From 799554fc3dabf1dab22a4d66f3fa11062f3617a7 Mon Sep 17 00:00:00 2001 From: Tomek Mrugalski Date: Fri, 19 May 2017 23:06:19 +0200 Subject: [19430] linux script significantly updated --- client/scripts/linux | 641 +++++++++++++++++++++++++++++---------------------- 1 file changed, 365 insertions(+), 276 deletions(-) diff --git a/client/scripts/linux b/client/scripts/linux index e6792c67..1f118a21 100755 --- a/client/scripts/linux +++ b/client/scripts/linux @@ -22,295 +22,384 @@ # 4. TIMEOUT not tested. ping has a flag I don't know, and I'm suspicious # of the $1 in its args. -# 'ip' just looks too weird. /sbin/ip looks less weird. +# 5. Script refresh in 2017. The aliasing code was too convoluted and needs +# to go away. Migrated DHCPv4 script to ip command from iproute2 suite. +# This is based on Debian script with some tweaks. ifconfig is no longer +# used. Everything is done using ip tool from ip-route2. + +# 'ip' just looks too weird. Also, we now have unit-tests! Those unit-tests +# overwirte this line to use a fake ip-echo tool. It's also convenient +# if your system holds ip tool in a non-standard location. ip=/sbin/ip +# update /etc/resolv.conf based on received values +# This updated version mostly follows Debian script by Andrew Pollock et al. make_resolv_conf() { - if [ x"$new_domain_name_servers" != x ]; then - cat /dev/null > /etc/resolv.conf.dhclient - chmod 644 /etc/resolv.conf.dhclient - if [ x"$new_domain_search" != x ]; then - echo search $new_domain_search >> /etc/resolv.conf.dhclient - elif [ x"$new_domain_name" != x ]; then - # Note that the DHCP 'Domain Name Option' is really just a domain - # name, and that this practice of using the domain name option as - # a search path is both nonstandard and deprecated. - echo search $new_domain_name >> /etc/resolv.conf.dhclient + local new_resolv_conf + + # DHCPv4 + if [ -n "$new_domain_search" ] || [ -n "$new_domain_name" ] || + [ -n "$new_domain_name_servers" ]; then + new_resolv_conf=/etc/resolv.conf.dhclient-new + rm -f $new_resolv_conf + + if [ -n "$new_domain_name" ]; then + echo domain ${new_domain_name%% *} >>$new_resolv_conf + fi + + if [ -n "$new_domain_search" ]; then + if [ -n "$new_domain_name" ]; then + domain_in_search_list="" + for domain in $new_domain_search; do + if [ "$domain" = "${new_domain_name}" ] || + [ "$domain" = "${new_domain_name}." ]; then + domain_in_search_list="Yes" + fi + done + if [ -z "$domain_in_search_list" ]; then + new_domain_search="$new_domain_name $new_domain_search" + fi + fi + echo "search ${new_domain_search}" >> $new_resolv_conf + elif [ -n "$new_domain_name" ]; then + echo "search ${new_domain_name}" >> $new_resolv_conf + fi + + if [ -n "$new_domain_name_servers" ]; then + for nameserver in $new_domain_name_servers; do + echo nameserver $nameserver >>$new_resolv_conf + done + else # keep 'old' nameservers + sed -n /^\w*[Nn][Aa][Mm][Ee][Ss][Ee][Rr][Vv][Ee][Rr]/p /etc/resolv.conf >>$new_resolv_conf + fi + + if [ -f /etc/resolv.conf ]; then + chown --reference=/etc/resolv.conf $new_resolv_conf + chmod --reference=/etc/resolv.conf $new_resolv_conf + fi + mv -f $new_resolv_conf /etc/resolv.conf + # DHCPv6 + elif [ -n "$new_dhcp6_domain_search" ] || [ -n "$new_dhcp6_name_servers" ]; then + new_resolv_conf=/etc/resolv.conf.dhclient-new + rm -f $new_resolv_conf + + if [ -n "$new_dhcp6_domain_search" ]; then + echo "search ${new_dhcp6_domain_search}" >> $new_resolv_conf + fi + + if [ -n "$new_dhcp6_name_servers" ]; then + for nameserver in $new_dhcp6_name_servers; do + # append %interface to link-local-address nameservers + if [ "${nameserver##fe80::}" != "$nameserver" ] || + [ "${nameserver##FE80::}" != "$nameserver" ]; then + nameserver="${nameserver}%${interface}" + fi + echo nameserver $nameserver >>$new_resolv_conf + done + else # keep 'old' nameservers + sed -n /^\w*[Nn][Aa][Mm][Ee][Ss][Ee][Rr][Vv][Ee][Rr]/p /etc/resolv.conf >>$new_resolv_conf + fi + + if [ -f /etc/resolv.conf ]; then + chown --reference=/etc/resolv.conf $new_resolv_conf + chmod --reference=/etc/resolv.conf $new_resolv_conf + fi + mv -f $new_resolv_conf /etc/resolv.conf fi - for nameserver in $new_domain_name_servers; do - echo nameserver $nameserver >>/etc/resolv.conf.dhclient - done +} - mv /etc/resolv.conf.dhclient /etc/resolv.conf - elif [ "x${new_dhcp6_name_servers}" != x ] ; then - cat /dev/null > /etc/resolv.conf.dhclient6 - chmod 644 /etc/resolv.conf.dhclient6 +# set host name +set_hostname() { + local current_hostname + + if [ -n "$new_host_name" ]; then + current_hostname=$(hostname) + + # current host name is empty, '(none)' or 'localhost' or differs from new one from DHCP + if [ -z "$current_hostname" ] || + [ "$current_hostname" = '(none)' ] || + [ "$current_hostname" = 'localhost' ] || + [ "$current_hostname" = "$old_host_name" ]; then + if [ "$new_host_name" != "$old_host_name" ]; then + hostname "$new_host_name" + fi + fi + fi +} + +# run given script +run_hook() { + local script + local exit_status + script="$1" - if [ "x${new_dhcp6_domain_search}" != x ] ; then - echo search ${new_dhcp6_domain_search} >> /etc/resolv.conf.dhclient6 + if [ -f $script ]; then + . $script fi - shopt -s nocasematch - for nameserver in ${new_dhcp6_name_servers} ; do - # If the nameserver has a link-local address - # add a (interface name) to it. - if [[ "$nameserver" =~ ^fe80:: ]] - then - zone_id="%$interface" - else - zone_id= - fi - echo nameserver ${nameserver}$zone_id >> /etc/resolv.conf.dhclient6 - done - shopt -u nocasematch - - mv /etc/resolv.conf.dhclient6 /etc/resolv.conf - fi + + if [ -n "$exit_status" ] && [ "$exit_status" -ne 0 ]; then + logger -p daemon.err "$script returned non-zero exit status $exit_status" + fi + + return $exit_status +} + +# run scripts in given directory +run_hookdir() { + local dir + local exit_status + dir="$1" + + if [ -d "$dir" ]; then + for script in $(run-parts --list $dir); do + run_hook $script || true + exit_status=$? + done + fi + + return $exit_status } # Must be used on exit. Invokes the local dhcp client exit hooks, if any. exit_with_hooks() { - exit_status=$1 - if [ -f /etc/dhclient-exit-hooks ]; then - . /etc/dhclient-exit-hooks - fi -# probably should do something with exit status of the local script - exit $exit_status -} + exit_status=$1 -# Invoke the local dhcp client enter hooks, if they exist. -if [ -f /etc/dhclient-enter-hooks ]; then - exit_status=0 - . /etc/dhclient-enter-hooks - # allow the local script to abort processing of this state - # local script must set exit_status variable to nonzero. - if [ $exit_status -ne 0 ]; then - exit $exit_status - fi -fi - -### -### DHCPv4 Handlers -### - -if [ x$new_broadcast_address != x ]; then - new_broadcast_arg="broadcast $new_broadcast_address" -fi -if [ x$old_broadcast_address != x ]; then - old_broadcast_arg="broadcast $old_broadcast_address" -fi -if [ x$new_subnet_mask != x ]; then - new_subnet_arg="netmask $new_subnet_mask" -fi -if [ x$old_subnet_mask != x ]; then - old_subnet_arg="netmask $old_subnet_mask" -fi -if [ x$alias_subnet_mask != x ]; then - alias_subnet_arg="netmask $alias_subnet_mask" -fi -if [ x$new_interface_mtu != x ]; then - mtu_arg="mtu $new_interface_mtu" -fi -if [ x$IF_METRIC != x ]; then - metric_arg="metric $IF_METRIC" -fi - -if [ x$reason = xMEDIUM ]; then - # Linux doesn't do mediums (ok, ok, media). - exit_with_hooks 0 -fi - -if [ x$reason = xPREINIT ]; then - if [ x$alias_ip_address != x ]; then - # Bring down alias interface. Its routes will disappear too. - ifconfig $interface:0- inet 0 - fi - ifconfig $interface 0 up - - # We need to give the kernel some time to get the interface up. - sleep 1 - - exit_with_hooks 0 -fi - -if [ x$reason = xARPCHECK ] || [ x$reason = xARPSEND ]; then - exit_with_hooks 0 -fi - -if [ x$reason = xBOUND ] || [ x$reason = xRENEW ] || \ - [ x$reason = xREBIND ] || [ x$reason = xREBOOT ]; then - current_hostname=`hostname` - if [ x$current_hostname = x ] || \ - [ x$current_hostname = "x(none)" ] || \ - [ x$current_hostname = xlocalhost ] || \ - [ x$current_hostname = x$old_host_name ]; then - if [ x$new_host_name != x$old_host_name ]; then - hostname "$new_host_name" + # Source the documented exit-hook script, if it exists + if ! run_hook /etc/dhclient-exit-hooks; then + exit_status=$? fi - fi - - if [ x$old_ip_address != x ] && [ x$alias_ip_address != x ] && \ - [ x$alias_ip_address != x$old_ip_address ]; then - # Possible new alias. Remove old alias. - ifconfig $interface:0- inet 0 - fi - if [ x$old_ip_address != x ] && [ x$old_ip_address != x$new_ip_address ]; then - # IP address changed. Bringing down the interface will delete all routes, - # and clear the ARP cache. - ifconfig $interface inet 0 down - - fi - if [ x$old_ip_address = x ] || [ x$old_ip_address != x$new_ip_address ] || \ - [ x$reason = xBOUND ] || [ x$reason = xREBOOT ]; then - - ifconfig $interface inet $new_ip_address $new_subnet_arg \ - $new_broadcast_arg $mtu_arg - # Add a network route to the computed network address. - for router in $new_routers; do - if [ "x$new_subnet_mask" = "x255.255.255.255" ] ; then - route add -host $router dev $interface - fi - route add default gw $router $metric_arg dev $interface - done - else - # we haven't changed the address, have we changed other options - # that we wish to update? - if [ x$new_routers != x ] && [ x$new_routers != x$old_routers ] ; then - # if we've changed routers delete the old and add the new. - for router in $old_routers; do - route del default gw $router - done - for router in $new_routers; do - if [ "x$new_subnet_mask" = "x255.255.255.255" ] ; then - route add -host $router dev $interface - fi - route add default gw $router $metric_arg dev $interface - done - fi - fi - if [ x$new_ip_address != x$alias_ip_address ] && [ x$alias_ip_address != x ]; - then - ifconfig $interface:0- inet 0 - ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg - route add -host $alias_ip_address $interface:0 - fi - make_resolv_conf - exit_with_hooks 0 -fi - -if [ x$reason = xEXPIRE ] || [ x$reason = xFAIL ] || [ x$reason = xRELEASE ] \ - || [ x$reason = xSTOP ]; then - if [ x$alias_ip_address != x ]; then - # Turn off alias interface. - ifconfig $interface:0- inet 0 - fi - if [ x$old_ip_address != x ]; then - # Shut down interface, which will delete routes and clear arp cache. - ifconfig $interface inet 0 down - fi - if [ x$alias_ip_address != x ]; then - ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg - route add -host $alias_ip_address $interface:0 - fi - exit_with_hooks 0 -fi - -if [ x$reason = xTIMEOUT ]; then - if [ x$alias_ip_address != x ]; then - ifconfig $interface:0- inet 0 - fi - ifconfig $interface inet $new_ip_address $new_subnet_arg \ - $new_broadcast_arg $mtu_arg - set $new_routers - if ping -q -c 1 $1; then - if [ x$new_ip_address != x$alias_ip_address ] && \ - [ x$alias_ip_address != x ]; then - ifconfig $interface:0 inet $alias_ip_address $alias_subnet_arg - route add -host $alias_ip_address dev $interface:0 + + # Now run scripts in the Debian-specific directory. + if ! run_hookdir /etc/dhclient-exit-hooks.d; then + exit_status=$? fi - for router in $new_routers; do - if [ "x$new_subnet_mask" = "x255.255.255.255" ] ; then - route add -host $router dev $interface - fi - route add default gw $router $metric_arg dev $interface - done - make_resolv_conf - exit_with_hooks 0 - fi - ifconfig $interface inet 0 down - exit_with_hooks 1 -fi - -### -### DHCPv6 Handlers -### - -if [ x$reason = xPREINIT6 ] ; then - # Ensure interface is up. - ${ip} link set ${interface} up - - # Remove any stale addresses from aborted clients. - ${ip} -f inet6 addr flush dev ${interface} scope global permanent - - exit_with_hooks 0 -fi - -if [ x${old_ip6_prefix} != x ] || [ x${new_ip6_prefix} != x ] ; then - echo Prefix ${reason} old=${old_ip6_prefix} new=${new_ip6_prefix} - - exit_with_hooks 0 -fi - -if [ x$reason = xBOUND6 ] ; then - if [ x${new_ip6_address} = x ] || [ x${new_ip6_prefixlen} = x ] ; then - exit_with_hooks 2; - fi - - ${ip} -f inet6 addr add ${new_ip6_address}/${new_ip6_prefixlen} \ - dev ${interface} scope global - - # Check for nameserver options. - make_resolv_conf - - exit_with_hooks 0 -fi - -if [ x$reason = xRENEW6 ] || [ x$reason = xREBIND6 ] ; then - if [ x${new_ip6_address} != x ] && [ x${new_ip6_prefixlen} != x ] ; then - ${ip} -f inet6 addr add ${new_ip6_address}/${new_ip6_prefixlen} \ - dev ${interface} scope global - fi - - # Make sure nothing has moved around on us. - - # Nameservers/domains/etc. - if [ "x${new_dhcp6_name_servers}" != "x${old_dhcp6_name_servers}" ] || - [ "x${new_dhcp6_domain_search}" != "x${old_dhcp6_domain_search}" ] ; then - make_resolv_conf - fi - - exit_with_hooks 0 -fi - -if [ x$reason = xDEPREF6 ] ; then - if [ x${new_ip6_prefixlen} = x ] ; then - exit_with_hooks 2; - fi - - ${ip} -f inet6 addr change ${new_ip6_address}/${new_ip6_prefixlen} \ - dev ${interface} scope global preferred_lft 0 - - exit_with_hooks 0 -fi - -if [ x$reason = xEXPIRE6 -o x$reason = xRELEASE6 -o x$reason = xSTOP6 ] ; then - if [ x${old_ip6_address} = x ] || [ x${old_ip6_prefixlen} = x ] ; then - exit_with_hooks 2; - fi - - ${ip} -f inet6 addr del ${old_ip6_address}/${old_ip6_prefixlen} \ - dev ${interface} - - exit_with_hooks 0 -fi + + exit $exit_status +} + + +# Invoke the local dhcp client enter hooks, if they exist. +run_hook /etc/dhclient-enter-hooks +run_hookdir /etc/dhclient-enter-hooks.d + +# Execute the operation +case "$reason" in + + ### DHCPv4 Handlers + + MEDIUM|ARPCHECK|ARPSEND) + # Do nothing + ;; + PREINIT) + # The DHCP client is requesting that an interface be + # configured as required in order to send packets prior to + # receiving an actual address. - dhclient-script(8) + + # ensure interface is up + ${ip} link set dev ${interface} up + + if [ -n "$alias_ip_address" ]; then + # flush alias IP from interface + ${ip} -4 addr flush dev ${interface} label ${interface}:0 + fi + + ;; + + BOUND|RENEW|REBIND|REBOOT) + set_hostname + + if [ -n "$old_ip_address" ] && [ -n "$alias_ip_address" ] && + [ "$alias_ip_address" != "$old_ip_address" ]; then + # alias IP may have changed => flush it + ${ip} -4 addr flush dev ${interface} label ${interface}:0 + fi + + if [ -n "$old_ip_address" ] && + [ "$old_ip_address" != "$new_ip_address" ]; then + # leased IP has changed => flush it + ${ip} -4 addr flush dev ${interface} label ${interface} + fi + + if [ -z "$old_ip_address" ] || + [ "$old_ip_address" != "$new_ip_address" ] || + [ "$reason" = "BOUND" ] || [ "$reason" = "REBOOT" ]; then + # new IP has been leased or leased IP changed => set it + ${ip} -4 addr add ${new_ip_address}${new_subnet_mask:+/$new_subnet_mask} \ + ${new_broadcast_address:+broadcast $new_broadcast_address} \ + dev ${interface} label ${interface} + + if [ -n "$new_interface_mtu" ]; then + # set MTU + ${ip} link set dev ${interface} mtu ${new_interface_mtu} + fi + + # if we have $new_rfc3442_classless_static_routes then we have to + # ignore $new_routers entirely + if [ ! "$new_rfc3442_classless_static_routes" ]; then + # set if_metric if IF_METRIC is set or there's more than one router + if_metric="$IF_METRIC" + if [ "${new_routers%% *}" != "${new_routers}" ]; then + if_metric=${if_metric:-1} + fi + + for router in $new_routers; do + if [ "$new_subnet_mask" = "255.255.255.255" ]; then + # point-to-point connection => set explicit route + ${ip} -4 route add ${router} dev $interface >/dev/null 2>&1 + fi + + # set default route + ${ip} -4 route add default via ${router} dev ${interface} \ + ${if_metric:+metric $if_metric} >/dev/null 2>&1 + + if [ -n "$if_metric" ]; then + if_metric=$((if_metric+1)) + fi + done + fi + fi + + if [ -n "$alias_ip_address" ] && + [ "$new_ip_address" != "$alias_ip_address" ]; then + # separate alias IP given, which may have changed + # => flush it, set it & add host route to it + ${ip} -4 addr flush dev ${interface} label ${interface}:0 + ${ip} -4 addr add ${alias_ip_address}${alias_subnet_mask:+/$alias_subnet_mask} \ + dev ${interface} label ${interface}:0 + ${ip} -4 route add ${alias_ip_address} dev ${interface} >/dev/null 2>&1 + fi + + # update /etc/resolv.conf + make_resolv_conf + + ;; + + EXPIRE|FAIL|RELEASE|STOP) + if [ -n "$alias_ip_address" ]; then + # flush alias IP + ${ip} -4 addr flush dev ${interface} label ${interface}:0 + fi + + if [ -n "$old_ip_address" ]; then + # flush leased IP + ${ip} -4 addr flush dev ${interface} label ${interface} + fi + + if [ -n "$alias_ip_address" ]; then + # alias IP given => set it & add host route to it + ${ip} -4 addr add ${alias_ip_address}${alias_subnet_mask:+/$alias_subnet_mask} \ + dev ${interface} label ${interface}:0 + ${ip} -4 route add ${alias_ip_address} dev ${interface} >/dev/null 2>&1 + fi + + ;; + + TIMEOUT) + if [ -n "$alias_ip_address" ]; then + # flush alias IP + ${ip} -4 addr flush dev ${interface} label ${interface}:0 + fi + + # set IP from recorded lease + ${ip} -4 addr add ${new_ip_address}${new_subnet_mask:+/$new_subnet_mask} \ + ${new_broadcast_address:+broadcast $new_broadcast_address} \ + dev ${interface} label ${interface} + + if [ -n "$new_interface_mtu" ]; then + # set MTU + ${ip} link set dev ${interface} mtu ${new_interface_mtu} + fi + + # if there is no router recorded in the lease or the 1st router answers pings + if [ -z "$new_routers" ] || ping -q -c 1 "${new_routers%% *}"; then + # if we have $new_rfc3442_classless_static_routes then we have to + # ignore $new_routers entirely + if [ ! "$new_rfc3442_classless_static_routes" ]; then + if [ -n "$alias_ip_address" ] && + [ "$new_ip_address" != "$alias_ip_address" ]; then + # separate alias IP given => set up the alias IP & add host route to it + ${ip} -4 addr add \ + ${alias_ip_address}${alias_subnet_mask:+/$alias_subnet_mask} \ + dev ${interface} label ${interface}:0 + ${ip} -4 route add ${alias_ip_address} dev ${interface} >/dev/null 2>&1 + fi + + # set if_metric if IF_METRIC is set or there's more than one router + if_metric="$IF_METRIC" + if [ "${new_routers%% *}" != "${new_routers}" ]; then + if_metric=${if_metric:-1} + fi + + # set default route + for router in $new_routers; do + ${ip} -4 route add default via ${router} dev ${interface} \ + ${if_metric:+metric $if_metric} >/dev/null 2>&1 + + if [ -n "$if_metric" ]; then + if_metric=$((if_metric+1)) + fi + done + fi + + # update /etc/resolv.conf + make_resolv_conf + else + # flush all IPs from interface + ip -4 addr flush dev ${interface} + exit_with_hooks 2 + fi + + ;; + + ### DHCPv6 Handlers + # TODO handle prefix change: ?based on ${old_ip6_prefix} and ${new_ip6_prefix}? + + PREINIT6) + # ensure interface is up + ${ip} link set ${interface} up + + # flush any stale global permanent IPs from interface + ${ip} -6 addr flush dev ${interface} scope global permanent + + ;; + + BOUND6|RENEW6|REBIND6) + if [ "${new_ip6_address}" ] && [ "${new_ip6_prefixlen}" ]; then + # set leased IP + ${ip} -6 addr add ${new_ip6_address}/${new_ip6_prefixlen} \ + dev ${interface} scope global + fi + + # update /etc/resolv.conf + if [ "${reason}" = BOUND6 ] || + [ "${new_dhcp6_name_servers}" != "${old_dhcp6_name_servers}" ] || + [ "${new_dhcp6_domain_search}" != "${old_dhcp6_domain_search}" ]; then + make_resolv_conf + fi + + ;; + + DEPREF6) + if [ -z "${cur_ip6_prefixlen}" ]; then + exit_with_hooks 2 + fi + + # set preferred lifetime of leased IP to 0 + ${ip} -6 addr change ${cur_ip6_address}/${cur_ip6_prefixlen} \ + dev ${interface} scope global preferred_lft 0 + + ;; + + EXPIRE6|RELEASE6|STOP6) + if [ -z "${old_ip6_address}" ] || [ -z "${old_ip6_prefixlen}" ]; then + exit_with_hooks 2 + fi + + # delete leased IP + ${ip} -6 addr del ${old_ip6_address}/${old_ip6_prefixlen} \ + dev ${interface} + + ;; +esac exit_with_hooks 0 -- cgit v1.2.1