ndhc | Privilege-separated secure DHCPv4 client for Linux
kandi X-RAY | ndhc Summary
kandi X-RAY | ndhc Summary
ndhc is a C library. ndhc has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. You can download it from GitHub, GitLab.
ndhc is a multi-process, privilege-separated DHCP client. Each subprocess runs with the minimal necessary privileges in order to perform its task. Currently, ndhc consists of three subprocesses: the ndhc-master, ndhc-ifch, and ndhc-sockd. ndhc-master communicates with DHCP servers and handles the vagaries of the DHCP client protocol. It runs as a non-root user inside a chroot. ndhc runs as a normal user with no special privileges and is restricted to a chroot that contains nothing more than a domain socket filesystem object (if using syslog), a urandom device node, and a null device node. ndhc-ifch handles interface change requests. It listens on a unix socket for such requests. ndhc-ifch runs as a non-root user inside a chroot, and retains only the power to configure network interfaces. ndhc-ifch automatically forks from ndhc-master to perform its job. ndhc-sockd plays a similar role to ndhc-ifch, but it instead has the ability to bind to a low port, the ability to open a raw socket, and the ability to communicate on broadcast channels. ndhc communicates with ndhc-sockd over a unix socket, and the file descriptors that ndhc-sockd creates are passed back to ndhc over the unix socket. ndhc fully implements RFC5227's address conflict detection and defense. Great care is taken to ensure that address conflicts will be detected, and ndhc also has extensive support for address defense. Care is taken to prevent unintentional ARP flooding under any circumstance. ndhc also monitors hardware link status via netlink events and reacts appropriately when interface carrier status changes or an interface is explicitly deconfigured. This functionality can be useful on wired networks when transient carrier downtimes occur (or cables are changed), but it is particularly useful on wireless networks. RFC3927's IPv4 Link Local Addressing is not supported. I have found v4 LLAs to be more of an annoyance than a help. v6 LLAs work much better in practice.
ndhc is a multi-process, privilege-separated DHCP client. Each subprocess runs with the minimal necessary privileges in order to perform its task. Currently, ndhc consists of three subprocesses: the ndhc-master, ndhc-ifch, and ndhc-sockd. ndhc-master communicates with DHCP servers and handles the vagaries of the DHCP client protocol. It runs as a non-root user inside a chroot. ndhc runs as a normal user with no special privileges and is restricted to a chroot that contains nothing more than a domain socket filesystem object (if using syslog), a urandom device node, and a null device node. ndhc-ifch handles interface change requests. It listens on a unix socket for such requests. ndhc-ifch runs as a non-root user inside a chroot, and retains only the power to configure network interfaces. ndhc-ifch automatically forks from ndhc-master to perform its job. ndhc-sockd plays a similar role to ndhc-ifch, but it instead has the ability to bind to a low port, the ability to open a raw socket, and the ability to communicate on broadcast channels. ndhc communicates with ndhc-sockd over a unix socket, and the file descriptors that ndhc-sockd creates are passed back to ndhc over the unix socket. ndhc fully implements RFC5227's address conflict detection and defense. Great care is taken to ensure that address conflicts will be detected, and ndhc also has extensive support for address defense. Care is taken to prevent unintentional ARP flooding under any circumstance. ndhc also monitors hardware link status via netlink events and reacts appropriately when interface carrier status changes or an interface is explicitly deconfigured. This functionality can be useful on wired networks when transient carrier downtimes occur (or cables are changed), but it is particularly useful on wireless networks. RFC3927's IPv4 Link Local Addressing is not supported. I have found v4 LLAs to be more of an annoyance than a help. v6 LLAs work much better in practice.
Support
Quality
Security
License
Reuse
Support
ndhc has a low active ecosystem.
It has 23 star(s) with 3 fork(s). There are 3 watchers for this library.
It had no major release in the last 12 months.
There are 0 open issues and 9 have been closed. On average issues are closed in 216 days. There are no pull requests.
It has a neutral sentiment in the developer community.
The latest version of ndhc is v2022-03-08-v2
Quality
ndhc has 0 bugs and 0 code smells.
Security
ndhc has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
ndhc code analysis shows 0 unresolved vulnerabilities.
There are 0 security hotspots that need review.
License
ndhc is licensed under the MIT License. This license is Permissive.
Permissive licenses have the least restrictions, and you can use them in most projects.
Reuse
ndhc releases are available to install and integrate.
Installation instructions, examples and code snippets are available.
Top functions reviewed by kandi - BETA
kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of ndhc
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of ndhc
ndhc Key Features
No Key Features are available at this moment for ndhc.
ndhc Examples and Code Snippets
Copy
$ su -
# umask 077
# groupadd ndhc
# useradd -d /var/lib/ndhc -s /sbin/nologin -g ndhc dhcpsockd
# useradd -d /var/lib/ndhc -s /sbin/nologin -g ndhc dhcpifch
# useradd -d /var/lib/ndhc -s /sbin/nologin -g ndhc dhcp
# mkdir /etc/ndhc
# chown root.ro
Community Discussions
No Community Discussions are available at this moment for ndhc.Refer to stack overflow page for discussions.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install ndhc
Compile and install ndhc. Time to create the jail in which ndhc will run. Become root and create new group ndhc. Create new users dhcpsockd, dhcpifch and dhcp. The primary group of these users should be ndhc. Create the state directory where DUIDs and IAIDs will be stored. Create the jail directory and set its ownership properly. Create a urandom device for ndhc to use within the jail. (optional) If you wish for logging to properly work, you will need to properly configure your logging daemon so that it opens a domain socket in the proper location within the jail. Since this varies per-daemon, I cannot provide a general configuration. At this point the jail is usable; ndhc is ready to be used. It should be invoked as the root user so that it can spawn its processes with the proper permissions. An example of invoking ndhc: ndhc -i wan0 -u dhcp -U dhcpifch -D dhcpsockd -C /var/lib/ndhc. If you encounter problems, I suggest running ndhc in the foreground and examining the printed output. I suggest running ndhc under some sort of process supervision such as runit or s6. This will allow for reliable functioning in the case of unforseen or unrecoverable errors.
Create a build directory: mkdir build && cd build
Create the makefiles: cmake ..
Build ndhc: make
Install the ndhc/ndhc executable in a normal place. I would suggest /usr/sbin or /usr/local/sbin.
Create a build directory: mkdir build && cd build
Create the makefiles: cmake ..
Build ndhc: make
Install the ndhc/ndhc executable in a normal place. I would suggest /usr/sbin or /usr/local/sbin.
Support
For any new features, suggestions and bugs create an issue on GitHub.
If you have any questions check and ask questions on community page Stack Overflow .
Find more information at:
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page