dhcpcd 9.x adds privelege seperation by creating a chroot
and running parts of the client not as root.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
ftp:x:45:
rsyncd:x:48:
stunnel:x:51:
+dhcpcd:x:52:
lock:x:54:
sshd:x:74:
pcap:x:77:
ftp:x:45:45:anonymous_user:/home/ftp:/bin/false
rsyncd:x:48:48:rsyncd Daemon:/home/rsync:/bin/false
stunnel:x:51:51:stunnel Daemon:/var/lib/stunnel:/bin/false
+dhcpcd:x:52:52:dhcpcd privsep user:/run/dhcpcd/chroot:/bin/false
sshd:x:74:74:sshd:/var/empty:/bin/false
nobody:x:99:99:Nobody:/home/nobody:/bin/false
postfix:x:100:100::/var/spool/postfix:/bin/false
mount -n -t tmpfs -o nosuid,nodev,mode=755,size=8M /run /run || failed=1
fi
+ # create folder for dhcpcd changeroot
+ mkdir -p /run/dhcpcd/chroot
+ chown dhcpcd:dhcpcd /run/dhcpcd/chroot
+ chmod 750 /run/dhcpcd/chroot
+
boot_mesg "" ${NORMAL}
(exit ${failed})
projects / ipfire-2.x.git / commitdiff
