i'd like to bump this entry a bit - if nothing else, to understand
better why exactly this doesn't work.
as the user dhcpd runs as (dhcpd), i can read the key file (by way of a
symlink, in my case):
>whoami
dhcpd
>id dhcpd
uid=105(dhcpd) gid=113(dhcpd) groups=113(dhcpd),999(ddns)
>ls -Alh
total 20K
lrwxrwxrwx 1 root root 29 2010-03-07 16:12 ddns-key-1.key ->
/etc/bind/keys/ddns-key-1.key
-rw-r----- 1 root dhcpd 148 2009-12-01 20:14 ddns-key-1.key.old
drwxr-xr-x 2 root root 4.0K 2010-02-15 20:29 dhclient-enter-hooks.d
drwxr-xr-x 2 root root 4.0K 2009-12-16 12:17 dhclient-exit-hooks.d
-rw-r----- 1 root dhcpd 4.1K 2009-12-01 20:17 dhcpd.conf
>ls -alh /etc/bind/keys/ddns-key-1.key
-rw-r----- 1 root ddns 148 2009-12-01 15:24 /etc/bind/keys/ddns-key-1.key
>cat ddns-key-1.key
key ddns-key-1 {
algorithm hmac-md5;
secret "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
};
yet (as in the initial report) when started via it's init script,
/usr/sbin/dhcpd can not:
>/etc/init.d/dhcp3-server start
dhcpd self-test failed. Please fix the config file.
The error was:
Internet Systems Consortium DHCP Server V3.1.2
Copyright 2004-2008 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/sw/dhcp/
Can't open /etc/dhcp3/ddns-key-1.key: Permission denied
why doesn't this work? what is different when dhcpd is started via it's
init script and privs are dropped to the user named dhcpd? i've
adjusted the apparmor settings for dhcpd, and there are no audit entries
for apparmor being logged - what is preventing this file from being
read?
--
dhcpd wont start due to rndc.key permissions
https://bugs.launchpad.net/bugs/341817
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dhcp3 in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
