DHCP issue on RHEL 6 - setgroups: Operation not permitted
Running RHEL6
I copied my dhcpd.conf from my old server, now when trying to start dhcpd I get the following error in /var/log/messages and the service exits. Jan 19 13:29:59 pldhcp1 dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1 Jan 19 13:29:59 pldhcp1 dhcpd: Copyright 2004-2010 Internet Systems Consortium. Jan 19 13:29:59 pldhcp1 dhcpd: All rights reserved. Jan 19 13:29:59 pldhcp1 dhcpd: For info, please visit https://www.isc.org/software/dhcp/ Jan 19 13:29:59 pldhcp1 dhcpd: WARNING: Host declarations are global. They are not limited to the scope you declared them in. Jan 19 13:29:59 pldhcp1 dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file Jan 19 13:29:59 pldhcp1 dhcpd: Wrote 0 deleted host decls to leases file. Jan 19 13:29:59 pldhcp1 dhcpd: Wrote 0 new dynamic host decls to leases file. Jan 19 13:29:59 pldhcp1 dhcpd: Wrote 0 leases to leases file. Jan 19 13:29:59 pldhcp1 dhcpd: Listening on LPF/eth0/***************************** Jan 19 13:29:59 pldhcp1 dhcpd: Sending on LPF/eth0/***************************** Jan 19 13:29:59 pldhcp1 dhcpd: Sending on Socket/fallback/fallback-net Jan 19 13:29:59 pldhcp1 dhcpd: setgroups: Operation not permitted Jan 19 13:29:59 pldhcp1 dhcpd: Jan 19 13:29:59 pldhcp1 dhcpd: This version of ISC DHCP is based on the release available Jan 19 13:29:59 pldhcp1 dhcpd: on ftp.isc.org. Features have been added and other changes Jan 19 13:29:59 pldhcp1 dhcpd: have been made to the base software release in order to make Jan 19 13:29:59 pldhcp1 dhcpd: it work better with this distribution. Jan 19 13:29:59 pldhcp1 dhcpd: Jan 19 13:29:59 pldhcp1 dhcpd: Please report for this software via the Red Hat Bugzilla site: Jan 19 13:29:59 pldhcp1 dhcpd: http://bugzilla.redhat.com Jan 19 13:29:59 pldhcp1 dhcpd: Jan 19 13:29:59 pldhcp1 dhcpd: exiting. Looks like this error is the fatal one: Jan 19 13:29:59 pldhcp1 dhcpd: setgroups: Operation not permitted Any ideas how to fix this? |
UPDATE: If I start dhcp like so it runs fine:
/usr/sbin/dhcpd -f |
It was SELINUX probably because I moved the files from a backup to this machine.
type=AVC msg=audit(1327002869.112:24513): avc: denied { setuid } for pid=23978 comm="dhcpd" capability=7 scontext=unconfined_u:system_r:dhcpd_t:s0 tcontext=unconfined_u:system_r:dhcpd_t:s0 tclass=capability type=SYSCALL msg=audit(1327002869.112:24513): arch=c000003e syscall=105 success=no exit=-1 a0=b1 a1=8 a2=7fff15d5f460 a3=5d9a items=0 ppid=1 pid=23978 auid=500 uid=0 gid=177 euid=0 suid=0 fsuid=0 egid=177 sgid=177 fsgid=177 tty=pts1 ses=10 comm="dhcpd" exe="/usr/sbin/dhcpd" subj=unconfined_u:system_r:dhcpd_t:s0 key=(null) Created a custom policy with audit2allow like so: grep "setuid" audit.log | audit2allow -M mydhcpd1920122 then semodule: semodule -i mydhcpd1920122.pp Now it fires up fine, even survived a reboot. Thanks for the help anyway! |
All times are GMT -5. The time now is 02:00 AM. |