Bug#702785: unblock: ifenslave-2.6/1.1.0-21
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package ifenslave-2.6
This fixes an important bug (#699445) which causes bonding to fail to work
correctly after booting in those bonding modes where a primary interface has to
be selected.
I also enabled hardening flags, which found some unsafe usages of format
strings, which have been fixed.
unblock ifenslave-2.6/1.1.0-21
-- System Information:
Debian Release: 7.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru ifenslave-2.6-1.1.0/debian/changelog ifenslave-2.6-1.1.0/debian/changelog
--- ifenslave-2.6-1.1.0/debian/changelog 2011-11-14 11:36:30.000000000 +0100
+++ ifenslave-2.6-1.1.0/debian/changelog 2013-02-19 14:43:55.000000000 +0100
@@ -1,3 +1,17 @@
+ifenslave-2.6 (1.1.0-21) unstable; urgency=low
+
+ [ Jonas Genannt ]
+ * d/pre-up: bond-primary does not apply (Closes: #699445)
+ Moved setting primary into own function and call it after enslave_slaves
+
+ [ Guus Sliepen ]
+ * Explicitly mention that 3.x kernels are also supported. Closes: #697454
+ * Bump Standards-Version.
+ * Enable hardening.
+ * Fix unsafe use of printf() and fprintf() found by the hardening flags.
+
+ -- Guus Sliepen <guus@debian.org> Tue, 19 Feb 2013 14:43:29 +0100
+
ifenslave-2.6 (1.1.0-20) unstable; urgency=low
* Use dashes consistently for bonding options in README.Debian.
diff -Nru ifenslave-2.6-1.1.0/debian/control ifenslave-2.6-1.1.0/debian/control
--- ifenslave-2.6-1.1.0/debian/control 2011-05-25 18:42:29.000000000 +0200
+++ ifenslave-2.6-1.1.0/debian/control 2013-02-19 14:40:32.000000000 +0100
@@ -2,8 +2,8 @@
Section: net
Priority: optional
Maintainer: Guus Sliepen <guus@debian.org>
-Build-Depends: debhelper (>> 7.0.0)
-Standards-Version: 3.9.2
+Build-Depends: debhelper (>> 7.0.0), dpkg-dev (>= 1.16.1~)
+Standards-Version: 3.9.4
Package: ifenslave-2.6
Architecture: linux-any
@@ -19,4 +19,4 @@
"channel bonding" or "trunking" techniques used in switches.
.
The kernel must have support for bonding devices for ifenslave to be useful.
- This package supports 2.6.x kernels and the most recent 2.4.x kernels.
+ This package supports 2.6.x and 3.x kernels and the most recent 2.4.x kernels.
diff -Nru ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf
--- ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf 1970-01-01 01:00:00.000000000 +0100
+++ ifenslave-2.6-1.1.0/debian/patches/fix-unsafe-use-of-printf 2013-02-19 14:39:05.000000000 +0100
@@ -0,0 +1,72 @@
+--- a/ifenslave.c
++++ b/ifenslave.c
+@@ -260,7 +260,7 @@
+ case 'V': opt_V++; exclusive++; break;
+
+ case '?':
+- fprintf(stderr, usage_msg);
++ fputs(usage_msg, stderr);
+ res = 2;
+ goto out;
+ }
+@@ -268,13 +268,13 @@
+
+ /* options check */
+ if (exclusive > 1) {
+- fprintf(stderr, usage_msg);
++ fputs(usage_msg, stderr);
+ res = 2;
+ goto out;
+ }
+
+ if (opt_v || opt_V) {
+- printf(version);
++ fputs(version, stdout);
+ if (opt_V) {
+ res = 0;
+ goto out;
+@@ -282,14 +282,14 @@
+ }
+
+ if (opt_u) {
+- printf(usage_msg);
++ fputs(usage_msg, stdout);
+ res = 0;
+ goto out;
+ }
+
+ if (opt_h) {
+- printf(usage_msg);
+- printf(help_msg);
++ fputs(usage_msg, stdout);
++ fputs(help_msg, stdout);
+ res = 0;
+ goto out;
+ }
+@@ -309,7 +309,7 @@
+ goto out;
+ } else {
+ /* Just show usage */
+- fprintf(stderr, usage_msg);
++ fputs(usage_msg, stderr);
+ res = 2;
+ goto out;
+ }
+@@ -320,7 +320,7 @@
+ master_ifname = *spp++;
+
+ if (master_ifname == NULL) {
+- fprintf(stderr, usage_msg);
++ fputs(usage_msg, stderr);
+ res = 2;
+ goto out;
+ }
+@@ -339,7 +339,7 @@
+
+ if (slave_ifname == NULL) {
+ if (opt_d || opt_c) {
+- fprintf(stderr, usage_msg);
++ fputs(usage_msg, stderr);
+ res = 2;
+ goto out;
+ }
diff -Nru ifenslave-2.6-1.1.0/debian/patches/series ifenslave-2.6-1.1.0/debian/patches/series
--- ifenslave-2.6-1.1.0/debian/patches/series 1970-01-01 01:00:00.000000000 +0100
+++ ifenslave-2.6-1.1.0/debian/patches/series 2013-02-19 14:34:20.000000000 +0100
@@ -0,0 +1 @@
+fix-unsafe-use-of-printf
diff -Nru ifenslave-2.6-1.1.0/debian/pre-up ifenslave-2.6-1.1.0/debian/pre-up
--- ifenslave-2.6-1.1.0/debian/pre-up 2011-11-14 11:30:07.000000000 +0100
+++ ifenslave-2.6-1.1.0/debian/pre-up 2013-02-19 13:04:24.000000000 +0100
@@ -145,21 +145,6 @@
# Changing lacp_rate requires $BOND_MASTER to be down.
sysfs_change_down lacp_rate "$IF_BOND_LACP_RATE"
- # primary must be set after mode (because only supported in some modes) and after enslavement.
- # The first slave in bond-primary found in current slaves becomes the primary.
- # If no slave in bond-primary is found, then primary does not change.
- for slave in $IF_BOND_PRIMARY ; do
- if grep -sq "\\<$slave\\>" "/sys/class/net/$BOND_MASTER/bonding/slaves" ; then
- sysfs primary "$slave"
- break
- fi
- done
-
- # primary_reselect should be set after mode (because only supported in some modes), after enslavement
- # and after primary. This is currently (2.6.35-rc1) not enforced by the bonding driver, but it is
- # probably safer to do it in that order.
- sysfs primary_reselect "$IF_BOND_PRIMARY_RESELECT"
-
# queue_id must be set after enslavement.
for iface_queue_id in $IF_BOND_QUEUE_ID
do
@@ -179,6 +164,23 @@
[ "$IFACE" != "$BOND_MASTER" ] && ip link set dev "$BOND_MASTER" up
}
+setup_primary() {
+ # primary must be set after mode (because only supported in some modes) and after enslavement.
+ # The first slave in bond-primary found in current slaves becomes the primary.
+ # If no slave in bond-primary is found, then primary does not change.
+ for slave in $IF_BOND_PRIMARY ; do
+ if grep -sq "\\<$slave\\>" "/sys/class/net/$BOND_MASTER/bonding/slaves" ; then
+ sysfs primary "$slave"
+ break
+ fi
+ done
+
+ # primary_reselect should be set after mode (because only supported in some modes), after enslavement
+ # and after primary. This is currently (2.6.35-rc1) not enforced by the bonding driver, but it is
+ # probably safer to do it in that order.
+ sysfs primary_reselect "$IF_BOND_PRIMARY_RESELECT"
+}
+
# Option slaves deprecated, replaced by bond-slaves, but still supported for backward compatibility.
IF_BOND_SLAVES=${IF_BOND_SLAVES:-$IF_SLAVES}
@@ -199,4 +201,5 @@
early_setup_master
setup_master
enslave_slaves
+setup_primary
exit 0
diff -Nru ifenslave-2.6-1.1.0/debian/rules ifenslave-2.6-1.1.0/debian/rules
--- ifenslave-2.6-1.1.0/debian/rules 2011-11-14 11:36:13.000000000 +0100
+++ ifenslave-2.6-1.1.0/debian/rules 2013-02-19 14:31:46.000000000 +0100
@@ -5,6 +5,9 @@
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
+DPKG_EXPORT_BUILDFLAGS = 1
+include /usr/share/dpkg/buildflags.mk
+
configure: configure-stamp
configure-stamp:
dh_testdir
@@ -17,7 +20,7 @@
build-stamp:
dh_testdir
- gcc -O2 -g -Wall -o ifenslave ifenslave.c
+ $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o ifenslave ifenslave.c
touch build-stamp
Reply to: