Bug 127726

Summary: dhclient remains active after change of bootproto
Product: Red Hat Enterprise Linux 3 Reporter: Zenon Panoussis <redhatbugs>
Component: initscriptsAssignee: Bill Nottingham <notting>
Status: CLOSED ERRATA QA Contact: Brock Organ <borgan>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0CC: barryn, bnocera, darren.gamble, jorton, nhorman, riek, rvokal, sig, tao
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHBA-2005-124 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-04-28 15:21:45 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 132991, 132992, 137160    

Description Zenon Panoussis 2004-07-12 22:16:16 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040628

Description of problem:
When the network is restarted, the initscripts should kill and
possibly restart dhclient. Now they don't. The result is that a
machine can suddenly, out of the blue, dump its fixed IP and revert to
an earlier dynamic one. 

Except for the fact that you suddenly lose a machine and might be
unable to reach it any more, or that services stop working, under some
circumstances this can turn into a severe security risk. Where
restrictions apply based on IP, your policies (or those of somebody
else) can turn meaningless or even dangerous when the machine changes
IP by itself.

Version-Release number of selected component (if applicable):
7.31.13.EL-1

How reproducible:
Always

Steps to Reproduce:
1. Take a box with only one NIC. Configure the interface for dhcp,
start the network and get a lease.
2 Change the configuration in
/etc/sysconfig/network-scripts/ifcfg-eth0 to static and add IP
address, netmask etc. Use an IP other than the leased one. 
3. Run 'service network restart'. Check that the interface is on the
new fixed IP you just gave it. 
4. Wait until the lease of the no longer used dynamic IP expires.
Watch the interface move back to its old dynamic settings. Do 'ps -A
|grep dch'.
Comment 1 Bill Nottingham 2005-01-12 17:25:25 UTC 
*** Bug 144877 has been marked as a duplicate of this bug. ***
Comment 2 Bill Nottingham 2005-01-12 20:22:17 UTC 
*** Bug 136465 has been marked as a duplicate of this bug. ***
Comment 3 Bill Nottingham 2005-01-12 20:22:38 UTC 
*** Bug 136152 has been marked as a duplicate of this bug. ***
Comment 8 Bill Nottingham 2005-03-24 18:42:48 UTC 
*** Bug 64227 has been marked as a duplicate of this bug. ***
Comment 9 John Flanagan 2005-04-28 15:21:45 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2005-117.html
Comment 10 Tim Powers 2005-05-18 15:35:56 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2005-123.html
Comment 11 Bill Nottingham 2005-09-01 21:59:45 UTC 
*** Bug 167206 has been marked as a duplicate of this bug. ***