Page MenuHomeFreeBSD
Files F147243027

D16050.id45335.diff
No OneTemporary
Actions

D16050.id45335.diff
View Options

Index: etc/defaults/rc.conf
===================================================================
--- etc/defaults/rc.conf
+++ etc/defaults/rc.conf
@@ -381,8 +381,7 @@
ntpd_program="/usr/sbin/ntpd" # path to ntpd, if you want a different one.
ntpd_config="/etc/ntp.conf" # ntpd(8) configuration file
ntpd_sync_on_start="NO" # Sync time on ntpd startup, even if offset is high
-ntpd_flags="-p /var/run/ntpd.pid -f /var/db/ntpd.drift"
- # Flags to ntpd (if enabled).
+ntpd_flags="" # Additional flags to ntpd
ntp_src_leapfile="/etc/ntp/leap-seconds"
# Initial source for ntpd leapfile
ntp_db_leapfile="/var/db/ntpd.leap-seconds.list"
Index: etc/rc.d/ntpd
===================================================================
--- etc/rc.d/ntpd
+++ etc/rc.d/ntpd
@@ -14,53 +14,99 @@
desc="Network Time Protocol daemon"
rcvar="ntpd_enable"
command="/usr/sbin/${name}"
-pidfile="/var/run/${name}.pid"
extra_commands="fetch needfetch"
fetch_cmd="ntpd_fetch_leapfile"
needfetch_cmd="ntpd_needfetch_leapfile"
start_precmd="ntpd_precmd"
_ntp_tmp_leapfile="/var/run/ntpd.leap-seconds.list"
+_ntp_default_dir="/var/db/ntp"
+_ntp_default_driftfile="${_ntp_default_dir}/ntpd.drift"
+_ntp_old_driftfile="/var/db/ntpd.drift"
+
+pidfile="${_ntp_default_dir}/${name}.pid"
load_rc_config $name
-ntpd_precmd()
+can_run_nonroot()
{
- rc_flags="-c ${ntpd_config} ${ntpd_flags}"
+ # If the admin set what uid to use, we don't change it.
+ if [ -n "${ntpd_user}" ]; then
+ return 1
+ fi
+
+ # If the admin set any command line options involving files, we
+ # may not be able to access them as user ntpd.
+ case "${rc_flags}" in
+ *-f* | *--driftfile* | *-i* | *--jaildir* | \
+ *-k* | *--keyfile* | *-l* | *--logfile* | \
+ *-p* | *--pidfile* | *-s* | *--statsdir* )
+ return 1;;
+ esac
+
+ # If the admin set any options in ntp.conf involving files,
+ # we may not be able to access them as user ntpd.
+ local fileopts="^[ \t]*crypto|^[ \t]*driftfile|^[ \t]*key|^[ \t]*logfile|^[ \t]*statsdir"
+ grep -E -q "${fileopts}" "${ntpd_config}" || return 1
+
+ # Try to set up the the MAC ntpd policy so ntpd can run with reduced
+ # privileges. Detect whether MAC is compiled into the kernel, load
+ # the policy module if not already present, then check whether the
+ # policy has been disabled via tunable or sysctl.
+ if [ -n "$(sysctl -qn security.mac.version)" ]; then
+ sysctl -qn security.mac.ntpd >/dev/null || kldload -qn mac_ntpd || return 1
+ if [ "$(sysctl -qn security.mac.ntpd.enabled)" != "1" ]; then
+ return 1
+ fi
+ fi
- if checkyesno ntpd_sync_on_start; then
- rc_flags="-g $rc_flags"
+ # On older existing systems, the ntp dir may by owned by root, change
+ # it to ntpd to give the daemon create/write access to the driftfile.
+ if [ "$(stat -f %u ${_ntp_default_dir})" = "0" ]; then
+ chown ntpd:ntpd "${_ntp_default_dir}" || return 1
fi
- ntpd_init_leapfile
+ # If the driftfile exists in the standard location for older existing
+ # systems, move it into the ntp dir and fix the ownership if we can.
+ if [ -f "${_ntp_old_driftfile}" ] && [ ! -L "${_ntp_old_driftfile}" ]; then
+ mv "${_ntp_old_driftfile}" "${_ntp_default_driftfile}" &&
+ chown ntpd:ntpd "${_ntp_default_driftfile}" || return 1
+ fi
+}
- if [ ! -f $ntp_db_leapfile ]; then
- ntpd_fetch_leapfile
+ntpd_precmd()
+{
+ local driftopt
+
+ # If we can run as a non-root user, switch uid to ntpd and use the
+ # new default location for the driftfile inside the ntpd-owned dir.
+ # Otherwise, figure out what to do about the driftfile option. If set
+ # by the admin, we don't add the option. If the file exists in the old
+ # default location we use that, else we use the new default location.
+ if can_run_nonroot; then
+ _user="ntpd"
+ driftopt="-f ${_ntp_default_driftfile}"
+ elif [ -z "${rc_flags##*-f*}" ] ||
+ [ -z "${rc_flags##*--driftfile*}" ] ||
+ grep -q "^[ \t]*driftfile" "${ntpd_config}"
+ driftopt="" # admin set the option, we don't need to add it.
+ elif [ -f "${_ntp_old_driftfile}" ]; then
+ driftopt-"-f ${_ntp_old_driftfile}"
+ else
+ driftopt="-f ${_ntp_default_driftfile}"
fi
- if [ -z "$ntpd_chrootdir" ]; then
- return 0;
+ # Set command_args based on the various config vars.
+ command_args="-p ${pidfile} -c ${ntpd_config} ${driftopt}"
+ if checkyesno ntpd_sync_on_start; then
+ command_args="${command_args} -g"
fi
- # If running in a chroot cage, ensure that the appropriate files
- # exist inside the cage, as well as helper symlinks into the cage
- # from outside.
- #
- # As this is called after the is_running and required_dir checks
- # are made in run_rc_command(), we can safely assume ${ntpd_chrootdir}
- # exists and ntpd isn't running at this point (unless forcestart
- # is used).
- #
- if [ ! -c "${ntpd_chrootdir}/dev/clockctl" ]; then
- rm -f "${ntpd_chrootdir}/dev/clockctl"
- ( cd /dev ; /bin/pax -rw -pe clockctl "${ntpd_chrootdir}/dev" )
- fi
- ln -fs "${ntpd_chrootdir}/var/db/ntp.drift" /var/db/ntp.drift
- ln -fs "${ntpd_chrootdir}${_ntp_tmp_leapfile}" ${_ntp_tmp_leapfile}
-
- # Change run_rc_commands()'s internal copy of $ntpd_flags
- #
- rc_flags="-u ntpd:ntpd -i ${ntpd_chrootdir} $rc_flags"
+ # Make sure the leapfile is ready to use.
+ ntpd_init_leapfile
+ if [ ! -f "${ntp_db_leapfile}" ]; then
+ ntpd_fetch_leapfile
+ fi
}
current_ntp_ts() {

File Metadata

Mime Type
text/plain
Expires
Tue, Mar 10, 9:38 AM (9 h, 22 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
29486183
Default Alt Text
D16050.id45335.diff (5 KB)

Event Timeline