From 001f224fccf52937cc1355507de89c30b32ee30a Mon Sep 17 00:00:00 2001 From: ajs124 Date: Tue, 4 Apr 2023 12:53:42 +0200 Subject: [PATCH 1/5] dhcp: remove reached its EOL on 2022-10-04 see https://www.isc.org/blogs/isc-dhcp-eol/ for details --- pkgs/tools/networking/dhcp/default.nix | 102 ------------------ pkgs/tools/networking/dhcp/set-hostname.patch | 12 --- pkgs/top-level/aliases.nix | 1 + pkgs/top-level/all-packages.nix | 2 - pkgs/top-level/release-small.nix | 1 - 5 files changed, 1 insertion(+), 117 deletions(-) delete mode 100644 pkgs/tools/networking/dhcp/default.nix delete mode 100644 pkgs/tools/networking/dhcp/set-hostname.patch diff --git a/pkgs/tools/networking/dhcp/default.nix b/pkgs/tools/networking/dhcp/default.nix deleted file mode 100644 index 1d07843cc48b..000000000000 --- a/pkgs/tools/networking/dhcp/default.nix +++ /dev/null @@ -1,102 +0,0 @@ -{ stdenv, fetchurl, perl, file, nettools, iputils, iproute2, makeWrapper -, coreutils, gnused, openldap ? null -, buildPackages, lib - -# client and relay are end of life, remove after 4.4.3 -, withClient ? false -, withRelay ? false -}: - -stdenv.mkDerivation rec { - pname = "dhcp"; - version = "4.4.3-P1"; - - src = fetchurl { - url = "https://ftp.isc.org/isc/dhcp/${version}/${pname}-${version}.tar.gz"; - sha256 = "sha256-CsQWu1WZfKhjIXT9EHN/1hzbjbonUhYKM1d1vCHcc8c="; - }; - - patches = - [ - # Make sure that the hostname gets set on reboot. Without this - # patch, the hostname doesn't get set properly if the old - # hostname (i.e. before reboot) is equal to the new hostname. - ./set-hostname.patch - ]; - - nativeBuildInputs = [ perl makeWrapper ]; - - buildInputs = [ openldap ]; - - depsBuildBuild = [ buildPackages.stdenv.cc ]; - - configureFlags = [ - "--enable-failover" - "--enable-execute" - "--enable-tracing" - "--enable-delayed-ack" - "--enable-dhcpv6" - "--enable-paranoia" - "--enable-early-chroot" - "--sysconfdir=/etc" - "--localstatedir=/var" - ] ++ lib.optional stdenv.isLinux "--with-randomdev=/dev/random" - ++ lib.optionals (openldap != null) [ "--with-ldap" "--with-ldapcrypto" ] - ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "BUILD_CC=$(CC_FOR_BUILD)"; - - env.NIX_CFLAGS_COMPILE = builtins.toString [ - "-Wno-error=pointer-compare" - "-Wno-error=format-truncation" - "-Wno-error=stringop-truncation" - "-Wno-error=format-overflow" - "-Wno-error=stringop-overflow=8" - ]; - - installFlags = [ "DESTDIR=\${out}" ]; - - postInstall = - '' - mv $out/$out/* $out - DIR=$out/$out - while rmdir $DIR 2>/dev/null; do - DIR="$(dirname "$DIR")" - done - - cp client/scripts/linux $out/sbin/dhclient-script - substituteInPlace $out/sbin/dhclient-script \ - --replace /sbin/ip ${iproute2}/sbin/ip - wrapProgram "$out/sbin/dhclient-script" --prefix PATH : \ - "${nettools}/bin:${nettools}/sbin:${iputils}/bin:${coreutils}/bin:${gnused}/bin" - '' + lib.optionalString (!withClient) '' - rm $out/sbin/{dhclient,dhclient-script,.dhclient-script-wrapped} - '' + lib.optionalString (!withRelay) '' - rm $out/sbin/dhcrelay - ''; - - preConfigure = - '' - substituteInPlace configure --replace "/usr/bin/file" "${file}/bin/file" - sed -i "includes/dhcpd.h" \ - -e "s|^ *#define \+_PATH_DHCLIENT_SCRIPT.*$|#define _PATH_DHCLIENT_SCRIPT \"$out/sbin/dhclient-script\"|g" - - export AR='${stdenv.cc.bintools.bintools}/bin/${stdenv.cc.targetPrefix}ar' - ''; - - enableParallelBuilding = true; - - meta = with lib; { - description = "Dynamic Host Configuration Protocol (DHCP) tools"; - - longDescription = '' - ISC's Dynamic Host Configuration Protocol (DHCP) distribution - provides a freely redistributable reference implementation of - all aspects of DHCP, through a suite of DHCP tools: server, - client, and relay agent. - ''; - - homepage = "https://www.isc.org/dhcp/"; - license = licenses.mpl20; - platforms = platforms.unix; - knownVulnerabilities = lib.optional (withClient || withRelay) "The client and relay component of the dhcp package have reached their end of life"; - }; -} diff --git a/pkgs/tools/networking/dhcp/set-hostname.patch b/pkgs/tools/networking/dhcp/set-hostname.patch deleted file mode 100644 index 7aa9d0814514..000000000000 --- a/pkgs/tools/networking/dhcp/set-hostname.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- a/client/scripts/linux 2010-09-15 00:49:48.000000000 +0200 -+++ b/client/scripts/linux 2011-04-01 16:08:10.984372269 +0200 -@@ -133,9 +133,7 @@ - [ "$current_hostname" = '(none)' ] || - [ "$current_hostname" = 'localhost' ] || - [ "$current_hostname" = "$old_host_name" ]; then -- if [ "$new_host_name" != "$old_host_name" ]; then -- hostname "$new_host_name" -- fi -+ hostname "$new_host_name" - fi - fi diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 94f3271668bf..24f782fffe37 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -399,6 +399,7 @@ mapAliases ({ devserver = throw "'devserver' has been removed in favor of 'miniserve' or other alternatives"; # Added 2023-01-13 dfu-util-axoloti = throw "dfu-util-axoloti has been removed: abandoned by upstream"; # Added 2022-05-13 dhall-text = throw "'dhall-text' has been deprecated in favor of the 'dhall text' command from 'dhall'"; # Added 2022-03-26 + dhcp = throw "dhcp (ISC DHCP) has been removed from nixpkgs, because it reached its end of life"; # Added 2023-04-04 digikam5 = throw "'digikam5' has been renamed to/replaced by 'digikam'"; # Converted to throw 2022-02-22 dirmngr = throw "dirmngr has been removed: merged into gnupg"; # Added 2022-05-13 disper = throw "disper has been removed: abandoned by upstream"; # Added 2022-03-18 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 9b05fe34765f..dc71178dfa0c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7211,8 +7211,6 @@ with pkgs; dnsx = callPackage ../tools/security/dnsx { }; - dhcp = callPackage ../tools/networking/dhcp { }; - dhcpdump = callPackage ../tools/networking/dhcpdump { }; dhcpcd = callPackage ../tools/networking/dhcpcd { }; diff --git a/pkgs/top-level/release-small.nix b/pkgs/top-level/release-small.nix index f2cc7ae471a4..37ef0a50c260 100644 --- a/pkgs/top-level/release-small.nix +++ b/pkgs/top-level/release-small.nix @@ -36,7 +36,6 @@ with import ./release-lib.nix { inherit supportedSystems nixpkgsArgs; }; cron = linux; cups = linux; dbus = linux; - dhcp = linux; diffutils = all; e2fsprogs = linux; emacs = linux; From 413d9d3864e58ae59c77210e8591968a3121496f Mon Sep 17 00:00:00 2001 From: ajs124 Date: Tue, 4 Apr 2023 12:58:07 +0200 Subject: [PATCH 2/5] nixos/dhcp(46): remove package reached its EOL on 2022-10-04 see https://www.isc.org/blogs/isc-dhcp-eol/ for details --- .../manual/release-notes/rl-2311.section.md | 2 + nixos/modules/module-list.nix | 1 - nixos/modules/rename.nix | 10 + nixos/modules/services/networking/dhcpd.nix | 230 ------------------ 4 files changed, 12 insertions(+), 231 deletions(-) delete mode 100644 nixos/modules/services/networking/dhcpd.nix diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index e4e2c49859b3..d19437dbdecc 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -72,6 +72,8 @@ - PHP now defaults to PHP 8.2, updated from 8.1. +- The ISC DHCP package and corresponding module have been removed, because they are end of life upstream. See https://www.isc.org/blogs/isc-dhcp-eol/ for details and switch to a different DHCP implementation like kea or dnsmasq. + - `util-linux` is now supported on Darwin and is no longer an alias to `unixtools`. Use the `unixtools.util-linux` package for access to the Apple variants of the utilities. - `services.keyd` changed API. Now you can create multiple configuration files. diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index e4e5fa97608a..d3b4ace7e9b0 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -864,7 +864,6 @@ ./services/networking/croc.nix ./services/networking/dante.nix ./services/networking/dhcpcd.nix - ./services/networking/dhcpd.nix ./services/networking/dnscache.nix ./services/networking/dnscrypt-proxy2.nix ./services/networking/dnscrypt-wrapper.nix diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index a32d433bbdde..45014ed3c68e 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -114,6 +114,16 @@ in (mkRemovedOptionModule [ "services" "rtsp-simple-server" ] "Package has been completely rebranded by upstream as mediamtx, and thus the service and the package were renamed in NixOS as well.") (mkRemovedOptionModule [ "i18n" "inputMethod" "fcitx" ] "The fcitx module has been removed. Please use fcitx5 instead") + (mkRemovedOptionModule [ "services" "dhcpd4" ] '' + The dhcpd4 module has been removed because ISC DHCP reached its end of life. + See https://www.isc.org/blogs/isc-dhcp-eol/ for details. + Please switch to a different implementation like kea or dnsmasq. + '') + (mkRemovedOptionModule [ "services" "dhcpd6" ] '' + The dhcpd6 module has been removed because ISC DHCP reached its end of life. + See https://www.isc.org/blogs/isc-dhcp-eol/ for details. + Please switch to a different implementation like kea or dnsmasq. + '') # Do NOT add any option renames here, see top of the file ]; diff --git a/nixos/modules/services/networking/dhcpd.nix b/nixos/modules/services/networking/dhcpd.nix deleted file mode 100644 index a981a255c3ee..000000000000 --- a/nixos/modules/services/networking/dhcpd.nix +++ /dev/null @@ -1,230 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - - cfg4 = config.services.dhcpd4; - cfg6 = config.services.dhcpd6; - - writeConfig = postfix: cfg: pkgs.writeText "dhcpd.conf" - '' - default-lease-time 600; - max-lease-time 7200; - ${optionalString (!cfg.authoritative) "not "}authoritative; - ddns-update-style interim; - log-facility local1; # see dhcpd.nix - - ${cfg.extraConfig} - - ${lib.concatMapStrings - (machine: '' - host ${machine.hostName} { - hardware ethernet ${machine.ethernetAddress}; - fixed-address${ - optionalString (postfix == "6") postfix - } ${machine.ipAddress}; - } - '') - cfg.machines - } - ''; - - dhcpdService = postfix: cfg: - let - configFile = - if cfg.configFile != null - then cfg.configFile - else writeConfig postfix cfg; - leaseFile = "/var/lib/dhcpd${postfix}/dhcpd.leases"; - args = [ - "@${pkgs.dhcp}/sbin/dhcpd" "dhcpd${postfix}" "-${postfix}" - "-pf" "/run/dhcpd${postfix}/dhcpd.pid" - "-cf" configFile - "-lf" leaseFile - ] ++ cfg.extraFlags - ++ cfg.interfaces; - in - optionalAttrs cfg.enable { - "dhcpd${postfix}" = { - description = "DHCPv${postfix} server"; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - - preStart = "touch ${leaseFile}"; - serviceConfig = { - ExecStart = concatMapStringsSep " " escapeShellArg args; - Type = "forking"; - Restart = "always"; - DynamicUser = true; - User = "dhcpd"; - Group = "dhcpd"; - AmbientCapabilities = [ - "CAP_NET_RAW" # to send ICMP messages - "CAP_NET_BIND_SERVICE" # to bind on DHCP port (67) - ]; - StateDirectory = "dhcpd${postfix}"; - RuntimeDirectory = "dhcpd${postfix}"; - PIDFile = "/run/dhcpd${postfix}/dhcpd.pid"; - }; - }; - }; - - machineOpts = { ... }: { - - options = { - - hostName = mkOption { - type = types.str; - example = "foo"; - description = lib.mdDoc '' - Hostname which is assigned statically to the machine. - ''; - }; - - ethernetAddress = mkOption { - type = types.str; - example = "00:16:76:9a:32:1d"; - description = lib.mdDoc '' - MAC address of the machine. - ''; - }; - - ipAddress = mkOption { - type = types.str; - example = "192.168.1.10"; - description = lib.mdDoc '' - IP address of the machine. - ''; - }; - - }; - }; - - dhcpConfig = postfix: { - - enable = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Whether to enable the DHCPv${postfix} server. - ''; - }; - - extraConfig = mkOption { - type = types.lines; - default = ""; - example = '' - option subnet-mask 255.255.255.0; - option broadcast-address 192.168.1.255; - option routers 192.168.1.5; - option domain-name-servers 130.161.158.4, 130.161.33.17, 130.161.180.1; - option domain-name "example.org"; - subnet 192.168.1.0 netmask 255.255.255.0 { - range 192.168.1.100 192.168.1.200; - } - ''; - description = lib.mdDoc '' - Extra text to be appended to the DHCP server configuration - file. Currently, you almost certainly need to specify something - there, such as the options specifying the subnet mask, DNS servers, - etc. - ''; - }; - - extraFlags = mkOption { - type = types.listOf types.str; - default = []; - description = lib.mdDoc '' - Additional command line flags to be passed to the dhcpd daemon. - ''; - }; - - configFile = mkOption { - type = types.nullOr types.path; - default = null; - description = lib.mdDoc '' - The path of the DHCP server configuration file. If no file - is specified, a file is generated using the other options. - ''; - }; - - interfaces = mkOption { - type = types.listOf types.str; - default = ["eth0"]; - description = lib.mdDoc '' - The interfaces on which the DHCP server should listen. - ''; - }; - - machines = mkOption { - type = with types; listOf (submodule machineOpts); - default = []; - example = [ - { hostName = "foo"; - ethernetAddress = "00:16:76:9a:32:1d"; - ipAddress = "192.168.1.10"; - } - { hostName = "bar"; - ethernetAddress = "00:19:d1:1d:c4:9a"; - ipAddress = "192.168.1.11"; - } - ]; - description = lib.mdDoc '' - A list mapping Ethernet addresses to IPv${postfix} addresses for the - DHCP server. - ''; - }; - - authoritative = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Whether the DHCP server shall send DHCPNAK messages to misconfigured - clients. If this is not done, clients may be unable to get a correct - IP address after changing subnets until their old lease has expired. - ''; - }; - - }; - -in - -{ - - imports = [ - (mkRenamedOptionModule [ "services" "dhcpd" ] [ "services" "dhcpd4" ]) - ] ++ flip map [ "4" "6" ] (postfix: - mkRemovedOptionModule [ "services" "dhcpd${postfix}" "stateDir" ] '' - The DHCP server state directory is now managed with the systemd's DynamicUser mechanism. - This means the directory is named after the service (dhcpd${postfix}), created under - /var/lib/private/ and symlinked to /var/lib/. - '' - ); - - ###### interface - - options = { - - services.dhcpd4 = dhcpConfig "4"; - services.dhcpd6 = dhcpConfig "6"; - - }; - - - ###### implementation - - config = mkIf (cfg4.enable || cfg6.enable) { - - systemd.services = dhcpdService "4" cfg4 // dhcpdService "6" cfg6; - - warnings = [ - '' - The dhcpd4 and dhcpd6 modules will be removed from NixOS 23.11, because ISC DHCP reached its end of life. - See https://www.isc.org/blogs/isc-dhcp-eol/ for details. - Please switch to a different implementation like kea, systemd-networkd or dnsmasq. - '' - ]; - }; - -} From 993dee10f4a4fe7e73332852946923bd197381db Mon Sep 17 00:00:00 2001 From: ajs124 Date: Tue, 4 Apr 2023 14:19:37 +0200 Subject: [PATCH 3/5] airgeddon: remove optional dhcp dependency because dhcp is being remove from nixpkgs --- pkgs/tools/networking/airgeddon/default.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/pkgs/tools/networking/airgeddon/default.nix b/pkgs/tools/networking/airgeddon/default.nix index 6ef64222fba8..5574a877c0d0 100644 --- a/pkgs/tools/networking/airgeddon/default.nix +++ b/pkgs/tools/networking/airgeddon/default.nix @@ -29,7 +29,6 @@ , bettercap , bully , crunch -, dhcp , dnsmasq , ettercap , hashcat @@ -94,7 +93,6 @@ let wireshark-cli ] ++ lib.optionals supportEvilTwin [ bettercap - dhcp dnsmasq ettercap hostapd From 0d49e0217e5a8062bbf3efbb7a977b354783bef7 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Tue, 20 Jun 2023 21:20:14 +0200 Subject: [PATCH 4/5] blueman: dhcp -> dhcpcd https://github.com/blueman-project/blueman/blob/2.3.5/blueman/main/DhcpClient.py#L19-L23 --- pkgs/tools/bluetooth/blueman/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/bluetooth/blueman/default.nix b/pkgs/tools/bluetooth/blueman/default.nix index cc4f15d1bea8..1fa18703459f 100644 --- a/pkgs/tools/bluetooth/blueman/default.nix +++ b/pkgs/tools/bluetooth/blueman/default.nix @@ -1,5 +1,5 @@ { config, stdenv, lib, fetchurl, intltool, pkg-config, python3Packages, bluez, gtk3 -, obex_data_server, xdg-utils, dnsmasq, dhcp, iproute2 +, obex_data_server, xdg-utils, dnsmasq, dhcpcd, iproute2 , gnome, librsvg, wrapGAppsHook, gobject-introspection , networkmanager, withPulseAudio ? config.pulseaudio or stdenv.isLinux, libpulseaudio }: @@ -40,7 +40,7 @@ in stdenv.mkDerivation rec { ]; makeWrapperArgs = [ - "--prefix PATH ':' ${lib.makeBinPath [ dnsmasq dhcp iproute2 ]}" + "--prefix PATH ':' ${lib.makeBinPath [ dnsmasq dhcpcd iproute2 ]}" "--suffix PATH ':' ${lib.makeBinPath [ xdg-utils ]}" ]; From 9bd4df7c0216b5957c4c07b2e11ae3b3bdbd5b4d Mon Sep 17 00:00:00 2001 From: ajs124 Date: Thu, 29 Jun 2023 02:15:25 +0200 Subject: [PATCH 5/5] google-guest-agent: drop dhcp dependency unused afaict --- pkgs/tools/virtualization/google-guest-agent/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/virtualization/google-guest-agent/default.nix b/pkgs/tools/virtualization/google-guest-agent/default.nix index f34a56f5d143..4e5f7445ef22 100644 --- a/pkgs/tools/virtualization/google-guest-agent/default.nix +++ b/pkgs/tools/virtualization/google-guest-agent/default.nix @@ -1,5 +1,5 @@ { buildGoModule, fetchFromGitHub, lib, coreutils, makeWrapper -, google-guest-configs, google-guest-oslogin, iproute2, dhcp, procps +, google-guest-configs, google-guest-oslogin, iproute2, procps }: buildGoModule rec { @@ -27,7 +27,7 @@ buildGoModule rec { ''; # We don't add `shadow` here; it's added to PATH if `mutableUsers` is enabled. - binPath = lib.makeBinPath [ google-guest-configs google-guest-oslogin iproute2 dhcp procps ]; + binPath = lib.makeBinPath [ google-guest-configs google-guest-oslogin iproute2 procps ]; # Skip tests which require networking. preCheck = ''