Gary E. Miller via devel writes: >> You don't need root for /dev/whatever if you set the owner to ntp:ntp >> before starting ntpd. > > Which of course, you have to every time you reboot. And since most > people now use udevd, it needs a rule change.
No, that's what udev does for you if you ask it to. > And does that work for SHM(0) and SHM(1) I don't use these (yet), but generally udev can deal with all devices that provide an event to the kernel when they get created. > But how does ntpd set its caps before it starts? Capabilities are extended attributes on the executable file. So they don't get set by the executable itself. >> One more tweak that I missed on my previous message: >> If you use -p <pid file name> on the command line, you need to be >> able to write that file. > > Where? In ntpd, or on the command line? If on the command line, how > is the newbie supposed to know? Systemd doesn't need a pid file anyway and it can already start ntpd as ntp:ntp and hence ntpd doesn't need to setuid/setgid either. Both of these functions could be moved to a wrapper if you assume an init system that works a bit differently. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ DIY Stuff: http://Synth.Stromeko.net/DIY.html _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel