[Kea-users] Question about a custom configuration file

Fri Feb 14 16:04:31 UTC 2025

Hi Micheal,

Thanks for the feedback! After some digging, it looks like kea set some specific apparmor restrictions that limit what changes can be made to the configuration, and that's what's blocking me... on this one anyway.

Scott LaCroix
Software Engineer | JCI / Tyco Safety Products

________________________________
From: Kea-users <kea-users-bounces at lists.isc.org> on behalf of Michael De Roover <isc at nixmagic.com>
Sent: Thursday, February 13, 2025 4:00 PM
To: kea-users at lists.isc.org <kea-users at lists.isc.org>
Subject: Re: [Kea-users] Question about a custom configuration file

[You don't often get email from isc at nixmagic.com. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ]

On Thursday, February 13, 2025 7:20:16 PM CET Scott LaCroix via Kea-users
wrote:
> Hello all,
>
> We're trying to create a custom configuration file for the kea-dhcp4-server
> in our deployment. Currently what I've tried is a simple systemd dropin:
>
> $ cat /etc/systemd/system/kea-dhcp4-server.service.d/override.conf
> [Service]
> ExecStart=
> ExecStart=/usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4-gw.conf
>
> When I try using that, I get failure to create the PID file:
>
> $ sudo systemctl daemon-reload
> $ sudo systemctl restart kea-dhcp4-server
> $ sudo systemctl status kea-dhcp4-server
> × kea-dhcp4-server.service - Kea IPv4 DHCP daemon
>      Loaded: loaded (/usr/lib/systemd/system/kea-dhcp4-server.service;
> enabled; preset: enabled) Drop-In:
> /etc/systemd/system/kea-dhcp4-server.service.d
>              └─override.conf
>      Active: failed (Result: exit-code) since Thu 2025-02-13 18:13:21 GMT;
> 7s ago Duration: 25ms
>        Docs: man:kea-dhcp4(8)
>     Process: 448823 ExecStart=/usr/sbin/kea-dhcp4 -c
> /etc/kea/kea-dhcp4-gw.conf (code=exited, status=1/FAILURE) Main PID: 448823
> (code=exited, status=1/FAILURE)
>         CPU: 24ms
>
> Feb 13 18:13:21 71077345 systemd[1]: Started kea-dhcp4-server.service - Kea
> IPv4 DHCP daemon. Feb 13 18:13:21 71077345 kea-dhcp4[448823]: 2025-02-13
> 18:13:21.928 INFO  [kea-dhcp4.dhcp4/448823.134556786268608] DHCP4_STARTING
> Kea DHCPv4 server version 2.4.1 (stable) starting Feb 13 18:13:21 71077345
> kea-dhcp4[448823]: kea-dhcp4: Fatal error during start up: Unable to open
> PID file '/run/kea/kea-dhcp4-gw.kea-dhcp4.pid' for write Feb 13 18:13:21
> 71077345 kea-dhcp4[448823]: 2025-02-13 18:13:21.928 FATAL
> [kea-dhcp4.dhcp4/448823.134556786268608] DHCP4_SERVER_FAILED server failed:
> Unable to open PID file '/run/kea/kea-dhcp4-gw.kea-dhcp4.pid' for write Feb
> 13 18:13:21 71077345 systemd[1]: kea-dhcp4-server.service: Main process
> exited, code=exited, status=1/FAILURE Feb 13 18:13:21 71077345 systemd[1]:
> kea-dhcp4-server.service: Failed with result 'exit-code'.
>
>
> Everything I've tried in an effort to switch the server to a custom config
> file has failed in similar ways. Clearly I'm missing something in the
> systemd service config... any help here is appreciated.

If memory serves me right, Kea runs under its own user (_kea ?) and it may not
have access to that directory. See with systemctl edit --full kea-dhcp4-server
what it uses for defaults. Your current service file is an adjustment against
that.

... Granted, I have only passing experience with Kea so far. YMMV.

--
Met vriendelijke groet,
Michael De Roover

Mail: isc at nixmagic.com
Web: michael.de.roover.eu.org

--
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/<https://www.isc.org/contact/> for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users<https://lists.isc.org/mailman/listinfo/kea-users>.

Kea-users mailing list
Kea-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users<https://lists.isc.org/mailman/listinfo/kea-users>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20250214/49b0a82e/attachment-0001.htm>