[pkg-dhcp-devel] Bug#873133: isc-dhcp-client: dhclient-scripts executes dhclient-{enter, exit}-hooks when it should not
Timo Sigurdsson
public_timo.s at silentcreek.de
Thu Aug 24 19:17:38 UTC 2017
Package: isc-dhcp-client
Version: 4.3.5-3
Severity: normal
Dear Maintainer,
I noticed that dhclient-script does not honor the executability flag of
either /etc/dhcp/dhclient-{enter,exit}-hooks or files inside the directories
/etc/dhcp/dhclient-{enter,exit}-hooks.d/ and will execute even non-executable
files by sourcing them. This is not supposed to happen according to the
dhclient-script man page.
Quote from the man page:
[dhclient-script] checks for the presence of an executable
/etc/dhcp/dhclient-enter-hooks script, and if present, it invokes the
script inline, using the Bourne shell '.' command. It also invokes all
executable scripts in /etc/dhcp/dhclient-enter-hooks.d/* in the same way.
The passage on the exit-hooks reads likewise.
However, dhclient-script does not actually check the executability of any of
these files. The run-hook function in dhclient-script only checks whether the
argument is a file and then sources it, see lines 144-145 of dhclient-script:
if [ -f $script ]; then
. $script
In addition, the run-hookdir function also iterates over files that are not
executable, see line 162:
for script in $(run-parts --list $dir); do
The problem here is the list switch of run-parts. Quote from the run-parts
man page:
--list print the names of the all matching files (not limited to
executables), but don't actually run them.
It would be better to use the --test switch here instead which will only
print the names of executable files in the folder without actually running
them.
Thus, a fix should be rather trivial to get dhclient-script to actually
invoke executables only.
On a sidenote, though, on my rather fresh installation of Debian Stretch, I
have several files inside /etc/dhcp/dhclient-exit-hooks.d/ that are not
executable by default such as
debug
timesyncd
rfc3442-classless-routes
So, I'm wondering whether their respective authors actually meant them to be
run by default or not.
Regards,
Timo
-- System Information:
Debian Release: 9.1
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages isc-dhcp-client depends on:
ii debianutils 4.8.1.1
ii iproute2 4.9.0-1
ii libc6 2.24-11+deb9u1
ii libdns-export162 1:9.10.3.dfsg.P4-12.3+deb9u2
ii libisc-export160 1:9.10.3.dfsg.P4-12.3+deb9u2
Versions of packages isc-dhcp-client recommends:
ii isc-dhcp-common 4.3.5-3
Versions of packages isc-dhcp-client suggests:
ii avahi-autoipd 0.6.32-2
pn isc-dhcp-client-ddns <none>
pn resolvconf <none>
-- no debconf information
More information about the pkg-dhcp-devel
mailing list