From 36d59255131f6d3f289d4f5dfcb58a9890996ffe Mon Sep 17 00:00:00 2001 From: Alexandru Moise Date: Fri, 18 Mar 2016 14:21:25 +0200 Subject: dhcpd: create dhcpd user for dhcp dameon This patch enables the functionality for dhcpd service to be started with dhcp uid and gid. Test steps: Step 1: Assign ip to interface ifconfig eth0 192.168.1.1 Step 2: Edit /etc/dhcp/dhcpd.conf: default-lease-time 600; max-lease-time 7200; option subnet-mask 255.255.255.0; subnet 192.168.1.0 netmask 255.255.255.0 { option broadcast-address 192.168.1.255; range 192.168.1.88 192.168.1.88; option routers 192.168.1.0; } Step 3: Edit /etc/default/dhcp-server: INTERFACES="eth0" Step 4: Check uid and gid of running dhcpd process $ ps -eo user:19,group:19,cmd | grep dhcpd dhcp dhcp /usr/sbin/dhcpd eth0 -user dhcp -group dhcp Signed-off-by: Alexandru Moise Signed-off-by: Ross Burton --- meta/recipes-connectivity/dhcp/dhcp.inc | 6 +++++- meta/recipes-connectivity/dhcp/files/init-server | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'meta/recipes-connectivity') diff --git a/meta/recipes-connectivity/dhcp/dhcp.inc b/meta/recipes-connectivity/dhcp/dhcp.inc index 9c4233b19d..5703f1e06d 100644 --- a/meta/recipes-connectivity/dhcp/dhcp.inc +++ b/meta/recipes-connectivity/dhcp/dhcp.inc @@ -24,7 +24,10 @@ SRC_URI = "ftp://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \ UPSTREAM_CHECK_URI = "ftp://ftp.isc.org/isc/dhcp/" UPSTREAM_CHECK_REGEX = "(?P\d+\.\d+\.(\d+?))/" -inherit autotools systemd +inherit autotools systemd useradd + +USERADD_PACKAGES = "${PN}-server" +USERADD_PARAM_${PN}-server = "--system --no-create-home --home-dir /var/run/${PN} --shell /bin/false --user-group ${PN}" SYSTEMD_PACKAGES = "${PN}-server ${PN}-relay" SYSTEMD_SERVICE_${PN}-server = "dhcpd.service dhcpd6.service" @@ -39,6 +42,7 @@ EXTRA_OECONF = "--with-srv-lease-file=${localstatedir}/lib/dhcp/dhcpd.leases \ --with-cli-lease-file=${localstatedir}/lib/dhcp/dhclient.leases \ --with-cli6-lease-file=${localstatedir}/lib/dhcp/dhclient6.leases \ --with-libbind=${STAGING_LIBDIR}/ \ + --enable-paranoia \ " do_install_append () { diff --git a/meta/recipes-connectivity/dhcp/files/init-server b/meta/recipes-connectivity/dhcp/files/init-server index 34c20852b9..5e693adf78 100644 --- a/meta/recipes-connectivity/dhcp/files/init-server +++ b/meta/recipes-connectivity/dhcp/files/init-server @@ -20,7 +20,7 @@ case "$1" in echo -n "Starting DHCP server: " test -d /var/lib/dhcp/ || mkdir -p /var/lib/dhcp/ test -f /var/lib/dhcp/dhcpd.leases || touch /var/lib/dhcp/dhcpd.leases - start-stop-daemon -S -x /usr/sbin/dhcpd -- -q $INTERFACES + start-stop-daemon -S -x /usr/sbin/dhcpd -- -q $INTERFACES -user dhcp -group dhcp echo "." ;; stop) -- cgit 1.2.3-korg