From 5a472649c065482d39a317030734593228ac0258 Mon Sep 17 00:00:00 2001 From: Matthias Hentges Date: Wed, 3 May 2006 12:29:24 +0000 Subject: udev: Do not start any NICs before /etc/init.d/network is run and /var/ is populated --- packages/udev/files/network.sh | 29 +++++++++++++++++++++++++ packages/udev/files/udev_network_queue.sh | 35 +++++++++++++++++++++++++++++++ packages/udev/udev_084.bb | 18 +++++++++++++--- 3 files changed, 79 insertions(+), 3 deletions(-) create mode 100644 packages/udev/files/udev_network_queue.sh (limited to 'packages/udev') diff --git a/packages/udev/files/network.sh b/packages/udev/files/network.sh index 5e2bd5799a..5016328df4 100644 --- a/packages/udev/files/network.sh +++ b/packages/udev/files/network.sh @@ -6,6 +6,35 @@ test -x /sbin/cardctl && exit 0 # We get two "add" events for hostap cards due to wifi0 echo "$INTERFACE" | grep -q wifi && exit 0 + +# Check if /etc/init.d/network has been run yet to see if we are +# called by starting /etc/rcS.d/S03udev and not by hotplugging a device +# +# At this stage, network interfaces should not be brought up +# automatically because: +# a) /etc/init.d/network has not been run yet (security issue) +# b) /var has not been populated yet so /etc/resolv,conf points to +# oblivion, making the network unusable +# + +spoofp="`grep ^spoofprotect /etc/network/options`" +if test -z "$spoofp" +then + # This is the default from /etc/init.d/network + spoofp_val=yes +else + spoofp_val=${spoofp#spoofprotect=} +fi + +test "$spoofp_val" = yes && spoofp_val=1 || spoofp_val=0 + +# I think it is safe to assume that "lo" will always be there ;) +if test "`cat /proc/sys/net/ipv4/conf/lo/rp_filter`" != "$spoofp_val" -a -n "$spoofp_val" +then + echo "$INTERFACE" >> /dev/udev_network_queue + exit 0 +fi + # # Code taken from pcmcia-cs:/etc/pcmcia/network # diff --git a/packages/udev/files/udev_network_queue.sh b/packages/udev/files/udev_network_queue.sh new file mode 100644 index 0000000000..05e08e9d1b --- /dev/null +++ b/packages/udev/files/udev_network_queue.sh @@ -0,0 +1,35 @@ +#! /bin/sh +# +# Copyright Matthias Hentges (c) 2006 +# License: GPL (see http://www.gnu.org/licenses/gpl.txt for a copy of the license) +# +# Filename: udev_network_queue.sh +# Date: 03-May-06 + +do_start() { + if test -e /dev/udev_network_queue + then + echo "Activating queued NICs..." + for NIC in `cat /dev/udev_network_queue` + do + export INTERFACE="$NIC" ; export ACTION=add + /etc/udev/scripts/network.sh + done + echo "" + else + echo "No NICs queued" + fi +} + +do_stop() { + /bin/true +} + +case "$1" in +start) do_start;; +stop) do_stop;; +restart) do_stop + do_start;; +*) echo "Usage: `basename $0` [ start | stop | restart ]" + exit 0;; +esac diff --git a/packages/udev/udev_084.bb b/packages/udev/udev_084.bb index d42366b992..0bb96c7f36 100644 --- a/packages/udev/udev_084.bb +++ b/packages/udev/udev_084.bb @@ -8,13 +8,14 @@ SRC_URI = "http://kernel.org/pub/linux/utils/kernel/hotplug/udev-${PV}.tar.gz \ file://flags.patch;patch=1 \ file://udevsynthesize.patch;patch=1 \ file://udevsynthesize.sh \ - file://mount.blacklist" + file://mount.blacklist \ + file://udev_network_queue.sh" include udev.inc INITSCRIPT_PARAMS = "start 03 S ." -PR = "r11" +PR = "r12" FILES_${PN} += "${base_libdir}" UDEV_EXTRAS = "extras/firmware/ extras/scsi_id/ extras/volume_id/ extras/run_directory/" @@ -26,7 +27,8 @@ do_install () { oe_runmake 'DESTDIR=${D}' INSTALL=install install install -d ${D}${sysconfdir}/init.d install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/udev - + install -m 0755 ${WORKDIR}/udev_network_queue.sh ${D}${sysconfdir}/init.d/ + install -d ${D}${sysconfdir}/udev/rules.d/ install -m 0644 ${WORKDIR}/mount.blacklist ${D}${sysconfdir}/udev/ @@ -46,3 +48,13 @@ do_install () { install -m 0755 ${S}/udevsynthesize ${D}${base_libdir}/udev/udevsynthesize install -m 0755 ${WORKDIR}/udevsynthesize.sh ${D}${sbindir}/udevsynthesize } + + +pkg_postinst_append() { + update-rc.d -s udev_network_queue.sh start 41 S . start 55 0 6 . +} + + +pkg_postrm_append() { + update-rc.d -f udev_network_queue.sh remove +} -- cgit v1.2.3