[EMAIL PROTECTED] (Danny Mayer) writes: > Dale Bright wrote: >> Hi All, >> >> Newbie here, looking for a little help from those who have come >> before me, Has anyone got 2.0 to work as non-root privileges in >> solaris 9. is it even possible... if so can someone point me a a >> good link. Googled for a while and do not find much solaris >> help... ( no jokes on that please :-) ) >> >> Thx >> Dale > > You need privileges to bind to the NTP port (123) and then you need > privileges to change the clock. If you don't have the requisite > privileges, and this applies to all operating systems, not just > Solaris, then you may as well forget it.
To the OP, What do you mean "2.0" ? In general, you'd probably want to check out Solaris's RBAC system (available since Solaris 8). There's a pretty good introduction on RBAC on Solaris 10 at: http://www.sun.com/bigadmin/features/articles/least_privilege.html >From the article: PRIV_NET_PRIVADDR Allow a process to bind to a privileged port number. The privilege port numbers are 1-1023 (the traditional UNIX privileged ports) as well as those ports marked as "udp/tcp_extra_priv_ports" with the exception of the ports reserved for use by NFS. There's a bit of an example at the following URL that may be of use (note the 'sys_time' privilege): http://docs.sun.com/app/docs/doc/816-4557/6maosrjgo?a=view And an example of configuring a role on Solaris 10 with a patched OpenNTPD: http://www.pitt.edu/~toc1/openntpd.html There was also a thread on the ntp-hackers mailing list back in April (the following message would be quite pertinent): http://lists.ntp.isc.org/pipermail/hackers/2005-April/001219.html You may want to ask in comp.unix.solaris. If you do manage to do this please let us know (or at least me :). It would be nice if Sun change ntp to use privileges (it would also be nice if they started using NTP 4.x :). -- David Magda <dmagda at ee.ryerson.ca> Because the innovator has for enemies all those who have done well under the old conditions, and lukewarm defenders in those who may do well under the new. -- Niccolo Machiavelli, _The Prince_, Chapter VI _______________________________________________ questions mailing list [email protected] https://lists.ntp.isc.org/mailman/listinfo/questions
