summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/systemd/isc-dhcp-server.service5
-rw-r--r--src/systemd/isc-dhcp-server6.service5
2 files changed, 4 insertions, 6 deletions
diff --git a/src/systemd/isc-dhcp-server.service b/src/systemd/isc-dhcp-server.service
index d848e3df1..88910bdee 100644
--- a/src/systemd/isc-dhcp-server.service
+++ b/src/systemd/isc-dhcp-server.service
@@ -7,12 +7,11 @@ After=vyos-router.service
[Service]
WorkingDirectory=/run/dhcp-server
-# The leases files need to be root:vyattacfg even when dropping privileges
ExecStart=/bin/sh -ec '\
CONFIG_FILE=/run/dhcp-server/dhcpd.conf; \
[ -e /config/dhcpd.leases ] || touch /config/dhcpd.leases; \
- chown root:vyattacfg /config/dhcpd.leases; \
- chmod 664 /config/dhcpd.leases; \
+ chown nobody:nogroup /config/dhcpd.leases*; \
+ chmod 664 /config/dhcpd.leases*; \
exec /usr/sbin/dhcpd -user nobody -group nogroup -f -4 -pf /run/dhcp-server/dhcpd.pid -cf $CONFIG_FILE -lf /config/dhcpd.leases'
[Install]
diff --git a/src/systemd/isc-dhcp-server6.service b/src/systemd/isc-dhcp-server6.service
index 27bebc57f..c5d4bad99 100644
--- a/src/systemd/isc-dhcp-server6.service
+++ b/src/systemd/isc-dhcp-server6.service
@@ -7,11 +7,10 @@ After=vyos-router.service
[Service]
WorkingDirectory=/run/dhcp-server
-# The leases files need to be root:vyattacfg even when dropping privileges
ExecStart=/bin/sh -ec '\
[ -e /config/dhcpdv6.leases ] || touch /config/dhcpdv6.leases; \
- chown root:vyattacfg /config/dhcpdv6.leases; \
- chmod 664 /config/dhcpdv6.leases; \
+ chown nobody:nogroup /config/dhcpdv6.leases*; \
+ chmod 664 /config/dhcpdv6.leases*; \
exec /usr/sbin/dhcpd -user nobody -group nogroup -f -6 -pf /run/dhcp-server/dhcpdv6.pid -cf /run/dhcp-server/dhcpdv6.conf -lf /config/dhcpdv6.leases'
[Install]