Bug 597028
Summary: | dhclient is failing to set hostname. | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Quentin Barnes <qbarnes> |
Component: | dhcp | Assignee: | Jiri Popelka <jpopelka> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Release Test Team <release-test-team-automation> |
Severity: | high | Docs Contact: | |
Priority: | low | ||
Version: | 6.0 | ||
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | dhclient-4.1.1-2.el6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-06-07 16:01:54 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 546765 | ||
Bug Blocks: |
Description
Quentin Barnes
2010-05-28 00:06:56 UTC
As part of the lowering capabilities project (http://fedoraproject.org/wiki/Features/LowerProcessCapabilities) all unnecessary capabilities in dhclient are dropped. In dhclient-4.1.1-2.el6 is new -nc option and dhclient(8) man page documents it this way: " -nc Do not drop capabilities. Normally, if dhclient was compiled with libcap-ng support, dhclient drops most capabilities immediately upon startup. While more secure, this greatly restricts the additional actions that hooks in dhclient-script (8) can take. (For example, any daemons that dhclient-script (8) starts or restarts will inherit the restricted capabilities as well, which may interfere with their correct operation.) Thus, the -nc option can be used to prevent dhclient from dropping capabilities. " With dhclient-4.1.1-2.el6 or newer you can run "dhclient -d -v -nc" or put line DHCLIENTARGS=-nc in (e.g.) /etc/sysconfig/network-scripts/ifcfg-eth0 Yet it's still not a perfect solution. Additional info: Bug #546765 Thanks for the hackaround. I'll give it a try. This is my first of unfortunately many RHEL6 Beta bug reports. When I looked for already filed related bugs, I didn't think of searching Fedora. Sigh. I'll know from now on. As you said, "...all unnecessary capabilities...". Unnecessary is fine, but the problem is that CAP_SYS_ADMIN is definitely necessary for the sethostname(2) call. This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux major release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Major release. This request is not yet committed for inclusion. |