Merge pull request #224635 from helsinki-systems/drop/dhcpd

dhcpd: remove

12 files changed, 17 insertions, 354 deletions

diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md
index 80b2066582a37..593298af9fd13 100644
--- a/nixos/doc/manual/release-notes/rl-2311.section.md
+++ b/nixos/doc/manual/release-notes/rl-2311.section.md
@@ -76,6 +76,8 @@
 
 - PHP now defaults to PHP 8.2, updated from 8.1.
 
+- The ISC DHCP package and corresponding module have been removed, because they are end of life upstream. See https://www.isc.org/blogs/isc-dhcp-eol/ for details and switch to a different DHCP implementation like kea or dnsmasq.
+
 - `util-linux` is now supported on Darwin and is no longer an alias to `unixtools`. Use the `unixtools.util-linux` package for access to the Apple variants of the utilities.
 
 - `services.keyd` changed API. Now you can create multiple configuration files.
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 0d4369cc3f152..29fcabaefad51 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -865,7 +865,6 @@
   ./services/networking/croc.nix
   ./services/networking/dante.nix
   ./services/networking/dhcpcd.nix
-  ./services/networking/dhcpd.nix
   ./services/networking/dnscache.nix
   ./services/networking/dnscrypt-proxy2.nix
   ./services/networking/dnscrypt-wrapper.nix
diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix
index a32d433bbddee..45014ed3c68ee 100644
--- a/nixos/modules/rename.nix
+++ b/nixos/modules/rename.nix
@@ -114,6 +114,16 @@ in
     (mkRemovedOptionModule [ "services" "rtsp-simple-server" ] "Package has been completely rebranded by upstream as mediamtx, and thus the service and the package were renamed in NixOS as well.")
 
     (mkRemovedOptionModule [ "i18n" "inputMethod" "fcitx" ] "The fcitx module has been removed. Please use fcitx5 instead")
+    (mkRemovedOptionModule [ "services" "dhcpd4" ] ''
+      The dhcpd4 module has been removed because ISC DHCP reached its end of life.
+      See https://www.isc.org/blogs/isc-dhcp-eol/ for details.
+      Please switch to a different implementation like kea or dnsmasq.
+    '')
+    (mkRemovedOptionModule [ "services" "dhcpd6" ] ''
+      The dhcpd6 module has been removed because ISC DHCP reached its end of life.
+      See https://www.isc.org/blogs/isc-dhcp-eol/ for details.
+      Please switch to a different implementation like kea or dnsmasq.
+    '')
 
     # Do NOT add any option renames here, see top of the file
   ];
diff --git a/nixos/modules/services/networking/dhcpd.nix b/nixos/modules/services/networking/dhcpd.nix
deleted file mode 100644
index a981a255c3eea..0000000000000
--- a/nixos/modules/services/networking/dhcpd.nix
+++ /dev/null
@@ -1,230 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
-
-  cfg4 = config.services.dhcpd4;
-  cfg6 = config.services.dhcpd6;
-
-  writeConfig = postfix: cfg: pkgs.writeText "dhcpd.conf"
-    ''
-      default-lease-time 600;
-      max-lease-time 7200;
-      ${optionalString (!cfg.authoritative) "not "}authoritative;
-      ddns-update-style interim;
-      log-facility local1; # see dhcpd.nix
-
-      ${cfg.extraConfig}
-
-      ${lib.concatMapStrings
-          (machine: ''
-            host ${machine.hostName} {
-              hardware ethernet ${machine.ethernetAddress};
-              fixed-address${
-                optionalString (postfix == "6") postfix
-              } ${machine.ipAddress};
-            }
-          '')
-          cfg.machines
-      }
-    '';
-
-  dhcpdService = postfix: cfg:
-    let
-      configFile =
-        if cfg.configFile != null
-          then cfg.configFile
-          else writeConfig postfix cfg;
-      leaseFile = "/var/lib/dhcpd${postfix}/dhcpd.leases";
-      args = [
-        "@${pkgs.dhcp}/sbin/dhcpd" "dhcpd${postfix}" "-${postfix}"
-        "-pf" "/run/dhcpd${postfix}/dhcpd.pid"
-        "-cf" configFile
-        "-lf" leaseFile
-      ] ++ cfg.extraFlags
-        ++ cfg.interfaces;
-    in
-      optionalAttrs cfg.enable {
-        "dhcpd${postfix}" = {
-          description = "DHCPv${postfix} server";
-          wantedBy = [ "multi-user.target" ];
-          after = [ "network.target" ];
-
-          preStart = "touch ${leaseFile}";
-          serviceConfig = {
-            ExecStart = concatMapStringsSep " " escapeShellArg args;
-            Type = "forking";
-            Restart = "always";
-            DynamicUser = true;
-            User = "dhcpd";
-            Group = "dhcpd";
-            AmbientCapabilities = [
-              "CAP_NET_RAW"          # to send ICMP messages
-              "CAP_NET_BIND_SERVICE" # to bind on DHCP port (67)
-            ];
-            StateDirectory   = "dhcpd${postfix}";
-            RuntimeDirectory = "dhcpd${postfix}";
-            PIDFile = "/run/dhcpd${postfix}/dhcpd.pid";
-          };
-        };
-      };
-
-  machineOpts = { ... }: {
-
-    options = {
-
-      hostName = mkOption {
-        type = types.str;
-        example = "foo";
-        description = lib.mdDoc ''
-          Hostname which is assigned statically to the machine.
-        '';
-      };
-
-      ethernetAddress = mkOption {
-        type = types.str;
-        example = "00:16:76:9a:32:1d";
-        description = lib.mdDoc ''
-          MAC address of the machine.
-        '';
-      };
-
-      ipAddress = mkOption {
-        type = types.str;
-        example = "192.168.1.10";
-        description = lib.mdDoc ''
-          IP address of the machine.
-        '';
-      };
-
-    };
-  };
-
-  dhcpConfig = postfix: {
-
-    enable = mkOption {
-      type = types.bool;
-      default = false;
-      description = lib.mdDoc ''
-        Whether to enable the DHCPv${postfix} server.
-      '';
-    };
-
-    extraConfig = mkOption {
-      type = types.lines;
-      default = "";
-      example = ''
-        option subnet-mask 255.255.255.0;
-        option broadcast-address 192.168.1.255;
-        option routers 192.168.1.5;
-        option domain-name-servers 130.161.158.4, 130.161.33.17, 130.161.180.1;
-        option domain-name "example.org";
-        subnet 192.168.1.0 netmask 255.255.255.0 {
-          range 192.168.1.100 192.168.1.200;
-        }
-      '';
-      description = lib.mdDoc ''
-        Extra text to be appended to the DHCP server configuration
-        file. Currently, you almost certainly need to specify something
-        there, such as the options specifying the subnet mask, DNS servers,
-        etc.
-      '';
-    };
-
-    extraFlags = mkOption {
-      type = types.listOf types.str;
-      default = [];
-      description = lib.mdDoc ''
-        Additional command line flags to be passed to the dhcpd daemon.
-      '';
-    };
-
-    configFile = mkOption {
-      type = types.nullOr types.path;
-      default = null;
-      description = lib.mdDoc ''
-        The path of the DHCP server configuration file.  If no file
-        is specified, a file is generated using the other options.
-      '';
-    };
-
-    interfaces = mkOption {
-      type = types.listOf types.str;
-      default = ["eth0"];
-      description = lib.mdDoc ''
-        The interfaces on which the DHCP server should listen.
-      '';
-    };
-
-    machines = mkOption {
-      type = with types; listOf (submodule machineOpts);
-      default = [];
-      example = [
-        { hostName = "foo";
-          ethernetAddress = "00:16:76:9a:32:1d";
-          ipAddress = "192.168.1.10";
-        }
-        { hostName = "bar";
-          ethernetAddress = "00:19:d1:1d:c4:9a";
-          ipAddress = "192.168.1.11";
-        }
-      ];
-      description = lib.mdDoc ''
-        A list mapping Ethernet addresses to IPv${postfix} addresses for the
-        DHCP server.
-      '';
-    };
-
-    authoritative = mkOption {
-      type = types.bool;
-      default = true;
-      description = lib.mdDoc ''
-        Whether the DHCP server shall send DHCPNAK messages to misconfigured
-        clients. If this is not done, clients may be unable to get a correct
-        IP address after changing subnets until their old lease has expired.
-      '';
-    };
-
-  };
-
-in
-
-{
-
-  imports = [
-    (mkRenamedOptionModule [ "services" "dhcpd" ] [ "services" "dhcpd4" ])
-  ] ++ flip map [ "4" "6" ] (postfix:
-    mkRemovedOptionModule [ "services" "dhcpd${postfix}" "stateDir" ] ''
-      The DHCP server state directory is now managed with the systemd's DynamicUser mechanism.
-      This means the directory is named after the service (dhcpd${postfix}), created under
-      /var/lib/private/ and symlinked to /var/lib/.
-    ''
-  );
-
-  ###### interface
-
-  options = {
-
-    services.dhcpd4 = dhcpConfig "4";
-    services.dhcpd6 = dhcpConfig "6";
-
-  };
-
-
-  ###### implementation
-
-  config = mkIf (cfg4.enable || cfg6.enable) {
-
-    systemd.services = dhcpdService "4" cfg4 // dhcpdService "6" cfg6;
-
-    warnings = [
-      ''
-        The dhcpd4 and dhcpd6 modules will be removed from NixOS 23.11, because ISC DHCP reached its end of life.
-        See https://www.isc.org/blogs/isc-dhcp-eol/ for details.
-        Please switch to a different implementation like kea, systemd-networkd or dnsmasq.
-      ''
-    ];
-  };
-
-}
diff --git a/pkgs/tools/bluetooth/blueman/default.nix b/pkgs/tools/bluetooth/blueman/default.nix
index cc4f15d1bea8a..1fa18703459f3 100644
--- a/pkgs/tools/bluetooth/blueman/default.nix
+++ b/pkgs/tools/bluetooth/blueman/default.nix
@@ -1,5 +1,5 @@
 { config, stdenv, lib, fetchurl, intltool, pkg-config, python3Packages, bluez, gtk3
-, obex_data_server, xdg-utils, dnsmasq, dhcp, iproute2
+, obex_data_server, xdg-utils, dnsmasq, dhcpcd, iproute2
 , gnome, librsvg, wrapGAppsHook, gobject-introspection
 , networkmanager, withPulseAudio ? config.pulseaudio or stdenv.isLinux, libpulseaudio }:
 
@@ -40,7 +40,7 @@ in stdenv.mkDerivation rec {
   ];
 
   makeWrapperArgs = [
-    "--prefix PATH ':' ${lib.makeBinPath [ dnsmasq dhcp iproute2 ]}"
+    "--prefix PATH ':' ${lib.makeBinPath [ dnsmasq dhcpcd iproute2 ]}"
     "--suffix PATH ':' ${lib.makeBinPath [ xdg-utils ]}"
   ];
 
diff --git a/pkgs/tools/networking/airgeddon/default.nix b/pkgs/tools/networking/airgeddon/default.nix
index 6ef64222fba84..5574a877c0d05 100644
--- a/pkgs/tools/networking/airgeddon/default.nix
+++ b/pkgs/tools/networking/airgeddon/default.nix
@@ -29,7 +29,6 @@
 , bettercap
 , bully
 , crunch
-, dhcp
 , dnsmasq
 , ettercap
 , hashcat
@@ -94,7 +93,6 @@ let
     wireshark-cli
   ] ++ lib.optionals supportEvilTwin [
     bettercap
-    dhcp
     dnsmasq
     ettercap
     hostapd
diff --git a/pkgs/tools/networking/dhcp/default.nix b/pkgs/tools/networking/dhcp/default.nix
deleted file mode 100644
index 1d07843cc48b1..0000000000000
--- a/pkgs/tools/networking/dhcp/default.nix
+++ /dev/null
@@ -1,102 +0,0 @@
-{ stdenv, fetchurl, perl, file, nettools, iputils, iproute2, makeWrapper
-, coreutils, gnused, openldap ? null
-, buildPackages, lib
-
-# client and relay are end of life, remove after 4.4.3
-, withClient ? false
-, withRelay ? false
-}:
-
-stdenv.mkDerivation rec {
-  pname = "dhcp";
-  version = "4.4.3-P1";
-
-  src = fetchurl {
-    url = "https://ftp.isc.org/isc/dhcp/${version}/${pname}-${version}.tar.gz";
-    sha256 = "sha256-CsQWu1WZfKhjIXT9EHN/1hzbjbonUhYKM1d1vCHcc8c=";
-  };
-
-  patches =
-    [
-      # Make sure that the hostname gets set on reboot.  Without this
-      # patch, the hostname doesn't get set properly if the old
-      # hostname (i.e. before reboot) is equal to the new hostname.
-      ./set-hostname.patch
-    ];
-
-  nativeBuildInputs = [ perl makeWrapper ];
-
-  buildInputs = [ openldap ];
-
-  depsBuildBuild = [ buildPackages.stdenv.cc ];
-
-  configureFlags = [
-    "--enable-failover"
-    "--enable-execute"
-    "--enable-tracing"
-    "--enable-delayed-ack"
-    "--enable-dhcpv6"
-    "--enable-paranoia"
-    "--enable-early-chroot"
-    "--sysconfdir=/etc"
-    "--localstatedir=/var"
-  ] ++ lib.optional stdenv.isLinux "--with-randomdev=/dev/random"
-    ++ lib.optionals (openldap != null) [ "--with-ldap" "--with-ldapcrypto" ]
-    ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "BUILD_CC=$(CC_FOR_BUILD)";
-
-  env.NIX_CFLAGS_COMPILE = builtins.toString [
-    "-Wno-error=pointer-compare"
-    "-Wno-error=format-truncation"
-    "-Wno-error=stringop-truncation"
-    "-Wno-error=format-overflow"
-    "-Wno-error=stringop-overflow=8"
-  ];
-
-  installFlags = [ "DESTDIR=\${out}" ];
-
-  postInstall =
-    ''
-      mv $out/$out/* $out
-      DIR=$out/$out
-      while rmdir $DIR 2>/dev/null; do
-        DIR="$(dirname "$DIR")"
-      done
-
-      cp client/scripts/linux $out/sbin/dhclient-script
-      substituteInPlace $out/sbin/dhclient-script \
-        --replace /sbin/ip ${iproute2}/sbin/ip
-      wrapProgram "$out/sbin/dhclient-script" --prefix PATH : \
-        "${nettools}/bin:${nettools}/sbin:${iputils}/bin:${coreutils}/bin:${gnused}/bin"
-    '' + lib.optionalString (!withClient) ''
-      rm $out/sbin/{dhclient,dhclient-script,.dhclient-script-wrapped}
-    '' + lib.optionalString (!withRelay) ''
-      rm $out/sbin/dhcrelay
-    '';
-
-  preConfigure =
-    ''
-      substituteInPlace configure --replace "/usr/bin/file" "${file}/bin/file"
-      sed -i "includes/dhcpd.h" \
-          -e "s|^ *#define \+_PATH_DHCLIENT_SCRIPT.*$|#define _PATH_DHCLIENT_SCRIPT \"$out/sbin/dhclient-script\"|g"
-
-      export AR='${stdenv.cc.bintools.bintools}/bin/${stdenv.cc.targetPrefix}ar'
-    '';
-
-  enableParallelBuilding = true;
-
-  meta = with lib; {
-    description = "Dynamic Host Configuration Protocol (DHCP) tools";
-
-    longDescription = ''
-      ISC's Dynamic Host Configuration Protocol (DHCP) distribution
-      provides a freely redistributable reference implementation of
-      all aspects of DHCP, through a suite of DHCP tools: server,
-      client, and relay agent.
-   '';
-
-    homepage = "https://www.isc.org/dhcp/";
-    license = licenses.mpl20;
-    platforms = platforms.unix;
-    knownVulnerabilities = lib.optional (withClient || withRelay) "The client and relay component of the dhcp package have reached their end of life";
-  };
-}
diff --git a/pkgs/tools/networking/dhcp/set-hostname.patch b/pkgs/tools/networking/dhcp/set-hostname.patch
deleted file mode 100644
index 7aa9d08145144..0000000000000
--- a/pkgs/tools/networking/dhcp/set-hostname.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/client/scripts/linux	2010-09-15 00:49:48.000000000 +0200
-+++ b/client/scripts/linux	2011-04-01 16:08:10.984372269 +0200
-@@ -133,9 +133,7 @@
-            [ "$current_hostname" = '(none)' ] ||
-            [ "$current_hostname" = 'localhost' ] ||
-            [ "$current_hostname" = "$old_host_name" ]; then
--           if [ "$new_host_name" != "$old_host_name" ]; then
--               hostname "$new_host_name"
--           fi
-+           hostname "$new_host_name"
-         fi
-     fi
diff --git a/pkgs/tools/virtualization/google-guest-agent/default.nix b/pkgs/tools/virtualization/google-guest-agent/default.nix
index d22d7be395054..bf53f43a5731b 100644
--- a/pkgs/tools/virtualization/google-guest-agent/default.nix
+++ b/pkgs/tools/virtualization/google-guest-agent/default.nix
@@ -1,5 +1,5 @@
 { buildGoModule, fetchFromGitHub, lib, coreutils, makeWrapper
-, google-guest-configs, google-guest-oslogin, iproute2, dhcp, procps
+, google-guest-configs, google-guest-oslogin, iproute2, procps
 }:
 
 buildGoModule rec {
@@ -27,7 +27,7 @@ buildGoModule rec {
   '';
 
   # We don't add `shadow` here; it's added to PATH if `mutableUsers` is enabled.
-  binPath = lib.makeBinPath [ google-guest-configs google-guest-oslogin iproute2 dhcp procps ];
+  binPath = lib.makeBinPath [ google-guest-configs google-guest-oslogin iproute2 procps ];
 
   # Skip tests which require networking.
   preCheck = ''
diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix
index 87a8d3e674504..b68a0f55dad17 100644
--- a/pkgs/top-level/aliases.nix
+++ b/pkgs/top-level/aliases.nix
@@ -399,6 +399,7 @@ mapAliases ({
   devserver = throw "'devserver' has been removed in favor of 'miniserve' or other alternatives"; # Added 2023-01-13
   dfu-util-axoloti = throw "dfu-util-axoloti has been removed: abandoned by upstream"; # Added 2022-05-13
   dhall-text = throw "'dhall-text' has been deprecated in favor of the 'dhall text' command from 'dhall'"; # Added 2022-03-26
+  dhcp = throw "dhcp (ISC DHCP) has been removed from nixpkgs, because it reached its end of life"; # Added 2023-04-04
   digikam5 = throw "'digikam5' has been renamed to/replaced by 'digikam'"; # Converted to throw 2022-02-22
   dirmngr = throw "dirmngr has been removed: merged into gnupg"; # Added 2022-05-13
   disper = throw "disper has been removed: abandoned by upstream"; # Added 2022-03-18
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index bc20f46ac2c88..5d02f6dc85578 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -7232,8 +7232,6 @@ with pkgs;
 
   dnsx = callPackage ../tools/security/dnsx { };
 
-  dhcp = callPackage ../tools/networking/dhcp { };
-
   dhcpdump = callPackage ../tools/networking/dhcpdump { };
 
   dhcpcd = callPackage ../tools/networking/dhcpcd { };
diff --git a/pkgs/top-level/release-small.nix b/pkgs/top-level/release-small.nix
index f2cc7ae471a42..37ef0a50c260a 100644
--- a/pkgs/top-level/release-small.nix
+++ b/pkgs/top-level/release-small.nix
@@ -36,7 +36,6 @@ with import ./release-lib.nix { inherit supportedSystems nixpkgsArgs; };
   cron = linux;
   cups = linux;
   dbus = linux;
-  dhcp = linux;
   diffutils = all;
   e2fsprogs = linux;
   emacs = linux;