DHCP error.

Keith Woodworth kwoody at citytel.net
Thu Jul 6 16:42:30 UTC 2006 

On Thu, 6 Jul 2006, Brian Candler wrote:

|->On Wed, Jul 05, 2006 at 05:33:21PM -0700, Keith Woodworth wrote:
|->> Jul  4 10:00:00 netreg dhcpd: unable to create icmp socket: Operation not
|->> permitted
|->> Jul  4 10:00:00 netreg dhcpd: Can't open /var/db/dhcpd.leases for append.
|->
|->You are running dhcpd as root, aren't you?
|->
|->It's just that:
|->
|->> From: Cron <operator at netreg> /usr/libexec/save-entropy
|->>
|->> Internet Systems Consortium DHCP Server V3.0.4
|->> Copyright 2004-2006 Internet Systems Consortium.
|->> All rights reserved.
|->> For info, please visit http://www.isc.org/sw/dhcp/
|->> unable to create icmp socket: Operation not permitted
|->> Can't open /var/db/dhcpd.leases for append.
|->
|->It seems that this cronjob is running as user 'operator'. But why would
|->/usr/libexec/save-entropy be invoking the DHCP server?
|->
|->I can only guess that the filesystem is seriously toasted. Perhaps you
|->should reinstall from scratch, and using a fresh CD-ROM or over FTP (you
|->could install 6.1, although I use isc-dhcpd under 6.0 without any problem)
|->
|->$ pkg_info -I isc\*
|->isc-dhcp3-server-3.0.3_1 The ISC Dynamic Host Configuration Protocol server

Ive run into a config issue that I have now worked out.

It used to be that you could put:

/usr/sbin/dhcpd

or any other command line to start a daemon in rc.conf, and there used to
be rc.local to start local daemons too years ago and I am still used to
putting the whole path, including command line args directly in rc.conf.

Now /usr/libexec/save-entropy runs from cron every 11 mins running as
operator, which has no root privs and it reads in rc.conf.

So I think what it does is when /usr/libexec/save-entropy runs it
reads in rc.conf and sees:

/usr/sbin/dhcpd

then tries to run it as operator. Operator has no root privs, hence the
error.

/usr/libexec/save-entropy has something to do with generating randomness,
I'm not exactly sure as Ive not read up on it yet and there is no manpage.

I suppose I could just comment that line in cron but I'm not sure what
else it might break, nor do I want to as it was put there for a reason I'm
sure. :)

So now I have to invoke the daemons properly with:

dhcpd_enable="yes"

in rc.conf.

Thanks,
Keith

More information about the freebsd-isp mailing list