chroot problem
Steve Farr
sfarr at rootgroup.com
Sun Aug 9 14:30:09 UTC 2009
I read the posts below, but am having a slightly different issue with
dhcp-4.1.0p1 and was hoping someone could help... I compiled with
--enable-paranoia --disable-dhcpv6, and am running on CentOS 5 w/ kernel
2.6.18-128.2.1.el5-x86+AF8-64 and gcc-4.1.2-44.el5. I am able to start dhcpd with
either the actual file, /proc/net/dev, copied into my chroot jail at
/chroot/dhcpd, or with the proc filesystem mounted at /chroot/dhcpd/proc +IBM-
either is fine. However, when I reboot the server, dhcpd will not start from
its rc3.d script. It throws the following error:
Aug 7 17:20:58 inres02 dhcpd: chroot(+ACI-/chroot/dhcpd+ACI-): Permission denied
But, if I just log on to the server a minute later and do +IBw-service dhcpd
start+IB0- or +IBw-/etc/init.d/dhcpd start+IB0- the service comes right up with no
problems. Does anyone have any suggestions?
-Steve
+ACoAKgAqACoAKgAqACoAKgAqACoAKgAqACoAKgAqACoAKgAqACoAKgAqACoAKgAqACoAKg-
Niall,
Thanks for your help. I was able to resolve the issue by creating
/proc/net within the chroot jail and copying dev and if+AF8-inet6 there.
Chris Vaughan
-----Original Message-----
From: +ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4- dhcp-users-bounces
at lists.isc.org
+AFs-mailto: +ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4-
dhcp-users-bounces at lists.isc.org+AF0- On Behalf Of
+ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4- dhcp-users-request at
lists.isc.org
Sent: Thursday, 15 January 2009 8:19 PM
To: +ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4- dhcp-users at
lists.isc.org
Subject: dhcp-users Digest, Vol 3, Issue 20
Send dhcp-users mailing list submissions to
+ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4- dhcp-users at
lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit
+ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4-
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
+ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4-
dhcp-users-request at lists.isc.org
You can reach the person managing the list at
+ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4- dhcp-users-owner
at lists.isc.org
When replying, please edit your Subject line so it is more specific
than +ACI-Re: Contents of dhcp-users digest...+ACI-
Today's Topics:
1. Re: Chroot issue (Niall O'Reilly)
2. Re: Shared Network (
+ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4- mattf at etex.net)
3. Restart Problem - segfault ... error 15 (Tarik Gasmi)
4. Match if substring ... (Matej)
5. Re: Match if substring ... (Matej)
6. List archives... (E Johnson)
7. RE: List archives... (Frank Bulk - iName.com)
8. lease file: Bad file descriptor, Broken pipe (Rudy Gevaert)
----------------------------------------------------------------------
Message: 1
Date: Wed, 14 Jan 2009 13:01:42 +-0000
From: Niall O'Reilly +ADw- +ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4-
Niall.oReilly at ucd.ie+AD4-
Subject: Re: Chroot issue
To: Users of ISC DHCP +ADw- +ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4-
dhcp-users at lists.isc.org+AD4-
Cc: +ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4- Niall.oReilly at
ucd.ie
Message-ID: +ADw- +ADw-https://lists.isc.org/mailman/listinfo/dhcp-users+AD4-
1231938102.6843.101.camel at d410-heron+AD4-
Content-Type: text/plain
On Wed, 2009-01-14 at 13:40 +-1100, Chris Vaughan wrote:
+AD4- I have compiled ISC DHCP 4.1.0 on CentOS 5 with the --enable-paranoia
+AD4- and -enable-early-chroot
I expect that '--enable-early-chroot' is significant.
+AD4- options, when I go to start this to run in a
+AD4- chroot jail, I am confronted with an error, as follows.
+AD4-
+AD4- dhcpd -chroot /var/dhcp -user dhcp -group dhcp
+AD4- Internet Systems Consortium DHCP Server 4.1.0
+AD4- Copyright 2004-2008 Internet Systems Consortium.
+AD4- All rights reserved.
+AD4- For info, please visit +ADw-http://www.isc.org/sw/dhcp/+AD4-
http://www.isc.org/sw/dhcp/
+AD4- Wrote 0 leases to leases file.
+AD4- Error opening '/proc/net/dev' to list interfaces
+AD4- Can't get list of interfaces.
Reference to /proc/... is relative to your current file-system
root. That's to say that dhcpd is looking for
/var/dhcp/proc/..., which very likely doesn't exist.
I've used Edelkind's 'paranoia patch' for years, and am very
pleased that ISC have integrated it into their release, not
least because I nagged for it. Although I haven't any
experience yet with 4.1, I suspect that you can avoid the
problem by disabling the 'early' chroot. The idea is (or used
to be) that any tasks which would fail due to the relevant file
systems being unavailable after chroot are done before a 'late'
chroot.
Otherwise, you'll need to mount the /proc filesystem also at
/var/dhcp/proc. You may also need some of the files below /dev.
Best regards
Niall O'Reilly
University College Dublin IT Services
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https:+AC8ALw-lists.isc.org+AC8-pipermail+AC8-dhcp-users+AC8-attachments+AC8-20090809+AC8-d66d0d82+AC8-attachment.html>
More information about the dhcp-users
mailing list