On 02/19/2018 01:14 AM, Daniel Baumann wrote:
> # /usr/sbin/ntpd -p /var/run/ntpd.pid -g -x -u 103:105 -ddd
...
> comparing to ntp, this looks almost the same, except that after the
> 'failed to drop root privs' ntp doesn't stop, whereas ntpsec does.
If only for testing, what happens if you omit -u and its value? This
should avoid all the droproot code. Granted, you'll end up running as root.
I'm not sure why ntp's ntpd wouldn't stop. The code is the same (note
the exit(-1) call):
if (-1 == cap_set_proc(caps)) {
msyslog(LOG_ERR,
"cap_set_proc() failed to drop root privs: %m");
exit(-1);
}
If ntp's ntpd is printing that error, it should be exiting too.
--
Richard
