--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: jessie-pu: package ndisc6/1.0.1-1+deb8u1
- From: Bernhard Schmidt <berni@debian.org>
- Date: Tue, 04 Apr 2017 00:40:45 +0200
- Message-id: <20170403224045.25823.35103.reportbug@fliwatuet.svr02.mucip.net>
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian.org@packages.debian.org
Usertags: pu
Hi,
the package rdnssd (from src:ndisc6) provides a daemon that listens to IPv6 RA
messages containing RDNSS (recursive DNS servers) information, and adds this
information to /etc/resolv.conf. It is automatically installed by d-i if this
information is found during installation.
If resolvconf is installed managing and merging of /etc/resolv.conf is handed
over to it. However, if it is not installed the version in Jessie simply
overwrites /etc/resolv.conf, which drops all search list information as well as
IPv4 nameservers. This often leads to severe breakage of the installed system.
This is tracked in Bug#767071
The proposed fix for Jessie will adjust the merge script to be the same as in
current upstream and Stretch.
The package builds a udeb, but the hook is only included in the "real" package.
Best Regards,
Bernhard
diffstat for ndisc6_1.0.1-1 ndisc6_1.0.1-1+deb8u1
debian/changelog | 7 +++++++
rdnssd/merge-hook.in | 51 ++++++++++++++++++++++++++++++++++++++++++++++++---
2 files changed, 55 insertions(+), 3 deletions(-)
diff -u ndisc6-1.0.1/debian/changelog ndisc6-1.0.1/debian/changelog
--- ndisc6-1.0.1/debian/changelog
+++ ndisc6-1.0.1/debian/changelog
@@ -1,3 +1,10 @@
+ndisc6 (1.0.1-1+deb8u1) jessie; urgency=medium
+
+ * Use upstream default merge hook when resolvconf is not available
+ (Closes: #767071)
+
+ -- Bernhard Schmidt <berni@debian.org> Tue, 04 Apr 2017 00:24:32 +0200
+
ndisc6 (1.0.1-1) unstable; urgency=low
* New upstream release:
diff -u ndisc6-1.0.1/rdnssd/merge-hook.in ndisc6-1.0.1/rdnssd/merge-hook.in
--- ndisc6-1.0.1/rdnssd/merge-hook.in
+++ ndisc6-1.0.1/rdnssd/merge-hook.in
@@ -20,9 +20,54 @@
-PATH=/sbin:/bin
INPUT="/var/run/rdnssd/resolv.conf"
+# Debian modification, use resolvconf if available
if [ -x /sbin/resolvconf ]; then
/sbin/resolvconf -a 000.rdnssd < "$INPUT"
-else
- cat -- "$INPUT" > "/etc/resolv.conf"
+ exit 0
fi
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+
+# Max number of nameserver options taken into account. Should be as
+# defined in <resolv.h>
+MAXNS=3
+
+# This script tries to share available nameserver slots with IPv4
+# entries, for example to allow fallback to IPv4 if IPv6 fails. If
+# there is not enough room for all IPv6 and IPv4 entries, this script
+# will limit the IPv6 entries it adds to $RDNSS_LIMIT only.
+RDNSS_LIMIT=$(($MAXNS - 1))
+
+sysconfdir='@SYSCONFDIR@'
+localstatedir='@LOCALSTATEDIR@'
+resolvconf="$sysconfdir/resolv.conf"
+myresolvconf="$localstatedir/run/rdnssd/resolv.conf"
+
+# These should be POSIX-compliant BREs
+RE_NSV4='^nameserver *\([0-9]\{1,3\}\.\)\{3,3\}[0-9]\{1,3\} *$'
+RE_NSV4OR6='^nameserver *[a-fA-F0-9:\.]\{1,46\}\(%[a-zA-Z0-9]\{1,\}\)\{,1\} *$'
+
+# Count how many IPv6 nameservers we can fit
+
+limit=$RDNSS_LIMIT
+
+nnsv4=`grep -c "$RE_NSV4" $resolvconf || [ $? -le 1 ]`
+room=$(($MAXNS - $nnsv4))
+
+if [ $limit -lt $room ]; then
+ limit=$room
+fi
+
+# Merge and write the result. Let rdnssd assume ownership of all IPv6
+# nameservers, and remove extraneous IPv6 entries as expired. However
+# DHCPv4 most often sets up search list entries, and rdnssd cannot
+# clobber these lest it causes counterintuitive breakage. There is no
+# easy way to properly merge and manage DNSSL entries here, so just drop
+# them.
+{
+ sed -e "/$RE_NSV4OR6/d" < $resolvconf
+ grep -m $limit "$RE_NSV4OR6" < $myresolvconf || [ $? -le 1 ]
+ sed -ne "/$RE_NSV4/p" < $resolvconf
+} > $resolvconf.tmp
+
+mv -f $resolvconf.tmp $resolvconf
+
--- End Message ---