isc-dhcp3-server chroot behavior
Andrew D. Clark
andrew.clark at ucsb.edu
Thu Dec 9 17:36:07 PST 2004
Here's a patch to the isc-dhcpd.sh script in /usr/local/etc/rc.d that
handles copying a few files out of /etc into the chroot for name
resolution and also handles copying a directory of configs to be
included (handy if you want to modularize the config):
--- isc-dhcpd.sh.orig Fri Dec 3 14:21:50 2004
+++ isc-dhcpd.sh Fri Dec 3 15:39:03 2004
@@ -11,6 +11,19 @@
# dhcpd_enable="YES"
#
+# ADC - I've made a few changes to this file.
+#
+# In order for name resolution to work (necessary if you want to use
DNS
+# names in the config (e.g. fixed-address somehost instead of some IP)
+# copy the following out of /etc: host.conf hosts localtime
resolv.conf
+#
+# define a directory containing included config files and copy those
+# to the chroot too. Otherwise, the real included configs must live
in
+# the chroot. This is confusing compared to the behavior of
dhcpd.conf,
+# which is copied from /usr/local/etc/dhcpd.conf to the chroot at
startup
+# and the chrooted copy should not be edited (since changes are lost
at
+# startup)
+
. /usr/local/etc/rc.subr
name=dhcpd
@@ -37,6 +50,10 @@
dhcpd_hostname=${dhcpd_hostname:-} # jail hostname
dhcpd_ipaddress=${dhcpd_ipaddress:-} # jail ip
address
+# added by ADC
+dhcpd_include_dir=${dhcpd_include_dir:-} # directory containing
included
+ # config files
+
safe_run () # rc command [args...]
{
local _rc
@@ -409,6 +426,10 @@
_dhcpd_conffile=${dhcpd_rootdir}${dhcpd_conffile}
_dhcpd_pidfile=${dhcpd_rootdir}${dhcpd_pidfile}
_dhcpd_leasesfile=${dhcpd_rootdir}${dhcpd_leasesfile}
+
+ #
+ # added by ADC
+ _dhcpd_include_dir=${dhcpd_rootdir}${dhcpd_include_dir}
}
setup_compat ()
@@ -450,6 +471,22 @@
safe_copy ${dhcpd_devdir} ${_dhcpd_devdir}
fi
safe_copy ${dhcpd_conffile} ${_dhcpd_conffile}
+
+ #
+ # added by ADC - copy files out of /etc for name
resolution
+ # host.conf hosts localtime resolv.conf
+ safe_mkdir ${_dhcpd_rootdir}/etc
+ safe_copy /etc/host.conf ${_dhcpd_rootdir}/etc/host.conf
+ safe_copy /etc/hosts ${_dhcpd_rootdir}/etc/hosts
+ safe_copy /etc/localtime ${_dhcpd_rootdir}/etc/localtime
+ safe_copy /etc/resolv.conf
${_dhcpd_rootdir}/etc/resolv.conf
+
+ #
+ # added by ADC - copy dhcpd_include_dir if defined
+ if [ -d "${dhcpd_include_dir}" ]; then
+ safe_mkdir ${_dhcpd_include_dir}
+ safe_copy ${dhcpd_include_dir}
${_dhcpd_include_dir}
+ fi
fi
}
--On Friday, December 03, 2004 02:38:41 PM -0800 "Andrew D. Clark"
<andrew.clark at ucsb.edu> wrote:
> Hello,
>
> I'm using the chrooted isc-dhcp3-server and I'd like the startup
> script to do a few extra things which it does not. In order for name
> resolution to work for a chrooted dhcp server, the following files
> must be in /etc in the chroot:
>
> host.conf hosts localtime resolv.conf
>
> The startup script doesn't handle copying those into the chroot,
> though I think it should. Name resolution is handy if one wants to
> do something like:
>
> host somehost {
> hardware ethernet blahblah;
> fixed-address somehost.somedomain;
> }
>
> instead of using an IP address as the parameter for the fixed-address
> argument.
>
> I'd also like to add a feature to the rc script whereby one can
> define a directory containing configs to be included in the
> dhcpd.conf to also be copied to the chroot. A large configuration
> file is often easier to handle if it is broken up into smaller files
> which are included into the dhcpd.conf. If these included files
> lived only in the chroot, they'd have to be edited there, which would
> be confusing compared to the behavior of the dhcpd.conf in the
> chroot, which is copied from /usr/local/etc/dhcpd.conf at startup.
>
> I'm running isc-dhcp3-server-3.0.1.r14_6
> I'll happily submit a patch against the current rc script which
> implements these features if desired.
>
> --
> Andrew Clark
> Campus Network Programmer
> Office of Information Technology
> University of California, Santa Barbara
> andrew.clark at ucsb.edu (805) 893-5311
--
Andrew Clark
Campus Network Programmer
Office of Information Technology
University of California, Santa Barbara
andrew.clark at ucsb.edu (805) 893-5311
More information about the freebsd-questions
mailing list