[Pkg-samba-maint] Bug#629406: Bug#629406: samba-common: create empty /etc/samba/dhcp.conf even if samba-common/dhcp=false

Christian PERRIER bubulle at debian.org
Mon Jun 6 17:54:49 UTC 2011 

Quoting Luca Capello (luca at pca.it):

>   Modify smb.conf to use WINS settings from DHCP?
> 
> Even if I chose "No", every time the machine is rebooted (or a DHCP
> connection is renewed) an empty /etc/samba/dhcp.conf file is created.
> This is particular annoying given that etckeeper always complains:
> 
>   ** etckeeper detected uncommitted changes in /etc prior to apt run
>   ** Aborting apt run. Manually commit and restart.


Hmmm, indeed. The /etc/dhcp3/dhclient-enter-hooks.d/samba hook is a
little bit naive here...

The attached (untested) patch should fix this by testing if the file
to be created is non empty before putting it in place. Could you check
this?

Indeed, we could even be a little bit cleaner and create a real
temporary file rather than /etc/samba/dhcp.conf.new (which would fail
with a read-only /etc). I'm not sure that there are possibilities of
symlink attacks through this as the file is created in a directory
owned by root, but still...it would be cleaner.:-)





-------------- next part --------------
Index: samba-common.dhcp
===================================================================
--- samba-common.dhcp	(r?vision 3789)
+++ samba-common.dhcp	(copie de travail)
@@ -64,11 +64,15 @@
 	then
 		echo "   netbios scope = $new_netbios_scope" >> ${SAMBA_DHCP_CONF}.new
 	fi
-	mv ${SAMBA_DHCP_CONF}.new $SAMBA_DHCP_CONF
+	if [ -s ${SAMBA_DHCP_CONF}.new ]
+		mv ${SAMBA_DHCP_CONF}.new $SAMBA_DHCP_CONF
 
-	# reload the samba server
-	# We don't necessarily have the samba package installed. #414841
-	[ -x /etc/init.d/samba ] && /usr/sbin/invoke-rc.d samba reload
+		# reload the samba server
+		# We don't necessarily have the samba package installed. #414841
+		[ -x /etc/init.d/samba ] && /usr/sbin/invoke-rc.d samba reload
+	else
+		rm ${SAMBA_DHCP_CONF}.new || true
+	fi
 
 }
 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20110606/08602914/attachment.pgp>

More information about the Pkg-samba-maint mailing list