emo/ndhc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a9874d4959
ndhc/leasefile.c
Nicholas J. Kain a9874d4959 Support running an executable file when a new lease is acquired. 
If no 'script-file = SCRIPTFILE' is specified in the configuration
file and if no '-X SCRIPTFILE' or '--script-file SCRIPTFILE'
command argument is provided, then this functionality is entirely
inactive and no associated subprocess is spawned.

Otherwise, ndhc will spawn a subprocess that runs as root that has the
sole job of forking off a subprocess that exec's the specified script in
a sanitized and fixed-state environment whenever a new DHCPv4 lease is
acquired.

Note that this script is provided no information about ndhc or the
DHCP state in the environment or in any argument fields; it is the
responsibility of this script to gather whatever information it needs
from either the filesystem or syscalls.  This design is intended to
avoid the historical problems that are associated with dhcp clients
invoking scripts.

The path of the scriptfile cannot be changed after ndhc is initially
run; ndhc forks off the privsep script subprocess that executes scripts
after it has read the configuration file and command arguments, but
before it begins processing network data; thus, it is impossible for the
network-handling process to modify or influence the script assuming
proper OS memory protection.

The privsep channel communicates that the script should be run by simply
writing a newline; anything else will result in ndhc terminating itself.

Before the recommended way to update system state after a change in
lease information was to run the fcactus program and watch the
associated leasefile for the interface for modification; now no external
program is needed for this job.
2022-02-24 03:58:37 -05:00

92 lines
2.9 KiB
C
Raw Blame History

// Copyright 2011-2018 Nicholas J. Kain <njkain at gmail dot com>
// SPDX-License-Identifier: MIT
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include <stdint.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <arpa/inet.h>
#include <errno.h>
#include <limits.h>
#include "nk/log.h"
#include "nk/io.h"
#include "leasefile.h"
#include "ndhc.h"
#include "scriptd.h"
static int leasefilefd = -1;
static void get_leasefile_path(char *leasefile, size_t dlen, char *ifname)
{
int splen = snprintf(leasefile, dlen, "%s/LEASE-%s",
state_dir, ifname);
if (splen < 0)
suicide("%s: (%s) snprintf failed; return=%d",
client_config.interface, __func__, splen);
if ((size_t)splen >= dlen)
suicide("%s: (%s) snprintf dest buffer too small %d >= %zu",
client_config.interface, __func__, splen, sizeof dlen);
}
void open_leasefile(void)
{
char leasefile[PATH_MAX];
get_leasefile_path(leasefile, sizeof leasefile, client_config.interface);
leasefilefd = open(leasefile, O_WRONLY|O_TRUNC|O_CREAT, 0644);
if (leasefilefd < 0)
suicide("%s: (%s) Failed to create lease file '%s': %s",
client_config.interface, __func__, leasefile, strerror(errno));
}
static void do_write_leasefile(struct in_addr ipnum)
{
char ip[INET_ADDRSTRLEN];
char out[INET_ADDRSTRLEN*2];
if (leasefilefd < 0) {
log_line("%s: (%s) leasefile fd < 0; no leasefile will be written",
client_config.interface, __func__);
return;
}
inet_ntop(AF_INET, &ipnum, ip, sizeof ip);
ssize_t olen = snprintf(out, sizeof out, "%s\n", ip);
if (olen < 0 || (size_t)olen >= sizeof ip) {
log_line("%s: (%s) snprintf failed; return=%zd",
client_config.interface, __func__, olen);
return;
}
if (safe_ftruncate(leasefilefd, 0)) {
log_line("%s: (%s) Failed to truncate lease file: %s",
client_config.interface, __func__, strerror(errno));
return;
}
if (lseek(leasefilefd, 0, SEEK_SET) == (off_t)-1) {
log_line("%s: (%s) Failed to seek to start of lease file: %s",
client_config.interface, __func__, strerror(errno));
return;
}
size_t outlen = strlen(out);
ssize_t ret = safe_write(leasefilefd, out, outlen);
if (ret < 0 || (size_t)ret != outlen)
log_line("%s: (%s) Failed to write ip to lease file.",
client_config.interface, __func__);
else
fsync(leasefilefd);
}
void write_leasefile(struct in_addr ipnum)
{
do_write_leasefile(ipnum);
request_scriptd_run();
if (client_config.enable_s6_notify) {
static char buf[] = "\n";
safe_write(client_config.s6_notify_fd, buf, 1);
close(client_config.s6_notify_fd);
client_config.enable_s6_notify = false;
}
}
Reference in New Issue View Git Blame Copy Permalink