svn commit: r537164 - in head/net/dhcpcd: . files
Ben Woods
woodsb02 at FreeBSD.org
Sun May 31 14:25:04 UTC 2020
Author: woodsb02
Date: Sun May 31 14:25:02 2020
New Revision: 537164
URL: https://svnweb.freebsd.org/changeset/ports/537164
Log:
net/dhcpcd: Update to 9.1.0
Now with privilege separation and capsicumized.
Changes this release:
https://roy.marples.name/archives/dhcpcd-discuss/0003007.html
https://roy.marples.name/archives/dhcpcd-discuss/0002881.html
Modified:
head/net/dhcpcd/Makefile
head/net/dhcpcd/distinfo
head/net/dhcpcd/files/dhcpcd.in
head/net/dhcpcd/pkg-descr
head/net/dhcpcd/pkg-plist
Modified: head/net/dhcpcd/Makefile
==============================================================================
--- head/net/dhcpcd/Makefile Sun May 31 13:52:53 2020 (r537163)
+++ head/net/dhcpcd/Makefile Sun May 31 14:25:02 2020 (r537164)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= dhcpcd
-PORTVERSION= 8.1.9
+PORTVERSION= 9.1.0
CATEGORIES= net
MASTER_SITES= https://roy.marples.name/downloads/dhcpcd/ \
https://cflags.cc/roy/dhcpcd/
@@ -19,12 +19,14 @@ USES= compiler:c11 cpe tar:xz
CPE_VENDOR= dhcpcd_project
GNU_CONFIGURE= yes
-CONFIGURE_ARGS= --datadir=${PREFIX}/share/examples
+CONFIGURE_ARGS= --datadir=${PREFIX}/share/examples \
+ --privsepuser="_dhcp"
USE_RC_SUBR= dhcpcd
post-install:
${MV} ${STAGEDIR}${PREFIX}/etc/dhcpcd.conf \
${STAGEDIR}${PREFIX}/share/examples/dhcpcd
@${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/dhcpcd
+ ${MKDIR} ${STAGEDIR}/var/db/dhcpcd
.include <bsd.port.mk>
Modified: head/net/dhcpcd/distinfo
==============================================================================
--- head/net/dhcpcd/distinfo Sun May 31 13:52:53 2020 (r537163)
+++ head/net/dhcpcd/distinfo Sun May 31 14:25:02 2020 (r537164)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1589539562
-SHA256 (dhcpcd-8.1.9.tar.xz) = 8e2a505eb2bd8007d7c6fd855fcb4dd28cced8fc28886c7ce41fb4fc5630fbcf
-SIZE (dhcpcd-8.1.9.tar.xz) = 230288
+TIMESTAMP = 1590934886
+SHA256 (dhcpcd-9.1.0.tar.xz) = 2d51bbf1780824cfb41c30d391ddeea43ab515a874bb2e74508939169ba93bf7
+SIZE (dhcpcd-9.1.0.tar.xz) = 247460
Modified: head/net/dhcpcd/files/dhcpcd.in
==============================================================================
--- head/net/dhcpcd/files/dhcpcd.in Sun May 31 13:52:53 2020 (r537163)
+++ head/net/dhcpcd/files/dhcpcd.in Sun May 31 14:25:02 2020 (r537164)
@@ -16,7 +16,7 @@ if [ -n "$ifn" ]; then
if [ -z "$flags" -a -n "$specific" ]; then
rc_flags="$specific"
fi
- pidfile="/var/run/dhcpcd-$ifn.pid"
+ pidfile="/var/run/dhcpcd/dhcpcd-$ifn.pid"
else
pidfile="$($command -P $rc_flags)"
: ${dhcpcd_enable:=NO}
Modified: head/net/dhcpcd/pkg-descr
==============================================================================
--- head/net/dhcpcd/pkg-descr Sun May 31 13:52:53 2020 (r537163)
+++ head/net/dhcpcd/pkg-descr Sun May 31 14:25:02 2020 (r537164)
@@ -2,4 +2,12 @@ dhcpcd is a DHCP/IPv4LL/IPv6RS/DHCPv6 client.
It can also act as a network manager, responding to new interfaces,
listening for carrier up/down events and managing routes.
+dhcpcd-9 introduces a number of security improvements:
+- privilege separation
+ operations are performed across multiple processes, and those which do
+ not require root privileges are run as the unprivileged _dhcp user
+- sanboxed with capsicum(4)
+ processes run in capability mode, limiting their access and therefore
+ the potential impact of security vulnerabilities
+
WWW: https://roy.marples.name/projects/dhcpcd
Modified: head/net/dhcpcd/pkg-plist
==============================================================================
--- head/net/dhcpcd/pkg-plist Sun May 31 13:52:53 2020 (r537163)
+++ head/net/dhcpcd/pkg-plist Sun May 31 14:25:02 2020 (r537164)
@@ -1,5 +1,4 @@
libexec/dhcpcd-hooks/01-test
-libexec/dhcpcd-hooks/02-dump
libexec/dhcpcd-hooks/20-resolv.conf
libexec/dhcpcd-hooks/30-hostname
libexec/dhcpcd-hooks/50-ntp.conf
@@ -12,5 +11,5 @@ sbin/dhcpcd
%%EXAMPLESDIR%%/hooks/15-timezone
%%EXAMPLESDIR%%/hooks/29-lookup-hostname
%%EXAMPLESDIR%%/hooks/50-ypbind
- at dir /var/db/dhcpcd
@sample %%EXAMPLESDIR%%/dhcpcd.conf etc/dhcpcd.conf
+ at dir(_dhcp,_dhcp,) /var/db/dhcpcd
More information about the svn-ports-all
mailing list