Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Dear Release Team, Please unblock package ndisc6 I have recently adopted ndisc6. One daemon in it (rdnssd) was affected by an RC bug (Bug#767071) which I have fixed by updating to the hook shipped in 1.0.3 upstream beginning of January. Upstream has since committed a better fix for this and proposed to include this in Stretch, since the current behaviour still has some rough edges and is known to result in stray search lines in /etc/resolv.conf (Bug#853281). I have cherry-picked this fix in ndisc6/1.0.3-3 The current version of the hook has only been in Debian for a month. rdnssd gets pulled in by d-i since Jessie when RDNSS information is found in an IPv6 router advertisement during installation. The hook only affects operation when resolvconf is not installed though. The package builds a udeb, but the hook is not part of it. unblock ndisc6/1.0.3-3 I plan to fix this with a stable upload for the next Jessie point release as well. Thanks, Bernhard
diff -Nru ndisc6-1.0.3/debian/changelog ndisc6-1.0.3/debian/changelog --- ndisc6-1.0.3/debian/changelog 2017-01-01 20:33:46.000000000 +0100 +++ ndisc6-1.0.3/debian/changelog 2017-02-01 11:00:55.000000000 +0100 @@ -1,3 +1,9 @@ +ndisc6 (1.0.3-3) unstable; urgency=medium + + * Import upstream fix to simplify rdnssd-merge-hook (Closes: #853281) + + -- Bernhard Schmidt <be...@debian.org> Wed, 01 Feb 2017 11:00:55 +0100 + ndisc6 (1.0.3-2) unstable; urgency=medium [ Bernhard Schmidt ] diff -Nru ndisc6-1.0.3/debian/patches/rdnssd-hook-drop-dnssl.patch ndisc6-1.0.3/debian/patches/rdnssd-hook-drop-dnssl.patch --- ndisc6-1.0.3/debian/patches/rdnssd-hook-drop-dnssl.patch 1970-01-01 01:00:00.000000000 +0100 +++ ndisc6-1.0.3/debian/patches/rdnssd-hook-drop-dnssl.patch 2017-02-01 11:00:55.000000000 +0100 @@ -0,0 +1,56 @@ +From: Pierre Ynard <linkfa...@yahoo.fr> +Date: Wed, 4 Jan 2017 01:45:35 +0000 (+0100) +Subject: rdnssd: properly handle search list entries in merge hook +X-Git-Url: http://git.remlab.net/gitweb/?p=ndisc6.git;a=commitdiff_plain;h=d60853a5319bac0c3ec9a082bcaf850a5ab8d1d5 + +rdnssd: properly handle search list entries in merge hook + +Basically, drop DNSSL entries because the hook is too basic to handle +them correctly. Use something more sophisticated like resolvconf if you +want this functionality. This fixes the following issues: + + - inserting less IPv6 nameservers than calculated + - littering /etc/resolv.conf with stray search lines every time DNSSL + entries change + - clobbering existing (DHCPv4) search list entries + - overkill use of /usr/bin/awk, outside of PATH and reliant on /usr + availability + +Signed-off-by: Rémi Denis-Courmont <r...@remlab.net> +--- + +diff --git a/rdnssd/merge-hook.in b/rdnssd/merge-hook.in +index 2d202e8..383a57c 100644 +--- a/rdnssd/merge-hook.in ++++ b/rdnssd/merge-hook.in +@@ -3,7 +3,7 @@ + # resolv.conf merge hook for rdnssd + + # ************************************************************************* +-# * Copyright © 2007-2009 Pierre Ynard. * ++# * Copyright © 2007-2009, 2017 Pierre Ynard. * + # * This program is free software: you can redistribute and/or modify * + # * it under the terms of the GNU General Public License as published by * + # * the Free Software Foundation, versions 2 or 3 of the license. * +@@ -51,13 +51,18 @@ if [ $limit -lt $room ]; then + limit=$room + fi + +-# Merge and write the result ++# Merge and write the result. Let rdnssd assume ownership of all IPv6 ++# nameservers, and remove extraneous IPv6 entries as expired. However ++# DHCPv4 most often sets up search list entries, and rdnssd cannot ++# clobber these lest it causes counterintuitive breakage. There is no ++# easy way to properly merge and manage DNSSL entries here, so just drop ++# them. + + { + sed -e "/$RE_NSV4OR6/d" < $resolvconf +- [ $limit -gt 0 ] && sed -e "${limit}q" < $myresolvconf ++ grep -m $limit "$RE_NSV4OR6" < $myresolvconf || [ $? -le 1 ] + sed -ne "/$RE_NSV4/p" < $resolvconf +-} | awk '!a[$0]++' > $resolvconf.tmp ++} > $resolvconf.tmp + + mv -f $resolvconf.tmp $resolvconf + diff -Nru ndisc6-1.0.3/debian/patches/resolvconf-rdnssd-hook.patch ndisc6-1.0.3/debian/patches/resolvconf-rdnssd-hook.patch --- ndisc6-1.0.3/debian/patches/resolvconf-rdnssd-hook.patch 2017-01-01 20:33:46.000000000 +0100 +++ ndisc6-1.0.3/debian/patches/resolvconf-rdnssd-hook.patch 2017-02-01 11:00:55.000000000 +0100 @@ -10,8 +10,8 @@ +# resolv.conf merge hook for Debian rdnssd # ************************************************************************* - # * Copyright © 2007-2009 Pierre Ynard. * -@@ -19,7 +19,15 @@ + # * Copyright © 2007-2009, 2017 Pierre Ynard. * +@@ -19,7 +19,12 @@ set -e @@ -22,9 +22,6 @@ + /sbin/resolvconf -a 000.rdnssd < "$INPUT" + exit 0 +fi -+ -+# Debian modification, awk is in /usr/bin -+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # Max number of nameserver options taken into account. Should be as # defined in <resolv.h> diff -Nru ndisc6-1.0.3/debian/patches/series ndisc6-1.0.3/debian/patches/series --- ndisc6-1.0.3/debian/patches/series 2017-01-01 20:33:46.000000000 +0100 +++ ndisc6-1.0.3/debian/patches/series 2017-02-01 11:00:55.000000000 +0100 @@ -1,2 +1,3 @@ +rdnssd-hook-drop-dnssl.patch resolvconf-rdnssd-hook.patch reproducible-build.patch