non-root ntpd

To: tech-userlevel%NetBSD.org@localhost
Subject: non-root ntpd
From: coypu%sdf.org@localhost
Date: Thu, 29 Jun 2017 00:02:24 +0000

Hi,

we've been able to run ntpd as non-root for a while. this is not the
default if you innocently ntpd=yes in rc.conf. it requires
/dev/clockctl, and most things have it, even one of the sun2 kernels.

can I change this to become the default, for better default security?

Index: rc.conf
===================================================================
RCS file: /cvsroot/src/etc/defaults/rc.conf,v
retrieving revision 1.139
diff -u -r1.139 rc.conf
--- rc.conf	7 Jan 2017 20:00:33 -0000	1.139
+++ rc.conf	29 Jun 2017 00:01:24 -0000
@@ -254,7 +254,7 @@
 #	- The kernel has "pseudo-device clockctl" compiled in
 #	- /dev/clockctl is present
 #
-#ntpd_chrootdir="/var/chroot/ntpd"
+ntpd_chrootdir="/var/chroot/ntpd"
 
 # Routing daemons.
 #


Thanks

Follow-Ups:
- Re: non-root ntpd
  - From: Taylor R Campbell

Prev by Date: Re: randomness (crypto?) code example wanted please?
Next by Date: Re: non-root ntpd
Previous by Thread: randomness (crypto?) code example wanted please?
Next by Thread: Re: non-root ntpd
Indexes:

Home | Main Index | Thread Index | Old Index