Page MenuHomeVyOS Platform
Create Task
Maniphest T6137

dhcp files and directory permission not correct after image uprgading
Closed, DuplicatePublicBUG
Actions

Description

I was trying to upgrade from 1.5-rolling-202403010026 to 1.5-rolling-202403180024
and kept all configs . After the rebooting, it seems that the dhcp server was not coming up due to user/group permission.

After the image upgrading:

vyos@vyos:~$  **ps -ef |grep dhcp**
_kea        4231       1  0 11:35 ?        00:00:00 /usr/sbin/kea-dhcp-ddns -c /etc/kea/kea-dhcp-ddns.conf
root        7050       1  0 11:36 ?        00:00:00 /usr/sbin/dhcp6c -D -k /run/dhcp6c/dhcp6c.pppoe0.sock -c /run/dhcp6c/dhcp6c.pppoe0.conf -p /run/dhcp6c/dhcp6c.pppoe0.pid pppoe0
vyos        9497    7323  0 12:03 pts/0    00:00:00 grep dhcp

the permissions of files and directories under /config :

vyos@vyos:/config$ ls -alt
total 244
drwxrwsr-x 2 root     vyattacfg  4096 Mar 18 11:35 archive
drwxrwsr-x 1 root     vyattacfg  4096 Mar 18 11:34 .
-rwxrwxr-x 1 root     vyattacfg 18957 Mar 18 11:34 config.boot
-rwxrwxr-x 1 root     vyattacfg 12308 Mar 18 11:34 vyos-migrate.log
drwxr-xr-x 1 root     root       4096 Mar 18 11:34 ..
-rwxrwxr-x 1 root     vyattacfg 13425 Mar 18 11:27 config.boot.2024-01-03-055003.pre-migration
-rwxrwxr-x 1 root     vyattacfg 17000 Mar 18 11:27 config.boot.2024-01-19-081756.pre-migration
**-rw-r--r-- 1 arpwatch vyattacfg   221 Mar 18 11:27 dhcpd.leases~**
-rwxrwxr-x 1 root     vyattacfg  9449 Mar 18 11:27 config.boot.2023-12-07-095931.pre-migration
-rwxrwxr-x 1 root     vyattacfg 16658 Mar 18 11:27 config.boot.2024-01-16-154157.pre-migration
**-rwxr-xr-x 1 arpwatch vyattacfg   103 Mar 18 11:27 dhcp4.leases
-rw-r--r-- 1 arpwatch vyattacfg   221 Mar 18 11:27 dhcpd.leases**
-rwxrwxr-x 1 root     vyattacfg 19732 Mar 18 11:27 config.boot.2024-02-09-032256.pre-migration
-rwxrwxr-x 1 root     vyattacfg  7410 Mar 18 11:27 config.boot.2023-09-26-143349.pre-migration
-rwxrwxr-x 1 root     vyattacfg 13446 Mar 18 11:27 config.boot.2024-01-03-210425.pre-migration
-rwxrwxr-x 1 root     vyattacfg 19832 Mar 18 11:27 config.boot.2024-02-21-150614.pre-migration
-rwxrwxr-x 1 root     vyattacfg  5952 Mar 18 11:27 config.boot.2023-12-12-002706.pre-migration
-rwxrwxr-x 1 root     vyattacfg 18957 Mar 18 11:27 config.boot.2024-03-18-033456.pre-migration
-rwxrwxr-x 1 root     vyattacfg     0 Mar 18 11:27 .vyatta_config
**drwxrwxr-x 2 root     vyattacfg  4096 Mar 18 11:21 dhcp**
drwxrwsr-x 5 root     vyattacfg  4096 Feb 19 15:44 container
drwxrwsr-x 2 root     vyattacfg  4096 Jan  3 17:52 scripts
drwxrwsr-x 2 root     vyattacfg  4096 Jan  3 17:51 user-data
drwxrwsr-x 2 root     vyattacfg  4096 Sep  5  2023 auth
drwxrwsr-x 2 root     vyattacfg  4096 Sep  5  2023 support

and I tried these commands seem to fix it

sudo chown _kea:vyattacfg -R dhcp*
restart dhcp server

the kea-dhcp4 is up

vyos@vyos:/config/scripts$ ps -ef |grep dhcp
_kea        4231       1  0 11:35 ?        00:00:00 /usr/sbin/kea-dhcp-ddns -c /etc/kea/kea-dhcp-ddns.conf
root        7050       1  0 11:36 ?        00:00:00 /usr/sbin/dhcp6c -D -k /run/dhcp6c/dhcp6c.pppoe0.sock -c /run/dhcp6c/dhcp6c.pppoe0.conf -p /run/dhcp6c/dhcp6c.pppoe0.pid pppoe0
**_kea        9831       1  0 12:05 ?        00:00:00 /usr/sbin/kea-dhcp4 -c /run/kea/kea-dhcp4.conf**
vyos       10243    7323  0 12:13 pts/0    00:00:00 grep dhcp

It seems that after image upgrading, the user permissions of all directories under /config have changed to root:vyattacfg, but kea-dhcp4 needs permission to access dhcp* related files and directories.

I'm not sure if this is a bug or if it's caused by my improper operation.

Thanks !

Details

Difficulty level
Unknown (require assessment)
Version
1.5-rolling-202403180024
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

opswill created this task.Mar 18 2024, 4:38 AM
pasik added a subscriber: pasik.Mar 18 2024, 7:03 AM
Viacheslav triaged this task as Normal priority.Mar 18 2024, 9:04 AM
dmbaturin closed this task as Resolved.Mar 22 2024, 1:23 PM
dmbaturin claimed this task.
Ironeagle added a subscriber: Ironeagle.Mar 27 2024, 4:00 AM

@opswill what is the permanent solution for this? I am also facing the same issue. Thanks in advance

opswill added a comment.Mar 27 2024, 4:26 AM

@Ironeagle My solution is adding this command:

sudo chown _kea:vyattacfg -R /config/dhcp*

to /config/scripts/vyos-preconfig-bootup.script

I don't upgrade the image and test it yet, but this way should work.

Ironeagle added a comment.Mar 27 2024, 9:16 AM

Thanks @opswill

sarthurdev closed this task as a duplicate of T6163: kea-dhcp4-server crashes due to incorrect lease file permissions after 1.5-rolling-202403120022 -> 1.5-rolling-202403230018 upgrade.Sun, Apr 7, 6:17 PM