Mailing List Archive | ports@openbsd.org

From:: Kirill A. Korinsky <kirill@korins.ky>
Subject:: Re: net/isc-dhcpd: avoid uncontrolled grow of lease db
To:: ports@openbsd.org, "Kirill A. Korinsky" <kirill@korins.ky>
Date:: Sun, 03 Mar 2024 18:32:36 +0100

Download raw body.

Thread

2024-03-03 15:17 Kirill A. Korinsky:
net/isc-dhcpd: avoid uncontrolled grow of lease db
- 2024-03-03 17:07 Stuart Henderson:
  net/isc-dhcpd: avoid uncontrolled grow of lease db
- - 2024-03-03 17:32 Kirill A. Korinsky:
    net/isc-dhcpd: avoid uncontrolled grow of lease db
  - - 2024-03-03 18:12 Stuart Henderson:
      net/isc-dhcpd: avoid uncontrolled grow of lease db
    - - 2024-03-03 20:07 Kirill A. Korinsky:
        net/isc-dhcpd: avoid uncontrolled grow of lease db

On Sun, 03 Mar 2024 18:07:17 +0100,
Stuart Henderson wrote:
> 
> I don't think there's a good way to automate the move, so probably
> best to just warn people and allow startup to fail if the file is not
> present (i.e. remove the "touch" from rc script). At least if dhcpd
> fails to start it's more obvious and likely simpler to fix than if
> it starts and hands out addresses which are different from (possibly
> long-standing) leases.
> 
> I added an install message showing people what to do and modified
> the path in CONFIGURE_ARGS rather than the startup script.
>

I agree that it seems like the right move.

> +-my @LEASES = ('/var/db/dhcpd.leases', '/var/lib/dhcp/dhcpd.leases', '/var/lib/dhcp3/dhcpd.leases');
> ++my @LEASES = ('/var/db/dhcpd/dhcpd.leases');

The patch need to be updates as well. Here should be two path which you
defined in Makefile:
 - /var/db/isc-dhcp/dhcpd.leases
 - /var/db/isc-dhcp/dhcpd6.leases

Unfortently it reads the first file which exists and ignores the rest.

> ++my @OUIS = ('/usr/local/share/arp-scan/ieee-oui.txt');

when it should be added as dependency, should it?

> ++		"             the default is to try /var/db/isc-dhcpd/dhcpd.leases\n".
> + 		"\n");
> + 	    exit(0);
> + 	} elsif ($arg eq '--parsable') {
> Index: pkg/MESSAGE-main
> ===================================================================
> RCS file: pkg/MESSAGE-main
> diff -N pkg/MESSAGE-main
> --- /dev/null	1 Jan 1970 00:00:00 -0000
> +++ pkg/MESSAGE-main	3 Mar 2024 17:03:51 -0000
> @@ -0,0 +1,4 @@
> +If updating from earlier than isc-dhcp-server-4.4.3pl1p1, move/copy old leases:
> +# cd /var/db/isc-dhcp; mv ../dhcpd.leases .; chown _isc_dhcp:_isc_dhcp *
> +If configuring from scratch, install an empty leases file:
> +# install -o _isc_dhcp -g _isc_dhcp /dev/null /var/db/isc-dhcp/dhcpd.leases

Seems that dhcpd6.leases is missed here as well.

Thus, maybe keep things simple and do not split lease for IPv4 and IPv6? I
haven't test it, but after fast look to the code [1]it seems that it should
work if mix both leases into one file.


Footnotes:
[1]  https://github.com/isc-projects/dhcp/blob/v4_4_2_p1/server/dhcpd.c#L577-L603

-- 
wbr, Kirill

2024-03-03 15:17 Kirill A. Korinsky:
net/isc-dhcpd: avoid uncontrolled grow of lease db
- 2024-03-03 17:07 Stuart Henderson:
  net/isc-dhcpd: avoid uncontrolled grow of lease db
- - 2024-03-03 17:32 Kirill A. Korinsky:
    net/isc-dhcpd: avoid uncontrolled grow of lease db
  - - 2024-03-03 18:12 Stuart Henderson:
      net/isc-dhcpd: avoid uncontrolled grow of lease db
    - - 2024-03-03 20:07 Kirill A. Korinsky:
        net/isc-dhcpd: avoid uncontrolled grow of lease db