Page MenuHomeFreeBSD

ntpd: Use the ntpd -u option in preference to the rc su plumbing
ClosedPublic

Authored by cy on Dec 24 2024, 3:39 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Feb 25, 8:27 PM
Unknown Object (File)
Tue, Feb 18, 11:03 PM
Unknown Object (File)
Feb 11 2025, 5:33 AM
Unknown Object (File)
Feb 6 2025, 7:28 PM
Unknown Object (File)
Feb 5 2025, 6:24 PM
Unknown Object (File)
Feb 4 2025, 5:17 AM
Unknown Object (File)
Jan 31 2025, 9:35 AM
Unknown Object (File)
Jan 27 2025, 10:58 AM
Subscribers

Details

Summary

Using the rc plumbing to setuid(2) is preferred as it allows the user
to use the -i option in ntpd_flags to chroot ntpd.

Chrooting ntpd by default will be a 2025 project.

MFC after: 1 week

Test Plan

Running here for a couple of weeks.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

cy requested review of this revision.Dec 24 2024, 3:39 PM
cy created this revision.
cy edited the summary of this revision. (Show Details)
libexec/rc/rc.d/ntpd
107

Why unset it?

113

Now the assignment to driftopt in the can_run_nonroot case above has no effect.

cy marked an inline comment as done.Dec 24 2024, 5:38 PM

This has been simplified. Will upload it.

libexec/rc/rc.d/ntpd
107

ntpd_user was tested in an earlier version. This is redundant now.

113

This first draft is overly complex for what needs to be done.

cy marked an inline comment as done.

This is a much simplified patch. Plus a comment why we need to unset ntpd_user because rc.subr will use that to su(1) for us and we don't want this behavior. We want ntpd to setuid() itself.

libexec/rc/rc.d/ntpd
121

I'd explain further that this is in order to make the -i option work.

This revision is now accepted and ready to land.Dec 25 2024, 5:41 PM