I installed grsecurity on 2.4.30 and everything is working except the DHCP Server (ver. 3).
I've installed dhcpd3 in a chroot jail.
I set security level to high and everything works except the DHCP server so it would be great if I do not have to change it to another level.
When I start the DHCP with the following options:
- Code: Select all
/usr/sbin/dhcpd3 -q -cf /etc/dhcp3/dhcpd.conf -user dhcp -group nogroup -chroot /home/system/dhcp -lf /dhcpd.leases eth0
I get this error message in syslog (and DHCPd is not starting)
- Code: Select all
(...)
May 17 12:21:48 (none) dhcpd: Open a socket for LPF: Operation not permitted
(...)
I do not know exactly what that means I also did not found the appropriate option in grsecurity.
But is there a way to enable opening a socket (for LPF) in a chroot jail just for the dhcpd server?
That would be great!
Thanks a lot!
Niki
PS: If this is not possible, can you tell me WHICH option in grsecurity I must switch off?