Datasheet
“main” (Installation and Administration) — 2004/6/25 — 13:29 — page 523 — #549
i
i
i
i
i
i
i
i
21
Linux in the Network
Expert Configuration
In addition to the configuration method discussed above, there is also an
expert configuration mode that allows you to tweak the DHCP server setup
in every detail. Start the expert configuration by selecting ‘Expert Settings’
in the tree view in the left part of the dialog.
Chroot Environment and Declarations
In this first dialog, make the existing configuration editable by se-
lecting ‘Start DHCP Server’. An important feature of the behavior
of the DHCP server is its ability to run in a chroot environment,
or chroot jail, to secure the server host. If the DHCP server should
ever be compromised by an outside attack, the attacker will still be
behind bars in the chroot jail, which prevents him from touching the
rest of the system. The lower part of the dialog displays a tree view
with the declarations that have already been defined. Modify these
with ‘Add’, ‘Delete’, and ‘Edit’. Selecting ‘Advanced’ takes you to
additional expert dialogs. See Figure 21.41. After selecting ‘Add’,
define the type of declaration to add. With ‘Advanced’, view the
log file of the server, configure TSIG key management, and adjust
the configuration of the firewall according to the setup of the DHCP
server.
Figure 21.41: DHCP Server: Chroot Jail and Declarations
523SUSE LINUX Enterprise Server