| #!/bin/bash |
| # |
| # dhclient-script: Network interface configuration script run by |
| # dhclient based on DHCP client communication |
| # |
| # Copyright (C) 2008-2014 Red Hat, Inc. |
| # |
| # This program is free software; you can redistribute it and/or modify |
| # it under the terms of the GNU General Public License as published by |
| # the Free Software Foundation; either version 2 of the License, or |
| # (at your option) any later version. |
| # |
| # This program is distributed in the hope that it will be useful, |
| # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| # GNU General Public License for more details. |
| # |
| # You should have received a copy of the GNU General Public License |
| # along with this program. If not, see <http://www.gnu.org/licenses/>. |
| # |
| # Author(s): David Cantrell <dcantrell@redhat.com> |
| # Jiri Popelka <jpopelka@redhat.com> |
| # |
| # ---------- |
| # This script is a rewrite/reworking on dhclient-script originally |
| # included as part of dhcp-970306: |
| # dhclient-script for Linux. Dan Halbert, March, 1997. |
| # Updated for Linux 2.[12] by Brian J. Murrell, January 1999. |
| # Modified by David Cantrell <dcantrell@redhat.com> for Fedora and RHEL |
| # ---------- |
| # |
| |
| PATH=/bin:/usr/bin:/sbin |
| # scripts in dhclient.d/ use $SAVEDIR (#833054) |
| export SAVEDIR=/var/lib/dhclient |
| |
| LOGFACILITY="local7" |
| LOGLEVEL="notice" |
| |
| ETCDIR="/etc/dhcp" |
| |
| RESOLVCONF="/etc/resolv.conf" |
| |
| logmessage() { |
| msg="${1}" |
| logger -p "${LOGFACILITY}.${LOGLEVEL}" -t "NET" "dhclient: ${msg}" |
| } |
| |
| eventually_add_hostnames_domain_to_search() { |
| # For the case when hostname for this machine has a domain that is not in domain_search list |
| # 1) get a hostname with `ipcalc --hostname` or `hostnamectl --transient` |
| # 2) get the domain from this hostname |
| # 3) add this domain to search line in resolv.conf if it's not already |
| # there (domain list that we have recently added there is a parameter of this function) |
| # We can't do this directly when generating resolv.conf in make_resolv_conf(), because |
| # we need to first save the resolv.conf with obtained values before we can call `ipcalc --hostname`. |
| # See bug 637763 |
| search="${1}" |
| if need_hostname; then |
| status=1 |
| OLD_HOSTNAME=$HOSTNAME |
| if [ -n "${new_ip_address}" ]; then |
| eval $(/usr/bin/ipcalc --silent --hostname "${new_ip_address}" ; echo "status=$?") |
| elif [ -n "${new_ip6_address}" ]; then |
| eval $(/usr/bin/ipcalc --silent --hostname "${new_ip6_address}" ; echo "status=$?") |
| fi |
| |
| if [ ${status} -eq 0 ]; then |
| domain=$(echo "${HOSTNAME}" | cut -s -d "." -f 2-) |
| fi |
| HOSTNAME=$OLD_HOSTNAME |
| else |
| domain=$(hostnamectl --transient 2>/dev/null | cut -s -d "." -f 2-) |
| fi |
| |
| if [ -n "${domain}" ] && |
| [ ! "${domain}" = "localdomain" ] && |
| [ ! "${domain}" = "localdomain6" ] && |
| [ ! "${domain}" = "(none)" ] && |
| [[ ! "${domain}" = *\ * ]]; then |
| is_in="false" |
| for s in ${search}; do |
| if [ "${s}" = "${domain}" ] || |
| [ "${s}" = "${domain}." ]; then |
| is_in="true" |
| fi |
| done |
| |
| if [ "${is_in}" = "false" ]; then |
| # Add domain name to search list (#637763) |
| sed -i -e "s/${search}/${search} ${domain}/" "${RESOLVCONF}" |
| fi |
| fi |
| } |
| |
| make_resolv_conf() { |
| [ "${PEERDNS}" = "no" ] && return |
| |
| if [ "${reason}" = "RENEW" ] && |
| [ "${new_domain_name}" = "${old_domain_name}" ] && |
| [ "${new_domain_name_servers}" = "${old_domain_name_servers}" ]; then |
| return |
| fi |
| |
| if [ -n "${new_domain_name}" ] || |
| [ -n "${new_domain_name_servers}" ] || |
| [ -n "${new_domain_search}" ]; then |
| rscf="$(mktemp "${TMPDIR:-/tmp}/XXXXXX")" |
| [[ -z "${rscf}" ]] && return |
| echo "; generated by /usr/sbin/dhclient-script" > "${rscf}" |
| |
| if [ -n "${SEARCH}" ]; then |
| search="${SEARCH}" |
| else |
| if [ -n "${new_domain_search}" ]; then |
| # Remove instaces of \032 (#450042) |
| search="${new_domain_search//\\032/ }" |
| elif [ -n "${new_domain_name}" ]; then |
| # Note that the DHCP 'Domain Name Option' is really just a domain |
| # name, and that this practice of using the domain name option as |
| # a search path is both nonstandard and deprecated. |
| search="${new_domain_name}" |
| fi |
| fi |
| |
| if [ -n "${search}" ]; then |
| echo "search ${search}" >> "${rscf}" |
| fi |
| |
| if [ -n "${RES_OPTIONS}" ]; then |
| echo "options ${RES_OPTIONS}" >> "${rscf}" |
| fi |
| |
| if [ -n "${new_domain_name_servers}" ]; then |
| for nameserver in ${new_domain_name_servers} ; do |
| echo "nameserver ${nameserver}" >> "${rscf}" |
| done |
| else # keep 'old' nameservers |
| sed -n /^\w*[Nn][Aa][Mm][Ee][Ss][Ee][Rr][Vv][Ee][Rr]/p "${RESOLVCONF}" >> "${rscf}" |
| fi |
| |
| change_resolv_conf "${rscf}" |
| rm -f "${rscf}" |
| |
| if [ -n "${search}" ]; then |
| eventually_add_hostnames_domain_to_search "${search}" |
| fi |
| elif [ -n "${new_dhcp6_name_servers}" ] || |
| [ -n "${new_dhcp6_domain_search}" ]; then |
| rscf="$(mktemp "${TMPDIR:-/tmp}/XXXXXX")" |
| [[ -z "${rscf}" ]] && return |
| echo "; generated by /usr/sbin/dhclient-script" > "${rscf}" |
| |
| if [ -n "${SEARCH}" ]; then |
| search="${SEARCH}" |
| else |
| if [ -n "${new_dhcp6_domain_search}" ]; then |
| search="${new_dhcp6_domain_search//\\032/ }" |
| fi |
| fi |
| |
| if [ -n "${search}" ]; then |
| echo "search ${search}" >> "${rscf}" |
| fi |
| |
| if [ -n "${RES_OPTIONS}" ]; then |
| echo "options ${RES_OPTIONS}" >> "${rscf}" |
| fi |
| |
| shopt -s nocasematch |
| if [ -n "${new_dhcp6_name_servers}" ]; then |
| for nameserver in ${new_dhcp6_name_servers} ; do |
| # If the nameserver has a link-local address |
| # add a <zone_id> (interface name) to it. |
| if [[ "$nameserver" =~ ^fe80:: ]] |
| then |
| zone_id="%${interface}" |
| else |
| zone_id= |
| fi |
| echo "nameserver ${nameserver}$zone_id" >> "${rscf}" |
| done |
| else # keep 'old' nameservers |
| sed -n /^\w*[Nn][Aa][Mm][Ee][Ss][Ee][Rr][Vv][Ee][Rr]/p "${RESOLVCONF}" >> "${rscf}" |
| fi |
| shopt -u nocasematch |
| |
| change_resolv_conf "${rscf}" |
| rm -f "${rscf}" |
| |
| if [ -n "${search}" ]; then |
| eventually_add_hostnames_domain_to_search "${search}" |
| fi |
| fi |
| } |
| |
| # run given script |
| run_hook() { |
| local script |
| local exit_status |
| script="${1}" |
| |
| if [ -f ${script} ]; then |
| . ${script} |
| fi |
| |
| if [ -n "${exit_status}" ] && [ "${exit_status}" -ne 0 ]; then |
| logmessage "${script} returned non-zero exit status ${exit_status}" |
| fi |
| |
| return ${exit_status} |
| } |
| |
| # run scripts in given directory |
| run_hookdir() { |
| local dir |
| dir="${1}" |
| |
| if [ -d "${dir}" ]; then |
| for script in $(find $dir -executable ! -empty); do |
| run_hook ${script} || return $? |
| done |
| fi |
| |
| return 0 |
| } |
| |
| exit_with_hooks() { |
| # Source the documented exit-hook script, if it exists |
| run_hook "${ETCDIR}/dhclient-exit-hooks" || exit $? |
| # Now run scripts in the hooks directory. |
| run_hookdir "${ETCDIR}/dhclient-exit-hooks.d" || exit $? |
| |
| exit ${1} |
| } |
| |
| quad2num() { |
| if [ $# -eq 4 ]; then |
| let n="${1} << 24 | ${2} << 16 | ${3} << 8 | ${4}" |
| echo "${n}" |
| return 0 |
| else |
| echo "0" |
| return 1 |
| fi |
| } |
| |
| ip2num() { |
| IFS='.' quad2num ${1} |
| } |
| |
| num2ip() { |
| let n="${1}" |
| let o1="(${n} >> 24) & 0xff" |
| let o2="(${n} >> 16) & 0xff" |
| let o3="(${n} >> 8) & 0xff" |
| let o4="${n} & 0xff" |
| echo "${o1}.${o2}.${o3}.${o4}" |
| } |
| |
| get_network_address() { |
| # get network address for the given IP address and (netmask or prefix) |
| ip="${1}" |
| nm="${2}" |
| |
| if [ -n "${ip}" -a -n "${nm}" ]; then |
| if [[ "${nm}" = *.* ]]; then |
| ipcalc -s -n "${ip}" "${nm}" | cut -d '=' -f 2 |
| else |
| ipcalc -s -n "${ip}/${nm}" | cut -d '=' -f 2 |
| fi |
| fi |
| } |
| |
| get_prefix() { |
| # get prefix for the given IP address and mask |
| ip="${1}" |
| nm="${2}" |
| |
| if [ -n "${ip}" -a -n "${nm}" ]; then |
| ipcalc -s -p "${ip}" "${nm}" | cut -d '=' -f 2 |
| fi |
| } |
| |
| class_bits() { |
| let ip=$(IFS='.' ip2num "${1}") |
| let bits=32 |
| let mask='255' |
| for ((i=0; i <= 3; i++, 'mask<<=8')); do |
| let v='ip&mask' |
| if [ "$v" -eq 0 ] ; then |
| let bits-=8 |
| else |
| break |
| fi |
| done |
| echo $bits |
| } |
| |
| is_router_reachable() { |
| # handle DHCP servers that give us a router not on our subnet |
| router="${1}" |
| routersubnet="$(get_network_address "${router}" "${new_subnet_mask}")" |
| mysubnet="$(get_network_address "${new_ip_address}" "${new_subnet_mask}")" |
| |
| if [ ! "${routersubnet}" = "${mysubnet}" ]; then |
| # TODO: This function should not have side effects such as adding or |
| # removing routes. Can this be done with "ip route get" or similar |
| # instead? Are there cases that rely on this route being created here? |
| ip -4 route replace "${router}/32" dev "${interface}" |
| if [ "$?" -ne 0 ]; then |
| logmessage "failed to create host route for ${router}" |
| return 1 |
| fi |
| fi |
| |
| return 0 |
| } |
| |
| add_default_gateway() { |
| router="${1}" |
| |
| if is_router_reachable "${router}" ; then |
| if [ $# -gt 1 ] && [ -n "${2}" ] && [[ "${2}" -gt 0 ]]; then |
| ip -4 route replace default via "${router}" dev "${interface}" metric "${2}" |
| else |
| ip -4 route replace default via "${router}" dev "${interface}" |
| fi |
| if [ $? -ne 0 ]; then |
| logmessage "failed to create default route: ${router} dev ${interface} ${metric}" |
| return 1 |
| else |
| return 0 |
| fi |
| fi |
| |
| return 1 |
| } |
| |
| execute_client_side_configuration_scripts() { |
| # execute any additional client side configuration scripts we have |
| if [ "${1}" == "config" ] || [ "${1}" == "restore" ]; then |
| for f in ${ETCDIR}/dhclient.d/*.sh ; do |
| if [ -x "${f}" ]; then |
| subsystem="${f%.sh}" |
| subsystem="${subsystem##*/}" |
| . "${f}" |
| "${subsystem}_${1}" |
| fi |
| done |
| fi |
| } |
| |
| flush_dev() { |
| # Instead of bringing the interface down (#574568) |
| # explicitly clear ARP cache and flush all addresses & routes. |
| ip -4 addr flush dev "${1}" >/dev/null 2>&1 |
| ip -4 route flush dev "${1}" >/dev/null 2>&1 |
| ip -4 neigh flush dev "${1}" >/dev/null 2>&1 |
| } |
| |
| remove_old_addr() { |
| if [ -n "${old_ip_address}" ]; then |
| if [ -n "${old_prefix}" ]; then |
| ip -4 addr del "${old_ip_address}/${old_prefix}" dev "${interface}" >/dev/null 2>&1 |
| else |
| ip -4 addr del "${old_ip_address}" dev "${interface}" >/dev/null 2>&1 |
| fi |
| fi |
| } |
| |
| dhconfig() { |
| if [ -n "${old_ip_address}" ] && [ -n "${alias_ip_address}" ] && |
| [ ! "${alias_ip_address}" = "${old_ip_address}" ]; then |
| # possible new alias, remove old alias first |
| ip -4 addr del "${old_ip_address}" dev "${interface}" label "${interface}:0" |
| fi |
| |
| if [ -n "${old_ip_address}" ] && |
| [ ! "${old_ip_address}" = "${new_ip_address}" ]; then |
| # IP address changed. Delete all routes, and clear the ARP cache. |
| flush_dev "${interface}" |
| fi |
| |
| # make sure the interface is up |
| ip link set dev "${interface}" up |
| |
| # replace = add if it doesn't exist or override (update lifetimes) if it's there |
| ip -4 addr replace "${new_ip_address}/${new_prefix}" broadcast "${new_broadcast_address}" dev "${interface}" \ |
| valid_lft "${new_dhcp_lease_time}" preferred_lft "${new_dhcp_lease_time}" >/dev/null 2>&1 |
| |
| if [ "${reason}" = "BOUND" ] || [ "${reason}" = "REBOOT" ] || |
| [ ! "${old_ip_address}" = "${new_ip_address}" ] || |
| [ ! "${old_subnet_mask}" = "${new_subnet_mask}" ] || |
| [ ! "${old_network_number}" = "${new_network_number}" ] || |
| [ ! "${old_broadcast_address}" = "${new_broadcast_address}" ] || |
| [ ! "${old_routers}" = "${new_routers}" ] || |
| [ ! "${old_interface_mtu}" = "${new_interface_mtu}" ]; then |
| |
| # The 576 MTU is only used for X.25 and dialup connections |
| # where the admin wants low latency. Such a low MTU can cause |
| # problems with UDP traffic, among other things. As such, |
| # disallow MTUs from 576 and below by default, so that broken |
| # MTUs are ignored, but higher stuff is allowed (1492, 1500, etc). |
| if [ -n "${new_interface_mtu}" ] && [ "${new_interface_mtu}" -gt 576 ]; then |
| ip link set dev "${interface}" mtu "${new_interface_mtu}" |
| fi |
| |
| # static routes |
| if [ -n "${new_classless_static_routes}" ] || |
| [ -n "${new_static_routes}" ]; then |
| if [ -n "${new_classless_static_routes}" ]; then |
| IFS=', |' static_routes=(${new_classless_static_routes}) |
| # If the DHCP server returns both a Classless Static Routes option and |
| # a Router option, the DHCP client MUST ignore the Router option. (RFC3442) |
| new_routers="" |
| else |
| IFS=', |' static_routes=(${new_static_routes}) |
| fi |
| route_targets=() |
| |
| for((i=0; i<${#static_routes[@]}; i+=2)); do |
| target=${static_routes[$i]} |
| if [ -n "${new_classless_static_routes}" ]; then |
| if [ "${target}" = "0" ]; then |
| new_routers="${static_routes[$i+1]}" |
| continue |
| else |
| prefix=${target%%.*} |
| target=${target#*.} |
| IFS="." target_arr=(${target}) |
| unset IFS |
| ((pads=4-${#target_arr[@]})) |
| for j in $(seq $pads); do |
| target="${target}.0" |
| done |
| |
| # Client MUST zero any bits in the subnet number where the corresponding bit in the mask is zero. |
| # In other words, the subnet number installed in the routing table is the logical AND of |
| # the subnet number and subnet mask given in the Classless Static Routes option. (RFC3442) |
| target="$(get_network_address "${target}" "${prefix}")" |
| fi |
| else |
| prefix=$(class_bits "${target}") |
| fi |
| gateway=${static_routes[$i+1]} |
| |
| # special case 0.0.0.0 to allow static routing for link-local addresses |
| # (including IPv4 multicast) which will not have a next-hop (#769463, #787318) |
| if [ "${gateway}" = "0.0.0.0" ]; then |
| valid_gateway=0 |
| scope='scope link' |
| else |
| is_router_reachable "${gateway}" |
| valid_gateway=$? |
| scope='' |
| fi |
| if [ "${valid_gateway}" -eq 0 ]; then |
| metric='' |
| for t in "${route_targets[@]}"; do |
| if [ "${t}" = "${target}" ]; then |
| if [ -z "${metric}" ]; then |
| metric=1 |
| else |
| ((metric=metric+1)) |
| fi |
| fi |
| done |
| |
| if [ -n "${metric}" ]; then |
| metric="metric ${metric}" |
| fi |
| |
| ip -4 route replace "${target}/${prefix}" proto static via "${gateway}" dev "${interface}" ${metric} ${scope} |
| |
| if [ $? -ne 0 ]; then |
| logmessage "failed to create static route: ${target}/${prefix} via ${gateway} dev ${interface} ${metric}" |
| else |
| route_targets=(${route_targets[@]} ${target}) |
| fi |
| fi |
| done |
| fi |
| |
| # gateways |
| if [[ ( "${DEFROUTE}" != "no" ) && |
| (( -z "${GATEWAYDEV}" ) || ( "${GATEWAYDEV}" = "${interface}" )) ]]; then |
| if [[ ( -z "${GATEWAY}" ) || |
| (( -n "${DHCLIENT_IGNORE_GATEWAY}" ) && ( "${DHCLIENT_IGNORE_GATEWAY}" = [Yy]* )) ]]; then |
| metric="${METRIC:-}" |
| let i="${METRIC:-0}" |
| default_routers=() |
| |
| for router in ${new_routers} ; do |
| added_router=- |
| |
| for r in "${default_routers[@]}" ; do |
| if [ "${r}" = "${router}" ]; then |
| added_router=1 |
| fi |
| done |
| |
| if [ -z "${router}" ] || |
| [ "${added_router}" = "1" ] || |
| [ "$(IFS='.' ip2num ${router})" -le 0 ] || |
| [[ ( "${router}" = "${new_broadcast_address}" ) && |
| ( "${new_subnet_mask}" != "255.255.255.255" ) ]]; then |
| continue |
| fi |
| |
| default_routers=(${default_routers[@]} ${router}) |
| add_default_gateway "${router}" "${metric}" |
| let i=i+1 |
| metric=${i} |
| done |
| elif [ -n "${GATEWAY}" ]; then |
| routersubnet=$(get_network_address "${GATEWAY}" "${new_subnet_mask}") |
| mysubnet=$(get_network_address "${new_ip_address}" "${new_subnet_mask}") |
| |
| if [ "${routersubnet}" = "${mysubnet}" ]; then |
| ip -4 route replace default via "${GATEWAY}" dev "${interface}" |
| fi |
| fi |
| fi |
| fi |
| |
| if [ ! "${new_ip_address}" = "${alias_ip_address}" ] && |
| [ -n "${alias_ip_address}" ]; then |
| # Reset the alias address (fix: this should really only do this on changes) |
| ip -4 addr flush dev "${interface}" label "${interface}:0" >/dev/null 2>&1 |
| ip -4 addr replace "${alias_ip_address}/${alias_prefix}" broadcast "${alias_broadcast_address}" dev "${interface}" label "${interface}:0" |
| ip -4 route replace "${alias_ip_address}/32" dev "${interface}" |
| fi |
| |
| # After dhclient brings an interface UP with a new IP address, subnet mask, |
| # and routes, in the REBOOT/BOUND states -> search for "dhclient-up-hooks". |
| if [ "${reason}" = "BOUND" ] || [ "${reason}" = "REBOOT" ] || |
| [ ! "${old_ip_address}" = "${new_ip_address}" ] || |
| [ ! "${old_subnet_mask}" = "${new_subnet_mask}" ] || |
| [ ! "${old_network_number}" = "${new_network_number}" ] || |
| [ ! "${old_broadcast_address}" = "${new_broadcast_address}" ] || |
| [ ! "${old_routers}" = "${new_routers}" ] || |
| [ ! "${old_interface_mtu}" = "${new_interface_mtu}" ]; then |
| |
| if [ -x "${ETCDIR}/dhclient-${interface}-up-hooks" ]; then |
| . "${ETCDIR}/dhclient-${interface}-up-hooks" |
| elif [ -x ${ETCDIR}/dhclient-up-hooks ]; then |
| . ${ETCDIR}/dhclient-up-hooks |
| fi |
| fi |
| |
| make_resolv_conf |
| |
| if [ -n "${new_host_name}" ] && need_hostname; then |
| hostnamectl set-hostname --transient --no-ask-password "${new_host_name}" |
| fi |
| |
| if [[ ( "${DHCP_TIME_OFFSET_SETS_TIMEZONE}" = [yY1]* ) && |
| ( -n "${new_time_offset}" ) ]]; then |
| # DHCP option "time-offset" is requested by default and should be |
| # handled. The geographical zone abbreviation cannot be determined |
| # from the GMT offset, but the $ZONEINFO/Etc/GMT$offset file can be |
| # used - note: this disables DST. |
| ((z=new_time_offset/3600)) |
| ((hoursWest=$(printf '%+d' $z))) |
| |
| if (( $hoursWest < 0 )); then |
| # tzdata treats negative 'hours west' as positive 'gmtoff'! |
| ((hoursWest*=-1)) |
| fi |
| |
| tzfile=/usr/share/zoneinfo/Etc/GMT$(printf '%+d' ${hoursWest}) |
| if [ -e "${tzfile}" ]; then |
| cp -fp "${tzfile}" /etc/localtime |
| touch /etc/localtime |
| fi |
| fi |
| |
| execute_client_side_configuration_scripts "config" |
| } |
| |
| wait_for_link_local() { |
| # we need a link-local address to be ready (not tentative) |
| for i in $(seq 50); do |
| linklocal=$(ip -6 addr show dev "${interface}" scope link) |
| # tentative flag means DAD is still not complete |
| tentative=$(echo "${linklocal}" | grep tentative) |
| [[ -n "${linklocal}" && -z "${tentative}" ]] && exit_with_hooks 0 |
| sleep 0.1 |
| done |
| } |
| |
| # Section 18.1.8. (Receipt of Reply Messages) of RFC 3315 says: |
| # The client SHOULD perform duplicate address detection on each of |
| # the addresses in any IAs it receives in the Reply message before |
| # using that address for traffic. |
| add_ipv6_addr_with_DAD() { |
| ip -6 addr replace "${new_ip6_address}/${new_ip6_prefixlen}" \ |
| dev "${interface}" scope global valid_lft "${new_max_life}" \ |
| preferred_lft "${new_preferred_life}" |
| |
| # repeatedly test whether newly added address passed |
| # duplicate address detection (DAD) |
| for i in $(seq 5); do |
| sleep 1 # give the DAD some time |
| |
| addr=$(ip -6 addr show dev "${interface}" \ |
| | grep "${new_ip6_address}/${new_ip6_prefixlen}") |
| |
| # tentative flag == DAD is still not complete |
| tentative=$(echo "${addr}" | grep tentative) |
| # dadfailed flag == address is already in use somewhere else |
| dadfailed=$(echo "${addr}" | grep dadfailed) |
| |
| if [ -n "${dadfailed}" ] ; then |
| # address was added with valid_lft/preferred_lft 'forever', remove it |
| ip -6 addr del "${new_ip6_address}/${new_ip6_prefixlen}" dev "${interface}" |
| exit_with_hooks 3 |
| fi |
| if [ -z "${tentative}" ] ; then |
| if [ -n "${addr}" ]; then |
| # DAD is over |
| return 0 |
| else |
| # address was auto-removed (or not added at all) |
| exit_with_hooks 3 |
| fi |
| fi |
| done |
| return 0 |
| } |
| |
| dh6config() { |
| if [ -n "${old_ip6_prefix}" ] || |
| [ -n "${new_ip6_prefix}" ]; then |
| echo "Prefix ${reason} old=${old_ip6_prefix} new=${new_ip6_prefix}" |
| exit_with_hooks 0 |
| fi |
| |
| case "${reason}" in |
| BOUND6) |
| if [ -z "${new_ip6_address}" ] || |
| [ -z "${new_ip6_prefixlen}" ]; then |
| exit_with_hooks 2 |
| fi |
| |
| add_ipv6_addr_with_DAD |
| |
| make_resolv_conf |
| ;; |
| |
| RENEW6|REBIND6) |
| if [[ -n "${new_ip6_address}" ]] && |
| [[ -n "${new_ip6_prefixlen}" ]]; then |
| if [[ ! "${new_ip6_address}" = "${old_ip6_address}" ]]; then |
| [[ -n "${old_ip6_address}" ]] && ip -6 addr del "${old_ip6_address}" dev "${interface}" |
| fi |
| # call it even if new_ip6_address = old_ip6_address to update lifetimes |
| add_ipv6_addr_with_DAD |
| fi |
| |
| if [ ! "${new_dhcp6_name_servers}" = "${old_dhcp6_name_servers}" ] || |
| [ ! "${new_dhcp6_domain_search}" = "${old_dhcp6_domain_search}" ]; then |
| make_resolv_conf |
| fi |
| ;; |
| |
| DEPREF6) |
| if [ -z "${new_ip6_prefixlen}" ]; then |
| exit_with_hooks 2 |
| fi |
| |
| ip -6 addr change "${new_ip6_address}/${new_ip6_prefixlen}" \ |
| dev "${interface}" scope global preferred_lft 0 |
| ;; |
| esac |
| |
| execute_client_side_configuration_scripts "config" |
| } |
| |
| # Functions from /etc/sysconfig/network-scripts/network-functions |
| |
| need_hostname () |
| { |
| CHECK_HOSTNAME=$(hostnamectl --transient) |
| if [[ "${CHECK_HOSTNAME}" = "(none)" ]] || |
| [[ "${CHECK_HOSTNAME}" = "localhost" ]] || |
| [[ "${CHECK_HOSTNAME}" = "localhost.localdomain" ]]; then |
| return 0 |
| else |
| return 1 |
| fi |
| } |
| |
| # Takes one argument - temporary resolv.conf file |
| change_resolv_conf () |
| { |
| options=$(grep '^[\ \ ]*option' "${RESOLVCONF}" 2>/dev/null); |
| if [[ -n "${options}" ]]; then |
| # merge options from existing resolv.conf with specified resolv.conf content |
| newres="${options}"$'\n'$(grep -vF "${options}" "${1}"); |
| else |
| newres=$(cat "${1}"); |
| fi; |
| |
| eval $(echo "${newres}" > "${RESOLVCONF}"; echo "status=$?") |
| if [[ $status -eq 0 ]]; then |
| logger -p local7.notice -t "NET" -i "${0} : updated ${RESOLVCONF}"; |
| [[ -e /var/run/nscd/socket ]] && /usr/sbin/nscd -i hosts; # invalidate cache |
| fi; |
| return $status; |
| } |
| |
| get_config_by_name () |
| { |
| LANG=C grep -E -i -l \ |
| "^[[:space:]]*NAME=\"(Auto |System )?${1}\"" \ |
| /etc/sysconfig/network-scripts/ifcfg-* \ |
| | LC_ALL=C sed -e "$__sed_discard_ignored_files" |
| } |
| |
| get_hwaddr () |
| { |
| if [ -f /sys/class/net/${1}/address ]; then |
| awk '{ print toupper($0) }' < /sys/class/net/${1}/address |
| elif [ -d "/sys/class/net/${1}" ]; then |
| LC_ALL= LANG= ip -o link show ${1} 2>/dev/null | \ |
| awk '{ print toupper(gensub(/.*link\/[^ ]* ([[:alnum:]:]*).*/, |
| "\\1", 1)); }' |
| fi |
| } |
| |
| validate_resolv_conf() |
| { |
| # It's possible to have broken symbolic link $RESOLVCONF -> <some_nm_dir> |
| # https://bugzilla.redhat.com/1475279 |
| # Remove broken link and hope NM will survive |
| if [ -h "${RESOLVCONF}" -a ! -e "${RESOLVCONF}" ]; |
| then |
| logmessage "${RESOLVCONF} is broken symlink. Recreating..." |
| unlink "${RESOLVCONF}" |
| touch "${RESOLVCONF}" |
| fi; |
| } |
| |
| |
| get_config_by_hwaddr () |
| { |
| LANG=C grep -il "^[[:space:]]*HWADDR=\"\?${1}\"\?\([[:space:]#]\|$\)" /etc/sysconfig/network-scripts/ifcfg-* \ |
| | LC_ALL=C sed -e "$__sed_discard_ignored_files" |
| } |
| |
| get_config_by_device () |
| { |
| LANG=C grep -l "^[[:space:]]*DEVICE=\"\?${1}\"\?\([[:space:]#]\|$\)" \ |
| /etc/sysconfig/network-scripts/ifcfg-* \ |
| | LC_ALL=C sed -e "$__sed_discard_ignored_files" |
| } |
| |
| need_config () |
| { |
| # A sed expression to filter out the files that is_ignored_file recognizes |
| __sed_discard_ignored_files='/\(~\|\.bak\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d' |
| |
| local nconfig |
| |
| CONFIG="ifcfg-${1}" |
| [ -f "${CONFIG}" ] && return |
| CONFIG="${1##*/}" |
| [ -f "${CONFIG}" ] && return |
| nconfig=$(get_config_by_name "${1}") |
| if [ -n "$nconfig" ] && [ -f "$nconfig" ]; then |
| CONFIG=${nconfig##*/} |
| return |
| fi |
| local addr=$(get_hwaddr ${1}) |
| if [ -n "$addr" ]; then |
| nconfig=$(get_config_by_hwaddr ${addr}) |
| if [ -n "$nconfig" ] ; then |
| CONFIG=${nconfig##*/} |
| [ -f "${CONFIG}" ] && return |
| fi |
| fi |
| nconfig=$(get_config_by_device ${1}) |
| if [ -n "$nconfig" ] && [ -f "$nconfig" ]; then |
| CONFIG=${nconfig##*/} |
| return |
| fi |
| } |
| |
| # We need this because of PEERDNS |
| source_config () |
| { |
| CONFIG=${CONFIG##*/} |
| . /etc/sysconfig/network-scripts/$CONFIG |
| } |
| |
| # |
| # ### MAIN |
| # |
| |
| # Invoke the local dhcp client enter hooks, if they exist. |
| run_hook "${ETCDIR}/dhclient-enter-hooks" || exit $? |
| run_hookdir "${ETCDIR}/dhclient-enter-hooks.d" || exit $? |
| |
| [ "${PEERDNS}" = "no" ] || validate_resolv_conf |
| |
| if [ -f /etc/sysconfig/network ]; then |
| . /etc/sysconfig/network |
| fi |
| |
| if [ -f /etc/sysconfig/networking/network ]; then |
| . /etc/sysconfig/networking/network |
| fi |
| |
| ## it's possible initscripts package is not installed |
| ## for example in container. Don't flood stderr then |
| if [ -d /etc/sysconfig/network-scripts ]; then |
| cd /etc/sysconfig/network-scripts |
| CONFIG="${interface}" |
| need_config "${CONFIG}" |
| source_config >/dev/null 2>&1 |
| fi; |
| |
| # In case there's some delay in rebinding, it might happen, that the valid_lft drops to 0, |
| # address is removed by kernel and then re-added few seconds later by dhclient-script. |
| # With this work-around the address lives a minute longer. |
| # "4294967235" = infinite (forever) - 60 |
| [[ "${new_dhcp_lease_time}" -lt "4294967235" ]] && new_dhcp_lease_time=$((new_dhcp_lease_time + 60)) |
| [[ "${new_max_life}" -lt "4294967235" ]] && new_max_life=$((new_max_life + 60)) |
| |
| new_prefix="$(get_prefix "${new_ip_address}" "${new_subnet_mask}")" |
| old_prefix="$(get_prefix "${old_ip_address}" "${old_subnet_mask}")" |
| alias_prefix="$(get_prefix "${alias_ip_address}" "${alias_subnet_mask}")" |
| |
| case "${reason}" in |
| MEDIUM|ARPCHECK|ARPSEND) |
| # Do nothing |
| exit_with_hooks 0 |
| ;; |
| |
| PREINIT) |
| if [ -n "${alias_ip_address}" ]; then |
| # Flush alias, its routes will disappear too. |
| ip -4 addr flush dev "${interface}" label "${interface}:0" >/dev/null 2>&1 |
| fi |
| |
| # upstream dhclient-script removes (ifconfig $interface 0 up) old adresses in PREINIT, |
| # but we sometimes (#125298) need (for iSCSI/nfs root to have a dhcp interface) to keep the existing ip |
| # flush_dev ${interface} |
| ip link set dev "${interface}" up |
| if [ -n "${DHCLIENT_DELAY}" ] && [ "${DHCLIENT_DELAY}" -gt 0 ]; then |
| # We need to give the kernel some time to get the interface up. |
| sleep "${DHCLIENT_DELAY}" |
| fi |
| |
| exit_with_hooks 0 |
| ;; |
| |
| PREINIT6) |
| # ensure interface is up |
| ip link set dev "${interface}" up |
| |
| # Removing stale addresses from aborted clients shouldn't be needed |
| # since we've been adding addresses with lifetimes. |
| # Which means that kernel eventually removes them automatically. |
| # ip -6 addr flush dev "${interface}" scope global permanent |
| |
| wait_for_link_local |
| |
| exit_with_hooks 0 |
| ;; |
| |
| BOUND|RENEW|REBIND|REBOOT) |
| if [ -z "${interface}" ] || [ -z "${new_ip_address}" ]; then |
| exit_with_hooks 2 |
| fi |
| if arping -D -q -c2 -I "${interface}" "${new_ip_address}"; then |
| dhconfig |
| exit_with_hooks 0 |
| else # DAD failed, i.e. address is already in use |
| ARP_REPLY=$(arping -D -c2 -I "${interface}" "${new_ip_address}" | grep reply | awk '{print toupper($5)}' | cut -d "[" -f2 | cut -d "]" -f1) |
| OUR_MACS=$(ip link show | grep link | awk '{print toupper($2)}' | uniq) |
| if [[ "${OUR_MACS}" = *"${ARP_REPLY}"* ]]; then |
| # the reply can come from our system, that's OK (#1116004#c33) |
| dhconfig |
| exit_with_hooks 0 |
| else |
| exit_with_hooks 1 |
| fi |
| fi |
| ;; |
| |
| BOUND6|RENEW6|REBIND6|DEPREF6) |
| dh6config |
| exit_with_hooks 0 |
| ;; |
| |
| EXPIRE6|RELEASE6|STOP6) |
| if [ -z "${old_ip6_address}" ] || [ -z "${old_ip6_prefixlen}" ]; then |
| exit_with_hooks 2 |
| fi |
| |
| ip -6 addr del "${old_ip6_address}/${old_ip6_prefixlen}" \ |
| dev "${interface}" |
| |
| execute_client_side_configuration_scripts "restore" |
| |
| if [ -x "${ETCDIR}/dhclient-${interface}-down-hooks" ]; then |
| . "${ETCDIR}/dhclient-${interface}-down-hooks" |
| elif [ -x ${ETCDIR}/dhclient-down-hooks ]; then |
| . ${ETCDIR}/dhclient-down-hooks |
| fi |
| |
| exit_with_hooks 0 |
| ;; |
| |
| EXPIRE|FAIL|RELEASE|STOP) |
| execute_client_side_configuration_scripts "restore" |
| |
| if [ -x "${ETCDIR}/dhclient-${interface}-down-hooks" ]; then |
| . "${ETCDIR}/dhclient-${interface}-down-hooks" |
| elif [ -x ${ETCDIR}/dhclient-down-hooks ]; then |
| . ${ETCDIR}/dhclient-down-hooks |
| fi |
| |
| if [ -n "${alias_ip_address}" ]; then |
| # Flush alias |
| ip -4 addr flush dev "${interface}" label "${interface}:0" >/dev/null 2>&1 |
| fi |
| |
| # upstream script sets interface down here, |
| # we only remove old ip address |
| #flush_dev ${interface} |
| remove_old_addr |
| |
| if [ -n "${alias_ip_address}" ]; then |
| ip -4 addr replace "${alias_ip_address}/${alias_prefix}" broadcast "${alias_broadcast_address}" dev "${interface}" label "${interface}:0" |
| ip -4 route replace "${alias_ip_address}/32" dev "${interface}" |
| fi |
| |
| exit_with_hooks 0 |
| ;; |
| |
| TIMEOUT) |
| if [ -n "${new_routers}" ]; then |
| if [ -n "${alias_ip_address}" ]; then |
| ip -4 addr flush dev "${interface}" label "${interface}:0" >/dev/null 2>&1 |
| fi |
| |
| ip -4 addr replace "${new_ip_address}/${new_prefix}" \ |
| broadcast "${new_broadcast_address}" dev "${interface}" \ |
| valid_lft "${new_dhcp_lease_time}" preferred_lft "${new_dhcp_lease_time}" |
| set ${new_routers} |
| |
| if ping -q -c 1 -w 10 -I "${interface}" "${1}"; then |
| dhconfig |
| exit_with_hooks 0 |
| fi |
| |
| #flush_dev ${interface} |
| remove_old_addr |
| exit_with_hooks 1 |
| else |
| exit_with_hooks 1 |
| fi |
| ;; |
| |
| *) |
| logmessage "unhandled state: ${reason}" |
| exit_with_hooks 1 |
| ;; |
| esac |
| |
| exit_with_hooks 0 |