Hi, we've been able to run ntpd as non-root for a while. this is not the default if you innocently ntpd=yes in rc.conf. it requires /dev/clockctl, and most things have it, even one of the sun2 kernels.
can I change this to become the default, for better default security? Index: rc.conf =================================================================== RCS file: /cvsroot/src/etc/defaults/rc.conf,v retrieving revision 1.139 diff -u -r1.139 rc.conf --- rc.conf 7 Jan 2017 20:00:33 -0000 1.139 +++ rc.conf 29 Jun 2017 00:01:24 -0000 @@ -254,7 +254,7 @@ # - The kernel has "pseudo-device clockctl" compiled in # - /dev/clockctl is present # -#ntpd_chrootdir="/var/chroot/ntpd" +ntpd_chrootdir="/var/chroot/ntpd" # Routing daemons. # Thanks
