Bug#1034566: marked as done (unblock: isc-dhcp/4.4.3-P1-2)

To: Paul Gevers <elbrus@debian.org>
Subject: Bug#1034566: marked as done (unblock: isc-dhcp/4.4.3-P1-2)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sun, 07 May 2023 08:57:03 +0000
Message-id: <[🔎] handler.1034566.D1034566.16834496451262853.ackdone@bugs.debian.org>
Reply-to: 1034566@bugs.debian.org
References: <d7afee34-5cc3-2b81-a130-d7b77fa1ad47@debian.org> <ZD6I2l9XTnkXxCuF@bartik>

Your message dated Sun, 7 May 2023 10:53:56 +0200
with message-id <d7afee34-5cc3-2b81-a130-d7b77fa1ad47@debian.org>
and subject line Re: Bug#1034566: unblock: isc-dhcp/4.4.3-P1-1.1
has caused the Debian Bug report #1034566,
regarding unblock: isc-dhcp/4.4.3-P1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1034566: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034566
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: unblock: isc-dhcp/4.4.3-P1-1.1
From: "Santiago R.R." <santiagorr@riseup.net>
Date: Tue, 18 Apr 2023 14:11:06 +0200
Message-id: <ZD6I2l9XTnkXxCuF@bartik>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: isc-dhcp@packages.debian.org
Control: affects -1 + src:isc-dhcp

Dear Release Team,

Please unblock package isc-dhcp

[ Reason ]

Two main reasons:
1. Include a NEWS entry to help users to be aware ISC DHCP Server has
been EOL'ed by upstream.

2. Solve https://bugs.debian.org/1034502 so dhclient can  handle
resolv.conf inside network namespaces. The proposed changes include an
autopkgtest to test this.

[ Impact ]

1. Less chances for the users to be aware of the end of upstream support
for a very important software.

2. Users or application using dhclient inside a network namespace would
continue to have issues with the DNS resolution.  See:
https://stackoverflow.com/questions/38102481/how-can-dhclient-be-made-namespace-aware

[ Tests ]
1. Doesn't really need a test. The NEWS entry would be displayed during
upgrading if apt-listchanges is available.

2. This is the autopkgtest included in this request applied to the
current version in testing:
https://salsa.debian.org/santiago/isc-dhcp/-/jobs/4144234#L324
And this is for the proposed version:
https://salsa.debian.org/santiago/isc-dhcp/-/jobs/4144350

[ Risks ]

1. There is no risk.

2. Code is trivial.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
There is minor (and harmless) change:

  [ Bastian Germann ]
  * d/copyright Format: Add trailing slash

that I include since it was part of the default git branch. I keep it to
make it easier to handle changes in the future.

Also, I've uploaded these changes to experimental.

Thanks!

 -- Santiago

unblock isc-dhcp/4.4.3-P1-1.1

diff -Nru isc-dhcp-4.4.3-P1/debian/changelog isc-dhcp-4.4.3-P1/debian/changelog
--- isc-dhcp-4.4.3-P1/debian/changelog	2023-01-09 10:15:41.000000000 +0100
+++ isc-dhcp-4.4.3-P1/debian/changelog	2023-04-17 14:20:02.000000000 +0200
@@ -1,3 +1,17 @@
+isc-dhcp (4.4.3-P1-2) unstable; urgency=medium
+
+  [ Gabriel Potter ]
+  * Support bound /etc/resolv.conf (Closes: #1034502)
+
+  [ Bastian Germann ]
+  * d/copyright Format: Add trailing slash
+
+  [ Santiago Ruano Rincón ]
+  * Add NEWS about isc-dhcp-server EOL'ed and its apparmor profile
+  * Test debian/tests/client-server
+
+ -- Santiago Ruano Rincón <santiago@debian.org>  Mon, 17 Apr 2023 14:20:02 +0200
+
 isc-dhcp (4.4.3-P1-1.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru isc-dhcp-4.4.3-P1/debian/copyright isc-dhcp-4.4.3-P1/debian/copyright
--- isc-dhcp-4.4.3-P1/debian/copyright	2023-01-09 09:25:59.000000000 +0100
+++ isc-dhcp-4.4.3-P1/debian/copyright	2023-04-17 13:50:46.000000000 +0200
@@ -1,4 +1,4 @@
-Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Source: https://www.isc.org/downloads/dhcp
 
 Files: *
diff -Nru isc-dhcp-4.4.3-P1/debian/dhclient-script.linux isc-dhcp-4.4.3-P1/debian/dhclient-script.linux
--- isc-dhcp-4.4.3-P1/debian/dhclient-script.linux	2023-01-09 09:27:37.000000000 +0100
+++ isc-dhcp-4.4.3-P1/debian/dhclient-script.linux	2023-04-17 13:50:46.000000000 +0200
@@ -84,7 +84,9 @@
 	    chown --reference=$resolv_conf $new_resolv_conf
 	    chmod --reference=$resolv_conf $new_resolv_conf
 	fi
-        mv -f $new_resolv_conf $resolv_conf
+	# cat then rm to handle binds (e.g. ip netns exec)
+	cat $new_resolv_conf > $resolv_conf
+	rm -f $new_resolv_conf
     # DHCPv6
     elif [ -n "$new_dhcp6_domain_search" ] || [ -n "$new_dhcp6_name_servers" ]; then
         resolv_conf=$(readlink -f "/etc/resolv.conf" 2>/dev/null) ||
@@ -115,7 +117,8 @@
             chown --reference=$resolv_conf $new_resolv_conf
             chmod --reference=$resolv_conf $new_resolv_conf
 	fi
-        mv -f $new_resolv_conf $resolv_conf
+	cat $new_resolv_conf > $resolv_conf
+	rm -f $new_resolv_conf
     fi
 }
 
diff -Nru isc-dhcp-4.4.3-P1/debian/isc-dhcp-server.NEWS isc-dhcp-4.4.3-P1/debian/isc-dhcp-server.NEWS
--- isc-dhcp-4.4.3-P1/debian/isc-dhcp-server.NEWS	2023-01-09 09:25:59.000000000 +0100
+++ isc-dhcp-4.4.3-P1/debian/isc-dhcp-server.NEWS	2023-04-17 13:50:46.000000000 +0200
@@ -1,3 +1,24 @@
+isc-dhcp-server (4.4.3-P1-2) unstable; urgency=medium
+
+  # ISC DHCP completely EOL
+
+  ISC has stopped maintaining the server component of isc-dhcp since October
+  2022. A similar decision was made for the client and relay parts earlier the
+  same year. ISC DHCP Server users are strongly encouraged to look for an
+  alternative.
+
+  More information can be found in these official announcements:
+  https://lists.isc.org/pipermail/dhcp-users/2022-October/022786.html
+  https://www.isc.org/blogs/isc-dhcp-eol/
+
+  # AppArmor support
+
+  Since 4.4.3-P1-1.1, isc-dhcp-server includes an apparmor profile (thanks
+  Ubuntu!). BIND keys for dynamic update should be stored in both /etc/bind9/
+  and /etc/dhcp/ddns-keys/, for bind9 and dhcpd access, respectively.
+
+ -- Santiago Ruano Rincón <santiago@debian.org>  Thu, 30 Mar 2023 10:48:03 +0200
+
 dhcp3 (3.1.1-6) unstable; urgency=low
 
 	 Please note that when running a failover pair of DHCP servers, in 3.1.x, the
diff -Nru isc-dhcp-4.4.3-P1/debian/tests/client-server isc-dhcp-4.4.3-P1/debian/tests/client-server
--- isc-dhcp-4.4.3-P1/debian/tests/client-server	1970-01-01 01:00:00.000000000 +0100
+++ isc-dhcp-4.4.3-P1/debian/tests/client-server	2023-04-17 13:50:59.000000000 +0200
@@ -0,0 +1,65 @@
+#!/usr/bin/sh
+#
+# A basic IPv4 dhcp server and client test
+# It also checks if dhclient handles correctly resolv.conf in a network
+# namespace
+
+set -e
+set -x
+
+nsserver=server
+nsclient=client
+ip_addr_server="10.42.42.1/24"
+ifaceserver=veth-server
+ifaceclient=veth-client
+
+ip netns add $nsserver
+ip netns add $nsclient
+
+ip link add \
+       ptp-$ifaceserver \
+       type veth \
+       peer name ptp-$ifaceclient
+
+ip link set ptp-$ifaceserver netns $nsserver
+ip link set ptp-$ifaceclient netns $nsclient
+
+mkdir -p /etc/netns/$nsclient
+echo "nameserver 8.8.8.8" > /etc/netns/$nsclient/resolv.conf
+
+cat << EOF >> /etc/dhcp/dhcpd.conf
+option domain-name "example.org";
+option domain-name-servers 1.1.1.1;
+
+default-lease-time 600;
+max-lease-time 7200;
+
+log-facility local7;
+
+subnet 10.42.42.0 netmask 255.255.255.0 {
+    range 10.42.42.10 10.42.42.19;
+}
+EOF
+
+ip netns exec $nsserver ip addr \
+    add $ip_addr_server dev ptp-$ifaceserver
+ip netns exec $nsserver ip link set \
+    dev ptp-$ifaceserver up
+ip netns exec $nsclient ip link set \
+    dev ptp-$ifaceclient up
+
+if ! /usr/sbin/dhcpd -t -q -cf /etc/dhcp/dhcpd.conf > /dev/null 2>&1; then
+    echo "dhcpd self-test failed. Please fix it."
+    echo "The error was: "
+    /usr/sbin/dhcpd -t -cf /etc/dhcp/dhcpd.conf
+    exit 1
+fi
+
+ip netns exec $nsserver /usr/sbin/dhcpd -cf /etc/dhcp/dhcpd.conf
+
+ip netns exec $nsclient dhclient ptp-veth-client
+
+ip netns exec $nsclient ip addr
+
+grep "1.1.1.1" /etc/netns/$nsclient/resolv.conf
+grep -v "8.8.8.8" /etc/netns/$nsclient/resolv.conf
diff -Nru isc-dhcp-4.4.3-P1/debian/tests/control isc-dhcp-4.4.3-P1/debian/tests/control
--- isc-dhcp-4.4.3-P1/debian/tests/control	1970-01-01 01:00:00.000000000 +0100
+++ isc-dhcp-4.4.3-P1/debian/tests/control	2023-04-15 15:16:10.000000000 +0200
@@ -0,0 +1,2 @@
+Tests: client-server
+Restrictions: allow-stderr, needs-root

Attachment: signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message ---

To: "Santiago R.R." <santiagorr@riseup.net>, 1034566-done@bugs.debian.org

Subject: Re: Bug#1034566: unblock: isc-dhcp/4.4.3-P1-1.1

From: Paul Gevers <elbrus@debian.org>

Date: Sun, 7 May 2023 10:53:56 +0200

Message-id: <d7afee34-5cc3-2b81-a130-d7b77fa1ad47@debian.org>

In-reply-to: <ZD6I2l9XTnkXxCuF@bartik>

References: <ZD6I2l9XTnkXxCuF@bartik>
Hi,

On 18-04-2023 14:11, Santiago R.R. wrote:
unblock isc-dhcp/4.4.3-P1-1.1
done and aged. Thanks.

Paul
Attachment: OpenPGP_signature
Description: OpenPGP digital signature

--- End Message ---

Reply to:

Prev by Date: Bug#1034469: marked as done (unblock: vmdb2/0.27+really.0.26-1)
Next by Date: Re: non-essential adduser poses problems to purging packages
Previous by thread: Bug#1034469: marked as done (unblock: vmdb2/0.27+really.0.26-1)
Next by thread: Bug#1035662: unblock: libomemo/0.8.1-3
Index(es):
- Date
- Thread