On Fri, Jul 24, 2015 at 05:03:36PM +0200, Bernhard Schmidt wrote:

Hi,

> Note that there is mentioning of the new arguments in the upstream
> manpage for dhcpd(8), I will try to think of something and attach a
> patch when I'm done.

This has been added upstream in 4.3.3b1, see attached patch against
4.3.2

Bernhard
Subject: Describe options added by --enable-paranoia in dhcpd.8
Origin: upstream, https://www.isc.org/downloads/file/dhcp-4-3-3b1/?version=tar-gz
Bug-Debian: https://bugs.debian.org/793490

--- dhcp-4.3.2/server/dhcpd.8	2015-02-26 20:35:43.000000000 +0100
+++ dhcp-4.3.3b1/server/dhcpd.8	2015-07-30 21:02:23.000000000 +0200
@@ -1,6 +1,6 @@
 .\"	dhcpd.8
 .\"
-.\" Copyright (c) 2009-2012 by Internet Systems Consortium, Inc. ("ISC")
+.\" Copyright (c) 2009-2012,2015 by Internet Systems Consortium, Inc. ("ISC")
 .\" Copyright (c) 2004-2007 by Internet Systems Consortium, Inc. ("ISC")
 .\" Copyright (c) 1996-2003 by Internet Software Consortium
 .\"
@@ -78,6 +78,18 @@
 .B --no-pid
 ]
 [
+.B -user
+.I user
+]
+[
+.B -group
+.I group
+]
+[
+.B -chroot
+.I dir
+]
+[
 .B -tf
 .I trace-output-file
 ]
@@ -249,6 +261,28 @@
 operations.  This can be used to test a new lease file
 automatically before installing it.
 .TP
+.BI \-user \ user
+Setuid to user after completing privileged operations,
+such as creating sockets that listen on privileged ports.
+This also causes the lease file to be owned by user.
+This option is only available if the code was compiled
+with the PARANOIA patch (./configure --enable-paranoia).
+.TP
+.BI \-group \ group
+Setgid to group after completing privileged operations,
+such as creating sockets that listen on privileged ports.
+This also causes the lease file to use group.
+This option is only available if the code was compiled
+with the PARANOIA patch (./configure --enable-paranoia).
+.TP
+.BI \-chroot \ dir
+Chroot to directory.  This may occur before or after
+reading the configuration files depending on whether
+the code was compiled with the EARLY_CHROOT option
+enabled (./configure --enable-early-chroot).
+This option is only available if the code was compiled
+with the PARANOIA patch (./configure --enable-paranoia).
+.TP
 .BI \-tf \ tracefile
 Specify a file into which the entire startup state of the server and
 all the transactions it processes are logged.  This can be

Reply via email to