Date: Thu, 22 Oct 2009 19:40:02 GMT From: Josh Paetzel <jpaetzel@FreeBSD.org> To: freebsd-doc@FreeBSD.org Subject: Re: docs/132260: dhcpd(8) pid not stored in documented location Message-ID: <200910221940.n9MJe26L066702@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR docs/132260; it has been noted by GNATS. From: Josh Paetzel <jpaetzel@FreeBSD.org> To: Daniel Feenberg <feenberg@nber.org> Cc: bug-followup@FreeBSD.org, Giorgos Keramidas <keramida@FreeBSD.org> Subject: Re: docs/132260: dhcpd(8) pid not stored in documented location Date: Thu, 22 Oct 2009 14:33:42 -0500 On Oct 22, 2009, at 1:43 PM, Daniel Feenberg wrote: > > > On Thu, 22 Oct 2009, Josh Paetzel wrote: > >> The reason that it puts the pidfile in /var/run/dhcpd is that you >> are running with either paranoia or chmodded as the dhcpd user. In >> either case it can't write to /var/run as it starts up as the dhcpd >> user. > > If you say so. > >> >> If you look at the ownership of /var/run/dhcpd you'll see it is >> owned by dhcpd:dhcpd > > Yes > >> >> If you run as root, or without paranoia it will in fact create the >> pidfile in /var/run/ > > I do run dhcpd as root and without paranoia, so I question this > claim. If the daemon changes its uid for security purposes, I have > no objection (although there is no mention of this on the man page) > but why not fill in /var/run as documented before dropping > priviledges? > >ls -lah /var/run/dhcpd.pid -rw-r--r-- 1 root wheel 6B Oct 22 12:18 /var/run/dhcpd.pid The FreeBSD version of ISC-DHCP is heavily patched. The man page is straight from ISC, so it doesn't cover a lot of things, for instance the mangling that is done to run in a jail. I haven't had a chance to fully analyze the startup script (which is also FreeBSD specific of course) I suspect that the reason /var/run/dhcpd.pid isn't always used is there is code being shared that concerns the chroot option. It could be that the use case you are encountering is a bug, maybe it should be writing to /var/run/dhcpd.pid and it isn't by mistake. >> >> I suppose we could patch the man pages depending on the compilation >> options or something. >> > > No need for anything so elaborate. You could just add a fourth file > path to the list of files used. > > Thanks for having a look. It isn't a big deal and I thought I was > helping. > > Daniel Feenberg > > Getting the path correct depends on compile time options. If you select PARANOIA from the menu when you build this port (which is the default) (or use the package) it will use /var/run/dhcpd/dhcpd.conf Could you provide me with the output of cat /var/db/ports/isc-dhcp30- server/options please? If you are using a package there won't be an options file. I'd also be interested in whatever settings you have in /etc/rc.conf that are relevant to the dhcpd so I can try and duplicate this locally. Clearly the documentation does not match actual behavior in some instances. I'd like to fix that, and I appreciate you pointing it out. Thanks, Josh Paetzel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200910221940.n9MJe26L066702>