On Tue, Mar 06, 2007 at 07:03:35PM -0600, Martin McCormick wrote: > > I found some cook-book instructions for running dhcpd in > a chroot environment. The article is 4 years old and appears to > be set up for FreeBSD5x, but it isn't far off for FreeBSD6.2 > which is what I need dhcpd to run on. >
I run isc-dhcp3-server-3.0.5 from ports, started from /etc/rc.conf with the following options: dhcpd_enable="YES" # dhcpd enabled? dhcpd_flags="-q" # command option(s) dhcpd_conf="/usr/local/etc/dhcpd.conf" # configuration file dhcpd_ifaces="" # ethernet interface(s) dhcpd_withumask="022" # file creation mask dhcpd_chuser_enable="YES" # runs w/o privileges? dhcpd_withuser="dhcpd" # user name to run as dhcpd_withgroup="dhcpd" # group name to run as dhcpd_chroot_enable="YES" # runs chrooted? dhcpd_devfs_enable="YES" # use devfs if available? dhcpd_rootdir="/var/db/dhcpd" # directory to run in dhcpd_includedir="" # directory with config- Here's the full pkg-message: [EMAIL PROTECTED]/usr/ports/net/isc-dhcp3-server $ make display-message **** To setup dhcpd, you may have to copy /usr/local/etc/dhcpd.conf.sample to /usr/local/etc/dhcpd.conf for editing. **** This port installs dhcp daemon, but don't invokes dhcpd by default. If you want to invoke dhcpd at startup, put these lines into /etc/rc.conf. dhcpd_enable="YES" # dhcpd enabled? dhcpd_flags="-q" # command option(s) dhcpd_conf="/usr/local/etc/dhcpd.conf" # configuration file dhcpd_ifaces="" # ethernet interface(s) dhcpd_withumask="022" # file creation mask **** If compiled with paranoia support (the default), the following lines are also supported: dhcpd_chuser_enable="YES" # runs w/o privileges? dhcpd_withuser="dhcpd" # user name to run as dhcpd_withgroup="dhcpd" # group name to run as dhcpd_chroot_enable="YES" # runs chrooted? dhcpd_devfs_enable="YES" # use devfs if available? dhcpd_makedev_enable="YES" # use MAKEDEV instead? dhcpd_rootdir="/var/db/dhcpd" # directory to run in dhcpd_includedir="<some_dir>" # directory with config- files to include dhcpd_flags="-early_chroot" # needs full root WARNING: -early_chroot requires a jail(8) like environment to work. WARNING: dhcpd_devfs_enable and dhcpd_makedev_enable are mutually exclusive dhcpd_makedev_enable make NO sense on FreeBSD 5.x and up! **** If compiled with jail support (the default), the following lines are also supported (-early_chroot and dhcpd_chroot_enable=YES are implied): dhcpd_jail_enable="YES" # runs imprisoned? dhcpd_hostname="<hostname>" # jail hostname dhcpd_ipaddress="<ip address>" # jail ip address WARNING: dhcpd_rootdir needs to point to a full jail(8) environment. **** WARNING: never edit the chrooted or jailed dhcpd.conf file but /usr/local/etc/dhcpd.conf instead which is always copied where needed upon startup. **** WARNING: /usr/local/etc/rc.isc-dhcpd.conf is obsolete. rc.conf like variables are still read there but should be moved /etc/rc.conf or /etc/rc.conf.d/dhcpd instead. Also, the dhcpd_options variable must be renamed dhcpd_flags if any. -- Kelly D. Grills [EMAIL PROTECTED]
pgpuJ4kh8oKPm.pgp
Description: PGP signature