Clustered DHCP server failing to load on systems with AppArmor enabled

  • 7002876
  • 31-Mar-2009
  • 30-Apr-2012

Environment

Novell Open Enterprise Server (Linux based)
Novell DHCP

Situation

DHCP does not load when configured to run as a non-local user (i.e. eDirectory user)
Permission denied for DHCP process to open or write the lease file located on shared storage, regardless of user that it is running as.

Resolution

Disable AppArmor (chkconfig boot.apparmor off; reboot) or reprofile /usr/sbin/dhcpd to allow the new user and/or the new path for the lease file.

Additional Information

The default AppArmor profile is configured to allow DHCP to run as a the "dhcpd" user and to access the lease file in /var/lib/dhcp/db/dhcp.lease. When configuring DHCP to run in a clustered environment, the user and/or the location of the lease file almost invariably change, resulting in AppArmor blocking the access to the "dhcpd" process.