Trivial documentation updates.

This commit is contained in:
Nicholas J. Kain 2018-02-18 00:31:39 -05:00
parent e08d3b15b5
commit a66f007931

View File

@ -1,5 +1,5 @@
# ndhc # ndhc
Copyright (C) 2004-2017 Nicholas J. Kain. Copyright (C) 2004-2018 Nicholas J. Kain.
See LICENSE for licensing information. In short: Two-clause / New BSD. See LICENSE for licensing information. In short: Two-clause / New BSD.
@ -61,7 +61,7 @@ peer won't relent in the case of a conflict, and of relentlessly defending
a lease forever. In either mode, it rate-limits defense messages, so it a lease forever. In either mode, it rate-limits defense messages, so it
can't be tricked into flooding by a hostile peer or DHCP server, either. can't be tricked into flooding by a hostile peer or DHCP server, either.
*Small*. Both ndhc avoids unnecessary outside dependencies and is written *Small*. ndhc avoids unnecessary outside dependencies and is written
in plain C. in plain C.
*Fast*. ndhc filters input using the BPF/LPF mechanism so that *Fast*. ndhc filters input using the BPF/LPF mechanism so that
@ -110,7 +110,8 @@ $ su -
# umask 077 # umask 077
# groupadd ndhc # groupadd ndhc
``` ```
Create new users `dhcpifch` and `dhcp`. The primary group of these users should be `ndhc`. Create new users `dhcpsockd`, `dhcpifch` and `dhcp`. The primary group of
these users should be `ndhc`.
``` ```
# useradd -d /var/lib/ndhc -s /sbin/nologin -g ndhc dhcpsockd # useradd -d /var/lib/ndhc -s /sbin/nologin -g ndhc dhcpsockd
# useradd -d /var/lib/ndhc -s /sbin/nologin -g ndhc dhcpifch # useradd -d /var/lib/ndhc -s /sbin/nologin -g ndhc dhcpifch
@ -217,6 +218,3 @@ on most modern unix systems, but it is not standard.
* Numerous socket options are used, and the `AF_PACKET` socket family * Numerous socket options are used, and the `AF_PACKET` socket family
is used for raw sockets and ARP. These are largely Linux-specific, too. is used for raw sockets and ARP. These are largely Linux-specific, too.
* ndhc can optionally use seccomp-filter to allow only a set of
whitelisted syscalls. This functionality is Linux-specific.