After T2185 dhcpd doesn't have permission to delete old lease files /config/dhcpd.leases~, as they are root:vyattacfg, but dhcpd is now running as nobody:nobody.
May 07 20:54:09 rt-home dhcpd: Can't create new lease file: Permission denied
Obviously the following is incorrect as the permissions on dhcpd.leases won't allow nobody to write to it. We also need to apply the same permissions to dhcpd.leases~.
# The leases files need to be root:vyattacfg even when dropping privileges ExecStart=/bin/sh -ec '\ CONFIG_FILE=/run/dhcp-server/dhcpd.conf; \ [ -e /config/dhcpd.leases ] || touch /config/dhcpd.leases; \ chown root:vyattacfg /config/dhcpd.leases; \ chmod 664 /config/dhcpd.leases; \ exec /usr/sbin/dhcpd -user nobody -group nogroup -f -4 -pf /run/dhcp-server/dhcpd.pid -cf $CONFIG_FILE -lf /config/dhcpd.leases'
A ownership of vyattacfg:nobody or nobody:vyattacfg or even adding vyattacfg to nobody group would work.