Message "no such user" in case dhcpcd is started or lease is dumped

[Degoah]

Hi,

I'm experiencing an issue with dhcpcd v9.5.1 which writes the message no such user into syslog and exits with return code 1 in case I invoke dhcpcd from my C++-application via system("dhcpcd --ipv6only eth --dumplease").
I use the returned code dhcpcd generates after invocation to verify if I shall continue to parse the dumped lease information or not. dhcpcd process is still running in the background in that situation.

Question: What is the reason for that and how can I prevent this situation?
I built dhcpcd with "--enable-privsep", if this does matter somehow for you to know.

Moreover, and observed with version 9.4.1 I get a similiar issue, but the message is make_env: Invalid argument script_runreason: Invalid argument in case I invoke the same command from within my C++-application.

Any insights?

Thanks and regards

[rsmarples]

When you build with privsep (which is the default) you should add then non privileged user __dhcpcd like the others in your system to not login.
dhcpcd will then run all bar one process as this user in a locked down chroot environment with very limited permissions including a sandbox where available. On Linux we use seccomp.

This makes dhcpcd very secure, moreso than any other OSS DHCP client.

To disable the warning either add the privsep user to your system or don't build with privsep.

[Degoah]

I'm running dhcpcd on a kernel with seccomp support enabled. Thus, the only thing missing is now - as mentioned by you - the user dhcpcd to my system.

Can u please just elaborate shortly, why does it is beneficial to run DHCP client preferably in a "sandbox" environment?

Thanks so far!

[rsmarples]

DHCP operations typically require root permissions to add routes, addresses, edit /etc/resolv.conf etc.
Exposing a network facing daemon is a security risk - a rogue host could send data to the DHCP client which causes a crash, overwrites memory and it can then take control ..... with root permissions! ie, effectively take ownership of your computer.

See here for example: https://www.exploit-db.com/exploits/36933

By having only have non root processes in a sandbox with locked down permissions they literally cannot do anything other than what the process itself can do. The sandbox limits what functions the process can call, which is not a lot. Effecively if someone does compromise dhcpcd, they aren't actually going to do anything because they cannot.

[Degoah]

Great answer! Appreciate it! Thanks!

[rsmarples]

Just for reference, on the Linux platform at least, no DHCP client other than dhcpcd runs in a secure environment.
Think about that :)