Chroot issue

Niall O'Reilly Niall.oReilly at ucd.ie
Wed Jan 14 13:01:42 UTC 2009


On Wed, 2009-01-14 at 13:40 +1100, Chris Vaughan wrote:
> I have compiled ISC DHCP 4.1.0 on CentOS 5 with the --enable-paranoia
> and -enable-early-chroot 

	I expect that '--enable-early-chroot' is significant.

> options, when I go to start this to run in a
> chroot jail, I am confronted with an error, as follows.
> 
> dhcpd -chroot /var/dhcp -user dhcp -group dhcp
> Internet Systems Consortium DHCP Server 4.1.0
> Copyright 2004-2008 Internet Systems Consortium.
> All rights reserved.
> For info, please visit http://www.isc.org/sw/dhcp/
> Wrote 0 leases to leases file.
> Error opening '/proc/net/dev' to list interfaces
> Can't get list of interfaces.

	Reference to /proc/... is relative to your current file-system
	root.  That's to say that dhcpd is looking for 
	/var/dhcp/proc/..., which very likely doesn't exist.

	I've used Edelkind's 'paranoia patch' for years, and am very
	pleased that ISC have integrated it into their release, not 
	least because I nagged for it.  Although I haven't any 
	experience yet with 4.1, I suspect that you can avoid the 
	problem by disabling the 'early' chroot.  The idea is (or used 
	to be) that any tasks which would fail due to the relevant file
	systems being unavailable after chroot are done before a 'late' 
	chroot.

	Otherwise, you'll need to mount the /proc filesystem also at 
	/var/dhcp/proc.  You may also need some of the files below /dev.

	Best regards

	Niall O'Reilly

	University College Dublin IT Services





More information about the dhcp-users mailing list