* debian/isc-dhcp-server.isc-dhcp-server{,6}.service: adjust permissions
for most recent PARANOIA commits to avoid granting 'capability
dac_override' in the AppArmor profile on second and subsequent starts
(LP: #1543794):
- /var/lib/dhcp is root:dhcpd and 775
- /var/lib/dhcp/dhcpd{,6}.leases is root:dhcpd and 664
- don't chown /run/dhcp-server to dhcpd:dhcpd since the pid file is now
created as root:root and the pid file was not being created before. If
this needs to be reintroduced in the future, use root:dhcpd and 775,
like with the leases file.
This bug was fixed in the package isc-dhcp - 4.3.3-5ubuntu9
---------------
isc-dhcp (4.3.3-5ubuntu9) xenial; urgency=medium
* debian/ isc-dhcp- server. isc-dhcp- server{ ,6}.service: adjust permissions dhcp/dhcpd{ ,6}.leases is root:dhcpd and 664
for most recent PARANOIA commits to avoid granting 'capability
dac_override' in the AppArmor profile on second and subsequent starts
(LP: #1543794):
- /var/lib/dhcp is root:dhcpd and 775
- /var/lib/
- don't chown /run/dhcp-server to dhcpd:dhcpd since the pid file is now
created as root:root and the pid file was not being created before. If
this needs to be reintroduced in the future, use root:dhcpd and 775,
like with the leases file.
-- Jamie Strandboge <email address hidden> Tue, 01 Mar 2016 08:19:43 -0600