Page MenuHomeVyOS Platform

DHCP most likely not restarting pdns_recursor
Closed, ResolvedPublicBUG

Description

The on-dhcp-event.sh script is run by isc-dhcp, which runs as nobody:nobody.

That means the sudo is impossible to happen and will generate a security even in the log:

https://github.com/vyos/vyos-1x/blob/7c55de11ca140fd8eed980c0c9db6302e1a05974/src/system/on-dhcp-event.sh#L66

Details

Difficulty level
Unknown (require assessment)
Version
1.3
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

This is related to this change:

https://github.com/vyos/vyos-1x/commit/3fef9d2d71eaae0b862f114fafc756b1706f0e6d

As well as the other ticket about the socket.

Not really, the change to nobody:nogroup was by c-po in https://github.com/vyos/vyos-1x/commit/f371946044696737d1649d9119665b96430d2328
The commit by me you referenced just fixed a bug that resulted from that change.

jjakob added a subscriber: jjakob.

I think this should be fixed by the one that broke this, or no? I don't have the time to do any real work right now. Maybe in a week or 2.

kroy changed the task status from Open to In progress.May 20 2020, 5:58 PM
kroy claimed this task.

No worries. I think I've got a simple fix for this. Just needed to step away for a bit

kroy changed the task status from In progress to Needs testing.May 20 2020, 8:13 PM

This PR419 should take care of this and the parent task

The above PR419 did not fix the issue as a wrong pdns-recursor process name was used (its real name is 'pdns-rec/worker'). It was fixed as part of T2486.

kroy moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.