Run as root if busybox init is used (INITMETHOD_BBINIT) so runtime directory is read and writable. When running under systemd (INITMETHOD_SYSTEMD) use chrony user.
A busybox init system typically ends up with a turtle shell security architecture where systemd is used when defense in depth is needed. Signed-off-by: Bruno Thomsen <[email protected]> --- rules/chrony.make | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules/chrony.make b/rules/chrony.make index 4435b8e97..cbdf9314b 100644 --- a/rules/chrony.make +++ b/rules/chrony.make @@ -54,7 +54,7 @@ CHRONY_CONF_OPT := \ --disable-phc \ $(call ptx/ifdef, PTXCONF_CHRONY_PPS_REFCLK,,--disable-pps) \ $(call ptx/ifdef, PTXCONF_GLOBAL_IPV6,,--disable-ipv6) \ - --with-user=chrony \ + --with-user=$(call ptx/ifdef, PTXCONF_INITMETHOD_SYSTEMD,chrony,root) \ $(call ptx/ifdef, PTXCONF_CHRONY_SECCOMP,--enable-scfilter,) \ $(call ptx/ifdef, PTXCONF_CHRONY_SECCOMP,,--without-seccomp) base-commit: e1f0f2abd3116fdcb5e3e3211321aef801e959ff -- 2.31.1 _______________________________________________ ptxdist mailing list [email protected] To unsubscribe, send a mail with subject "unsubscribe" to [email protected]
