DHCP Server V3.0.5 No BPF under chroot. Works normally
otherwise.
Kelly D. Grills
kdgrills at the-grills.com
Wed Mar 7 02:35:03 UTC 2007
On Tue, Mar 06, 2007 at 07:03:35PM -0600, Martin McCormick wrote:
>
> I found some cook-book instructions for running dhcpd in
> a chroot environment. The article is 4 years old and appears to
> be set up for FreeBSD5x, but it isn't far off for FreeBSD6.2
> which is what I need dhcpd to run on.
>
I run isc-dhcp3-server-3.0.5 from ports, started from /etc/rc.conf with the
following options:
dhcpd_enable="YES" # dhcpd enabled?
dhcpd_flags="-q" # command option(s)
dhcpd_conf="/usr/local/etc/dhcpd.conf" # configuration file
dhcpd_ifaces="" # ethernet interface(s)
dhcpd_withumask="022" # file creation mask
dhcpd_chuser_enable="YES" # runs w/o privileges?
dhcpd_withuser="dhcpd" # user name to run as
dhcpd_withgroup="dhcpd" # group name to run as
dhcpd_chroot_enable="YES" # runs chrooted?
dhcpd_devfs_enable="YES" # use devfs if available?
dhcpd_rootdir="/var/db/dhcpd" # directory to run in
dhcpd_includedir="" # directory with config-
Here's the full pkg-message:
[root at srv2]/usr/ports/net/isc-dhcp3-server $ make display-message
**** To setup dhcpd, you may have to copy /usr/local/etc/dhcpd.conf.sample
to /usr/local/etc/dhcpd.conf for editing.
**** This port installs dhcp daemon, but don't invokes dhcpd by default. If
you want to invoke dhcpd at startup, put these lines into /etc/rc.conf.
dhcpd_enable="YES" # dhcpd enabled?
dhcpd_flags="-q" # command option(s)
dhcpd_conf="/usr/local/etc/dhcpd.conf" # configuration file
dhcpd_ifaces="" # ethernet interface(s)
dhcpd_withumask="022" # file creation mask
**** If compiled with paranoia support (the default), the following lines
are also supported:
dhcpd_chuser_enable="YES" # runs w/o privileges?
dhcpd_withuser="dhcpd" # user name to run as
dhcpd_withgroup="dhcpd" # group name to run as
dhcpd_chroot_enable="YES" # runs chrooted?
dhcpd_devfs_enable="YES" # use devfs if available?
dhcpd_makedev_enable="YES" # use MAKEDEV instead?
dhcpd_rootdir="/var/db/dhcpd" # directory to run in
dhcpd_includedir="<some_dir>" # directory with config-
files to include
dhcpd_flags="-early_chroot" # needs full root
WARNING: -early_chroot requires a jail(8) like environment to work.
WARNING: dhcpd_devfs_enable and dhcpd_makedev_enable are mutually
exclusive
dhcpd_makedev_enable make NO sense on FreeBSD 5.x and up!
**** If compiled with jail support (the default), the following lines are
also supported (-early_chroot and dhcpd_chroot_enable=YES are implied):
dhcpd_jail_enable="YES" # runs imprisoned?
dhcpd_hostname="<hostname>" # jail hostname
dhcpd_ipaddress="<ip address>" # jail ip address
WARNING: dhcpd_rootdir needs to point to a full jail(8) environment.
**** WARNING: never edit the chrooted or jailed dhcpd.conf file but
/usr/local/etc/dhcpd.conf instead which is always copied where
needed upon startup.
**** WARNING: /usr/local/etc/rc.isc-dhcpd.conf is obsolete. rc.conf like
variables are still read there but should be moved /etc/rc.conf or
/etc/rc.conf.d/dhcpd instead. Also, the dhcpd_options variable must
be renamed dhcpd_flags if any.
--
Kelly D. Grills
kdgrills at the-grills.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 243 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20070307/84153e02/attachment.pgp
More information about the freebsd-questions
mailing list