There are 3 files I can think of. Did I miss any? The keys file for shared key authentication. The NTS private key for the server certificate The NTS key file for making/decoding cookies
We need to be able to write the cookie file. The others can be (should be?) read only. Things may be slightly complicated with switching to user ntp. -------- There is a related tangle. We want to switch to the log file as early as possible, probably before switching to user ntp. I think logrotate and friends copy the owner and mode. After a fresh install, the log file gets created by user root but ntpd won't be able to open the new file on a SIGHUP. Once you manually set the owner to ntp, things are good. Should we set the owner to ntp (if needed) before switching to ntp? -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
