Bug 103168

Summary: isc-dhcpd.sh jail options break stop and status commands
Product: Ports & Packages Reporter: Chris Cowart <ccowart>
Component: Individual Port(s)Assignee: Dirk Meyer <dinoex>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description Chris Cowart 2006-09-12 00:10:20 UTC 
The port for isc-dhcp3-server has config options for enabling FreeBSD
process jails. Basically, through a series of command line arguments
that are generated by the isc-dhcpd.sh script, the chroot is
auto-generated when you start the service and dhcpd makes the syscall to
jail itself. This is actually really nifty and makes the process of
running dhcpd in a thin jail brainless.

The problem happens when I run "isc-dhcpd.sh stop": 
dhcpd not running? (check /var/jails/dhcpd/var/run/dhcpd/dhcpd.pid).

Well, I know better. dhcpd is clearly running with the pid indicated in
the pid file. After investigating /etc/rc.subr, I've determined the
cause (where $JID is the jid of the running rc script and $_jid is the
jid of the process, determined by ps output):
  if [ "$JID" -eq "$_jid" ];

This prevents me from using the rc script outside the jail to stop the
jail'd dhcpd process. /etc/rc.subr is making a false assumption that
people won't want to be controlling jailed services via rc scripts on
the host machine.

Fix: Override JID in isc-dhcpd.sh:
How-To-Repeat: In /etc/rc.conf:
dhcpd_enable="YES"
dhcpd_flags="-q"
dhcpd_conf="/usr/local/etc/dhcpd.conf"
dhcpd_includedir="/usr/local/etc/dhcpd.d"
dhcpd_withumask="022"
dhcpd_chuser_enable="YES"
dhcpd_withuser="dhcpd"
dhcpd_withgroup="dhcpd"
dhcpd_devfs_enable="YES"
dhcpd_rootdir="/var/jails/dhcpd"
dhcpd_chroot_enable="YES"
dhcpd_jail_enable="YES"
dhcpd_hostname="dhcp.example.com"
dhcpd_ipaddress="10.0.0.10"

Start dhcpd:
$ sudo /usr/local/etc/rc.d/isc-dhcpd.sh start
Starting dhcpd.

Try:
$ sudo /usr/local/etc/rc.d/isc-dhcpd.sh stop
dhcpd not running? (check /var/jails/dhcpd/var/run/dhcpd/dhcpd.pid).

But:
$ ps auxwww | grep dhcpd
dhcpd   11950  0.0  1.4 14940 14140  ??  SsJ   3:58PM   0:00.00 /usr/local/sbin/dhcpd -q -cf /usr/local/etc/dhcpd.conf -lf /var/db/dhcpd/dhcpd.leases -pf /var/run/dhcpd/dhcpd.pid -user dhcpd -group dhcpd -chroot /var/jails/dhcpd -jail dhcp.example.com 10.0.0.10
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2006-09-12 01:01:22 UTC 
State Changed
From-To: open->feedback

Awaiting maintainers feedback
Comment 2 Joerg Pulz 2006-09-18 06:24:19 UTC 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi,

sorry for the late response.

As i've currently no system running dhcpd inside a jail, i can't check 
this for myself.
Anyway, as the description of the problem is very clear and the proposed 
solution sounds reasonable to me, i hereby approve the patch.

Thanks a lot for your investigation!

Kind regards
Joerg

- -- 
The beginning is the most important part of the work.
 				-Plato
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)

iD8DBQFFDi2FSPOsGF+KA+MRAl6GAJ9wB3moaWVJU/kYc/YqZ1tccxw9KgCbBWes
/h7bmTXyUiRP47R4NqItFbs=
=pTRQ
-----END PGP SIGNATURE-----
Comment 3 Mark Linimon freebsd_committer freebsd_triage 2006-09-18 08:13:10 UTC 
State Changed
From-To: feedback->open

Maintainer approved.
Comment 4 Dirk Meyer freebsd_committer freebsd_triage 2006-11-05 11:21:01 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->dinoex

I will take care of it.
Comment 5 Dirk Meyer freebsd_committer freebsd_triage 2006-11-05 11:27:21 UTC 
State Changed
From-To: open->closed

committed, thanks.
Comment 6 dfilter service freebsd_committer freebsd_triage 2006-11-05 11:27:22 UTC 
dinoex      2006-11-05 11:27:01 UTC

  FreeBSD ports repository

  Modified files:
    net/isc-dhcp3-server/files isc-dhcpd.in 
  Log:
  - fix isc-dhcpd.sh jail options stop and status commands
  PR:             103168
  Submitted by:   Chris Cowart
  Approved by:    Joerg Pulz (maintainer)
  
  Revision  Changes    Path
  1.2       +8 -1      ports/net/isc-dhcp3-server/files/isc-dhcpd.in
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"