From nobody@FreeBSD.org  Sun May  7 20:00:52 2006
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AA5BB16A55D
	for <freebsd-gnats-submit@FreeBSD.org>; Sun,  7 May 2006 20:00:52 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1877843D4C
	for <freebsd-gnats-submit@FreeBSD.org>; Sun,  7 May 2006 20:00:52 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id k47K0p5n063789
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 7 May 2006 20:00:51 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id k47K0pF3063788;
	Sun, 7 May 2006 20:00:51 GMT
	(envelope-from nobody)
Message-Id: <200605072000.k47K0pF3063788@www.freebsd.org>
Date: Sun, 7 May 2006 20:00:51 GMT
From: Joe  <fbsd@a1poweruser.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: dhclient exit hooks broken in 5.x & 6.0
X-Send-Pr-Version: www-2.3

>Number:         96945
>Category:       conf
>Synopsis:       dhclient exit hooks broken in 5.x & 6.0
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    brooks
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun May 07 20:10:13 GMT 2006
>Closed-Date:    Tue May 30 19:50:12 GMT 2006
>Last-Modified:  Tue May 30 19:50:12 GMT 2006
>Originator:     Joe
>Release:        6.0 & 5.4
>Organization:
Home
>Environment:
>Description:
dhclient exit hooks broken in 5.x & 6.0

Used the built in dhclient with the /etc/dhclient-exit-hooks through all 
the versions of 3.x & 4.x and had no problems. 

In releases 5.4 & 6.0  the built in dhclient and its /etc/dhclient-exit-hooks 
are not functioning like it was in earlier versions of FreeBSD.

Dhclient gets launched by ifconfig_dc0="DHCP" in rc.conf.

File permissions on /etc/dhclient-exit-hooks are   
-rwx-r-xr-x  root:wheel 

The /etc/dhclient-exit-hooks script follows.
I added the rc.d recorder statements which made no difference.
 

#!/bin/sh

# PROVIDE: dhclient-exit-hooks
# REQUIRE: SERVERS

###############  Start of refresh dhcpd dns ip  ####################
# This script will propagate to dhcpd the changed dns servers ip address  
# which dhcp-client puts in resolv.conf.
#
# In dhcpd.conf replace the "option domain-name-servers" line with this
#
#  include "/etc/dhcpd.name-servers";
#
# Script uses the dhcpc variables to build temp line in dhcpd format.
# Then compare temp content to production content.
# If different replace production content with new content from temp,
# and restart dhcp to reread dhcpd.conf containing new ISP dns ip addresses.
#
# logging event and sending email to user root is optional.
#
# Note: All LAN machines using dhcpd will not get new ISP dns ip addresses
# until they reboot or their lease comes up for renewal. 
# 
# Each of the following lines must be one long line. IE: no wrap around
########################################################################

# load my_domain_name_servers variable with ISP dns ip addresses from dhcpc
# Following line works ok
my_domain_name_servers=`echo $new_domain_name_servers | sed -e 's/ /, /g'`

# Create single line in file to be included in dhcpd.conf
# following line works
echo "option domain-name-servers $my_domain_name_servers ;" > /etc/dhcpd.name-servers.tmp

echo " before if check"

# echo after if check gets executed no matter what cmp says.
# See if different from what production file contains
cmp -s /etc/dhcpd.name-servers.tmp /etc/dhcpd.name-servers

if [ $? -gt 0 ]; then
  echo " after if check"
  # move the new file into place
  mv /etc/dhcpd.name-servers.tmp /etc/dhcpd.name-servers
  # restart dhcp using whatever is appropriate for your platform
  #service dhcpd restart
  #/usr/local/etc/rc.d/isc-dhcpd.sh restart -q
  # Write message to /var/log/dhcpc.log to document event.
  /usr/bin/logger -p user.warning -t dhclient Your ISP DNS IP addresses changed.
  # Write message to /var/log/dhcpd.log to document event.
  /usr/bin/logger -p local1.warning -t dhclient Your ISP DNS IP addresses changed.
  
  # Send notification email to root user. This can wrap to next line.
#  cat << EOF | mail -s "dhcp client changed ISP DNS IP addresses" root
#The dhclient-exit-hook script was invoked and has determined that your
#ISP changed the IP address of their DNS servers. The new values have been
#auto updated to dhcpd.conf and dhcp restarted so they are now in effect.
#
#Note: All LAN machines using dhcpd will not start using the new ISP dns
#ip addresses until they reboot or their lease comes up for renewal.
#EOF
fi
rm -f /etc/dhcpd.name-servers.tmp
###############  End of refresh dhcpd dns ip script ###################


When this script runs the logger statements do not create any 
message in the targeted log files.
IF I execute the same logger statements from the command line 
they work as expected.

IF I execute the cat command to issue the notification email 
from the command line it works fine, but when used in the 
script I get these messages during boot process.
 
 "~/.mailrc": No match.
 DHCPREQUEST on dc0 to 255.255.255.255 port 67
 /libexec/ld-elf.so.1: Shared object "libpcre.so.0" not found, 
 required by "send-mail"
 dc0: link state changed to UP
 DHCPREQUEST on dc0 to 255.255.255.255 port 67 DHCPACK from 10.0.10.2
 dc0: link state changed to DOWN
 bound to 10.0.10.4 -- renewal in 43200 seconds.

 
I added some ehco statements to test if the "if" statement is working.
In this pass /etc/dhcpd.name-servers.tmp = /etc/dhcpd.name-servers
so the second echo should not have been executed, but it was

from the boot log
dc0: link state changed to DOWN
dc0: no link ....dc0: link state changed to UP
 got link
dc0: link state changed to DOWN
 before if check
 after if check
DHCPREQUEST on dc0 to 255.255.255.255 port 67
dc0: link state changed to UP
DHCPACK from 10.0.10.2
dc0: link state changed to DOWN
bound to 10.0.10.4 -- renewal in 43200 seconds.


I know the dhclient-exit-hooks script is executing because of the
echo commands I put in it before and after the IF statement.

I also know the dhclient variables are being loaded in the
/etc/dhcpd.name-servers file because I empty it before rebooting
system, and after rebooting I edit it and it contains the correct
values.

I am beginning to think that something changed between 4.11 and 6.0

#The Freebsd base version of dhclient lives here 
/etc/dhclient-exit-hooks
/etc/dhclient-exit-hooks.sav
/etc/dhclient.conf
/sbin/dhclient
/sbin/dhclient-script

# The port version  of dhclient lives here
/etc/rc.d/dhclient
/usr/local/etc/dhclient.conf
/usr/local/etc/dhclient.conf.sample
/usr/local/sbin/dhclient
/usr/local/sbin/dhclient-script

In 4.11 both the base install and the port version of dhclient 
used the same dhclient-script. In 6.0 the scripts are different.
The base install version does not call the entry-hooks just the exit-hooks.


At the end of the pkg install it says this.
****  To setup dhclient, you may need to edit /etc/rc.conf to
replace the base system dhclient, such as :

   dhcp_program="/usr/local/sbin/dhclient"
   dhcp_flags="-q"



When I boot with this in my rc.conf

dhcp_program="/usr/local/sbin/dhclient"
dhcp_flags="-q"                # no banner
background_dhclient="YES"      # Start dhcp client in the background.
ifconfig_dc0="DHCP"

I get these error messages over and over.
Have to reboot in single user mode to edit rc.conf to fix.

 Can't bind to dhcp address: Address already in use
 Please make sure there is no other dhcp server
 running and that there's no entry for dhcp or
 bootp in /etc/inetd.conf.   Also make sure you
 are not running HP JetAdmin software, which
 includes a bootp server.


When I boot with the same rc.conf content except with
#ifconfig_dc0="DHCP" commented out, I do not get ip address from
dhcp server.

Next run I edited the pkg version of /usr/local/etc/dhclient.conf
and added 'interface dc0' to it and rebooted and got same results.


I think this is another indicator of a bug with the base dhclient
and that this bug makes the pkg version unusable.


>How-To-Repeat:
It repeats the same way all the time. You can use posted exit-hooks script for your own testing.
>Fix:
My guess is the isc-dhclient port script /usr/local/sbin/dhclient-script
has to be updated to use the boot time recorder utility. 
The recorder updated dhclient-script needs to replace the base install script
in  /sbin/dhclient-script.
The isc-dhclient port needs better install comments telling how to activate
the port version of dhclient.

A more complete testing of both the port version and the base install version
of dchclient has to be done to verify they play nice together and both work
using entry/exit hooks scripts. I dont mean that just verifying that the hooks
scripts are executed, but also that "If" logic is executed correctlly and other
included system commands function like that should when used in the hooks
scripts. 
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->brooks 
Responsible-Changed-By: brooks 
Responsible-Changed-When: Sun May 7 23:21:29 UTC 2006 
Responsible-Changed-Why:  
I'm the dhclient maintainer. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=96945 

From: Brooks Davis <brooks@one-eyed-alien.net>
To: Joe <fbsd@a1poweruser.com>
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: conf/96945: dhclient exit hooks broken in 5.x & 6.0
Date: Sun, 7 May 2006 16:21:02 -0700

 This PR contains so many problems it's hard to know where to start.
 Many of the problems have NOTHING to do with each other and thus should
 be in separate PRs if they were in fact problems.  Additionally, there
 are a lot of comments that are wild speculation at best.  Some comments:
 
 5.x and 6.0 would show some of the same behavior since some of it is
 caused by changes in the startup scripts.  However there are different
 dhclient implementations there (the 5.x one is basically identical to
 4.x).
 
 The rcorder statements added to your hooks file are pointless.
 
 Your hooks script needs to check the $reason variable and only act
 when it actually makes sense.  This should not have worked reliably
 under 4.x either.  That it appeared to was simply blind luck.  In
 particular the reason cmp is showing that the files are different is
 that new_domain_name_servers is unset of many values of $reason.
 
 Running a command such as cmp and then testing $? is an odd idiom.  See
 /sbin/dhclient-script for the normal way to do it.
 
 It would appear your MTA was installed from ports and links against
 libpcre.  As a result you can't run it this early in the startup process
 because /etc/rc.d/ldconfig doesn't run this early.  As a hackish
 workaround you might try setting cleanvar_enable="NO" which would cause
 the library caches to not be deleted and thus you might have a better
 chance of that part working.  Even if this wasn't the case, sendmail
 should fail this early due to the submit daemon not running.
 
 The the isc-dhclient port issues are entirely unrelated.  I've got more
 than enough on my plate without trying to support it in the base system
 scripts so it's pretty low priority.  Have you tried my suggestions
 posted to ports@ in this regard?  You might also try the patch in
 PR conf/95905.  http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/95905
 
 /etc/dhclient-enter-hooks should run.  If you spell it entry instead of
 enter it won't though.
 
 I'm also totally mystified why you don't run a caching name server on
 this machine with this script so you just update a file and restart
 the server.  That would avoid the need to reboot the clients.
 
 In summary:
  - Your script shouldn't have ever worked due to a failure to test
    $reason.
  - You can't send mail this early in the startup process.
  - The port issues aren't really related to your other problems and
    should have their own PR unless conf/95905 resolves them.
 
 -- Brooks
State-Changed-From-To: open->feedback 
State-Changed-By: brooks 
State-Changed-When: Sun May 7 23:42:30 UTC 2006 
State-Changed-Why:  
I don't believe there are any actual issues with dhclient except 
those addressed by conf/95905. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=96945 
State-Changed-From-To: feedback->closed 
State-Changed-By: brooks 
State-Changed-When: Tue May 30 19:48:40 UTC 2006 
State-Changed-Why:  
I don't believe there are any actual bugs reported here other than 
those better addresses by conf/95905 and I have received no feedback 
to the contrary. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=96945 
>Unformatted:
