Kea-dhcp на может запустить PID-файл и открыть 67-ой порт

On startup, the server detects available network interfaces and attempts to open UDP sockets on all interfaces listed in the configuration file. Since the DHCPv4 server opens privileged ports, it requires root access; this daemon must be run as root.

sudo setcap 'cap_net_bind_service=+ep' /path/to/binary

cat /etc/init.d/kea-dhcp4
---------------
: ${KEA_USER:=dhcp}
: ${KEA_GROUP:=dhcp}
---------------
command_user="${KEA_USER}:${KEA_GROUP}"
---------------

#!/sbin/openrc-run
# Copyright 2025 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

: ${KEA_USER:=dhcp}
: ${KEA_GROUP:=dhcp}
: ${KEA_CONFIG:=/etc/kea/${RC_SVCNAME}.conf}

description="kea ${KEA_SVC} services"
command="/usr/sbin/kea-${KEA_SVC}"
command_args="-c ${KEA_CONFIG}"
command_user="${KEA_USER}:${KEA_GROUP}"
pidfile="/run/kea/$(basename ${KEA_CONFIG%.*}).kea-${KEA_SVC}.pid"
required_files="${KEA_CONFIG}"
start_stop_daemon_args="--background --make-pidfile"

extra_commands="check_kea_svc checkconfig"
extra_started_commands="reload"

check_kea_svc() {
	if [ "${RC_SVCNAME}" = "kea" ]; then
		eerror "You are not supposed to run this script directly."
		eerror "Create a symlink for the kea service you want to run."
		eerror "Symlinks should have been created during installation."
		return 1
	fi

	case "${KEA_SVC}" in
	dhcp4)
	    capabilities="^cap_net_bind_service,^cap_net_raw"
	    ;;
	dhcp6|dhcp-ddns)
	    capabilities="^cap_net_bind_service"
	    ;;
	ctrl-agent)
	    ;;
	*)
	    eerror "KEA_SVC is undefined or invalid!"
	    eerror "It should be defined in /etc/conf.d/${RC_SVCNAME}"
	    return 1
	    ;;
	esac
}

checkconfig() {
	${command} -t ${KEA_CONFIG} 1>/dev/null 2>/dev/null || return 1
}

reload() {
	checkconfig || return 1
	ebegin "Reloading ${RC_SVCNAME}"
	start-stop-daemon --signal HUP --pidfile ${pidfile}
	eend $?
}

start_pre() {
	check_kea_svc || return 1

	if [ $(stat -c "%U:%G" ${KEA_CONFIG}) != "root:${KEA_GROUP}" ] ; then
		eerror "${KEA_CONFIG} config file is not owned by root:${KEA_GROUP}"
		eerror "you should reset the ownership:"
		eerror "chown root:${KEA_GROUP} ${KEA_CONFIG}"
		return 1
	fi

	if [ "${RC_CMD}" != "restart" ]; then
		checkconfig || return 1
	fi
}

stop_pre() {
	if [ "${RC_CMD}" != "restart" ]; then
		checkconfig || return 1
	fi
}

	dhcp4)
	    capabilities="^cap_net_bind_service,^cap_net_raw"

getcap /usr/sbin/kea-dhcp4

kea-dhcp4[23731]: start-stop-daemon: no matching processes found

setcap 'cap_net_bind_service,cap_net_raw=+ep' /opt/kea/sbin/kea-dhcp4
setcap 'cap_net_bind_service=+ep' /opt/kea/sbin/kea-dhcp6

#!/sbin/openrc-run

name="kea-dhcp4"
description="Kea DHCPv4 Server"
command="/usr/sbin/kea-dhcp4"
command_args="-c /etc/kea/kea-dhcp4.conf"
command_user="dhcp"
pidfile="/run/kea/kea-dhcp4.pid"
start_stop_daemon_args="--background --make-pidfile --pidfile ${pidfile}"

depend() {
    need net
}