rpms/quagga
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
a955835699
quagga/0001-systemd-various-service-file-improvements.patch
Michal Sekletar a955835699 Rebase to 1.1.0 
This rebases fixes following security issues:
  - CVE-2016-2342 quagga: VPNv4 NLRI parses memcpys to stack on unchecked length (#1316572)
  - CVE-2016-4049 quagga: denial of service vulnerability in BGP routing daemon (#1331373)
  - CVE-2016-1245 quagga: Buffer Overflow in IPv6 RA handling (#1386110)

Also babeld was dropped by upstream.

Resolves: #1316324, #1316572, #1331373, #1386110, #1387654
2016-10-24 17:31:54 +02:00

184 lines
5.3 KiB
Diff
Raw Blame History

From 91eddf68ca54ba11a22f58de9a4e8f5deb53cccc Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 20 Oct 2016 12:56:34 +0200
Subject: [PATCH] systemd: various service file improvements
(1) network.target is generally used as a synchronization point during
boot up and not as a "boot target" (target where services are actually
enabled). Also as per 'man 7 systemd.special', service implementing
networking should pull network.target into transaction and order itself
before it. Hence, it doesn't make sense for zebra and friends to be
enabled in network.target, because they should actively pull in
network.target into boot transaction. Let's enable them as normal
services in multi-user.target and order against network{,-pre}.target
appropriately.
(2) All quagga daemons needs zebra to be running at all times and want
to restarted/stopped whenever zebra is. This is expressed by BindsTo=
dependency in a unit file (note "s" in Binds).
---
redhat/bgpd.service | 8 +++++---
redhat/isisd.service | 8 +++++---
redhat/ospf6d.service | 8 +++++---
redhat/ospfd.service | 8 +++++---
redhat/ripd.service | 8 +++++---
redhat/ripngd.service | 8 +++++---
redhat/zebra.service | 6 ++++--
7 files changed, 34 insertions(+), 20 deletions(-)
diff --git a/redhat/bgpd.service b/redhat/bgpd.service
index 5040284..ef24841 100644
--- a/redhat/bgpd.service
+++ b/redhat/bgpd.service
@@ -1,7 +1,9 @@
[Unit]
Description=BGP routing daemon
-BindTo=zebra.service
-After=syslog.target network.target zebra.service
+BindsTo=zebra.service
+Wants=network.target
+After=zebra.service network-pre.target
+Before=network.target
ConditionPathExists=/etc/quagga/bgpd.conf
[Service]
@@ -11,4 +13,4 @@ ExecStart=/usr/sbin/bgpd -d $BGPD_OPTS -f /etc/quagga/bgpd.conf
Restart=on-abort
[Install]
-WantedBy=network.target
+WantedBy=multi-user.target
diff --git a/redhat/isisd.service b/redhat/isisd.service
index 4cdf67d..edb6eea 100644
--- a/redhat/isisd.service
+++ b/redhat/isisd.service
@@ -1,7 +1,9 @@
[Unit]
Description=IS-IS routing daemon
-BindTo=zebra.service
-After=syslog.target network.target zebra.service
+BindsTo=zebra.service
+Wants=network.target
+After=zebra.service network-pre.target
+Before=network.target
ConditionPathExists=/etc/quagga/isisd.conf
[Service]
@@ -11,4 +13,4 @@ ExecStart=/usr/sbin/isisd -d $ISISD_OPTS -f /etc/quagga/isisd.conf
Restart=on-abort
[Install]
-WantedBy=network.target
+WantedBy=multi-user.target
diff --git a/redhat/ospf6d.service b/redhat/ospf6d.service
index 3c9c466..b53b970 100644
--- a/redhat/ospf6d.service
+++ b/redhat/ospf6d.service
@@ -1,7 +1,9 @@
[Unit]
Description=OSPF routing daemon for IPv6
-BindTo=zebra.service
-After=syslog.target network.target zebra.service
+BindsTo=zebra.service
+Wants=network.target
+After=zebra.service network-pre.target
+Before=network.target
ConditionPathExists=/etc/quagga/ospf6d.conf
[Service]
@@ -11,4 +13,4 @@ ExecStart=/usr/sbin/ospf6d -d $OSPF6D_OPTS -f /etc/quagga/ospf6d.conf
Restart=on-abort
[Install]
-WantedBy=network.target
+WantedBy=multi-user.target
diff --git a/redhat/ospfd.service b/redhat/ospfd.service
index 5e3de23..5d6c5bb 100644
--- a/redhat/ospfd.service
+++ b/redhat/ospfd.service
@@ -1,7 +1,9 @@
[Unit]
Description=OSPF routing daemon
-BindTo=zebra.service
-After=syslog.target network.target zebra.service
+BindsTo=zebra.service
+Wants=network.target
+After=zebra.service network-pre.target
+Before=network.target
ConditionPathExists=/etc/quagga/ospfd.conf
[Service]
@@ -11,4 +13,4 @@ ExecStart=/usr/sbin/ospfd -d $OSPFD_OPTS -f /etc/quagga/ospfd.conf
Restart=on-abort
[Install]
-WantedBy=network.target
+WantedBy=multi-user.target
diff --git a/redhat/ripd.service b/redhat/ripd.service
index d35dc47..ed7f922 100644
--- a/redhat/ripd.service
+++ b/redhat/ripd.service
@@ -1,7 +1,9 @@
[Unit]
Description=RIP routing daemon
-BindTo=zebra.service
-After=syslog.target network.target zebra.service
+BindsTo=zebra.service
+Wants=network.target
+After=zebra.service network-pre.target
+Before=network.target
ConditionPathExists=/etc/quagga/ripd.conf
[Service]
@@ -11,4 +13,4 @@ ExecStart=/usr/sbin/ripd -d $RIPD_OPTS -f /etc/quagga/ripd.conf
Restart=on-abort
[Install]
-WantedBy=network.target
+WantedBy=multi-user.target
diff --git a/redhat/ripngd.service b/redhat/ripngd.service
index 567e888..2519b31 100644
--- a/redhat/ripngd.service
+++ b/redhat/ripngd.service
@@ -1,7 +1,9 @@
[Unit]
Description=RIP routing daemon for IPv6
-BindTo=zebra.service
-After=syslog.target network.target zebra.service
+BindsTo=zebra.service
+Wants=network.target
+After=zebra.service network-pre.target
+Before=network.target
ConditionPathExists=/etc/quagga/ripngd.conf
[Service]
@@ -11,4 +13,4 @@ ExecStart=/usr/sbin/ripngd -d $RIPNGD_OPTS -f /etc/quagga/ripngd.conf
Restart=on-abort
[Install]
-WantedBy=network.target
+WantedBy=multi-user.target
diff --git a/redhat/zebra.service b/redhat/zebra.service
index 27c3a52..f9107f1 100644
--- a/redhat/zebra.service
+++ b/redhat/zebra.service
@@ -1,6 +1,8 @@
[Unit]
Description=GNU Zebra routing manager
-After=syslog.target network.target
+Wants=network.target
+Before=network.target
+After=network-pre.target
ConditionPathExists=/etc/quagga/zebra.conf
[Service]
@@ -11,4 +13,4 @@ ExecStart=/usr/sbin/zebra -d $ZEBRA_OPTS -f /etc/quagga/zebra.conf
Restart=on-abort
[Install]
-WantedBy=network.target
+WantedBy=multi-user.target
--
2.7.4
Reference in New Issue View Git Blame Copy Permalink