This patchset implements a support for dropping all root privileges
except adjusting the clock and binding to a privileged port, using the
libcap library.

A new option is added to ptp4l/phc2sys/pmc to specify the username to
which should be the identity switched.

The UDS transport requires a directory where the user has write access,
so each process can bind its own socket and write to the socket of the
other process. When ptp4l is running under a non-root user, phc2sys and
pmc need to run under the same user.

With ptp4l and pmc the directory can be specified, but phc2sys doesn't
have an option to specify its own socket yet, which means the -a and -w
option don't work.

I'm not sure if this is the right way.

Maybe it would be better to make it a compile-time option, hardcoding
the username and changing the default directory where all Unix sockets
are created (e.g. /var/run/linuxptp)?

Suggestions?

Miroslav Lichvar (4):
  util: Add function to drop root privileges.
  ptp4l: Add support for dropping root privileges
  pmc: Add support for dropping root privileges.
  phc2sys: Add support for dropping root privileges.

 clock.c    |  5 ++++
 config.c   |  1 +
 incdefs.sh | 11 ++++++++-
 makefile   |  4 ++++
 phc2sys.8  |  8 +++++++
 phc2sys.c  |  3 +++
 pmc.8      |  8 +++++++
 pmc.c      |  5 ++++
 ptp4l.8    |  7 ++++++
 util.c     | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 util.h     |  9 ++++++++
 11 files changed, 127 insertions(+), 1 deletion(-)

-- 
2.17.1


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linuxptp-devel mailing list
Linuxptp-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linuxptp-devel

Reply via email to