dhcpcd-discuss

On 12/12/2019 12:52, Roy Marples wrote:
> On 28/11/2019 17:11, Roy Marples wrote:
> > Priviledge separation has now been added to master - not enabled by default. 
> > For implementation details, see the commit message.
>
> Two weeks later and I've now added ARP BPF address filtering into the privsep as 
> well. This bring parity between privsep and non privsep.
>
> I've also addresses quite a few other issues (mainly privsep) as well.
> I know most of the users of this thus are are DHCPv6 only users, but if I could 
> pretty please ask for more testing including the DHCPv4 part, I would very much 
> appreciate it - even a reply to say that it's working.
>
> My goal is to get some sort of release out before Christmas with this in with 
> the confidence it works as best as we can make it!

Well, the Christmas release didn't happen :(
Too many dhcpcd-7 and -8 issues came up!

Anwyay, I think I've solved all the problems with privsep now and aside from 
Solaris all platforms I support seem to be working without issue :)

Anyone testing this, now is a good time to take a new snapshot and giving me 
some feedback. I will note that building from the git repo will enable address 
sanitisation if your compiler supports it - run configure with --disable-debug 
to stop that from happening as it may use a lot of memory otherwise.

Privsep support is now enabled by default, but the privsep user needs to exist 
to activate it. The default user is _dhcpcd if _dhcp is not found - configure 
will tell you which user it's using.

I will take time to add RFC 7844 - Anonymity Profiles for DHCP Clients to dhcpcd 
and now look to an end of January release provided no privsep issues come up.

Roy