diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc index 136474c3f..b63c1e2f1 100644 --- a/src/etc/inc/services.inc +++ b/src/etc/inc/services.inc @@ -1324,7 +1324,8 @@ EOD; /* fire up dhcpd in a chroot */ if (count($dhcpdv6ifs) > 0) { mwexec('/usr/local/sbin/dhcpd -6 -user dhcpd -group dhcpd -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid ' . join(' ', $dhcpdv6ifs)); - mwexec('/usr/local/sbin/dhcpleases6 -c "/usr/local/sbin/prefixes.php|/bin/sh" -l /var/dhcpd/var/db/dhcpd6.leases'); + /* XXX prefixes.php is a backend script we must priv-sep! */ + mwexec('/usr/local/sbin/dhcpleases6 -c /usr/local/opnsense/scripts/dhcp/prefixes.php -l /var/dhcpd/var/db/dhcpd6.leases'); } if ($verbose) { diff --git a/src/opnsense/scripts/dhcp/prefixes.php b/src/opnsense/scripts/dhcp/prefixes.php index a852c4a66..870473aa3 100755 --- a/src/opnsense/scripts/dhcp/prefixes.php +++ b/src/opnsense/scripts/dhcp/prefixes.php @@ -1,6 +1,8 @@ #!/usr/local/bin/php 0) { foreach ($routes as $address => $prefix) { - echo "/sbin/route delete -inet6 {$prefix} {$address}\n"; - echo "/sbin/route add -inet6 {$prefix} {$address}\n"; + mwexecf('/sbin/route delete -inet6 %s %s', array($prefix, $address)); + mwexecf('/sbin/route add -inet6 %s %s', array($prefix, $address)); } } @@ -88,11 +88,10 @@ foreach ($clog as $line) { array_shift($clog); } -// echo "remove routes\n"; if (count($expires) > 0) { foreach ($expires as $prefix) { if (isset($prefix['prefix'])) { - echo "/sbin/route delete -inet6 {$prefix['prefix']}\n"; + mwexecf('/sbin/route delete -inet6 %s', array($prefix['prefix'])); } } }