--- ndisc6-1.0.1.orig/rdnssd/merge-hook.in
+++ ndisc6-1.0.1/rdnssd/merge-hook.in
@@ -1,11 +1,9 @@
#! /bin/sh
#
-# resolv.conf merge hook for rdnssd
-#
-# $Id: merge-hook.in 634 2009-11-25 21:31:20Z linkfanel $
+# resolv.conf merge hook for Debian rdnssd
# *************************************************************************
-# * Copyright © 2007-2009 Pierre Ynard. *
+# * Copyright © 2008 Rémi Denis-Courmont. *
# * This program is free software: you can redistribute and/or modify *
# * it under the terms of the GNU General Public License as published by *
# * the Free Software Foundation, versions 2 or 3 of the license. *
@@ -19,47 +17,12 @@
# * along with this program. If not, see . *
# *************************************************************************
-set -e
-
PATH=/sbin:/bin
+INPUT="/var/run/rdnssd/resolv.conf"
-# Max number of nameserver options taken into account. Should be as
-# defined in
-MAXNS=3
-
-# This script tries to share available nameserver slots with IPv4
-# entries, for example to allow fallback to IPv4 if IPv6 fails. If
-# there is not enough room for all IPv6 and IPv4 entries, this script
-# will limit the IPv6 entries it adds to $RDNSS_LIMIT only.
-RDNSS_LIMIT=$(($MAXNS - 1))
-
-sysconfdir='@SYSCONFDIR@'
-localstatedir='@LOCALSTATEDIR@'
-resolvconf="$sysconfdir/resolv.conf"
-myresolvconf="$localstatedir/run/rdnssd/resolv.conf"
-
-# These should be POSIX-compliant BREs
-RE_NSV4='^nameserver *\([0-9]\{1,3\}\.\)\{3,3\}[0-9]\{1,3\} *$'
-RE_NSV4OR6='^nameserver *[a-fA-F0-9:\.]\{1,46\}\(%[a-zA-Z0-9]\{1,\}\)\{,1\} *$'
-
-# Count how many IPv6 nameservers we can fit
-
-limit=$RDNSS_LIMIT
-
-nnsv4=`grep -c "$RE_NSV4" $resolvconf || [ $? -le 1 ]`
-room=$(($MAXNS - $nnsv4))
-
-if [ $limit -lt $room ]; then
- limit=$room
+if [ -x /sbin/resolvconf ]; then
+ /sbin/resolvconf -a 000.rdnssd < "$INPUT"
+else
+ cat -- "$INPUT" > "/etc/resolv.conf"
fi
-# Merge and write the result
-
-{
- sed -e "/$RE_NSV4OR6/d" < $resolvconf
- [ $limit -gt 0 ] && sed -e "${limit}q" < $myresolvconf
- sed -ne "/$RE_NSV4/p" < $resolvconf
-} >| $resolvconf.tmp
-
-mv -f $resolvconf.tmp $resolvconf
-
--- ndisc6-1.0.1.orig/rdnssd/rdnssd.c
+++ ndisc6-1.0.1/rdnssd/rdnssd.c
@@ -216,22 +216,32 @@
}
-
-static int drop_privileges(const char *username)
+static int drop_privileges (const char *username)
{
- if (username) {
- struct passwd *pw = getpwnam(username);
-
- if (pw == NULL) {
- syslog (LOG_ERR, _("Cannot find user \"%s\""), username);
- return -1;
- }
+ if (username == NULL)
+ return 0;
- setgid (pw->pw_gid);
- initgroups (username, pw->pw_gid);
- setuid(pw->pw_uid);
+ struct passwd *pw = getpwnam (username);
+ if (pw == NULL)
+ {
+ syslog (LOG_ERR, _("Cannot find user \"%s\""), username);
+ return -1;
+ }
+ if (setgid (pw->pw_gid))
+ {
+ syslog (LOG_CRIT, _("Fatal error (%s): %m"), "setgid");
+ return -1;
+ }
+ if (initgroups (username, pw->pw_gid))
+ {
+ syslog (LOG_CRIT, _("Fatal error (%s): %m"), "setgid");
+ return -1;
+ }
+ if (setuid (pw->pw_uid))
+ {
+ syslog (LOG_CRIT, _("Fatal error (%s): %m"), "setuid");
+ return -1;
}
-
return 0;
}
--- ndisc6-1.0.1.orig/debian/changelog
+++ ndisc6-1.0.1/debian/changelog
@@ -0,0 +1,132 @@
+ndisc6 (1.0.1-1ubuntu1) oneiric; urgency=low
+
+ * Backport from upstream:
+ - rdnssd: check for errors while dropping privileges
+
+ -- Colin Watson Wed, 10 Aug 2011 12:43:32 +0100
+
+ndisc6 (1.0.1-1) unstable; urgency=low
+
+ * New upstream release:
+ - translate into German (Closes: #579719).
+ - fix alignment issues on ARM and SPARC (Closes: #599869).
+ * Update my email address.
+ * Refer to GPL-2 rather than just GPL.
+ * Update to standards version 3.9.1.
+ * Add udeb for rdisc6 and rdnssd (Closes: #611330)
+ (patch by Matthew Palmer ).
+ * Stop rdnssd also on run level 1.
+
+ -- Rémi Denis-Courmont Sun, 20 Feb 2011 10:18:42 +0200
+
+ndisc6 (0.9.8-1) unstable; urgency=low
+
+ * New upstream version fixes rdisc6 ISATAP interfaces support.
+ * Switch to debhelper v7.
+ * Fill in initscript Provides.
+ * Update to standards version 3.8.0.
+
+ -- Rémi Denis-Courmont Sat, 16 Aug 2008 16:33:47 +0300
+
+ndisc6 (0.9.7-1) unstable; urgency=medium
+
+ * New upstream release:
+ - fixes compilation against newer kernel headers (Closes: #464261).
+ * Update debian/copyright statements.
+ * Remove linda overrides.
+ * Move rdisc6 to /bin as some folks use it to initialize their network.
+ * Make rdnssd.init LSB comments consistent with update-rc.d invocation.
+ * Start rdnssd before networking also when using insserv.
+ * Replace upstream merge-hook with a custom one:
+ - do not use Perl (as /usr is not available early enough),
+ - use resolvconf for merging (Closes: #470842).
+ * Recommend resolvconf.
+
+ -- Rémi Denis-Courmont Sun, 16 Mar 2008 18:58:52 +0200
+
+ndisc6 (0.9.5-1) unstable; urgency=low
+
+ * New upstream release.
+ * Add rdnssd as a binary package of its own.
+ * Added Homepage to debian/control.
+ * Update to standards version 3.7.3.
+
+ -- Rémi Denis-Courmont Sun, 30 Dec 2007 17:50:25 +0100
+
+ndisc6 (0.9.3-1) unstable; urgency=low
+
+ * New upstream version.
+ * Explicitly disable run-time assertions and debug code.
+ * nameinfo and addrinfo renamed upstream, brought back.
+ * Add tcpspray as tcpspray.ndisc6, pending alternative use.
+ * Update upstream URL.
+ * Add gettext and autotools-dev to Build-Deps because of gettext.
+ * Update standards version to 3.7.2.2.
+ * Make rltraceroute6 an alternative for traceroute6
+ and conflict with pre-alternative iputils-tracepath
+ * Added XS-Vcs-Svn field.
+
+ -- Rémi Denis-Courmont Wed, 08 Aug 2007 18:18:00 +0300
+
+ndisc6 (0.7.3-2) unstable; urgency=medium
+
+ * Remove conflicting addrinfo from package (Closes: #404007).
+ * Remove nameinfo too as it depends upon addrinfo.
+ * Fix IPV6_PKTINFO detection (from upstream [364]).
+ * Fix traceroute6 -F (from upstream [366]).
+ * Fix traceroute6 temporary DNS error handling (from upstream [388]).
+ * Fix tcpspray echo fatal error deadlock (from upstream [418]).
+
+ -- Rémi Denis-Courmont Thu, 21 Dec 2006 09:14:15 +0100
+
+ndisc6 (0.7.3-1) unstable; urgency=low
+
+ * New upstream release (adds IDN, fix traceroute6, fix Hurd support).
+ * Use ld --as-needed to avoid superfluous librt linking.
+
+ -- Rémi Denis-Courmont Sun, 08 Oct 2006 20:21:18 +0300
+
+ndisc6 (0.7.2-1) unstable; urgency=low
+
+ * New upstream version adds dnssort, nameinfo and addrinfo,
+ * Make ndisc6, rltraceroute6, rdisc6 setuid,
+ upstream has added protection against local root compromise,
+ * Remove bogus define of IPV6_RECVHOPLIMIT,
+ * Remove IPV6_TCLASS define merged upstream.
+
+ -- Rémi Denis-Courmont Tue, 12 Sep 2006 22:49:31 +0300
+
+ndisc6 (0.6.8-1) unstable; urgency=low
+
+ * New upstream version, fix tcpspray6 measurements.
+ * Supplement missing IPV6_TCLASS and IPV6_RECVHOPLIMIT from glibc manually.
+
+ -- Rémi Denis-Courmont Fri, 1 Sep 2006 20:41:57 +0300
+
+ndisc6 (0.6.7-1) unstable; urgency=low
+
+ * New upstream version.
+
+ -- Rémi Denis-Courmont Sat, 12 Aug 2006 23:42:40 +0300
+
+ndisc6 (0.6.6-1) unstable; urgency=low
+
+ * New upstream release.
+ * Fixed watch file.
+ * Initial release (Closes: #380654 -- ITP for ndisc6).
+
+ -- Rémi Denis-Courmont Sat, 15 Jul 2006 13:41:06 +0300
+
+ndisc6 (0.6.5-0remlab) unstable; urgency=low
+
+ * New upstream release.
+ * Switch to CDBS.
+
+ -- Rémi Denis-Courmont Fri, 7 Jul 2006 18:06:23 +0300
+
+ndisc6 (0.6.4-0remlab) unstable; urgency=low
+
+ * Initial internal release.
+
+ -- Rémi Denis-Courmont Sat, 3 Jun 2006 21:09:54 +0300
+
--- ndisc6-1.0.1.orig/debian/rules
+++ ndisc6-1.0.1/debian/rules
@@ -0,0 +1,40 @@
+#!/usr/bin/make -f
+
+include /usr/share/cdbs/1/rules/utils.mk
+include /usr/share/cdbs/1/rules/debhelper.mk
+include /usr/share/cdbs/1/class/autotools.mk
+
+DEB_AC_AUX_DIR = $(DEB_SRCDIR)/admin
+DEB_CONFIGURE_SCRIPT_ENV += LDFLAGS="-Wl,-z,defs -Wl,--as-needed"
+DEB_CONFIGURE_EXTRA_FLAGS = \
+ '--program-transform-name=/^tcpspray$$/s/$$/.ndisc6/' \
+ --disable-assert
+# --disable-suid-install
+
+# Start before networking, stop at the same time as DHCP
+DEB_UPDATE_RCD_PARAMS_rdnssd = "start 38 S . stop 16 0 6 ."
+
+ifneq (,$(findstring --disable-suid-install,$(DEB_CONFIGURE_EXTRA_FLAGS)))
+s := s
+else
+s :=
+
+binary-install/ndisc6::
+ dh_installdirs -pndisc6 usr/share/lintian/overrides/
+ cp debian/ndisc6.lintian debian/ndisc6/usr/share/lintian/overrides/ndisc6
+
+binary-fixup/ndisc6::
+ for b in usr/bin/ndisc6 bin/rdisc6 usr/bin/rltraceroute6; do \
+ chmod u+s debian/ndisc6/$$b || exit $$?; \
+ done
+endif
+
+install/ndisc6::
+ mkdir -p debian/tmp/$(s)bin
+ mv debian/tmp/usr/$(s)bin/rdisc6 debian/tmp/$(s)bin/
+
+install/rdnssd::
+ mkdir -p debian/tmp/sbin
+ mv debian/tmp/usr/sbin/rdnssd debian/tmp/sbin/
+
+common-binary-post-install-arch:: list-missing
--- ndisc6-1.0.1.orig/debian/rdnssd.postrm
+++ ndisc6-1.0.1/debian/rdnssd.postrm
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+set -e
+
+case "$1" in
+ purge)
+ userdel rdnssd 2>&1 >/dev/null || true
+ rm -f -- /var/run/rdnssd/resolv.conf 2>/dev/null
+ rmdir -- /var/run/rdnssd/ || true
+ ;;
+esac
+
+#DEBHELPER#
+
--- ndisc6-1.0.1.orig/debian/watch
+++ ndisc6-1.0.1/debian/watch
@@ -0,0 +1,6 @@
+# Compulsory line, this is a version 3 file
+version=3
+
+#
+http://www.remlab.net/files/ndisc6/archive/ ndisc6-(.*).tar.bz2
+
--- ndisc6-1.0.1.orig/debian/rdnssd.postinst
+++ ndisc6-1.0.1/debian/rdnssd.postinst
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+set -e
+
+case "$1" in
+ configure)
+ if ! getent passwd rdnssd >/dev/null; then
+ adduser --quiet --system --home /var/run/rdnssd rdnssd
+ fi
+ ;;
+esac
+
+#DEBHELPER#
+
--- ndisc6-1.0.1.orig/debian/ndisc6.prerm
+++ ndisc6-1.0.1/debian/ndisc6.prerm
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+set -e
+
+case "$1" in
+ deconfigure|remove)
+ update-alternatives --remove traceroute6 /usr/bin/rltraceroute6
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- ndisc6-1.0.1.orig/debian/ndisc6.postinst
+++ ndisc6-1.0.1/debian/ndisc6.postinst
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+set -e
+
+case "$1" in
+ configure)
+ update-alternatives \
+ --install /usr/bin/traceroute6 traceroute6 /usr/bin/rltraceroute6 110 \
+ --slave /usr/share/man/man8/traceroute6.8.gz traceroute6.8.gz /usr/share/man/man8/rltraceroute6.8.gz
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
--- ndisc6-1.0.1.orig/debian/compat
+++ ndisc6-1.0.1/debian/compat
@@ -0,0 +1 @@
+7
--- ndisc6-1.0.1.orig/debian/rdnssd.default
+++ ndisc6-1.0.1/debian/rdnssd.default
@@ -0,0 +1,12 @@
+# Defaults for rdnssd initscript
+# sourced by /etc/init.d/rdnssd
+# installed at /etc/default/rdnssd by the maintainer scripts
+
+#
+# This is a POSIX shell fragment
+#
+
+# The path to an optional script to be called whenever the
+# configuration file written by rdnssd (/var/run/rdnssd/resolv.conf)
+# is updated. Comment this out not to call anything.
+MERGE_HOOK="/etc/rdnssd/merge-hook"
--- ndisc6-1.0.1.orig/debian/rdnssd.install
+++ ndisc6-1.0.1/debian/rdnssd.install
@@ -0,0 +1,3 @@
+etc/rdnssd/*
+sbin/rdnssd
+usr/share/man/man8/rdnssd.8
--- ndisc6-1.0.1.orig/debian/rdnssd.init
+++ ndisc6-1.0.1/debian/rdnssd.init
@@ -0,0 +1,73 @@
+#! /bin/sh
+# $Id: rdnssd.init 254 2011-02-20 09:02:15Z remi $
+#
+# rdnssd start/stop script for Debian GNU/Linux
+# Author: Rémi Denis-Courmont
+#
+### BEGIN INIT INFO
+# Provides: rdnssd
+# Required-Start: $local_fs
+# Required-Stop: $local_fs
+# X-Start-Before: networking
+# Short-Description: IPv6 Recursive DNS Server discovery
+# Description: RDNSS daemon for autoconfiguration of IPv6 DNS
+# resvolers.
+# Default-Start: S
+# Default-Stop: 0 1 6
+### END INIT INFO
+
+
+PATH=/sbin:/bin
+DESC="IPv6 Recursive DNS Server discovery Daemon"
+NAME=rdnssd
+DAEMON=/sbin/$NAME
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+OPTIONS="-u rdnssd"
+
+[ -x "$DAEMON" ] || exit 0
+
+# Source defaults.
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+if [ -n "$MERGE_HOOK" ]; then
+ OPTIONS="$OPTIONS -H $MERGE_HOOK"
+fi
+
+. /lib/lsb/init-functions
+
+check_run_dir() {
+ if [ ! -d "/var/run/$NAME" ]; then
+ mkdir -p "/var/run/$NAME"
+ chown rdnssd:nogroup "/var/run/$NAME"
+ chmod 0755 "/var/run/$NAME"
+ fi
+}
+
+case "$1" in
+ start)
+ check_run_dir
+ log_daemon_msg "Starting $DESC" "$NAME"
+ start-stop-daemon --start --quiet --pidfile "$PIDFILE" \
+ --exec "$DAEMON" --oknodo -- $OPTIONS
+ log_end_msg $?
+ ;;
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ start-stop-daemon --stop --quiet --pidfile "$PIDFILE" \
+ --retry 1 --oknodo
+ log_end_msg $?
+ ;;
+ restart|force-reload)
+ $0 stop
+ sleep 1
+ $0 start
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
+ exit 1
+ ;;
+esac
+
+exit $?
+
--- ndisc6-1.0.1.orig/debian/control
+++ ndisc6-1.0.1/debian/control
@@ -0,0 +1,59 @@
+Source: ndisc6
+Section: net
+Priority: optional
+Maintainer: Ubuntu Developers
+XSBC-Original-Maintainer: Rémi Denis-Courmont
+Build-Depends: cdbs, debhelper (>= 7), autotools-dev, gettext
+Standards-Version: 3.9.1
+Homepage: http://www.remlab.net/ndisc6/
+XS-Vcs-Svn: http://anonsvn.remlab.net/svn/pkg-remlab/ndisc6
+
+Package: ndisc6
+Architecture: any
+Depends: ${shlibs:Depends}, ${perl:Depends}, ${misc:Depends}
+Conflicts: iputils-tracepath (<< 3:20070202)
+Description: IPv6 diagnostic tools
+ ndisc6 gathers a few diagnostic tools for IPv6 networks including:
+ - ndisc6, which performs ICMPv6 Neighbor Discovery in userland,
+ - rdisc6, which performs ICMPv6 Router Discovery in userland,
+ - rltraceroute6, a UDP/ICMP IPv6 implementation of traceroute,
+ - tcptraceroute6, a TCP/IPv6-based traceroute implementation,
+ - tcpspray6, a TCP/IP Discard/Echo bandwidth meter,
+ - addrinfo, easy script interface for hostname and address resolution,
+ - dnssort, DNS sorting script.
+
+Package: ndisc6-udeb
+Architecture: any
+Section: debian-installer
+XC-Package-Type: udeb
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Conflicts: iputils-tracepath (<< 3:20070202)
+Description: IPv6 diagnostic tools
+ ndisc6 gathers a few diagnostic tools for IPv6 networks including:
+ - rdisc6, which performs ICMPv6 Router Discovery in userland,
+ .
+ This is a udeb containing just the rdisc6 utility, for use by the
+ Debian installer.
+
+Package: rdnssd
+Architecture: any
+Pre-Depends: adduser
+Depends: ${shlibs:Depends}, ${perl:Depends}, ${misc:Depends}
+Recommends: resolvconf
+Suggests: ndisc6
+Description: IPv6 recursive DNS server discovery daemon
+ rdnssd autoconfigures recursive DNS servers on IPv6 networks
+ using ICMPv6 Neighbor Discovery (RFC 5006), and can update the
+ DNS resolvers configuration (/etc/resolv.conf) accordingly.
+
+Package: rdnssd-udeb
+Architecture: any
+Section: debian-installer
+Depends: ${shlibs:Depends}, ${misc:Depends}, libnss-files-udeb
+XC-Package-Type: udeb
+Description: IPv6 recursive DNS server discovery daemon
+ rdnssd autoconfigures recursive DNS servers on IPv6 networks
+ using ICMPv6 Neighbor Discovery (RFC 5006), and can update the
+ DNS resolvers configuration (/etc/resolv.conf) accordingly.
+ .
+ This is a udeb of rdnssd, for use by the debian-installer.
--- ndisc6-1.0.1.orig/debian/ndisc6.install
+++ ndisc6-1.0.1/debian/ndisc6.install
@@ -0,0 +1,7 @@
+bin/*
+usr/bin/*
+usr/share/locale/*/*/*
+usr/share/man/man1/*
+usr/share/man/man8/?disc6.8
+usr/share/man/man8/*tracer*6.8
+
--- ndisc6-1.0.1.orig/debian/copyright
+++ ndisc6-1.0.1/debian/copyright
@@ -0,0 +1,31 @@
+This package was debianized by Rémi Denis-Courmont on
+Sat, 3 Jun 2006 10:33:22 +0300.
+
+It was downloaded from http://www.remlab.net/ndisc6/
+
+Upstream Authors: Rémi Denis-Courmont
+ Pierre Ynard
+
+Copyright: 2005-2007 Rémi Denis-Courmont, Pierre Ynard
+
+License:
+
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 or 3 of the License.
+
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this package; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+
+On Debian systems, the complete text of the GNU General
+Public License can be found in `/usr/share/common-licenses/GPL-2'.
+
+The Debian packaging is (C) 2006, Rémi Denis-Courmont and
+is licensed under the GPL, see above.
+
--- ndisc6-1.0.1.orig/debian/ndisc6.lintian
+++ ndisc6-1.0.1/debian/ndisc6.lintian
@@ -0,0 +1,3 @@
+ndisc6: setuid-binary usr/bin/ndisc6 4755 root/root
+ndisc6: setuid-binary bin/rdisc6 4755 root/root
+ndisc6: setuid-binary usr/bin/rltraceroute6 4755 root/root
--- ndisc6-1.0.1.orig/debian/ndisc6-udeb.install
+++ ndisc6-1.0.1/debian/ndisc6-udeb.install
@@ -0,0 +1 @@
+bin/*
--- ndisc6-1.0.1.orig/debian/rdnssd-udeb.install
+++ ndisc6-1.0.1/debian/rdnssd-udeb.install
@@ -0,0 +1 @@
+sbin/rdnssd