However, the service still couldn't create a PID-file after a reboot. So I tweaked a little bit longer.
It turns out that the isc-dhcp-server is started before the temporary filesystem "/run". The lines "Wants=local-fs.target", "After=local-fs.target" and "sleep 3 ; \" solves that. Security by apparmor requires the creation of the PID-file in "/{,var/}run/{,dhcp-server/}dhcpd{,6}.pid rw,". The lines "if [ ! -d /run/dhcp-server ]; then mkdir -p /run/dhcp-server; fi; \" "chown root:dhcpd /run/dhcp-server; \" "chmod ug=rwx,o=rx /run/dhcp-server; \" "sleep 1; \" enables this. This tweaking resulted in the following "/etc/systemd/system/isc-dhcp- server.services" file. ======================================================== [Unit] Description=ISC DHCP IPv4 server Documentation=man:dhcpd(8) Wants=network-online.target Wants=local-fs.target After=network-online.target After=local-fs.target After=time-sync.target ConditionPathExists=/etc/default/isc-dhcp-server ConditionPathIsMountPoint=/run ConditionPathExists=|/etc/ltsp/dhcpd.conf ConditionPathExists=|/etc/dhcp/dhcpd.conf [Service] EnvironmentFile=/etc/default/isc-dhcp-server RuntimeDirectory=dhcp-server # The leases files need to be root:dhcpd even when dropping privileges ExecStart=/bin/sh -ec '\ sleep 3 ; \ CONFIG_FILE=/etc/dhcp/dhcpd.conf; \ if [ -f /etc/ltsp/dhcpd.conf ]; then CONFIG_FILE=/etc/ltsp/dhcpd.conf; fi; \ if [ ! -d /run/dhcp-server ]; then mkdir -p /run/dhcp-server; fi; \ chown root:dhcpd /run/dhcp-server; \ chmod ug=rwx,o=rx /run/dhcp-server; \ sleep 1; \ if [ ! "$DHCPDv4_PID" ] ; then DHCPDv4_PID=/run/dhcp-server/dhcpd.pid; fi; \ [ -e /var/lib/dhcp/dhcpd.leases ] || touch /var/lib/dhcp/dhcpd.leases; \ chown root:dhcpd /var/lib/dhcp /var/lib/dhcp/dhcpd.leases; \ chmod 775 /var/lib/dhcp ; chmod 664 /var/lib/dhcp/dhcpd.leases; \ exec dhcpd -user dhcpd -group dhcpd -f -4 -pf $DHCPDv4_PID -cf $CONFIG_FILE $INTERFACESv4' [Install] WantedBy=multi-user.target ================================================== I hope this helps. Any suggestion to improve this service-file is appreciated :) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to isc-dhcp in Ubuntu. https://bugs.launchpad.net/bugs/1448657 Title: isc-dhcp-server: Can't create PID file /run/dhcp-server/dhcpd.pid: Permission denied Status in isc-dhcp package in Ubuntu: Confirmed Bug description: Just upgraded from 14-10 to 15-04, and now see the following in syslog: Apr 26 10:50:08 server kernel: [70470.960718] audit: type=1400 audit(1430045408.725:8): apparmor="DENIED" operation="capable" profile="/usr/sbin/dhcpd" pid=8619 comm="dhcpd" capability=1 capname="dac_ove rride" Apr 26 10:50:08 server sh[8619]: Can't create PID file /run/dhcp-server/dhcpd.pid: Permission denied. Description: Ubuntu 15.04 Release: 15.04 isc-dhcp-server: Installed: 4.3.1-5ubuntu2 ----------- 8x ----------------- # cat /etc/default/isc-dhcp-server # Defaults for isc-dhcp-server initscript # sourced by /etc/init.d/isc-dhcp-server # installed at /etc/default/isc-dhcp-server by the maintainer scripts # # This is a POSIX shell fragment # # Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf). #DHCPD_CONF=/etc/dhcp/dhcpd.conf # Path to dhcpd's PID file (default: /var/run/dhcpd.pid). #DHCPD_PID=/var/run/dhcpd.pid # Additional options to start dhcpd with. # Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead #OPTIONS="" # On what interfaces should the DHCP server (dhcpd) serve DHCP requests? # Separate multiple interfaces with spaces, e.g. "eth0 eth1". INTERFACES="" ----------- 8x ----------------- # ls -la /var/run lrwxrwxrwx 1 root root 4 Oct 24 2013 /var/run -> /run # ls -la /run/dhcp-server/ total 0 drwxr-xr-x 2 dhcpd dhcpd 40 Apr 26 10:59 . drwxr-xr-x 34 root root 1060 Apr 26 11:33 .. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1448657/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp