Changeset View
Changeset View
Standalone View
Standalone View
contrib/ntp/ntpd/ntpd.c
Show First 20 Lines • Show All 117 Lines • ▼ Show 20 Lines | |||||
# include <pwd.h> | # include <pwd.h> | ||||
#ifdef HAVE_LINUX_CAPABILITIES | #ifdef HAVE_LINUX_CAPABILITIES | ||||
# include <sys/capability.h> | # include <sys/capability.h> | ||||
# include <sys/prctl.h> | # include <sys/prctl.h> | ||||
#endif /* HAVE_LINUX_CAPABILITIES */ | #endif /* HAVE_LINUX_CAPABILITIES */ | ||||
#if defined(HAVE_PRIV_H) && defined(HAVE_SOLARIS_PRIVS) | #if defined(HAVE_PRIV_H) && defined(HAVE_SOLARIS_PRIVS) | ||||
# include <priv.h> | # include <priv.h> | ||||
#endif /* HAVE_PRIV_H */ | #endif /* HAVE_PRIV_H */ | ||||
#if defined(HAVE_TRUSTEDBSD_MAC) | |||||
# include <sys/mac.h> | |||||
#endif /* HAVE_TRUSTEDBSD_MAC */ | |||||
#endif /* HAVE_DROPROOT */ | #endif /* HAVE_DROPROOT */ | ||||
#if defined (LIBSECCOMP) && (KERN_SECCOMP) | #if defined (LIBSECCOMP) && (KERN_SECCOMP) | ||||
/* # include <sys/types.h> */ | /* # include <sys/types.h> */ | ||||
# include <sys/resource.h> | # include <sys/resource.h> | ||||
# include <seccomp.h> | # include <seccomp.h> | ||||
#endif /* LIBSECCOMP and KERN_SECCOMP */ | #endif /* LIBSECCOMP and KERN_SECCOMP */ | ||||
▲ Show 20 Lines • Show All 495 Lines • ▼ Show 20 Lines | # endif | ||||
*/ | */ | ||||
isc_assertion_setcallback(assertion_failed); | isc_assertion_setcallback(assertion_failed); | ||||
isc_error_setfatal(library_fatal_error); | isc_error_setfatal(library_fatal_error); | ||||
isc_error_setunexpected(library_unexpected_error); | isc_error_setunexpected(library_unexpected_error); | ||||
/* MPE lacks the concept of root */ | /* MPE lacks the concept of root */ | ||||
# if defined(HAVE_GETUID) && !defined(MPE) | # if defined(HAVE_GETUID) && !defined(MPE) | ||||
uid = getuid(); | uid = getuid(); | ||||
if (uid && !HAVE_OPT( SAVECONFIGQUIT )) { | if (uid && !HAVE_OPT( SAVECONFIGQUIT ) | ||||
# if defined(HAVE_TRUSTEDBSD_MAC) | |||||
/* We can run as non-root if the mac_ntpd policy is enabled. */ | |||||
&& mac_is_present("ntpd") != 1 | |||||
# endif | |||||
) { | |||||
msyslog_term = TRUE; | msyslog_term = TRUE; | ||||
msyslog(LOG_ERR, | msyslog(LOG_ERR, | ||||
"must be run as root, not uid %ld", (long)uid); | "must be run as root, not uid %ld", (long)uid); | ||||
exit(1); | exit(1); | ||||
} | } | ||||
# endif | # endif | ||||
/* | /* | ||||
▲ Show 20 Lines • Show All 431 Lines • ▼ Show 20 Lines | if (user && setuid(sw_uid)) { | ||||
msyslog(LOG_ERR, "Cannot setuid() to user `%s': %m", user); | msyslog(LOG_ERR, "Cannot setuid() to user `%s': %m", user); | ||||
exit (-1); | exit (-1); | ||||
} | } | ||||
if (user && seteuid(sw_uid)) { | if (user && seteuid(sw_uid)) { | ||||
msyslog(LOG_ERR, "Cannot seteuid() to user `%s': %m", user); | msyslog(LOG_ERR, "Cannot seteuid() to user `%s': %m", user); | ||||
exit (-1); | exit (-1); | ||||
} | } | ||||
# if !defined(HAVE_LINUX_CAPABILITIES) && !defined(HAVE_SOLARIS_PRIVS) | # if defined(HAVE_TRUSTEDBSD_MAC) | ||||
/* | |||||
* To manipulate system time and (re-)bind to NTP_PORT as needed | |||||
* following interface changes, we must either run as uid 0 or | |||||
* the mac_ntpd policy module must be enabled. | |||||
*/ | |||||
if (sw_uid != 0 && mac_is_present("ntpd") != 1) { | |||||
msyslog(LOG_ERR, "Need MAC 'ntpd' policy enabled to drop root privileges"); | |||||
exit (-1); | |||||
} | |||||
# elif !defined(HAVE_LINUX_CAPABILITIES) && !defined(HAVE_SOLARIS_PRIVS) | |||||
/* | /* | ||||
* for now assume that the privilege to bind to privileged ports | * for now assume that the privilege to bind to privileged ports | ||||
* is associated with running with uid 0 - should be refined on | * is associated with running with uid 0 - should be refined on | ||||
* ports that allow binding to NTP_PORT with uid != 0 | * ports that allow binding to NTP_PORT with uid != 0 | ||||
*/ | */ | ||||
disable_dynamic_updates |= (sw_uid != 0); /* also notifies routing message listener */ | disable_dynamic_updates |= (sw_uid != 0); /* also notifies routing message listener */ | ||||
# endif /* !HAVE_LINUX_CAPABILITIES && !HAVE_SOLARIS_PRIVS */ | # endif /* !HAVE_LINUX_CAPABILITIES && !HAVE_SOLARIS_PRIVS */ | ||||
▲ Show 20 Lines • Show All 544 Lines • Show Last 20 Lines |