Rather annoyingly, this still seems to be present in 14.04 LTS after all these years! The following seems to fix it (at least until the isc-dhcp-server package gets updated):
- Stop the DHCP server (service isc-dhcp-server stop)
- chown -R dhcpd:dhcpd /var/lib/dhcp
- Edit /etc/init/isc-dhcp-server.conf and remove (or comment out) the following section from near the end:
# The leases files need to be root:root even when dropping privileges
[ -e /var/lib/dhcp/dhcpd.leases ] || touch /var/lib/dhcp/dhcpd.leases
chown root:root /var/lib/dhcp /var/lib/dhcp/dhcpd.leases
if [ -e /var/lib/dhcp/dhcpd.leases~ ]; then
chown root:root /var/lib/dhcp/dhcpd.leases~
fi
- Edit /etc/apparmor.d/local/usr.sbin.dhcpd and add:
Rather annoyingly, this still seems to be present in 14.04 LTS after all these years! The following seems to fix it (at least until the isc-dhcp-server package gets updated):
- Stop the DHCP server (service isc-dhcp-server stop) isc-dhcp- server. conf and remove (or comment out) the following section from near the end:
- chown -R dhcpd:dhcpd /var/lib/dhcp
- Edit /etc/init/
# The leases files need to be root:root even when dropping privileges dhcp/dhcpd. leases ] || touch /var/lib/ dhcp/dhcpd. leases dhcp/dhcpd. leases dhcp/dhcpd. leases~ ]; then dhcp/dhcpd. leases~
[ -e /var/lib/
chown root:root /var/lib/dhcp /var/lib/
if [ -e /var/lib/
chown root:root /var/lib/
fi
- Edit /etc/apparmor. d/local/ usr.sbin. dhcpd and add:
# Allow lease file updates
capability dac_override,
- Reload AppArmor profiles (service apparmor reload)
- Restart DHCPd (service isc-dhcp-server start)
Hopefully everything will work now. Why can these changes not be made in the official package?