dhcp/dhcp.README

63 lines
2.1 KiB
Plaintext

/* README.SUSE for the ISC DHCP server */
Before you can run dhcpd, you have to configure it via
- /etc/sysconfig/dhcpd (general settings)
and
- /etc/dhcpd.conf (DHCPv4 configuration file)
- /etc/dhcpd6.conf (DHCPv6 configuration file)
See /usr/share/doc/packages/dhcp-server for example configurations.
Option 119 (domain-search) vs. option 15 (domain-name)
======================================================
The domain-name option supports only one, signgle domain (default domain).
The domain-search option supports a list of domain names. Please do not
abuse the domain-name option to provide a list -- it may be discarded by
dhcp clients.
Chroot Jail
===========
Our version of the ISC dhcp server contains a modified "(non-root/chroot)"
patch by Ari Edelkind. This allows dhcpd to
- run as unprivileged user
- run in a chroot environment (/var/lib/dhcp)
which, in this combination, is the safest possible way of running dhcpd.
In order to be found by dhcpd in the chroot jail, the configuration file
will automatically copied to /var/lib/dhcp/etc/ when the server is started.
Further conf files (include files) can be listed in DHCPD_CONF_INCLUDE_FILES
or DHCPD6_CONF_INCLUDE_FILES in /etc/sysconfig/dhcpd.
The /var/lib/dhcp/dev/log syslog socked is automatically provided in the
chroot environment as soon as it is initially set up.
NOTE:
In the chroot jail, dhcpd can't resolve hostnames unless it can find
the following files:
/etc/localtime
/etc/host.conf
/etc/hosts
/etc/resolv.conf
/lib/libresolv.so.2
/lib/libnss_dns.so.2
/lib/libnss_dns6.so.2
....
Thererore, these files (about 100 kB) will automatically copied to the chroot
jail when the server is started. (You might have to keep these current if
they are modified dynamically by other programs (e.g./etc/ppp/ip-up) while
dhcpd is running.) This is not a problem at all when you use IP addresses
instead of host names in the config file.
In case of trouble, you can also disable the chroot feature by setting
DHCPD_RUN_CHROOTED/DHCPD6_RUN_CHROOTED in /etc/sysconfig/dhcpd to "no".
Have a lot of fun!
Your SUSE Linux Team