15 Commits

Author SHA1 Message Date
Andre Fernando Zanella Kantek
3761933b15 Debian: use DHCPv6 FQDN hostname field to set hostname
It was detected on StarlingX the lack of correct hostname after
address atribution by the server, if the installation is IPv6. This
change makes the dhclient script read the field fqdn_hostname (if
available) to set the name.

Test Plan
[PASS] Install AIO-DX within a IPv6 network
[PASS] unlock controller-1

Story: 2009968
Task: 46211

Signed-off-by: Andre Fernando Zanella Kantek <AndreFernandoZanella.Kantek@windriver.com>
Change-Id: I9c876d00feed03720317fa4d581971b4c25f771f
2022-09-06 17:19:33 -03:00
Andre Fernando Zanella Kantek
93c481b975 Debian: dhclient set the IPv6 prefix length for the addresses
During AIO-DX IPv6 node installation, the management address for
controller-1 set by dhclient receives a "/128" prefix length. The
cause comes from DHCPv6, which does not inform a prefix length on its
negotiation. The prefix should be learned via RA messages.

Since the internode IPv6 communications in StarlingX do not contain
a router and RA is in principle disabled on the management network,
we must set the system with the default prefix length of 64. A similar
patch was done for Centos.

Test Plan
[PASS] Install AIO-DX on IPv6 network, it is correctly setting the
       controller-1 mgmt ip address after the first boot.

Story: 2009968
Task: 46184


Signed-off-by: Andre Fernando Zanella Kantek <AndreFernandoZanella.Kantek@windriver.com>
Change-Id: I2fce4e7fce7f4e1fd6902d24330d7621b238031a
2022-09-02 16:22:06 -03:00
Dan Voiculeasa
d12b56267d debian: Update dhclient behavior for RENEW
On Debian we lost the ability to control resolv.conf throughout
ansible bootstrap. It is observed how renewing leases will override
DNSs configured during ansible bootstrap. Problems will surface when
later in the boostrap docker images are downloaded, because
information related to DNSs was overwritten by dhclient.
This behavior is different than on CentOS.

Align behavior with CentOS. In fact align with how the design should
be: control resolv.conf throughout bootstrap and don't let external
factors change it during that time.

Created a patch and updated the format(git am compatible) for an older one.

Test on AIO-SX:
PASS: build-pkgs && build-image
PASS: custom test using dhclient for OAM interface.
  Forcing lease renewal to 10 seconds for quick tests.
  Without this patch it is observed how resolv.conf is updated by
  dhclient after resolv.conf is changed as per requirement to solve
  custom domains.
  With this patch it is observed how resolv.conf is not updated
  anymore.

Story: 2009964
Task: 45093
Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com>
Change-Id: Ic8f5ed7363124f04ff440dc9bf9935270a9ab8c9
2022-04-19 14:13:34 +00:00
Yue Tao
ddf1b6eca6 Add debian package for dhcp
Porting 3 source patches for CentOS

dhclient-ipv6-bind-to-interface.patch
dhclient-ipv6-conditionally-set-hostname.patch
dhclient-restrict-interfaces-to-command-line.patch

Ignore 0001-dhcp-set-the-prefixlen-to-64.patch, which disables
a patch from dhcp-4.2.5-82.el7.centos.src.rpm.

Porting dhclient-dhcp6-set-hostname.patch based on the
dhclient-script.linux of Debian package.

Story: 2009221
Task: 43440
Signed-off-by: Yue Tao <yue.tao@windriver.com>
Change-Id: I457230bc08a23abb1efa1a7619c0cba8ff4d7967
2021-11-12 08:58:34 +08:00
Zhixiong Chi
cb85cff32b dhcp: fix CVE-2019-6470
Upgrade dhcp pkg to dhcp-4.2.5-82.el7.centos.src.rpm

Adjust the context of the patch to match to apply the new version.
At the same time as the new version depends on the bind-export
pacakges, so we also add the dependence package in tools repo.
 bind-export-libs-9.11.4-26.P2.el7.x86_64.rpm
 bind-export-devel-9.11.4-26.P2.el7.x86_64.rpm

In addition, since the patch dhcp-dhclient_ipv6_prefix.patch set the
default prefixlen to 128, which is usually the specifications call
for host address and it doesn't include any on-link information.
By contrast, 64 indicates that's subnet area, and this vaule is used
frequently as usual. So we still use the previous value 64.
As a result we don't need to modify the relevant place where every
application code needed for the compatibility any more.

Depends-On: https://review.opendev.org/c/starlingx/tools/+/772241

Story: 2008532
Task: 41638
Change-Id: I0305711790d8e3fb1adfa69e1077468456b65d84
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
2021-03-04 01:46:50 +00:00
Zhixiong Chi
7b5b3aeabf Revert "dhcp: fix CVE-2019-6470"
This reverts commit 613fbf258f72042f912a1fde5608168b1068db36.

Since this upversioned package updates the prefixlen to 128, and it
will occur all hosts offline after booting off the controller-0.
At the same time this issue will block the use of recent loads for
both development and test activities. So we revert the patch firstly,
and investigate deeply then send the new review and request of the
upgraded patch with the appropriate offline fix.

Closes-Bug: #1915050

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Change-Id: I02ecaa1bda463efb38d9c32a47f2221d0de7f99d
2021-02-10 21:18:09 -05:00
Zhixiong Chi
613fbf258f dhcp: fix CVE-2019-6470
Upgrade dhcp pkg to dhcp-4.2.5-82.el7.centos.src.rpm

At the same time since the new version depends on the bind-export
pacakge, so we also add the dependence package in tools repo.

Depends-On: https://review.opendev.org/c/starlingx/tools/+/771744

Story: 2008532
Task: 41638
Change-Id: Ic25b4404475a6f914e5a524db7d60d7e9dcffc85
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
2021-01-21 20:52:27 -05:00
Dongqi Chen
af359d4938 Add auto-versioning to starlingx/integ packages
This update makes use of the PKG_GITREVCOUNT variable
to auto-version the packages in this repo.

Story: 2007750
Task: 39951
Change-Id: I854419c922b9db4edbbf6f1e987a982ec2ec7b59
Signed-off-by: Dongqi Chen <chen.dq@neusoft.com>
2020-06-24 09:48:28 +08:00
zhipengl
acc1863b26 Refactor source code patches for dhcp package
3 source patches can be removed.
2 patches adds support for wrs_install_uuid in the dhclient script.
This added script part just copy the whole content of dhclient-enter-hooks.
Following this script part, it will call this hook script if the hook
exist under /etc/. However, our hook file existed in /etc/dhcp/ folder will
be called by sbin/dhclient-script as well. I'd like to use dhcp config
package to creat /etc/dhclient-enter-hooks soft linked to
/etc/dhcp/dhclient-enter-hooks, so that it can call dhclient script and
no need to add this 2 patches.

Support-disable-nsupdate.patch can be removed as we already fixed port
conflict issue in https://review.openstack.org/#/c/622711/

Deployment test pass and related script file check pass!

Story: 2004473
Task: 28164

Change-Id: If50ae697062a7d0c8a2831fbcc0f5641aaa41ec7
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
2018-12-19 01:24:07 +00:00
zhipengl
dc5bb4b8d4 Remove NSUPDATE patch for dhcp package
After discussion with Eslimi, this patch disables DDNS on dhclient,
as the network port 2105 used by dhclient conflicts with thesame port
used on mtcClient. Now we change the port used by mtcClient from 2105
to 2118, then we can remove this patch.

Deployment test pass.

Story: 2003757
Task: 26445
Depends-on: https://review.openstack.org/#/c/622699/

Change-Id: I295ef87d55c9f5ab573c3906f776fcd6f65e82ff
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
2018-12-05 05:41:33 +00:00
zhipengl
ffe029ef99 Refactor patches for dhcp package.
Use dhcp-config package to package config files for dhcp package.
Rename files folder to patches
Removed site.h which is not used

Deployment test and ping test between VMs pass
config and script files check pass.

Story: 2003768
Task: 27582

Change-Id: Ib7fd3c0ed6d706f89d08890e90ccee42673b3679
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
2018-10-31 01:55:21 +00:00
slin14
e5e3b21c31 de-fuzz dhcp patch
With rpm version < 4.13, patch cmd will create .orig file for fuzzy
patch in default. And this .orig file may lead to rpmbuild failure
"error: Installed (but unpackaged) file(s) found:"

Please visit below link to get more detail info:
https://bugs.launchpad.net/starlingx/+bug/1794611

Story: 2003917
Task: 27042

Change-Id: I12186be4ac3a80deb1194a9a02c5ae59550f7a1b
Signed-off-by: slin14 <shuicheng.lin@intel.com>
2018-10-11 18:26:55 +08:00
slin14
5ebcaeedb8 de-fuzz dhcp patches
When do Centos 7.5 upgraded, some patches didn't resolve and cause
the fuzzy in the line numbers of the patches. And it may cause
.orig file is created when do patch. And this .orig file will lead
to rpm packaging failure due to the unexpected and unpackaged .orig
file.

Please visit below link to get more detail info:
https://bugs.launchpad.net/starlingx/+bug/1794611

Solution:
  Safest solution is to de-fuzz our patches.

Story: 2003389
Task: 26755

Change-Id: Ic8dfef3f8c0e2b417b3f979ce7eaeb4bea43a07e
Signed-off-by: slin14 <shuicheng.lin@intel.com>
2018-09-28 08:08:29 +08:00
slin14
2c63c1c83f rebase dhcp patch to CentOS7.5
delete 1 unused patch

Story: 2003389
Task: 24493

Change-Id: I22c522945380f4d2d956208d64cdd232b0f2739f
Signed-off-by: slin14 <shuicheng.lin@intel.com>
2018-08-22 15:13:32 +08:00
Scott Little
bab9bb6b69 Internal restructuring of stx-integ
Create new directories:
   ceph
   config
   config-files
   filesystem
   kernel
   kernel/kernel-modules
   ldap
   logging
   strorage-drivers
   tools
   utilities
   virt

Retire directories:
   connectivity
   core
   devtools
   support
   extended

Delete two packages:
   tgt
   irqbalance

Relocated packages:
   base/
      dhcp
      initscripts
      libevent
      lighttpd
      linuxptp
      memcached
      net-snmp
      novnc
      ntp
      openssh
      pam
      procps
      sanlock
      shadow
      sudo
      systemd
      util-linux
      vim
      watchdog

   ceph/
      python-cephclient

   config/
      facter
      puppet-4.8.2
      puppet-modules

   filesystem/
      e2fsprogs
      nfs-utils
      nfscheck

   kernel/
      kernel-std
      kernel-rt

   kernel/kernel-modules/
      mlnx-ofa_kernel

   ldap/
      nss-pam-ldapd
      openldap

   logging/
      syslog-ng
      logrotate

   networking/
      lldpd
      iproute
      mellanox
      python-ryu
      mlx4-config

   python/
      python-2.7.5
      python-django
      python-gunicorn
      python-setuptools
      python-smartpm
      python-voluptuous

   security/
      shim-signed
      shim-unsigned
      tboot

   strorage-drivers/
      python-3parclient
      python-lefthandclient

   virt/
      cloud-init
      libvirt
      libvirt-python
      qemu

   tools/
      storage-topology
      vm-topology

   utilities/
      tis-extensions
      namespace-utils
      nova-utils
      update-motd

Change-Id: I37ade764d873c701b35eac5881eb40412ba64a86
Story: 2002801
Task: 22687
Signed-off-by: Scott Little <scott.little@windriver.com>
2018-08-01 10:06:31 -04:00