lp:~smoser/ubuntu/precise/isc-dhcp/nouid
- Get this branch:
- bzr branch lp:~smoser/ubuntu/precise/isc-dhcp/nouid
Branch merges
Related bugs
Related blueprints
Branch information
- Owner:
- Scott Moser
- Status:
- Development
Recent revisions
- 55. By Scott Moser
-
* refresh against 4.1.ESV-
R4-0ubuntu5. 8
* Allow dhcpd to read /etc/ldap/ldap.conf for isc-dhcp-server- ldap.
(LP: #1057358). Backported from Stéphane Graber's quantal patch.
* Include patch from RedHat/Fedora to deal with hardware/xen/virtio offload
of UDP checksums. (LP: #930962)
* Update apparmor profile to add required the "network packet raw" rule
for the checksum change. - 54. By Scott Moser
-
Pull in changes suggested by Nobuto MURATA, so patch stays applied.
* debian/
patches/ add-option- ignore- client- uids.patch:
- make its patch order earlier than ldap ones to prevent from
reverted during the build, refresh patch.
* debian/patches/ dhcp-4. 1.0-ldap- code.dpatch: refreshed so that patch
application did not fail after patch above. - 52. By Scott Moser
-
debian/
patches/ add-option- ignore- client- uids.patch:
Enable option 'ignore-client- uids' (LP: #1069570) - 51. By Stéphane Graber
-
[ Scott Moser ]
* debian/apparmor- profile. dhcpd: use include directory to enable
other packages to re-use isc-dhcp-server. (LP: #1049177)[ Stéphane Graber ]
* Update onetry_retry_after_ initial_ success to disable the onetry variable
early enough to actually prevent dhclient from exiting. (LP: #974284)
* Update droppriv patch to also call initgroups() (LP: #727837) - 50. By Marc Deslauriers
-
[ Jamie Strandboge ]
* debian/dhclient- script. linux: Explicitly set the PATH to that of
ENV_SUPATH in /etc/login.defs and unset various other variables. We need
to do this so /sbin/dhclient cannot abuse the environment to escape
AppArmor confinement via this script. Don't worry about
debian/dhclient- script. linux.udeb or debian/ dhclient- script. kfreebsd*
since AppArmor isn't used in these environments.
- LP: #1045986[ Marc Deslauriers ]
* SECURITY UPDATE: denial of service via ipv6 lease expiration time
reduction
- debian/patches/ CVE-2012- 3955.patch: properly handle time reduction in
server/dhcpv6. c, server/mdb6.c.
- CVE-2012-3955 - 49. By Stéphane Graber
-
Move onetry_
retry_after_ initial_ success to the proper spot in the patch
stack so that it actually gets applied. (LP: #974284) - 48. By Stéphane Graber
-
* Set -pf option for both isc-dhcp-server and isc-dhcp-server6 so they
create their pid files in a path that's actually writable. (LP: #985417)
* Also allow read access to the pid file in the apparmor profile,
otherwise only the initial start succeeds. (LP: #1005062)
* On upgrade from dhcp3-server, move /etc/default/dhcp3-server to
/etc/default/ isc-dhcp- server. (LP: #1003971)
* On upgrade from dhcp3-relay, remove /etc/default/dhcp3-relay.
(LP: #1005547)
* Try to preseed isc-dhcp-relay with the values from
/etc/default/ dhcp3-relay. (LP: #1005547)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/saucy/isc-dhcp