Yo David! On Thu, 3 Jul 2025 16:40:36 +0200 David Venhoek <[email protected]> wrote:
> I am
> specifically talking about the chrony sockets, eg the ones at
> @RUNDIR@/chrony.XXX.sock. These are made by the ntp daemon wanting to
> receive the gps data, and it is one such a daemon I primarily work
> on.
gpsd follows the lead of chronyd. Chronyd makes the socket, gpsd just
opens them. Chronyd runs as root. If you can show that chronyd can
handle different locations then gpsd will follow.
> We prefer strongly to run that daemon with non-root privileges,
Reayy, really, really bad idea. This comes up every month or so and
is roundly shot down. Any user that can control time is effectively
root. So that is just security by obscuiry.
> which makes creating these sockets in @RUNDIR@ directly a bit of a
> hastle, and it would therefore be useful to be able to move gpsd's
> idea of where they might be.
You realize that @RUNDIR@ is user configurable? If you do not want
/run, or /var/run, then pick someplace else. That said, a really abd
idea.
Or you could change permissions on /run, /var/run, etc.
> As for changing compile time options, most of my users use gpsd from
> their distribution, and getting them to recompile is likely out of
> the question.
And since moving it is a really, really, bad idea, we will wait for a
distribution to request it. If you want to shoot yourself in the foot
you gotta hold the gun yourself. We'll not help.
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
[email protected] Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can't measure it, you can't improve it." - Lord Kelvin
pgpexT1OI2sZH.pgp
Description: OpenPGP digital signature
