From cd8c86f398a8840c8a20d17e8e73916642abdac7 Mon Sep 17 00:00:00 2001
From: Jiří Popelka <jpopelka@fedoraproject.org>
Date: Feb 03 2010 17:48:51 +0000
Subject: - move /etc/dhcp.conf to /etc/dhcp.conf.rpmsave in %post (#561094)

- document -nc option in dhclient(8) man page

---

diff --git a/dhcp-4.1.1-capability.patch b/dhcp-4.1.1-capability.patch
index 92cef42..73c796d 100644
--- a/dhcp-4.1.1-capability.patch
+++ b/dhcp-4.1.1-capability.patch
@@ -1,6 +1,42 @@
+diff -up dhcp-4.1.1/client/dhclient.8.capability dhcp-4.1.1/client/dhclient.8
+--- dhcp-4.1.1/client/dhclient.8.capability	2010-02-03 11:19:39.854958099 -0500
++++ dhcp-4.1.1/client/dhclient.8	2010-02-03 11:44:57.949895909 -0500
+@@ -381,6 +381,32 @@ Do not configure any interfaces.  Most u
+ option.
+ 
+ .TP
++.BI \-nc
++Do not drop capabilities.
++
++Normally, if
++.B dhclient
++was compiled with libcap-ng support,
++.B dhclient
++drops most capabilities immediately upon startup.  While more secure,
++this greatly restricts the additional actions that hooks in
++.B dhclient-script (8)
++can take.  (For example, any daemons that 
++.B dhclient-script (8)
++starts or restarts will inherit the restricted capabilities as well,
++which may interfere with their correct operation.)  Thus, the
++.BI \-nc
++option can be used to prevent
++.B dhclient
++from dropping capabilities.
++
++The
++.BI \-nc
++option is ignored if
++.B dhclient
++was not compiled with libcap-ng support.
++
++.TP
+ .BI \-nw
+ Become a daemon process immediately (nowait) rather than waiting until an IP
+ address has been acquired.
 diff -up dhcp-4.1.1/client/dhclient.c.capability dhcp-4.1.1/client/dhclient.c
---- dhcp-4.1.1/client/dhclient.c.capability	2010-02-02 11:58:29.000000000 +0100
-+++ dhcp-4.1.1/client/dhclient.c	2010-02-02 12:04:39.000000000 +0100
+--- dhcp-4.1.1/client/dhclient.c.capability	2010-02-03 11:19:39.876957973 -0500
++++ dhcp-4.1.1/client/dhclient.c	2010-02-03 11:46:14.665957658 -0500
 @@ -37,6 +37,9 @@
  #include <sys/time.h>
  #include <sys/wait.h>
@@ -25,8 +61,8 @@ diff -up dhcp-4.1.1/client/dhclient.c.capability dhcp-4.1.1/client/dhclient.c
  			}
  
  			dhclient_request_options = argv[i];
-+#ifdef HAVE_LIBCAP_NG
 +		} else if (!strcmp(argv[i], "-nc")) {
++#ifdef HAVE_LIBCAP_NG
 +			keep_capabilities = 1;
 +#endif
  		} else if (argv[i][0] == '-') {
@@ -53,8 +89,8 @@ diff -up dhcp-4.1.1/client/dhclient.c.capability dhcp-4.1.1/client/dhclient.c
  	initialize_common_option_spaces();
  
 diff -up dhcp-4.1.1/client/Makefile.am.capability dhcp-4.1.1/client/Makefile.am
---- dhcp-4.1.1/client/Makefile.am.capability	2008-11-18 23:33:22.000000000 +0100
-+++ dhcp-4.1.1/client/Makefile.am	2010-02-02 12:05:31.000000000 +0100
+--- dhcp-4.1.1/client/Makefile.am.capability	2008-11-18 17:33:22.000000000 -0500
++++ dhcp-4.1.1/client/Makefile.am	2010-02-03 11:19:39.895958083 -0500
 @@ -5,7 +5,7 @@ dhclient_SOURCES = clparse.c dhclient.c 
  		   scripts/netbsd scripts/nextstep scripts/openbsd \
  		   scripts/solaris scripts/openwrt
@@ -65,8 +101,8 @@ diff -up dhcp-4.1.1/client/Makefile.am.capability dhcp-4.1.1/client/Makefile.am
  EXTRA_DIST = $(man_MANS)
  
 diff -up dhcp-4.1.1/configure.ac.capability dhcp-4.1.1/configure.ac
---- dhcp-4.1.1/configure.ac.capability	2010-02-02 11:58:29.000000000 +0100
-+++ dhcp-4.1.1/configure.ac	2010-02-02 12:07:04.000000000 +0100
+--- dhcp-4.1.1/configure.ac.capability	2010-02-03 11:19:39.806895971 -0500
++++ dhcp-4.1.1/configure.ac	2010-02-03 11:19:39.895958083 -0500
 @@ -419,6 +419,41 @@ AC_TRY_LINK(
  # Look for optional headers.
  AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)
diff --git a/dhcp.spec b/dhcp.spec
index 951dcba..011517a 100644
--- a/dhcp.spec
+++ b/dhcp.spec
@@ -13,7 +13,7 @@
 Summary:  Dynamic host configuration protocol software
 Name:     dhcp
 Version:  %{basever}
-Release:  2%{?dist}
+Release:  3%{?dist}
 # NEVER CHANGE THE EPOCH on this package.  The previous maintainer (prior to
 # dcantrell maintaining the package) made incorrect use of the epoch and
 # that's why it is at 12 now.  It should have never been used, but it was.
@@ -384,6 +384,7 @@ prevconf="%{_sysconfdir}/dhcpd.conf"
 if [ ! -z "${prevconf}" ]; then
     if [ ! -f %{dhcpconfdir}/dhcpd.conf -o "${sampleconf}" = "${contents}" ]; then
         /bin/cp -a ${prevconf} %{dhcpconfdir}/dhcpd.conf >/dev/null 2>&1
+        /bin/mv ${prevconf} ${prevconf}.rpmsave >/dev/null 2>&1
         if [ -x /sbin/restorecon ]; then
             /sbin/restorecon %{dhcpconfdir}/dhcpd.conf >/dev/null 2>&1
         fi
@@ -499,6 +500,10 @@ fi
 %attr(0644,root,root) %{_mandir}/man3/omapi.3.gz
 
 %changelog
+* Wed Feb 03 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.1.1-3
+- move /etc/dhcp.conf to /etc/dhcp.conf.rpmsave in %%post (#561094)
+- document -nc option in dhclient(8) man page
+
 * Tue Feb 02 2010 Jiri Popelka <jpopelka@redhat.com> - 12:4.1.1-2
 - Fix capability patch (#546765)