Greetings, Perhaps I’m confused so I wanted to raise this issue/question before sending a patch.
On linux, I need a parent process to fork/execv chronyd and I have that parent managing the needed Linux capabilities so chronyd can set the local time and access reserved ports. That parent process has already dropped to a non-privileged user which prevents chronyd from starting as the superuser or making use of the -u option. But with capabilities in place it shouldn’t need those things and chronyd’s LOG_FATAL("Not superuser”) euid 0 test early in main() should not apply. I understand that eliminating that test outright would change the behavior other platforms (those without capabilities where a non-euid 0 invocation is certain to fail later) so I didn’t want to do that. Instead, I added a ‘-U’ option that just skips the euid 0 requirement. I’ll need to rebase my patch before posting but wanted to discuss this first. Does this make sense or is there another way to do it? -Mike -- To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe" in the subject. For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the subject. Trouble? Email listmas...@chrony.tuxfamily.org.