summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJernej Jakob <jernej.jakob@gmail.com>2020-05-08 15:09:12 +0200
committerJernej Jakob <jernej.jakob@gmail.com>2020-05-08 15:10:54 +0200
commit03317e9e675cf42dbbfc6afdde1d9f619186fcba (patch)
tree36c20ab030cd04aec741997fb2ede663bcac2895 /src
parent3fef9d2d71eaae0b862f114fafc756b1706f0e6d (diff)
downloadvyos-1x-03317e9e675cf42dbbfc6afdde1d9f619186fcba.tar.gz
vyos-1x-03317e9e675cf42dbbfc6afdde1d9f619186fcba.zip
dhcpv6-server: T2438: change systemd service type, validate config file
The default of systemd services Type=simple isn't suitable for dhcpd and other daemons. - change service type to forking - add RuntimeDirectory - set paths to files in Environment - set PIDFile - validate config and lease file in ExecStartPre - add -q to make dhcpd quiet and only log to syslog - set Restart=always
Diffstat (limited to 'src')
-rw-r--r--src/systemd/isc-dhcp-server6.service18
1 files changed, 12 insertions, 6 deletions
diff --git a/src/systemd/isc-dhcp-server6.service b/src/systemd/isc-dhcp-server6.service
index 27bebc57f..8ac861d7a 100644
--- a/src/systemd/isc-dhcp-server6.service
+++ b/src/systemd/isc-dhcp-server6.service
@@ -6,13 +6,19 @@ ConditionPathExists=/run/dhcp-server/dhcpdv6.conf
After=vyos-router.service
[Service]
+Type=forking
WorkingDirectory=/run/dhcp-server
-# The leases files need to be root:vyattacfg even when dropping privileges
-ExecStart=/bin/sh -ec '\
- [ -e /config/dhcpdv6.leases ] || touch /config/dhcpdv6.leases; \
- chown root:vyattacfg /config/dhcpdv6.leases; \
- chmod 664 /config/dhcpdv6.leases; \
- exec /usr/sbin/dhcpd -user nobody -group nogroup -f -6 -pf /run/dhcp-server/dhcpdv6.pid -cf /run/dhcp-server/dhcpdv6.conf -lf /config/dhcpdv6.leases'
+RuntimeDirectory=dhcp-server
+RuntimeDirectoryPreserve=yes
+Environment=PID_FILE=/run/dhcp-server/dhcpdv6.pid CONFIG_FILE=/run/dhcp-server/dhcpdv6.conf LEASE_FILE=/config/dhcpdv6.leases
+PIDFile=/run/dhcp-server/dhcpdv6.pid
+ExecStartPre=/bin/sh -ec '\
+touch ${LEASE_FILE}; \
+chown nobody:nogroup ${LEASE_FILE}* ; \
+chmod 664 ${LEASE_FILE}* ; \
+/usr/sbin/dhcpd -6 -t -T -q -user nobody -group nogroup -pf ${PID_FILE} -cf ${CONFIG_FILE} -lf ${LEASE_FILE} '
+ExecStart=/usr/sbin/dhcpd -6 -q -user nobody -group nogroup -pf ${PID_FILE} -cf ${CONFIG_FILE} -lf ${LEASE_FILE}
+Restart=always
[Install]
WantedBy=multi-user.target