Ignore:
File:
1 edited

Legend:

Unmodified
Added
Removed

  • networking/connect/dhcpcd.xml

    rf713df3 r2115e38  
    2323  <?dbhtml filename="dhcpcd.html"?>
    2424
    25   <sect1info>
    26     <date>$Date$</date>
    27   </sect1info>
    2825
    2926  <title>dhcpcd-&dhcpcd-version;</title>
     
    4441    </para>
    4542
    46     &lfs110a_checked;
     43    &lfs112_checked;
    4744
    4845    <bridgehead renderas="sect3">Package Information</bridgehead>
     
    9592  </sect2>
    9693
    97   <sect2 role="installation">
    98     <title>Installation of dhcpcd</title>
    99 
    100     <para>
    101       Recent releases of <application>dhcpcd</application> implement privilege
    102       separation. Additional installation steps are necessary to set up
    103       the proper environment, which are performed by issuing the following
    104       commands as the <systemitem class="username">root</systemitem> user:
     94  <sect2 id='dhcpcd-privsep'>
     95    <title>Privilege separation</title>
     96
     97    <para>
     98      Recent releases of <application>dhcpcd</application> optionally support
     99      privilege separation. As the practical security benefits of this are
     100      unclear for a program like <application>dhcpcd</application> and the
     101      setup is more complicated, the book currently defaults to disable it.
     102    </para>
     103    <para>
     104      If you however would like to use privilege separation, additional
     105      installation steps are necessary to set up the proper environment. Issue
     106      the following commands as the
     107      <systemitem class="username">root</systemitem> user:
    105108    </para>
    106109
     
    111114         -d /var/lib/dhcpcd  \
    112115         -g dhcpcd           \
    113          -s /bin/false     \
     116         -s /bin/false       \
    114117         -u 52 dhcpcd &amp;&amp;
    115118chown    -v dhcpcd:dhcpcd /var/lib/dhcpcd </userinput></screen>
    116119
    117     <para>
    118       Install <application>dhcpcd</application> by running the following
    119       commands:
     120  </sect2>
     121
     122  <sect2 role="installation">
     123    <title>Installation of dhcpcd</title>
     124
     125    <para>Fix a runtime error caused by a change in glibc-2.36:</para>
     126
     127<screen><userinput>sed '/Deny everything else/i SECCOMP_ALLOW(__NR_getrandom),' \
     128    -i src/privsep-linux.c</userinput></screen>
     129
     130    <para>
     131      Build <application>dhcpcd</application> without privilege separation
     132      by running the following command:
     133    </para>
     134
     135<screen><userinput>./configure --prefix=/usr                \
     136            --sysconfdir=/etc            \
     137            --libexecdir=/usr/lib/dhcpcd \
     138            --dbdir=/var/lib/dhcpcd      \
     139            --runstatedir=/run           \
     140            --disable-privsep         &amp;&amp;
     141make</userinput></screen>
     142
     143    <para>
     144      Build <application>dhcpcd</application> with privilege separation
     145      by running the following commands:
    120146    </para>
    121147
     
    178204      build tree.
    179205    </para>
     206
     207    <para>
     208      <parameter>--disable-privsep</parameter>: Do not use privileg separation,
     209      which is the default.
     210    </para>
     211
     212    <para>
     213      <parameter>--privsepuser=dhcpcd</parameter>: Use this unpriviled user
     214      in a privilege separation setup.
     215    </para>
     216
     217    <para>
     218      <option>--with-hook=...</option>: You can optionally install more hooks,
     219      for example to install some configuration files such as
     220      <filename>ntp.conf</filename>. The set of hooks is in the
     221      <filename class="directory">dhcpcd-hooks</filename> directory in the
     222      build tree.
     223    </para>
    180224  </sect2>
    181225
     
    232276          modifications to system files are done by hooks which are stored in
    233277          <filename class="directory">/usr/lib/dhcpcd/dhcpcd-hooks</filename>.
    234           Setup <command>dhcpcd</command> by removing or adding hooks from/to
     278          Set up <command>dhcpcd</command> by removing or adding hooks from/to
    235279          that directory.  The execution of hooks can be disabled by using
    236280          the <option>--nohook</option> (<option>-C</option>) command line
     
    334378          modifications to system configuration files are done by hooks which
    335379          are stored in <filename class="directory">
    336           /lib/dhcpcd/dhcpcd-hooks</filename>. Setup <command>dhcpcd</command>
     380          /lib/dhcpcd/dhcpcd-hooks</filename>. Set up <command>dhcpcd</command>
    337381          by removing or adding hooks from/to that directory. The execution
    338382          of hooks can be disabled by using the <option>--nohook</option>
Note: See TracChangeset for help on using the changeset viewer.