我想从Debian Lenny的chroot监狱运行dhcpd3 。 目前,我可以从我的监狱根部运行。
现在我想做非root用户(如“-u blah -t / path / to / jail”绑定选项)。
如果我开始这样的过程:
start-stop-daemon --chroot / home / jails / dhcp --chuid dhcp \ --start --pidfile /home/jails/dhcp/var/run/dhcp.pid --exec / usr / sbin / dhcpd3
我遇到这些错误:
Internet Systems Consortium DHCP服务器V3.1.1 版权所有2004-2008 Internet Systems Consortium。 版权所有。 有关信息,请访问http://www.isc.org/sw/dhcp/ 无法创buildicmp套接字:操作不允许 写0删除主机decls租赁文件。 写0新的dynamic主机decls租赁文件。 写出0个租约来租赁文件。 打开LPF套接字:操作不允许
strace:
brk(0)= 0x911b000
fcntl64(0,F_GETFD)= 0
fcntl64(1,F_GETFD)= 0
fcntl64(2,F_GETFD)= 0
访问(“/ etc / suid-debug”,F_OK)= -1 ENOENT(没有这样的文件或目录)
访问(“/ etc / ld.so.nohwcap”,F_OK)= -1 ENOENT(没有这样的文件或目录)
mmap2(NULL,4096,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb775d000
访问(“/ etc / ld.so.preload”,R_OK)= -1 ENOENT(没有这样的文件或目录)
打开(“/ etc / ld.so.cache”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
open(“/ lib / tls / i686 / cmov / libc.so.6”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / tls / i686 / cmov”,0xbfc2ac84)= -1 ENOENT(没有这样的文件或目录)
打开(“/ lib / tls / i686 / libc.so.6”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / tls / i686”,0xbfc2ac84)= -1 ENOENT(没有这样的文件或目录)
打开(“/ lib / tls / cmov / libc.so.6”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / tls / cmov”,0xbfc2ac84)= -1 ENOENT(没有这样的文件或目录)
打开(“/ lib / tls / libc.so.6”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / tls”,0xbfc2ac84)= -1 ENOENT(没有这样的文件或目录)
打开(“/ lib / i686 / cmov / libc.so.6”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / i686 / cmov”,0xbfc2ac84)= -1 ENOENT(没有这样的文件或目录)
打开(“/ lib / i686 / libc.so.6”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / i686”,0xbfc2ac84)= -1 ENOENT(没有这样的文件或目录)
open(“/ lib / cmov / libc.so.6”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / cmov”,0xbfc2ac84)= -1 ENOENT(没有这样的文件或目录)
打开(“/ lib / libc.so.6”,O_RDONLY)= 3
(3,“\ 177ELF \ 1 \ 1 \ 1 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 3 \ 0 \ 3 \ 0 \ 1 \ 1 \ 0004 \ 0 \ 0 \ 0t“...,512)= 512
fstat64(3,{st_mode = S_IFREG | 0755,st_size = 1294572,...})= 0
mmap2(NULL,4096,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb775c000
mmap2(NULL,1300080,PROT_READ | PROT_EXEC,MAP_PRIVATE | MAP_DENYWRITE,3,0)= 0xb761e000
mmap2(0xb7756000,12288,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_FIXED | MAP_DENYWRITE,3,0x138)= 0xb7756000
mmap2(0xb7759000,9840,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_FIXED | MAP_ANONYMOUS,-1,0)= 0xb7759000
closures(3)= 0
mmap2(NULL,4096,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb761d000
set_thread_area({entry_number:-1 - > 6,base_addr:0xb761d6b0,limit:1048575,seg_32bit:1,内容:0,read_exec_only:0,limit_in_pages:1,seg_not_present:0,可用:1})= 0
mprotect(0xb7756000,4096,PROT_READ)= 0
打开(“/ dev / null”,O_RDWR)= 3
closures(3)= 0
brk(0)= 0x911b000
brk(0x913c000)= 0x913c000
套接字(PF_FILE,SOCK_DGRAM,0)= 3
fcntl64(3,F_SETFD,FD_CLOEXEC)= 0
connect(3,{sa_family = AF_FILE,path =“/ dev / log”...},110)= 0
时间(NULL)= 1284760816
打开(“/ etc / localtime”,O_RDONLY)= 4
fstat64(4,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
fstat64(4,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
mmap2(NULL,4096,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb761c000
read(4,“TZif2 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ f \ 0 \ 0 \ 0 \ f \ 0 \ 0 \ 0 \ 0 \ 0“...,4096)= 2945
_llseek(4,-28,[2917],SEEK_CUR)= 0
(4,\ nCET-1CEST,M3.5.0,M10.5.0 / 3 \ n“...,4096)= 28
closures(4)= 0
munmap(0xb761c000,4096)= 0
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
发送(3,“9月18日00:00:16 dhcpd:实习生”,73,MSG_NOSIGNAL)= 73
写(2,“Internet Systems Consortium DHCP”...,46 Internet System Consortium DHCP Server V3.1.1)= 46
写(2,“\ n”...,1
)= 1
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
发送(3,“Sep 18 00:00:16 dhcpd:Copyri”...,75,MSG_NOSIGNAL)= 75
写(2,“Copyright 2004-2008 Internet Syst”...,48Copyright 2004-2008 Internet Systems Consortium。)= 48
写(2,“\ n”...,1
)= 1
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
发送(3,“Sep 18 00:00:16 dhcpd:All ri”...,47,MSG_NOSIGNAL)= 47
写(2,“保留所有权利。”,20All rights reserved。)= 20
写(2,“\ n”...,1
)= 1
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
发送(3,“9月18日00:00:16 dhcpd:对于在...中,77,MSG_NOSIGNAL)= 77
写(2,“有关信息,请访问http:// www”...,50有关信息,请访问http://www.isc.org/sw/dhcp/)= 50
写(2,“\ n”...,1
)= 1
套接字(PF_FILE,SOCK_STREAM,0)= 4
fcntl64(4,F_SETFL,O_RDWR | O_NONBLOCK)= 0
connect(4,{sa_family = AF_FILE,path =“/ var / run / nscd / socket”...},110)= -1 ENOENT(没有这样的文件或目录)
closures(4)= 0
套接字(PF_FILE,SOCK_STREAM,0)= 4
fcntl64(4,F_SETFL,O_RDWR | O_NONBLOCK)= 0
connect(4,{sa_family = AF_FILE,path =“/ var / run / nscd / socket”...},110)= -1 ENOENT(没有这样的文件或目录)
closures(4)= 0
打开(“/ etc / nsswitch.conf”,O_RDONLY)= 4
fstat64(4,{st_mode = S_IFREG | 0644,st_size = 475,...})= 0
mmap2(NULL,4096,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb761c000
读取(4,“#/etc/nsswitch.conf\n#\n#例子”...,4096)= 475
读(4,“...,4096)= 0
closures(4)= 0
munmap(0xb761c000,4096)= 0
打开(“/ lib / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
open(“/ usr / lib / tls / i686 / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / tls / i686 / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ usr / lib / tls / i686 / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / tls / i686”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
打开(“/ usr / lib / tls / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / tls / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
打开(“/ usr / lib / tls / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / tls”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ usr / lib / i686 / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / i686 / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
打开(“/ usr / lib / i686 / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / i686”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
打开(“/ usr / lib / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
打开(“/ usr / lib / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ lib / i486-linux-gnu / tls / i686 / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / i486-linux-gnu / tls / i686 / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ lib / i486-linux-gnu / tls / i686 / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / i486-linux-gnu / tls / i686”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ lib / i486-linux-gnu / tls / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / i486-linux-gnu / tls / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ lib / i486-linux-gnu / tls / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / i486-linux-gnu / tls”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ lib / i486-linux-gnu / i686 / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / i486-linux-gnu / i686 / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ lib / i486-linux-gnu / i686 / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / i486-linux-gnu / i686”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ lib / i486-linux-gnu / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / i486-linux-gnu / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ lib / i486-linux-gnu / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ lib / i486-linux-gnu”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ usr / lib / i486-linux-gnu / tls / i686 / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / i486-linux-gnu / tls / i686 / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ usr / lib / i486-linux-gnu / tls / i686 / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / i486-linux-gnu / tls / i686”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ usr / lib / i486-linux-gnu / tls / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / i486-linux-gnu / tls / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ usr / lib / i486-linux-gnu / tls / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / i486-linux-gnu / tls”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ usr / lib / i486-linux-gnu / i686 / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / i486-linux-gnu / i686 / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ usr / lib / i486-linux-gnu / i686 / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / i486-linux-gnu / i686”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ usr / lib / i486-linux-gnu / cmov / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / i486-linux-gnu / cmov”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
open(“/ usr / lib / i486-linux-gnu / libnss_db.so.2”,O_RDONLY)= -1 ENOENT(没有这样的文件或目录)
stat64(“/ usr / lib / i486-linux-gnu”,0xbfc2ad5c)= -1 ENOENT(没有这样的文件或目录)
打开(“/ lib / libnss_files.so.2”,O_RDONLY)= 4
(4,“\ 177ELF \ 1 \ 1 \ 1 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 3 \ 0 \ 3 \ 0 \ 1 \ 30 \ 0 \ 0004 \ 0 \ 0 \ 0 \ 250“...,512)= 512
fstat64(4,{st_mode = S_IFREG | 0644,st_size = 38408,...})= 0
mmap2(NULL,41624,PROT_READ | PROT_EXEC,MAP_PRIVATE | MAP_DENYWRITE,4,0)= 0xb7612000
mmap2(0xb761b000,8192,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_FIXED | MAP_DENYWRITE,4,0x8)= 0xb761b000
closures(4)= 0
打开(“/ etc / services”,O_RDONLY | O_CLOEXEC)= 4
fcntl64(4,F_GETFD)= 0x1(标志FD_CLOEXEC)
fstat64(4,{st_mode = S_IFREG | 0644,st_size = 18480,...})= 0
mmap2(NULL,4096,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb7611000
阅读(4,“#networking服务,互联网服务”,4096)= 4096
读取(4,“9 / tcp \ t \ t \ t \ t#Quick Mail Transfer Pr”...,4096)= 4096
(4,“note \ t1352 / tcp \ tlotusnotes \ t#Lotus”...,4096)= 4096
阅读(4,“tion \ nafs3 - kaserver \ t7004 / udp \ nafs3 - ”...,4096)= 4096
(4,“backup \ t2989 / tcp \ t \ t \ t#Afmbackup sys”...,4096)= 2096
读(4,“...,4096)= 0
closures(4)= 0
munmap(0xb7611000,4096)= 0
时间(NULL)= 1284760816
打开(“/ etc / protocols”,O_RDONLY | O_CLOEXEC)= 4
fstat64(4,{st_mode = S_IFREG | 0644,st_size = 2626,...})= 0
mmap2(NULL,4096,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb7611000
(4,“#Internet(IP)protocols \ n#\ n#Upd”...,4096)= 2626
closures(4)= 0
munmap(0xb7611000,4096)= 0
套接字(PF_INET,SOCK_RAW,IPPROTO_ICMP)= -1 EPERM(不允许操作)
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
send(3,“Sep 18 00:00:16 dhcpd:unable”...,80,MSG_NOSIGNAL)= 80
写(2,“无法创buildicmp socket:ope”...,53无法创buildicmp socket:不允许操作)= 53
写(2,“\ n”...,1
)= 1
打开(“/ etc / dhcp3 / dhcpd.conf”,O_RDONLY)= 4
lseek(4,0,SEEK_END)= 1426
lseek(4,0,SEEK_SET)= 0
阅读(4,“#---------------------------- \ n#G”...,1426)= 1426
closures(4)= 0
mmap2(NULL,401408,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb75b0000
mmap2(NULL,401408,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb754e000
mmap2(NULL,401408,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb74ec000
brk(0x916f000)= 0x916f000
closures(3)= 0
套接字(PF_FILE,SOCK_DGRAM,0)= 3
fcntl64(3,F_SETFD,FD_CLOEXEC)= 0
connect(3,{sa_family = AF_FILE,path =“/ dev / log”...},110)= 0
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
发送(3,“Sep 18 00:00:16 dhcpd:Inter”...,74,MSG_NOSIGNAL)= 74
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
发送(3,“Sep 18 00:00:16 dhcpd:Copyr”...,76,MSG_NOSIGNAL)= 76
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
send(3,“Sep 18 00:00:16 dhcpd:All r”...,48,MSG_NOSIGNAL)= 48
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
send(3,“Sep 18 00:00:16 dhcpd:For i”...,78,MSG_NOSIGNAL)= 78
打开(“/ var / lib / dhcp3 / dhcpd.leases”,O_RDONLY)= 4
lseek(4,0,SEEK_END)= 126
lseek(4,0,SEEK_SET)= 0
读(4,“#这个文件的格式是文件”...,126)= 126
closures(4)= 0
打开(“/ var / lib / dhcp3 / dhcpd.leases”,O_WRONLY | O_CREAT | O_APPEND,0666)= 4
fstat64(4,{st_mode = S_IFREG | 0644,st_size = 126,...})= 0
mmap2(NULL,4096,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb74eb000
fstat64(4,{st_mode = S_IFREG | 0644,st_size = 126,...})= 0
_llseek(4,126,[126],SEEK_SET)= 0
时间(NULL)= 1284760816
时间(NULL)= 1284760816
打开(“/ var / lib / dhcp3 / dhcpd.leases.1284760816”,O_WRONLY | O_CREAT | O_TRUNC,0664)= 5
fcntl64(5,F_GETFL)= 0x1(标志O_WRONLY)
fstat64(5,{st_mode = S_IFREG | 0644,st_size = 0,...})= 0
mmap2(NULL,4096,PROT_READ | PROT_WRITE,MAP_PRIVATE | MAP_ANONYMOUS,-1,0)= 0xb74ea000
_llseek(5,0,[0],SEEK_CUR)= 0
closures(4)= 0
munmap(0xb74eb000,4096)= 0
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
发送(3,“9月18日00:00:16 dhcpd:写”...,70,MSG_NOSIGNAL)= 70
写(2,“写0删除主机退出”...,42写0删除主机退出租用文件。)= 42
写(2,“\ n”...,1
)= 1
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
发送(3,“9月18日00:00:16 dhcpd:写”...,74,MSG_NOSIGNAL)= 74
写入(2,“写入0新dynamic主机删除”,... 46,写入0新dynamic主机删除出租文件。)= 46
写(2,“\ n”...,1
)= 1
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
发送(3,“9月18日00:00:16 dhcpd:写”...,58,MSG_NOSIGNAL)= 58
写(2,“出租文件写0租约”,... 30,写租约文件0份)= 30
写(2,“\ n”...,1
)= 1
写(5,“#这个文件的格式是文件”...,126)= 126
fsync(5)= 0
unlink(“/ var / lib / dhcp3 / dhcpd.leases〜”)= 0
链接(“/ var / lib / dhcp3 / dhcpd.leases”,“/var/lib/dhcp3/dhcpd.leases~”)= 0
重命名(“/ var / lib / dhcp3 / dhcpd.leases.1284760816”,“/var/lib/dhcp3/dhcpd.leases”)= 0
套接字(PF_INET,SOCK_DGRAM,IPPROTO_UDP)= 4
ioctl(4,SIOCGIFCONF,{0 - > 64,NULL})= 0
ioctl(4,SIOCGIFCONF {64,{{“lo”,{AF_INET,inet_addr(“127.0.0.1”)}},{“eth0”,{AF_INET,inet_addr(“192.168.0.10”)}}}}) = 0
ioctl(4,SIOCGIFFLAGS,{ifr_name =“lo”,ifr_flags = IFF_UP | IFF_LOOPBACK | IFF_RUNNING})= 0
ioctl(4,SIOCGIFFLAGS,{ifr_name =“eth0”,ifr_flags = IFF_UP | IFF_BROADCAST | IFF_RUNNING | IFF_MULTICAST})= 0
ioctl(4,SIOCGIFHWADDR,{ifr_name =“eth0”,ifr_hwaddr = 00:c0:26:87:55:c0})= 0
socket(PF_PACKET,SOCK_PACKET,768)= -1 EPERM(操作不允许)
时间(NULL)= 1284760816
stat64(“/ etc / localtime”,{st_mode = S_IFREG | 0644,st_size = 2945,...})= 0
发送(3,“9月18日00:00:16 dhcpd:打开”...,74,MSG_NOSIGNAL)= 74
写入(2,“打开LPF的套接字:操作”...,46打开LPF的套接字:不允许操作)= 46
写(2,“\ n”...,1
)= 1
exit_group(1)=?
我知道dhcpd希望在端口67上创build套接字…但我不知道如何通过chroot来授权。
任何想法?
为了绑定到<1024端口,通常需要具有超级用户权限或具有CAP_NET_BIND_SERVICEfunction(请参阅capabilities(7) )。
您可以使用setcap实用程序( pacakge libcap2-bin )设置functionCAP_NET_BIND_SERVICE ,