DHCP error.
Keith Woodworth
kwoody at citytel.net
Thu Jul 6 16:42:30 UTC 2006
On Thu, 6 Jul 2006, Brian Candler wrote:
|->On Wed, Jul 05, 2006 at 05:33:21PM -0700, Keith Woodworth wrote:
|->> Jul 4 10:00:00 netreg dhcpd: unable to create icmp socket: Operation not
|->> permitted
|->> Jul 4 10:00:00 netreg dhcpd: Can't open /var/db/dhcpd.leases for append.
|->
|->You are running dhcpd as root, aren't you?
|->
|->It's just that:
|->
|->> From: Cron <operator at netreg> /usr/libexec/save-entropy
|->>
|->> Internet Systems Consortium DHCP Server V3.0.4
|->> Copyright 2004-2006 Internet Systems Consortium.
|->> All rights reserved.
|->> For info, please visit http://www.isc.org/sw/dhcp/
|->> unable to create icmp socket: Operation not permitted
|->> Can't open /var/db/dhcpd.leases for append.
|->
|->It seems that this cronjob is running as user 'operator'. But why would
|->/usr/libexec/save-entropy be invoking the DHCP server?
|->
|->I can only guess that the filesystem is seriously toasted. Perhaps you
|->should reinstall from scratch, and using a fresh CD-ROM or over FTP (you
|->could install 6.1, although I use isc-dhcpd under 6.0 without any problem)
|->
|->$ pkg_info -I isc\*
|->isc-dhcp3-server-3.0.3_1 The ISC Dynamic Host Configuration Protocol server
Ive run into a config issue that I have now worked out.
It used to be that you could put:
/usr/sbin/dhcpd
or any other command line to start a daemon in rc.conf, and there used to
be rc.local to start local daemons too years ago and I am still used to
putting the whole path, including command line args directly in rc.conf.
Now /usr/libexec/save-entropy runs from cron every 11 mins running as
operator, which has no root privs and it reads in rc.conf.
So I think what it does is when /usr/libexec/save-entropy runs it
reads in rc.conf and sees:
/usr/sbin/dhcpd
then tries to run it as operator. Operator has no root privs, hence the
error.
/usr/libexec/save-entropy has something to do with generating randomness,
I'm not exactly sure as Ive not read up on it yet and there is no manpage.
I suppose I could just comment that line in cron but I'm not sure what
else it might break, nor do I want to as it was put there for a reason I'm
sure. :)
So now I have to invoke the daemons properly with:
dhcpd_enable="yes"
in rc.conf.
Thanks,
Keith
More information about the freebsd-isp
mailing list