dhcpcd-discuss

Hi Ben

On 10/04/2020 01:50, Ben Woods wrote:
> I would like to package dhcpcd to work with privsep on FreeBSD:
>
>   * Unprivileged User: _dhcp
>   * DBDIR: /var/db/dhcpcd/
>   * RUNDIR: /var/run/dhcpcd/
>
>
> Can you please advise:
>
>  1. Should the package create the 2 directories above, or should it be left to
>     the first run of dhcpcd to create them itself?

IF the package is setup correctly for privsep, only the chroot directory needs 
to exist.
Otherwise the parent directory needs to.

>  2. If dhcpcd is left to create these directories itself, why does it create
>     them owned by root instead of the unprivileged user? According to the
>     upgrading section of README.md, the unprivileged user needs write access to
>     DBDIR. Does it also need write access to RUNDIR?

The unprivileged user only needs to be able to write to /var/db/dhcpcd

>  3. Given the _dhcp user on FreeBSD has its home directory set to /var/empty,
>     what is required to correctly setup chroot?

It needs to be elsewhere because more that _dhcp uses /var/emtpy - and it's 
silly to fill something called empty with files!
So either change it or create a new user.

I'm starting to thing that by default, the dhcpcd package should use _dhcpcd by 
default and create that user rather than changing the home directory of _dhcp.
That's why I've not updated pkgsrc for dhcpcd-9 yet.
But after this discussion I think dropping the auto detection of _dhcp is the 
right thing to do as a *package*.

As such I've made this commit:
https://roy.marples.name/cgit/dhcpcd.git/commit/?id=36c47a8df0951236a7842bbf8241e2932357ef61

cc'ing Stuart as he maintains the OpenBSD port and I'd like both your thoughts 
on this.

>  4. Are there any other steps to setup the package for privsep correctly? The
>     only other thing I am doing currently are
>
>       o using the ./configure argument --privsepuser="_dhcp"
>       o ensuring any pidfiles created by the rc script are stored in the
>         /var/run/dhcpcd/ directory

dhcpcd manages the pidfile by itself.

> Thanks for your guidance.
>
> Background - Some recent commits I noticed that led to these questions:
>
> Upgrading instructions for dhcpcd-9:
> https://roy.marples.name/cgit/dhcpcd.git/tree/README.md?h=dhcpcd-9.0.0#n92
>
> "Don't install /var/db/dhcpcd in the Makefile.
> dhcpcd will create it in the right place by default."
> https://roy.marples.name/cgit/dhcpcd.git/commit/?id=5f275b7bd1ed4d1f830b7a60ba253a98f7ef6127
>
> "privsep: Refuse chroot if privsep users home dir is /var/empty
> As we should not be filling it. This means we don't mess up a stock install 
> where the pkg admin hasn't setup privsep correctly."
> https://roy.marples.name/cgit/dhcpcd.git/commit/?id=5ac1a5cd6fe054c5ece0de679d5294cfca797772

Documentation isn't my strong point .... patches to improve it welcome!

Roy