Bug#854415: unblock: ndisc6/1.0.3-3
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Dear Release Team,
Please unblock package ndisc6
I have recently adopted ndisc6. One daemon in it (rdnssd) was affected
by an RC bug (Bug#767071) which I have fixed by updating to the hook
shipped in 1.0.3 upstream beginning of January.
Upstream has since committed a better fix for this and proposed to
include this in Stretch, since the current behaviour still has some
rough edges and is known to result in stray search lines in
/etc/resolv.conf (Bug#853281). I have cherry-picked this fix in
ndisc6/1.0.3-3
The current version of the hook has only been in Debian for a month.
rdnssd gets pulled in by d-i since Jessie when RDNSS information is
found in an IPv6 router advertisement during installation. The hook only
affects operation when resolvconf is not installed though.
The package builds a udeb, but the hook is not part of it.
unblock ndisc6/1.0.3-3
I plan to fix this with a stable upload for the next Jessie point
release as well.
Thanks,
Bernhard
diff -Nru ndisc6-1.0.3/debian/changelog ndisc6-1.0.3/debian/changelog
--- ndisc6-1.0.3/debian/changelog 2017-01-01 20:33:46.000000000 +0100
+++ ndisc6-1.0.3/debian/changelog 2017-02-01 11:00:55.000000000 +0100
@@ -1,3 +1,9 @@
+ndisc6 (1.0.3-3) unstable; urgency=medium
+
+ * Import upstream fix to simplify rdnssd-merge-hook (Closes: #853281)
+
+ -- Bernhard Schmidt <berni@debian.org> Wed, 01 Feb 2017 11:00:55 +0100
+
ndisc6 (1.0.3-2) unstable; urgency=medium
[ Bernhard Schmidt ]
diff -Nru ndisc6-1.0.3/debian/patches/rdnssd-hook-drop-dnssl.patch ndisc6-1.0.3/debian/patches/rdnssd-hook-drop-dnssl.patch
--- ndisc6-1.0.3/debian/patches/rdnssd-hook-drop-dnssl.patch 1970-01-01 01:00:00.000000000 +0100
+++ ndisc6-1.0.3/debian/patches/rdnssd-hook-drop-dnssl.patch 2017-02-01 11:00:55.000000000 +0100
@@ -0,0 +1,56 @@
+From: Pierre Ynard <linkfanel@yahoo.fr>
+Date: Wed, 4 Jan 2017 01:45:35 +0000 (+0100)
+Subject: rdnssd: properly handle search list entries in merge hook
+X-Git-Url: http://git.remlab.net/gitweb/?p=ndisc6.git;a=commitdiff_plain;h=d60853a5319bac0c3ec9a082bcaf850a5ab8d1d5
+
+rdnssd: properly handle search list entries in merge hook
+
+Basically, drop DNSSL entries because the hook is too basic to handle
+them correctly. Use something more sophisticated like resolvconf if you
+want this functionality. This fixes the following issues:
+
+ - inserting less IPv6 nameservers than calculated
+ - littering /etc/resolv.conf with stray search lines every time DNSSL
+ entries change
+ - clobbering existing (DHCPv4) search list entries
+ - overkill use of /usr/bin/awk, outside of PATH and reliant on /usr
+ availability
+
+Signed-off-by: Rémi Denis-Courmont <remi@remlab.net>
+---
+
+diff --git a/rdnssd/merge-hook.in b/rdnssd/merge-hook.in
+index 2d202e8..383a57c 100644
+--- a/rdnssd/merge-hook.in
++++ b/rdnssd/merge-hook.in
+@@ -3,7 +3,7 @@
+ # resolv.conf merge hook for rdnssd
+
+ # *************************************************************************
+-# * Copyright © 2007-2009 Pierre Ynard. *
++# * Copyright © 2007-2009, 2017 Pierre Ynard. *
+ # * This program is free software: you can redistribute and/or modify *
+ # * it under the terms of the GNU General Public License as published by *
+ # * the Free Software Foundation, versions 2 or 3 of the license. *
+@@ -51,13 +51,18 @@ if [ $limit -lt $room ]; then
+ limit=$room
+ fi
+
+-# Merge and write the result
++# Merge and write the result. Let rdnssd assume ownership of all IPv6
++# nameservers, and remove extraneous IPv6 entries as expired. However
++# DHCPv4 most often sets up search list entries, and rdnssd cannot
++# clobber these lest it causes counterintuitive breakage. There is no
++# easy way to properly merge and manage DNSSL entries here, so just drop
++# them.
+
+ {
+ sed -e "/$RE_NSV4OR6/d" < $resolvconf
+- [ $limit -gt 0 ] && sed -e "${limit}q" < $myresolvconf
++ grep -m $limit "$RE_NSV4OR6" < $myresolvconf || [ $? -le 1 ]
+ sed -ne "/$RE_NSV4/p" < $resolvconf
+-} | awk '!a[$0]++' > $resolvconf.tmp
++} > $resolvconf.tmp
+
+ mv -f $resolvconf.tmp $resolvconf
+
diff -Nru ndisc6-1.0.3/debian/patches/resolvconf-rdnssd-hook.patch ndisc6-1.0.3/debian/patches/resolvconf-rdnssd-hook.patch
--- ndisc6-1.0.3/debian/patches/resolvconf-rdnssd-hook.patch 2017-01-01 20:33:46.000000000 +0100
+++ ndisc6-1.0.3/debian/patches/resolvconf-rdnssd-hook.patch 2017-02-01 11:00:55.000000000 +0100
@@ -10,8 +10,8 @@
+# resolv.conf merge hook for Debian rdnssd
# *************************************************************************
- # * Copyright © 2007-2009 Pierre Ynard. *
-@@ -19,7 +19,15 @@
+ # * Copyright © 2007-2009, 2017 Pierre Ynard. *
+@@ -19,7 +19,12 @@
set -e
@@ -22,9 +22,6 @@
+ /sbin/resolvconf -a 000.rdnssd < "$INPUT"
+ exit 0
+fi
-+
-+# Debian modification, awk is in /usr/bin
-+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Max number of nameserver options taken into account. Should be as
# defined in <resolv.h>
diff -Nru ndisc6-1.0.3/debian/patches/series ndisc6-1.0.3/debian/patches/series
--- ndisc6-1.0.3/debian/patches/series 2017-01-01 20:33:46.000000000 +0100
+++ ndisc6-1.0.3/debian/patches/series 2017-02-01 11:00:55.000000000 +0100
@@ -1,2 +1,3 @@
+rdnssd-hook-drop-dnssl.patch
resolvconf-rdnssd-hook.patch
reproducible-build.patch
Reply to: