diff options
author | Jernej Jakob <jernej.jakob@gmail.com> | 2020-05-08 15:09:12 +0200 |
---|---|---|
committer | Jernej Jakob <jernej.jakob@gmail.com> | 2020-05-08 15:10:54 +0200 |
commit | 03317e9e675cf42dbbfc6afdde1d9f619186fcba (patch) | |
tree | 36c20ab030cd04aec741997fb2ede663bcac2895 /src | |
parent | 3fef9d2d71eaae0b862f114fafc756b1706f0e6d (diff) | |
download | vyos-1x-03317e9e675cf42dbbfc6afdde1d9f619186fcba.tar.gz vyos-1x-03317e9e675cf42dbbfc6afdde1d9f619186fcba.zip |
dhcpv6-server: T2438: change systemd service type, validate config file
The default of systemd services Type=simple isn't suitable for dhcpd and
other daemons.
- change service type to forking
- add RuntimeDirectory
- set paths to files in Environment
- set PIDFile
- validate config and lease file in ExecStartPre
- add -q to make dhcpd quiet and only log to syslog
- set Restart=always
Diffstat (limited to 'src')
-rw-r--r-- | src/systemd/isc-dhcp-server6.service | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/src/systemd/isc-dhcp-server6.service b/src/systemd/isc-dhcp-server6.service index 27bebc57f..8ac861d7a 100644 --- a/src/systemd/isc-dhcp-server6.service +++ b/src/systemd/isc-dhcp-server6.service @@ -6,13 +6,19 @@ ConditionPathExists=/run/dhcp-server/dhcpdv6.conf After=vyos-router.service [Service] +Type=forking WorkingDirectory=/run/dhcp-server -# The leases files need to be root:vyattacfg even when dropping privileges -ExecStart=/bin/sh -ec '\ - [ -e /config/dhcpdv6.leases ] || touch /config/dhcpdv6.leases; \ - chown root:vyattacfg /config/dhcpdv6.leases; \ - chmod 664 /config/dhcpdv6.leases; \ - exec /usr/sbin/dhcpd -user nobody -group nogroup -f -6 -pf /run/dhcp-server/dhcpdv6.pid -cf /run/dhcp-server/dhcpdv6.conf -lf /config/dhcpdv6.leases' +RuntimeDirectory=dhcp-server +RuntimeDirectoryPreserve=yes +Environment=PID_FILE=/run/dhcp-server/dhcpdv6.pid CONFIG_FILE=/run/dhcp-server/dhcpdv6.conf LEASE_FILE=/config/dhcpdv6.leases +PIDFile=/run/dhcp-server/dhcpdv6.pid +ExecStartPre=/bin/sh -ec '\ +touch ${LEASE_FILE}; \ +chown nobody:nogroup ${LEASE_FILE}* ; \ +chmod 664 ${LEASE_FILE}* ; \ +/usr/sbin/dhcpd -6 -t -T -q -user nobody -group nogroup -pf ${PID_FILE} -cf ${CONFIG_FILE} -lf ${LEASE_FILE} ' +ExecStart=/usr/sbin/dhcpd -6 -q -user nobody -group nogroup -pf ${PID_FILE} -cf ${CONFIG_FILE} -lf ${LEASE_FILE} +Restart=always [Install] WantedBy=multi-user.target |