diff -uNr old/etc/control.d/facilities/dhcpd-chroot new/etc/control.d/facilities/dhcpd-chroot
--- old/etc/control.d/facilities/dhcpd-chroot	1970-01-01 03:00:00.000000000 +0300
+++ new/etc/control.d/facilities/dhcpd-chroot	2019-04-04 17:20:47.529942997 +0300
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+. /etc/control.d/functions
+
+CONFIG=/etc/sysconfig/dhcpd
+
+new_summary 'Chrootedness of the ISC DHCPD server'
+
+new_subst disabled \
+	'^CHROOT="-j / -lf /var/lib/dhcp/dhcpd/state/dhcpd.leases"$' \
+	's/^#\(CHROOT="-j \/ -lf \/var\/lib\/dhcp\/dhcpd\/state\/dhcpd.leases"\)$/\1/'
+new_help disabled 'Disable chrootedness of the ISC DHCPD server'
+
+new_subst enabled \
+	'^#CHROOT="-j / -lf /var/lib/dhcp/dhcpd/state/dhcpd.leases"$' \
+	's/^CHROOT=/#&/'
+new_help enabled 'Enable chrootedness of the ISC DHCPD server'
+
+control_subst "$CONFIG" "$*"
diff -uNr old/etc/rc.d/init.d/dhcpd new/etc/rc.d/init.d/dhcpd
--- old/etc/rc.d/init.d/dhcpd	2019-04-04 17:35:08.747489834 +0300
+++ new/etc/rc.d/init.d/dhcpd	2019-04-04 17:21:34.564319788 +0300
@@ -37,7 +37,7 @@
 	is_yes "$NETWORKING" || return 0
 	if [ -e "$DHCPD_CONF" ]; then
 		action "Adjusting environment for dhcpd:" /etc/chroot.d/dhcpd.all ||:
-		start_daemon --pidfile "$PIDFILE" --lockfile "$LOCKFILE" --expect-user dhcpd -- dhcpd $DHCPDARGS
+		start_daemon --pidfile "$PIDFILE" --lockfile "$LOCKFILE" --expect-user dhcpd -- dhcpd $CHROOT $DHCPDARGS
 		RETVAL=$?
 	else
 		msg_starting dhcpd
diff -uNr old/etc/sysconfig/dhcpd new/etc/sysconfig/dhcpd
--- old/etc/sysconfig/dhcpd	2019-04-04 17:35:24.398281318 +0300
+++ new/etc/sysconfig/dhcpd	2019-04-04 17:20:52.128175540 +0300
@@ -1,3 +1,5 @@
 # The following variables are recognized:
 
 DHCPDARGS=""
+
+CHROOT="-j / -lf /var/lib/dhcp/dhcpd/state/dhcpd.leases"
diff -uNr old/lib/systemd/system/dhcpd.service new/lib/systemd/system/dhcpd.service
--- old/lib/systemd/system/dhcpd.service	2019-04-04 17:35:40.915116598 +0300
+++ new/lib/systemd/system/dhcpd.service	2019-04-04 17:34:23.467199946 +0300
@@ -7,7 +7,7 @@
 [Service]
 ExecStartPre=/etc/chroot.d/dhcpd.all
 EnvironmentFile=/etc/sysconfig/dhcpd
-ExecStart=/usr/sbin/dhcpd -4 -f --no-pid $DHCPDARGS
+ExecStart=/usr/sbin/dhcpd -4 -f --no-pid $CHROOT $DHCPDARGS
 
 [Install]
 WantedBy=multi-user.target