From: Stuart Henderson Subject: Re: net/isc-dhcpd: avoid uncontrolled grow of lease db To: ports@openbsd.org, "Kirill A. Korinsky" Date: Sun, 3 Mar 2024 17:07:17 +0000 On 2024/03/03 16:17, Kirill A. Korinsky wrote: > On Wed, 10 Jan 2024 21:21:22 +0100, > Stuart Henderson wrote: > > > > hrmmm, that doesn't make sense, if it can't write to /var/db/dhcpd.leases > > due to permissions, it shouldn't be able to write to /var/db/dhcpd.leases~ > > either.. > > > > I'll try and find some time to do a test install and figure out what's > > going on, but it won't be for a few days > > Any chance that this will be fixed in 7.5? > > -- > wbr, Kirill > I don't think there's a good way to automate the move, so probably best to just warn people and allow startup to fail if the file is not present (i.e. remove the "touch" from rc script). At least if dhcpd fails to start it's more obvious and likely simpler to fix than if it starts and hands out addresses which are different from (possibly long-standing) leases. I added an install message showing people what to do and modified the path in CONFIGURE_ARGS rather than the startup script. So how does this look.. Index: Makefile =================================================================== RCS file: /cvs/ports/net/isc-dhcp/Makefile,v retrieving revision 1.66 diff -u -p -r1.66 Makefile --- Makefile 27 Sep 2023 14:18:12 -0000 1.66 +++ Makefile 3 Mar 2024 17:03:51 -0000 @@ -3,7 +3,7 @@ COMMENT-client= ISC DHCP Client COMMENT-omapi= ISC DHCP OMAPI VERSION= 4.4.3-P1 -REVISION= 0 +REVISION= 1 DISTNAME= isc-dhcp-${VERSION} PKGNAME-main= isc-dhcp-server-${VERSION:S/-P/pl/} @@ -32,7 +32,9 @@ COMPILER_LANGS= c USE_GMAKE= Yes CONFIGURE_STYLE= gnu CONFIGURE_ARGS+= --enable-early-chroot \ - --enable-paranoia + --enable-paranoia \ + --with-srv-lease-file=/var/db/isc-dhcp/dhcpd.leases \ + --with-srv6-lease-file=/var/db/isc-dhcp/dhcpd6.leases NO_TEST= Yes @@ -60,6 +62,8 @@ post-install: ${SETENV} ${MAKE_ENV} ${FAKE_SETUP} ${MAKE_PROGRAM} ${ALL_FAKE_FLAGS} install ${INSTALL_DATA_DIR} ${PREFIX}/${EXAMPLEDIR} ${INSTALL_SCRIPT} ${FILESDIR}/dhclient-script ${PREFIX}/sbin + ${INSTALL_SCRIPT} ${WRKSRC}/contrib/dhcp-lease-list.pl \ + ${PREFIX}/bin/dhcp-lease-list ${INSTALL_DATA} ${WRKSRC}/server/dhcpd.conf.example \ ${PREFIX}/${EXAMPLEDIR}/dhcpd.conf ${INSTALL_DATA} ${WRKSRC}/client/dhclient.conf.example \ Index: patches/patch-contrib_dhcp-lease-list_pl =================================================================== RCS file: patches/patch-contrib_dhcp-lease-list_pl diff -N patches/patch-contrib_dhcp-lease-list_pl --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-contrib_dhcp-lease-list_pl 3 Mar 2024 17:03:51 -0000 @@ -0,0 +1,51 @@ +Index: contrib/dhcp-lease-list.pl +--- contrib/dhcp-lease-list.pl.orig ++++ contrib/dhcp-lease-list.pl +@@ -27,12 +27,11 @@ use strict; + use warnings; + use POSIX qw(strftime); + +-my @LEASES = ('/var/db/dhcpd.leases', '/var/lib/dhcp/dhcpd.leases', '/var/lib/dhcp3/dhcpd.leases'); ++my @LEASES = ('/var/db/dhcpd/dhcpd.leases'); + my @all_leases; + my @leases; + +-my @OUIS = ('/usr/share/misc/oui.txt', '/usr/local/etc/oui.txt'); +-my $OUI_URL = 'http://standards-oui.ieee.org/oui.txt'; ++my @OUIS = ('/usr/local/share/arp-scan/ieee-oui.txt'); + my $oui; + + my %data; +@@ -47,8 +46,9 @@ sub get_manufactorer_for_mac($) { + my $manu = "-NA-"; + + if (defined $oui) { +- $manu = join('-', ($_[0] =~ /^(..):(..):(..):/)); +- $manu = `grep -i '$manu' $oui | cut -f3`; ++ # XXX only handles 24-bit (MA-L) entries, not MA-S/MA-M ++ $manu = join('', ($_[0] =~ /^(..):(..):(..):/)); ++ $manu = `grep -i '^$manu' $oui | cut -f2`; + $manu =~ s/^\s+|\s+$//g; + } + +@@ -66,8 +66,7 @@ sub check_oui_file() { + } + + if (not defined $oui) { +- print(STDERR "To get manufacturer names please download $OUI_URL "); +- print(STDERR "to /usr/local/etc/oui.txt\n"); ++ print(STDERR "To get manufacturer names, 'pkg_add mac-vendor'\n"); + } + } + +@@ -191,9 +190,7 @@ sub cli_processing() { + " --last prints the last (even if end