On Monday 13 March 2006 12:22 am, Rumen Yotov wrote: > On Sunday 12 March 2006 19:43, David Corbin wrote: > > On Sunday 12 March 2006 04:28 pm, Peter Ruskin wrote: > > > On Sunday 12 March 2006 20:16, David Corbin wrote: > > > > ntp-client is in my "default" run level. However, when I it runs > > > > at boot time, I get this error message: > > > > > > > > 12 Mar 09:06:24 ntpd[9516]: cap_set_proc() failed to drop root > > > > privileges: Operation not permitted > > > > 12 Mar 09:06:26 ntpd[9561]: parent died before we finished, > > > > exiting > > > > > > > > > > > > If I run it as root manually, it runs fine. > > > > > > Add nodroproot to your USE flags and remerge ntp > > > > I will, but why does it work fine "from the command line"? > Hi,
I don't mean to sound like child who continues to go "but why?". Still, it doesn't make sense to me. > Because when it wants to drop it's privileges from root to e.g. ntpd (user > or group) it can't - get's killed. First, I don't understand how root could ever have a permission problem try to "downgrade its privleges". Second, I don't understand how it could not have the require privileges during the boot process (presumably running starting as root), and yet it works when I run it by hand as root. > Usually permission problems or in this case it/ntpd can't access /proc to > set time (cap_set_proc()). > Just a sidenote, recently (a day ago) exchanged "ntp" for "openntpd" (from > OpenBSD) on a hardened router, because ntp wanted to lock too much memory > (RLIMIT_MEMLOCK - from 32K (default) -> ~8 MB) and other minor issues. > HTH.Rumen -- gentoo-user@gentoo.org mailing list