Page MenuHomeVyOS Platform

dhcpd: Can't create new lease file: Permission denied
Open, Requires assessmentPublicBUG

Description

At least since 02/11/2021, the messages below appear in the log:

admin@ro-lab-01:~$ sh log dhcp | match denied
Feb 22 21:28:13 ro-lab-01 dhcpd[3361]: Can't create new lease file: Permission denied
Feb 23 06:15:07 ro-lab-01 dhcpd[3361]: Can't create new lease file: Permission denied

Here are the details about /config:

admin@ro-lab-01:~$ ls -al /config/
total 56
drwxrwxr-x 7 root  vyattacfg  4096 Feb 22 20:05 .
drwxr-xr-x 1 root  root       4096 Feb 22 20:03 ..
drwxrwsr-x 2 root  vyattacfg  4096 Feb 22 20:05 archive
drwxrwsr-x 2 root  vyattacfg  4096 Feb 16 15:28 auth
-rwxrwxr-x 1 root  vyattacfg 13022 Feb 22 15:45 config.boot
-rw-r--r-- 1 dhcpd nogroup    2274 Feb 23 07:02 dhcpd.leases
-rw-rw-r-- 1 dhcpd nogroup    1932 Feb 22 20:05 dhcpd.leases~
drwxrwsr-x 2 root  vyattacfg  4096 Feb 22 15:37 scripts
drwxrwsr-x 2 root  vyattacfg  4096 Feb 16 15:28 support
drwxrwsr-x 2 root  vyattacfg  4096 Feb 16 15:28 user-data
-rwxrwxr-x 1 root  vyattacfg     0 Feb 16 19:24 .vyatta_config
-rwxrwxr-x 1 root  vyattacfg    36 Feb 22 20:03 vyos-migrate.log

Details

Difficulty level
Easy (less than an hour)
Version
1.3-beta-202102230443
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

@tuxnet Can you describe the steps to reproduce?

VyOS 1.3-beta-202102210443

set interfaces ethernet eth1 address 'dhcp'

I don't see such logs

vyos@r4-roll:~$ show log | match deni
vyos@r4-roll:~$ 


vyos@r4-roll:~$ ls -al /config/
total 48
drwxrwxr-x 8 root vyattacfg 4096 Feb 23 16:47 .
drwxr-xr-x 1 root root      4096 Feb 23 16:47 ..
drwxrwsr-x 2 root vyattacfg 4096 Feb 23 17:55 archive
drwxrwsr-x 3 root vyattacfg 4096 Feb  9 17:17 auth
-rwxrwxr-x 1 root vyattacfg 2680 Feb 21 12:33 config.boot
-rwxrwxr-x 1 root vyattacfg 2912 Feb 15 18:32 config.boot.2021-02-15-163552.pre-migration
-rwxrwxr-x 1 root vyattacfg 2912 Feb 15 18:35 config.boot.2021-02-15-182141.pre-migration
drwxrwsr-x 2 root vyattacfg 4096 Feb  6 04:24 scripts
drwxrwsr-x 2 root vyattacfg 4096 Feb  6 04:24 support
drwxrwxr-x 3 root vyattacfg 4096 Feb 15 18:42 url-filtering
drwxrwsr-x 2 root vyattacfg 4096 Feb  6 04:24 user-data
-rwxrwxr-x 1 root vyattacfg    0 Feb  9 17:13 .vyatta_config
-rwxrwxr-x 1 root vyattacfg   36 Feb 23 16:47 vyos-migrate.log

@Viacheslav
I guess the logs are from the dhcp-server and not from the client...

Can it be reproduced with the config below?
(an interface with the appropriate IP would still have to be configured and a client which obtains an IP)

set service dhcp-server shared-network-name dhcptest subnet 192.168.3.0/24 default-router '192.168.3.1'
set service dhcp-server shared-network-name dhcptest subnet 192.168.3.0/24 dns-server '8.8.8.8'
set service dhcp-server shared-network-name dhcptest subnet 192.168.3.0/24 dns-server '8.8.4.4'
set service dhcp-server shared-network-name dhcptest subnet 192.168.3.0/24 lease '86400'
set service dhcp-server shared-network-name dhcptest subnet 192.168.3.0/24 range 0 start '192.168.3.100'
set service dhcp-server shared-network-name dhcptest subnet 192.168.3.0/24 range 0 stop '192.168.3.200'

I can't reproduce it

Feb 23 20:31:16 r4-roll dhcpd[1414]: No subnet declaration for eth0 (192.168.122.14).
Feb 23 20:31:16 r4-roll dhcpd[1414]: ** Ignoring requests on eth0.  If this is not what
Feb 23 20:31:16 r4-roll dhcpd[1414]:    you want, please write a subnet declaration
Feb 23 20:31:16 r4-roll dhcpd[1414]:    in your dhcpd.conf file for the network segment
Feb 23 20:31:16 r4-roll dhcpd[1414]:    to which interface eth0 is attached. **
Feb 23 20:31:16 r4-roll dhcpd[1414]: 
Feb 23 20:31:16 r4-roll dhcpd[1414]: Server starting service.
Feb 23 20:32:16 r4-roll dhcpd[1414]: DHCPDISCOVER from 52:54:00:ed:15:34 via eth1
Feb 23 20:32:17 r4-roll dhcpd[1414]: DHCPOFFER on 192.168.3.100 to 52:54:00:ed:15:34 (r2-roll) via eth1
Feb 23 20:32:17 r4-roll dhcpd[1414]: DHCPREQUEST for 192.168.3.100 (192.168.3.1) from 52:54:00:ed:15:34 (r2-roll) via eth1
Feb 23 20:32:17 r4-roll dhcpd[1414]: DHCPACK on 192.168.3.100 to 52:54:00:ed:15:34 (r2-roll) via eth1
Feb 23 20:33:39 r4-roll dhcpd[1414]: DHCPRELEASE of 192.168.3.100 from 52:54:00:ed:15:34 (r2-roll) via eth1 (found)
Feb 23 20:33:43 r4-roll dhcpd[1414]: DHCPDISCOVER from 52:54:00:ed:15:34 via eth1
Feb 23 20:33:44 r4-roll dhcpd[1414]: DHCPOFFER on 192.168.3.100 to 52:54:00:ed:15:34 (r2-roll) via eth1
Feb 23 20:33:44 r4-roll dhcpd[1414]: DHCPREQUEST for 192.168.3.100 (192.168.3.1) from 52:54:00:ed:15:34 (r2-roll) via eth1
Feb 23 20:33:44 r4-roll dhcpd[1414]: DHCPACK on 192.168.3.100 to 52:54:00:ed:15:34 (r2-roll) via eth1
vyos@r4-roll:~$

Maybe you use radius or some else for login? As I see default user, not "vyos".

Yes, radius is used for login.

set system login radius server xxxxx.tld key xxxxxx
set system login radius server xxxxx.tld port '1812'
set system login radius server xxxxx.tld timeout '6'
set system login radius source-address 'xxx.xxx.12.1'