This makes it easier for a sysadmin to diagnose a privilege separation
path problem without looking at the source code for why 'stat' failed.
ok?
---
src/usr.sbin/ntpd/ntp.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/src/usr.sbin/ntpd/ntp.c b/src/usr.sbin/ntpd/ntp.c
index 87b769b..625364a 100644
--- a/src/usr.sbin/ntpd/ntp.c
+++ b/src/usr.sbin/ntpd/ntp.c
@@ -121,10 +121,13 @@ ntp_main(int pipe_prnt[2], int fd_ctl, struct ntpd_conf
*nconf,
ntp_dns(pipe_dns, nconf, pw);
close(pipe_dns[1]);
- if (stat(pw->pw_dir, &stb) == -1)
- fatal("stat");
- if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0)
- fatalx("bad privsep dir permissions");
+ if (stat(pw->pw_dir, &stb) == -1) {
+ fatal("privsep dir %s could not be opened", pw->pw_dir);
+ }
+ if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
+ fatalx("bad privsep dir %s permissions: %o",
+ pw->pw_dir, stb.st_mode);
+ }
if (chroot(pw->pw_dir) == -1)
fatal("chroot");
if (chdir("/") == -1)
--
1.9.1
