Greetings,
Perhaps I’m confused so I wanted to raise this issue/question before sending a
patch.
On linux, I need a parent process to fork/execv chronyd and I have that parent
managing the needed Linux capabilities so chronyd can set the local time and
access reserved ports. That parent process has already dropped to a
non-privileged user which prevents chronyd from starting as the superuser or
making use of the -u option.
But with capabilities in place it shouldn’t need those things and chronyd’s
LOG_FATAL("Not superuser”) euid 0 test early in main() should not apply.
I understand that eliminating that test outright would change the behavior
other platforms (those without capabilities where a non-euid 0 invocation is
certain to fail later) so I didn’t want to do that.
Instead, I added a ‘-U’ option that just skips the euid 0 requirement. I’ll
need to rebase my patch before posting but wanted to discuss this first.
Does this make sense or is there another way to do it?
-Mike
--
To unsubscribe email chrony-dev-requ...@chrony.tuxfamily.org with "unsubscribe"
in the subject.
For help email chrony-dev-requ...@chrony.tuxfamily.org with "help" in the
subject.
Trouble? Email listmas...@chrony.tuxfamily.org.
