Chroot issue
Niall O'Reilly
Niall.oReilly at ucd.ie
Wed Jan 14 13:01:42 UTC 2009
On Wed, 2009-01-14 at 13:40 +1100, Chris Vaughan wrote:
> I have compiled ISC DHCP 4.1.0 on CentOS 5 with the --enable-paranoia
> and -enable-early-chroot
I expect that '--enable-early-chroot' is significant.
> options, when I go to start this to run in a
> chroot jail, I am confronted with an error, as follows.
>
> dhcpd -chroot /var/dhcp -user dhcp -group dhcp
> Internet Systems Consortium DHCP Server 4.1.0
> Copyright 2004-2008 Internet Systems Consortium.
> All rights reserved.
> For info, please visit http://www.isc.org/sw/dhcp/
> Wrote 0 leases to leases file.
> Error opening '/proc/net/dev' to list interfaces
> Can't get list of interfaces.
Reference to /proc/... is relative to your current file-system
root. That's to say that dhcpd is looking for
/var/dhcp/proc/..., which very likely doesn't exist.
I've used Edelkind's 'paranoia patch' for years, and am very
pleased that ISC have integrated it into their release, not
least because I nagged for it. Although I haven't any
experience yet with 4.1, I suspect that you can avoid the
problem by disabling the 'early' chroot. The idea is (or used
to be) that any tasks which would fail due to the relevant file
systems being unavailable after chroot are done before a 'late'
chroot.
Otherwise, you'll need to mount the /proc filesystem also at
/var/dhcp/proc. You may also need some of the files below /dev.
Best regards
Niall O'Reilly
University College Dublin IT Services
More information about the dhcp-users
mailing list