Your message dated Sun, 7 May 2023 10:53:56 +0200
with message-id <[email protected]>
and subject line Re: Bug#1034566: unblock: isc-dhcp/4.4.3-P1-1.1
has caused the Debian Bug report #1034566,
regarding unblock: isc-dhcp/4.4.3-P1-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1034566: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034566
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:isc-dhcp
Dear Release Team,
Please unblock package isc-dhcp
[ Reason ]
Two main reasons:
1. Include a NEWS entry to help users to be aware ISC DHCP Server has
been EOL'ed by upstream.
2. Solve https://bugs.debian.org/1034502 so dhclient can handle
resolv.conf inside network namespaces. The proposed changes include an
autopkgtest to test this.
[ Impact ]
1. Less chances for the users to be aware of the end of upstream support
for a very important software.
2. Users or application using dhclient inside a network namespace would
continue to have issues with the DNS resolution. See:
https://stackoverflow.com/questions/38102481/how-can-dhclient-be-made-namespace-aware
[ Tests ]
1. Doesn't really need a test. The NEWS entry would be displayed during
upgrading if apt-listchanges is available.
2. This is the autopkgtest included in this request applied to the
current version in testing:
https://salsa.debian.org/santiago/isc-dhcp/-/jobs/4144234#L324
And this is for the proposed version:
https://salsa.debian.org/santiago/isc-dhcp/-/jobs/4144350
[ Risks ]
1. There is no risk.
2. Code is trivial.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
[ Other info ]
There is minor (and harmless) change:
[ Bastian Germann ]
* d/copyright Format: Add trailing slash
that I include since it was part of the default git branch. I keep it to
make it easier to handle changes in the future.
Also, I've uploaded these changes to experimental.
Thanks!
-- Santiago
unblock isc-dhcp/4.4.3-P1-1.1
diff -Nru isc-dhcp-4.4.3-P1/debian/changelog isc-dhcp-4.4.3-P1/debian/changelog
--- isc-dhcp-4.4.3-P1/debian/changelog 2023-01-09 10:15:41.000000000 +0100
+++ isc-dhcp-4.4.3-P1/debian/changelog 2023-04-17 14:20:02.000000000 +0200
@@ -1,3 +1,17 @@
+isc-dhcp (4.4.3-P1-2) unstable; urgency=medium
+
+ [ Gabriel Potter ]
+ * Support bound /etc/resolv.conf (Closes: #1034502)
+
+ [ Bastian Germann ]
+ * d/copyright Format: Add trailing slash
+
+ [ Santiago Ruano Rincón ]
+ * Add NEWS about isc-dhcp-server EOL'ed and its apparmor profile
+ * Test debian/tests/client-server
+
+ -- Santiago Ruano Rincón <[email protected]> Mon, 17 Apr 2023 14:20:02
+0200
+
isc-dhcp (4.4.3-P1-1.1) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru isc-dhcp-4.4.3-P1/debian/copyright isc-dhcp-4.4.3-P1/debian/copyright
--- isc-dhcp-4.4.3-P1/debian/copyright 2023-01-09 09:25:59.000000000 +0100
+++ isc-dhcp-4.4.3-P1/debian/copyright 2023-04-17 13:50:46.000000000 +0200
@@ -1,4 +1,4 @@
-Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Source: https://www.isc.org/downloads/dhcp
Files: *
diff -Nru isc-dhcp-4.4.3-P1/debian/dhclient-script.linux
isc-dhcp-4.4.3-P1/debian/dhclient-script.linux
--- isc-dhcp-4.4.3-P1/debian/dhclient-script.linux 2023-01-09
09:27:37.000000000 +0100
+++ isc-dhcp-4.4.3-P1/debian/dhclient-script.linux 2023-04-17
13:50:46.000000000 +0200
@@ -84,7 +84,9 @@
chown --reference=$resolv_conf $new_resolv_conf
chmod --reference=$resolv_conf $new_resolv_conf
fi
- mv -f $new_resolv_conf $resolv_conf
+ # cat then rm to handle binds (e.g. ip netns exec)
+ cat $new_resolv_conf > $resolv_conf
+ rm -f $new_resolv_conf
# DHCPv6
elif [ -n "$new_dhcp6_domain_search" ] || [ -n "$new_dhcp6_name_servers"
]; then
resolv_conf=$(readlink -f "/etc/resolv.conf" 2>/dev/null) ||
@@ -115,7 +117,8 @@
chown --reference=$resolv_conf $new_resolv_conf
chmod --reference=$resolv_conf $new_resolv_conf
fi
- mv -f $new_resolv_conf $resolv_conf
+ cat $new_resolv_conf > $resolv_conf
+ rm -f $new_resolv_conf
fi
}
diff -Nru isc-dhcp-4.4.3-P1/debian/isc-dhcp-server.NEWS
isc-dhcp-4.4.3-P1/debian/isc-dhcp-server.NEWS
--- isc-dhcp-4.4.3-P1/debian/isc-dhcp-server.NEWS 2023-01-09
09:25:59.000000000 +0100
+++ isc-dhcp-4.4.3-P1/debian/isc-dhcp-server.NEWS 2023-04-17
13:50:46.000000000 +0200
@@ -1,3 +1,24 @@
+isc-dhcp-server (4.4.3-P1-2) unstable; urgency=medium
+
+ # ISC DHCP completely EOL
+
+ ISC has stopped maintaining the server component of isc-dhcp since October
+ 2022. A similar decision was made for the client and relay parts earlier the
+ same year. ISC DHCP Server users are strongly encouraged to look for an
+ alternative.
+
+ More information can be found in these official announcements:
+ https://lists.isc.org/pipermail/dhcp-users/2022-October/022786.html
+ https://www.isc.org/blogs/isc-dhcp-eol/
+
+ # AppArmor support
+
+ Since 4.4.3-P1-1.1, isc-dhcp-server includes an apparmor profile (thanks
+ Ubuntu!). BIND keys for dynamic update should be stored in both /etc/bind9/
+ and /etc/dhcp/ddns-keys/, for bind9 and dhcpd access, respectively.
+
+ -- Santiago Ruano Rincón <[email protected]> Thu, 30 Mar 2023 10:48:03
+0200
+
dhcp3 (3.1.1-6) unstable; urgency=low
Please note that when running a failover pair of DHCP servers, in
3.1.x, the
diff -Nru isc-dhcp-4.4.3-P1/debian/tests/client-server
isc-dhcp-4.4.3-P1/debian/tests/client-server
--- isc-dhcp-4.4.3-P1/debian/tests/client-server 1970-01-01
01:00:00.000000000 +0100
+++ isc-dhcp-4.4.3-P1/debian/tests/client-server 2023-04-17
13:50:59.000000000 +0200
@@ -0,0 +1,65 @@
+#!/usr/bin/sh
+#
+# A basic IPv4 dhcp server and client test
+# It also checks if dhclient handles correctly resolv.conf in a network
+# namespace
+
+set -e
+set -x
+
+nsserver=server
+nsclient=client
+ip_addr_server="10.42.42.1/24"
+ifaceserver=veth-server
+ifaceclient=veth-client
+
+ip netns add $nsserver
+ip netns add $nsclient
+
+ip link add \
+ ptp-$ifaceserver \
+ type veth \
+ peer name ptp-$ifaceclient
+
+ip link set ptp-$ifaceserver netns $nsserver
+ip link set ptp-$ifaceclient netns $nsclient
+
+mkdir -p /etc/netns/$nsclient
+echo "nameserver 8.8.8.8" > /etc/netns/$nsclient/resolv.conf
+
+cat << EOF >> /etc/dhcp/dhcpd.conf
+option domain-name "example.org";
+option domain-name-servers 1.1.1.1;
+
+default-lease-time 600;
+max-lease-time 7200;
+
+log-facility local7;
+
+subnet 10.42.42.0 netmask 255.255.255.0 {
+ range 10.42.42.10 10.42.42.19;
+}
+EOF
+
+ip netns exec $nsserver ip addr \
+ add $ip_addr_server dev ptp-$ifaceserver
+ip netns exec $nsserver ip link set \
+ dev ptp-$ifaceserver up
+ip netns exec $nsclient ip link set \
+ dev ptp-$ifaceclient up
+
+if ! /usr/sbin/dhcpd -t -q -cf /etc/dhcp/dhcpd.conf > /dev/null 2>&1; then
+ echo "dhcpd self-test failed. Please fix it."
+ echo "The error was: "
+ /usr/sbin/dhcpd -t -cf /etc/dhcp/dhcpd.conf
+ exit 1
+fi
+
+ip netns exec $nsserver /usr/sbin/dhcpd -cf /etc/dhcp/dhcpd.conf
+
+ip netns exec $nsclient dhclient ptp-veth-client
+
+ip netns exec $nsclient ip addr
+
+grep "1.1.1.1" /etc/netns/$nsclient/resolv.conf
+grep -v "8.8.8.8" /etc/netns/$nsclient/resolv.conf
diff -Nru isc-dhcp-4.4.3-P1/debian/tests/control
isc-dhcp-4.4.3-P1/debian/tests/control
--- isc-dhcp-4.4.3-P1/debian/tests/control 1970-01-01 01:00:00.000000000
+0100
+++ isc-dhcp-4.4.3-P1/debian/tests/control 2023-04-15 15:16:10.000000000
+0200
@@ -0,0 +1,2 @@
+Tests: client-server
+Restrictions: allow-stderr, needs-root
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Hi,
On 18-04-2023 14:11, Santiago R.R. wrote:
unblock isc-dhcp/4.4.3-P1-1.1
done and aged. Thanks.
Paul
OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
