ntpd: Use the ntpd -u option in preference to the rc su plumbing
AcceptedPublic
Actions

Authored by cy on Tue, Dec 24, 3:39 PM.

Details

Reviewers

imp
emaste
markj
des
olce

Summary

Using the rc plumbing to setuid(2) is preferred as it allows the user
to use the -i option in ntpd_flags to chroot ntpd.

Chrooting ntpd by default will be a 2025 project.

MFC after: 1 week

Test Plan

Running here for a couple of weeks.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

cy requested review of this revision.Tue, Dec 24, 3:39 PM

cy created this revision.

cy edited the summary of this revision. (Show Details)

markj added inline comments.Tue, Dec 24, 3:43 PM

libexec/rc/rc.d/ntpd
108	Why unset it?
118	Now the assignment to `driftopt` in the `can_run_nonroot` case above has no effect.

This has been simplified. Will upload it.

libexec/rc/rc.d/ntpd
108	ntpd_user was tested in an earlier version. This is redundant now.
118	This first draft is overly complex for what needs to be done.

This is a much simplified patch. Plus a comment why we need to unset ntpd_user because rc.subr will use that to su(1) for us and we don't want this behavior. We want ntpd to setuid() itself.

markj added inline comments.Wed, Dec 25, 5:41 PM

libexec/rc/rc.d/ntpd
121	I'd explain further that this is in order to make the -i option work.

markj accepted this revision.Wed, Dec 25, 5:41 PM

This revision is now accepted and ready to land.Wed, Dec 25, 5:41 PM

ziaee added a subscriber: ziaee.Mon, Dec 30, 8:21 AM

Revision Contents
Changeset List

Path

Size

libexec/

rc/

rc.d/

ntpd

9 lines

Diff 148373

View Options

ntpd: Use the ntpd -u option in preference to the rc su plumbingAcceptedPublicActions