove the
> conffile there too, right?

Yes, definitely (and that determines what versions should be in the Breaks
field).

Reply

Unmerged commits

2a6b134... by Steve Langasek

add bug link

1528925... by Steve Langasek

suppress noise from cmp

509311f... by Steve Langasek

Make the exit hook also talk to resolved over dbus in the case that it is already running.

7c20bf9... by Steve Langasek

fix wrong shell quoting in state files

8dec9ea... by Steve Langasek

Split the hook into an enter and exit hook, using the enter hook only to undefine the hostile make_resolv_conf() and doing all the work in the exit hook.

add6bd1... by Steve Langasek

Make the hook write to a state file under /run/systemd/resolve/netif instead of feeding resolvconf.

20c8542... by Steve Langasek

resolved, not resolvconf

36e9f32... by Steve Langasek

Check whether the systemd-resolved unit is enabled before diverting resolv.conf handling, instead of just whether systemd-resolved binary is on the filesystem. LP: #1853164.

a64658f... by Steve Langasek

resolved, not resolvconf

c89d93b... by Steve Langasek

* Take over /etc/dhcp/dhclient-enter-hooks.d/resolved from systemd and move
  it to /etc/dhcp/dhclient-enter-hooks.d/ifupdown.
* Build-depend on dh-exec to support renaming files at install time.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 123923e..23379e9 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,21 @@
6+ifupdown (0.8.35ubuntu2) UNRELEASED; urgency=medium
7+
8+ * Take over /etc/dhcp/dhclient-enter-hooks.d/resolved from systemd and
9+ move it to /etc/dhcp/dhclient-enter-hooks.d/ifupdown. LP: #1874337.
10+ * Build-depend on dh-exec to support renaming files at install time.
11+ * Check whether the systemd-resolved unit is enabled before diverting
12+ resolv.conf handling, instead of just whether systemd-resolved binary is
13+ on the filesystem. LP: #1853164.
14+ * Make the hook write to a state file under /run/systemd/resolve/netif
15+ instead of feeding resolvconf.
16+ * Split the hook into an enter and exit hook, using the enter hook only to
17+ undefine the hostile make_resolv_conf() and doing all the work in the
18+ exit hook.
19+ * Make the exit hook also talk to resolved over dbus in the case that
20+ it is already running.
21+
22+ -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 21 Apr 2020 21:58:37 -0700
23+
24 ifupdown (0.8.35ubuntu1) eoan; urgency=low
25
26 * Merge from Debian unstable. Remaining changes:
27diff --git a/debian/control b/debian/control
28index 71b2df6..50662d8 100644
29--- a/debian/control
30+++ b/debian/control
31@@ -4,7 +4,7 @@ Priority: important
32 Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
33 XSBC-Original-Maintainer: Guus Sliepen <guus@debian.org>
34 Standards-Version: 4.3.0
35-Build-Depends: debhelper-compat (= 12)
36+Build-Depends: debhelper-compat (= 12), dh-exec
37 Vcs-Git: https://salsa.debian.org/debian/ifupdown.git
38 Vcs-Browser: https://salsa.debian.org/debian/ifupdown
39 Rules-Requires-Root: no
40diff --git a/debian/ifupdown.dhclient-enter-hook b/debian/ifupdown.dhclient-enter-hook
41new file mode 100755
42index 0000000..ac75532
43--- /dev/null
44+++ b/debian/ifupdown.dhclient-enter-hook
45@@ -0,0 +1,20 @@
46+#
47+# Script fragment to make dhclient supply nameserver information to resolved
48+#
49+
50+# Tips:
51+# * Be careful about changing the environment since this is sourced
52+# * This script fragment uses bash features
53+# * As of isc-dhcp-client 4.2 the "reason" (for running the script) can be one of the following.
54+# (Listed on man page:) MEDIUM(0) PREINIT(0) BOUND(M) RENEW(M) REBIND(M) REBOOT(M) EXPIRE(D) FAIL(D) RELEASE(D) STOP(D) NBI(-) TIMEOUT(M)
55+# (Also used in master script:) ARPCHECK(0), ARPSEND(0)
56+# (Also used in master script:) PREINIT6(0) BOUND6(M) RENEW6(M) REBIND6(M) DEPREF6(0) EXPIRE6(D) RELEASE6(D) STOP6(D)
57+# (0) = master script does not run make_resolv_conf
58+# (M) = master script runs make_resolv_conf
59+# (D) = master script downs interface
60+# (-) = master script does nothing with this
61+
62+if systemctl is-enabled systemd-resolved > /dev/null 2>&1; then
63+ # For safety, undefine the nasty default make_resolv_conf()
64+ make_resolv_conf() { : ; }
65+ fi
66diff --git a/debian/ifupdown.dhclient-exit-hook b/debian/ifupdown.dhclient-exit-hook
67new file mode 100755
68index 0000000..15d2740
69--- /dev/null
70+++ b/debian/ifupdown.dhclient-exit-hook
71@@ -0,0 +1,110 @@
72+#
73+# Script fragment to make dhclient supply nameserver information to resolved
74+#
75+
76+# Tips:
77+# * Be careful about changing the environment since this is sourced
78+# * This script fragment uses bash features
79+# * As of isc-dhcp-client 4.2 the "reason" (for running the script) can be one of the following.
80+# (Listed on man page:) MEDIUM(0) PREINIT(0) BOUND(M) RENEW(M) REBIND(M) REBOOT(M) EXPIRE(D) FAIL(D) RELEASE(D) STOP(D) NBI(-) TIMEOUT(M)
81+# (Also used in master script:) ARPCHECK(0), ARPSEND(0)
82+# (Also used in master script:) PREINIT6(0) BOUND6(M) RENEW6(M) REBIND6(M) DEPREF6(0) EXPIRE6(D) RELEASE6(D) STOP6(D)
83+# (0) = master script does not run make_resolv_conf
84+# (M) = master script runs make_resolv_conf
85+# (D) = master script downs interface
86+# (-) = master script does nothing with this
87+
88+if systemctl is-enabled systemd-resolved > /dev/null 2>&1; then
89+ local mystatedir statedir ifindex all_domain_servers
90+
91+ if [ ! "$interface" ] ; then
92+ return
93+ fi
94+ ifindex=$(cat "/sys/class/net/$interface/ifindex")
95+ if [ ! "$ifindex" ]; then
96+ return
97+ fi
98+ mystatedir=/run/network
99+ mkdir -p $mystatedir
100+
101+ statedir=/run/systemd/resolve/netif
102+ mkdir -p $statedir
103+
104+ local oldstate="$(mktemp)"
105+ # ignore errors due to nonexistent file
106+ md5sum "$mystatedir/isc-dhcp-v4-$interface" "$mystatedir/isc-dhcp-v6-interface" > "$oldstate" 2> /dev/null || true
107+
108+ case "$reason" in
109+ BOUND|RENEW|REBIND|REBOOT|TIMEOUT|BOUND6|RENEW6|REBIND6)
110+ if [ -n "$new_domain_name_servers" ] ; then
111+ cat <<EOF >"$mystatedir/isc-dhcp-v4-$interface"
112+DNS="$new_domain_name_servers"
113+EOF
114+ if [ -n "$new_domain_name" ] || [ -n "$new_domain_search" ] ; then
115+ cat <<EOF >>"$mystatedir/isc-dhcp-v4-$interface"
116+DOMAINS="$new_domain_search $new_domain_name"
117+EOF
118+ fi
119+ fi
120+ if [ -n "$new_dhcp6_name_servers" ] ; then
121+ cat <<EOF >"$mystatedir/isc-dhcp-v6-$interface"
122+DNS6="$new_dhcp6_name_servers"
123+EOF
124+ if [ -n "$new_dhcp6_domain_search" ] ; then
125+ cat <<EOF >>"$mystatedir/isc-dhcp-v6-$interface"
126+DOMAINS6="$new_dhcp6_domain_search"
127+EOF
128+ fi
129+ fi
130+ ;;
131+
132+ EXPIRE|FAIL|RELEASE|STOP)
133+ rm -f "/run/network/isc-dhcp-v4-$interface"
134+ ;;
135+ EXPIRE6|RELEASE6|STOP6)
136+ rm -f "/run/network/isc-dhcp-v6-$interface"
137+ ;;
138+ esac
139+
140+ local newstate="$(mktemp)"
141+ # ignore errors due to nonexistent file
142+ md5sum "$mystatedir/isc-dhcp-v4-$interface" "$mystatedir/isc-dhcp-v6-$interface" > "$newstate" 2> /dev/null || true
143+ if ! cmp "$oldstate" "$newstate" 2>/dev/null; then
144+ local DNS DNS6 DOMAINS DOMAINS6
145+ if [ -e "$mystatedir/isc-dhcp-v4-$interface" ]; then
146+ . "$mystatedir/isc-dhcp-v4-$interface"
147+ fi
148+ if [ -e "$mystatedir/isc-dhcp-v6-$interface" ]; then
149+ . "$mystatedir/isc-dhcp-v6-$interface"
150+ fi
151+
152+ all_domain_servers="${DNS:+$DNS }$DNS6"
153+ if [ -n "$all_domain_servers" ] ; then
154+ cat <<EOF >"$statedir/$ifindex"
155+# This is private data. Do not parse.
156+LLMNR=yes
157+MDNS=no
158+SERVERS=$all_domain_servers
159+DOMAINS=~. $DOMAINS $DOMAINS6
160+EOF
161+
162+ # In addition to creating the state file (needed if we run before
163+ # resolved is started), also feed the information directly to
164+ # resolved.
165+ if systemctl --quiet is-active systemd-resolved; then
166+ resolvectl llmnr "$ifindex" yes
167+ resolvectl mdns "$ifindex" no
168+ resolvectl domain "$ifindex" ~. $DOMAINS $DOMAINS6
169+ resolvectl dns "$ifindex" $all_domain_servers
170+ fi
171+ else
172+ rm -f "$statedir/$ifindex"
173+ if systemctl --quiet is-active systemd-resolved; then
174+ resolvectl domain "$ifindex" ~.
175+ resolvectl dns "$ifindex" ""
176+ fi
177+ fi
178+
179+ rm "$oldstate" "$newstate"
180+ fi
181+fi
182diff --git a/debian/ifupdown.maintscript b/debian/ifupdown.maintscript
183index 2203f84..11fd04c 100644
184--- a/debian/ifupdown.maintscript
185+++ b/debian/ifupdown.maintscript
186@@ -7,3 +7,4 @@ rm_conffile /etc/init/network-interface-security.conf 0.8.25~ ifupdown
187 rm_conffile /etc/init/network-interface.conf 0.8.25~ ifupdown
188 rm_conffile /etc/network/if-up.d/upstart 0.8.29~ ifupdown
189 rm_conffile /etc/network/if-down.d/upstart 0.8.29~ ifupdown
190+rm_conffile /etc/dhcp/dhclient-enter-hooks.d/resolved 0.8.35ubuntu2 systemd
191diff --git a/debian/install b/debian/install
192old mode 100644
193new mode 100755
194index e8c928b..e288c72
195--- a/debian/install
196+++ b/debian/install
197@@ -1,2 +1,5 @@
198+#!/usr/bin/dh-exec
199 contrib/* usr/share/doc/ifupdown/contrib
200 debian/ifupdown-hotplug lib/udev
201+debian/ifupdown.dhclient-enter-hook => etc/dhcp/dhclient-enter-hooks.d/ifupdown
202+debian/ifupdown.dhclient-exit-hook => etc/dhcp/dhclient-exit-hooks.d/ifupdown

Subscribers

People subscribed via source and target branches