LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   DHCP issue on RHEL 6 - setgroups: Operation not permitted (https://www.linuxquestions.org/questions/linux-server-73/dhcp-issue-on-rhel-6-setgroups-operation-not-permitted-924645/)

savona 01-19-2012 01:06 PM
DHCP issue on RHEL 6 - setgroups: Operation not permitted
 
Running RHEL6

I copied my dhcpd.conf from my old server, now when trying to start dhcpd I get the following error in /var/log/messages and the service exits.

Jan 19 13:29:59 pldhcp1 dhcpd: Internet Systems Consortium DHCP Server 4.1.1-P1
Jan 19 13:29:59 pldhcp1 dhcpd: Copyright 2004-2010 Internet Systems Consortium.
Jan 19 13:29:59 pldhcp1 dhcpd: All rights reserved.
Jan 19 13:29:59 pldhcp1 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
Jan 19 13:29:59 pldhcp1 dhcpd: WARNING: Host declarations are global. They are not limited to the scope you declared them in.
Jan 19 13:29:59 pldhcp1 dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Jan 19 13:29:59 pldhcp1 dhcpd: Wrote 0 deleted host decls to leases file.
Jan 19 13:29:59 pldhcp1 dhcpd: Wrote 0 new dynamic host decls to leases file.
Jan 19 13:29:59 pldhcp1 dhcpd: Wrote 0 leases to leases file.
Jan 19 13:29:59 pldhcp1 dhcpd: Listening on LPF/eth0/*****************************
Jan 19 13:29:59 pldhcp1 dhcpd: Sending on LPF/eth0/*****************************
Jan 19 13:29:59 pldhcp1 dhcpd: Sending on Socket/fallback/fallback-net
Jan 19 13:29:59 pldhcp1 dhcpd: setgroups: Operation not permitted
Jan 19 13:29:59 pldhcp1 dhcpd:
Jan 19 13:29:59 pldhcp1 dhcpd: This version of ISC DHCP is based on the release available
Jan 19 13:29:59 pldhcp1 dhcpd: on ftp.isc.org. Features have been added and other changes
Jan 19 13:29:59 pldhcp1 dhcpd: have been made to the base software release in order to make
Jan 19 13:29:59 pldhcp1 dhcpd: it work better with this distribution.
Jan 19 13:29:59 pldhcp1 dhcpd:
Jan 19 13:29:59 pldhcp1 dhcpd: Please report for this software via the Red Hat Bugzilla site:
Jan 19 13:29:59 pldhcp1 dhcpd: http://bugzilla.redhat.com
Jan 19 13:29:59 pldhcp1 dhcpd:
Jan 19 13:29:59 pldhcp1 dhcpd: exiting.


Looks like this error is the fatal one:
Jan 19 13:29:59 pldhcp1 dhcpd: setgroups: Operation not permitted

Any ideas how to fix this?

savona 01-19-2012 01:25 PM
UPDATE: If I start dhcp like so it runs fine:

/usr/sbin/dhcpd -f

savona 01-19-2012 02:02 PM
It was SELINUX probably because I moved the files from a backup to this machine.

type=AVC msg=audit(1327002869.112:24513): avc: denied { setuid } for pid=23978 comm="dhcpd" capability=7 scontext=unconfined_u:system_r:dhcpd_t:s0 tcontext=unconfined_u:system_r:dhcpd_t:s0 tclass=capability
type=SYSCALL msg=audit(1327002869.112:24513): arch=c000003e syscall=105 success=no exit=-1 a0=b1 a1=8 a2=7fff15d5f460 a3=5d9a items=0 ppid=1 pid=23978 auid=500 uid=0 gid=177 euid=0 suid=0 fsuid=0 egid=177 sgid=177 fsgid=177 tty=pts1 ses=10 comm="dhcpd" exe="/usr/sbin/dhcpd" subj=unconfined_u:system_r:dhcpd_t:s0 key=(null)


Created a custom policy with audit2allow like so:
grep "setuid" audit.log | audit2allow -M mydhcpd1920122

then semodule:
semodule -i mydhcpd1920122.pp

Now it fires up fine, even survived a reboot.

Thanks for the help anyway!


All times are GMT -5. The time now is 02:00 AM.