docs/132260: dhcpd(8) pid not stored in documented location
Daniel Feenberg
feenberg at nber.org
Thu Oct 22 22:50:03 UTC 2009
The following reply was made to PR docs/132260; it has been noted by GNATS.
From: Daniel Feenberg <feenberg at nber.org>
To: Josh Paetzel <jpaetzel at FreeBSD.org>
Cc: bug-followup at FreeBSD.org, Giorgos Keramidas <keramida at FreeBSD.org>
Subject: Re: docs/132260: dhcpd(8) pid not stored in documented location
Date: Thu, 22 Oct 2009 18:37:13 -0400 (EDT)
I think I will drop out of this discussion now, as it seems likely to go
over my head, and we are upgrading to 8.0 next month, and I never meant to
make trouble. If paranoia was the default, then I expect it was set for
our installation - I wasn't aware of that. I thought there was a minor
documentation slip, and thought it would be useful to file a report. I am
not qualified to do much more than that, although I do wonder at the
desirability of accepting patches to the code without requiring equivalent
patches to the documentation.
Sorry for butting in on matters I don't understand.
Daniel Feenberg
On Thu, 22 Oct 2009, Josh Paetzel wrote:
>
> On Oct 22, 2009, at 1:43 PM, Daniel Feenberg wrote:
>
>>
>>
>> On Thu, 22 Oct 2009, Josh Paetzel wrote:
>>
>>> The reason that it puts the pidfile in /var/run/dhcpd is that you are
>>> running with either paranoia or chmodded as the dhcpd user. In either
>>> case it can't write to /var/run as it starts up as the dhcpd user.
>>
>> If you say so.
>>
>>>
>>> If you look at the ownership of /var/run/dhcpd you'll see it is owned by
>>> dhcpd:dhcpd
>>
>> Yes
>>
>>>
>>> If you run as root, or without paranoia it will in fact create the pidfile
>>> in /var/run/
>>
>> I do run dhcpd as root and without paranoia, so I question this claim. If
>> the daemon changes its uid for security purposes, I have no objection
>> (although there is no mention of this on the man page) but why not fill in
>> /var/run as documented before dropping priviledges?
>>
>
>> ls -lah /var/run/dhcpd.pid
> -rw-r--r-- 1 root wheel 6B Oct 22 12:18 /var/run/dhcpd.pid
>
> The FreeBSD version of ISC-DHCP is heavily patched. The man page is
> straight from ISC, so it doesn't cover a lot of things, for instance the
> mangling that is done to run in a jail. I haven't had a chance to fully
> analyze the startup script (which is also FreeBSD specific of course) I
> suspect that the reason /var/run/dhcpd.pid isn't always used is there is code
> being shared that concerns the chroot option. It could be that the use case
> you are encountering is a bug, maybe it should be writing to
> /var/run/dhcpd.pid and it isn't by mistake.
>
>
>>>
>>> I suppose we could patch the man pages depending on the compilation
>>> options or something.
>>>
>>
>> No need for anything so elaborate. You could just add a fourth file path to
>> the list of files used.
>>
>> Thanks for having a look. It isn't a big deal and I thought I was helping.
>>
>> Daniel Feenberg
>>
>>
>
> Getting the path correct depends on compile time options. If you select
> PARANOIA from the menu when you build this port (which is the default) (or
> use the package) it will use /var/run/dhcpd/dhcpd.conf
>
> Could you provide me with the output of cat
> /var/db/ports/isc-dhcp30-server/options please? If you are using a package
> there won't be an options file. I'd also be interested in whatever settings
> you have in /etc/rc.conf that are relevant to the dhcpd so I can try and
> duplicate this locally.
>
> Clearly the documentation does not match actual behavior in some instances.
> I'd like to fix that, and I appreciate you pointing it out.
>
> Thanks,
>
> Josh Paetzel
>
>
>
More information about the freebsd-doc
mailing list