# isc-dhcp42-server paranoia issues



## nforced (Mar 27, 2014)

For some reason I can't get rid of these warnings no matter what I do


```
# /usr/local/etc/rc.d/isc-dhcpd restart
/usr/local/etc/rc.d/isc-dhcpd: WARNING: $paranoia is not set properly - see rc.conf(5).
/usr/local/etc/rc.d/isc-dhcpd: WARNING: $dhcpd_chuser_enable is not set properly - see rc.conf(5).
/usr/local/etc/rc.d/isc-dhcpd: WARNING: $paranoia is not set properly - see rc.conf(5).
/usr/local/etc/rc.d/isc-dhcpd: WARNING: $paranoia is not set properly - see rc.conf(5).
/usr/local/etc/rc.d/isc-dhcpd: WARNING: $paranoia is not set properly - see rc.conf(5).
/usr/local/etc/rc.d/isc-dhcpd: WARNING: $dhcpd_chuser_enable is not set properly - see rc.conf(5).
/usr/local/etc/rc.d/isc-dhcpd: WARNING: $paranoia is not set properly - see rc.conf(5).
/usr/local/etc/rc.d/isc-dhcpd: WARNING: $paranoia is not set properly - see rc.conf(5).
/usr/local/etc/rc.d/isc-dhcpd: WARNING: $paranoia is not set properly - see rc.conf(5).
```

I installed net/isc-dhcp42-server with default options which include PARANOIA.

Here are my /etc/rc.conf related lines:


```
dhcpd_enable="YES"
dhcpd_ifaces="LAN"
dhcpd_flags="-q"                           # command option(s)
dhcpd_conf="/usr/local/etc/dhcpd.conf"      # configuration file
dhcpd_withumask="022"
dhcpd_chuser_enable="YES"            # runs w/o privileges?
dhcpd_withuser="dhcpd"              # user name to run as
dhcpd_withgroup="dhcpd"             # group name to run as
dhcpd_chroot_enable="YES"           # runs chrooted?
dhcpd_devfs_enable="YES"            # use devfs if available?
dhcpd_rootdir="/var/db/dhcpd"       # directory to run in
#dhcpd_includedir=""       # directory with config-files to include
```


```
#make showconfig
===> The following configuration options are available for isc-dhcp42-server-4.2.6:
     BIND_SYMBOLS=off: Enable BIND internal symbol table
     IPV6=on: IPv6 protocol support
     LDAP=off: LDAP support
     LDAP_SSL=on: Support LDAP over SSL/TLS
     PARANOIA=on: Enable support for chroot
```

Misc:

```
# uname -a
FreeBSD planet 10.0-RELEASE FreeBSD 10.0-RELEASE #0 r260789: Thu Jan 16 22:34:59 UTC 2014     root@snap.freebsd.org:/usr/obj/usr/src/sys/GENERIC  amd64
```

I did deinstall and reinstall with different options, with and without PARANOIA, tried all sort of combinations in rc.conf and no luck I always get these warnings...
I see something wrong during install that I don't on my other machine which could be related


```
gmake[3]: Entering directory `/usr/ports/net/isc-dhcp42-server/work/dhcp-4.2.6/bind'
Configuring BIND Export libraries for DHCP.
./configure: -c: not found
Building BIND Export libraries - this takes some time.
```

My system and ports tree are up-to-date.

Thanks for helping!


----------



## wblock@ (Mar 27, 2014)

nforced said:
			
		

> ```
> dhcpd_ifaces="LAN"
> ```



That is supposed to be a list of interface names to serve, like

```
dhcpd_ifaces="em1"
```

No idea whether this will produce the errors shown.


----------



## nforced (Mar 27, 2014)

Thanks for pointing this.
I renamed em1 in rc.conf so LAN is correct for my setup. I just tried with em1, same result. I guess this is unrelated.


```
ifconfig_em1_name="LAN"
```


----------



## nforced (Mar 27, 2014)

I found the problem and the solution.  

On the problematic machine /usr/local/etc/rc.d/isc-dhcpd had these lines


```
paranoia=%%PARANOIA%%
eval ": \${${name}_chuser_enable:=\"%%PARANOIA%%\"}"
```
while on my other machine these look like


```
paranoia=yes
eval ": \${${name}_chuser_enable:=\"yes\"}"
```
so I did edit /usr/local/etc/rc.d/isc-dhcpd  by hand and changed %%PARANOIA%% to yes and the problem was solved.

So far so good, what I did next is more interesting


```
/usr/ports/net/isc-dhcp42-server # make deinstall
```
after which I verified there is no /usr/local/etc/rc.d/isc-dhcpd file and then I did


```
/usr/ports/net/isc-dhcp42-server # make clean
/usr/ports/net/isc-dhcp42-server # make rmconfig
/usr/ports/net/isc-dhcp42-server # make install clean
```
which installed net/isc-dhcp42-server with PARANOIA support.
After all for my surprise /usr/local/etc/rc.d/isc-dhcpd contained %%PARANOIA%% again instead of yes as it should.
Is this a bug or there is something else that I don't understand? 
I think I build and installed net/isc-dhcp42-server *without* PARANOIA support the very first time but I wonder how can this override /usr/local/etc/rc.d/isc-dhcpd file when I do clean reinstall *with* %%PARANOIA%% support?


----------



## wblock@ (Mar 27, 2014)

That appears to be a problem with the port.  Usually a string surrounded by %% is replaced with a value when the port is installed.

I just installed net/isc-dhcp43-server as a test, and it did the same thing.

Please enter a PR.


----------



## kpa (Mar 28, 2014)

It's a result of a slightly bothed stage conversion of the ISC-DHCP ports. The value of PARANOIA macro is not substituted properly in the rc(8) scripts of the the ports anymore after this commit:

http://svnweb.freebsd.org/ports?view=revision&revision=349269


----------



## nforced (Mar 28, 2014)

I sent PR yesterday http://www.freebsd.org/cgi/query-pr.cgi?pr=188020


----------



## junovitch@ (Mar 29, 2014)

The removal of adding PARANOIA to the SUB_LIST variable in the make file is what caused the issue.  You would have to add back the lines as shown below for it to build properly again.


```
Index: isc-dhcp41-server/Makefile
===================================================================
--- isc-dhcp41-server/Makefile	(revision 349587)
+++ isc-dhcp41-server/Makefile	(working copy)
@@ -119,6 +119,9 @@
 
 .if ${PORT_OPTIONS:MPARANOIA}
 CONFIGURE_ARGS+=	--enable-paranoia --enable-early-chroot
+SUB_LIST+=	PARANOIA=yes
+.else
+SUB_LIST+=	PARANOIA=no
 .endif
 
 .if ${PORT_OPTIONS:MIPV6}
Index: isc-dhcp42-server/Makefile
===================================================================
--- isc-dhcp42-server/Makefile	(revision 349587)
+++ isc-dhcp42-server/Makefile	(working copy)
@@ -91,6 +91,9 @@
 
 .if ${PORT_OPTIONS:MPARANOIA}
 CONFIGURE_ARGS+=--enable-paranoia --enable-early-chroot
+SUB_LIST+=	PARANOIA=yes
+.else
+SUB_LIST+=	PARANOIA=no
 .endif
 
 .if ${PORT_OPTIONS:MLDAP}
Index: isc-dhcp43-server/Makefile
===================================================================
--- isc-dhcp43-server/Makefile	(revision 349587)
+++ isc-dhcp43-server/Makefile	(working copy)
@@ -91,6 +91,9 @@
 
 .if ${PORT_OPTIONS:MPARANOIA}
 CONFIGURE_ARGS+=--enable-paranoia --enable-early-chroot
+SUB_LIST+=	PARANOIA=yes
+.else
+SUB_LIST+=	PARANOIA=no
 .endif
 
 .if ${PORT_OPTIONS:MLDAP}
```


----------

