Re: ntpd pledge, needs "unix" to talk to ntpctl

Fri, 20 Nov 2015 06:17:45 -0800 

Reyk Floeter <r...@openbsd.org> writes:

> On Fri, Nov 20, 2015 at 02:07:46PM +0100, J??r??mie Courr??ges-Anglas wrote:
>> Andreas Kusalananda K??h??ri <andreas.kah...@icm.uu.se> writes:
>> 
>> > Hi,
>> >
>> > I noticed that ntpd would die if I tried to use ntpctl to check on it:
>> >
>> > [...]
>> > 29946 ntpd     CALL  poll(0xda8993ab5c0,4,1000)
>> > 29946 ntpd     RET   poll 1
>> > 29946 ntpd     CALL  kbind(0x7f7ffffc2558,0x18,0x7bb3facd5f812ed9)
>> > 29946 ntpd     RET   kbind 0
>> > 29946 ntpd     CALL  accept(5,0x7f7ffffc2630,0x7f7ffffc262c)
>> > 29946 ntpd     PLDG  accept, "unix", errno 1 Operation not permitted
>> > 29946 ntpd     PSIG  SIGABRT SIG_DFL
>> > [...]
>> >
>> > I also get ntpd(<pid>): syscall 30 "unix" in the console.
>> 
>> Confirmed, the failure is in control_accept(), which should be allowed
>> to speak on a Unix socket.
>> 
>> See the diff below.
>> 
>
> There was some semantical fix in sys/kern/uipc_usrreq.c for unix
> sockets that might have triggered it.

Yup.  And the change that lead to this ntpd failure was amended earlier
today, so the patch isn't actually needed.

Cheers,

> I'm sure I had used ntpctl with
> "older" pledge.
>
> The diff looks OK, with the drawback that the ntp process now needs
> "all of unix" for the accept() - but the unix socket is pre-opened
> before its pledge/chroot.
>
> OK reyk@
>
>> Index: ntp.c
>> ===================================================================
>> RCS file: /cvs/src/usr.sbin/ntpd/ntp.c,v
>> retrieving revision 1.139
>> diff -u -p -p -u -r1.139 ntp.c
>> --- ntp.c    30 Oct 2015 16:41:53 -0000      1.139
>> +++ ntp.c    20 Nov 2015 13:03:29 -0000
>> @@ -149,7 +149,7 @@ ntp_main(int pipe_prnt[2], int fd_ctl, s
>>      endservent();
>>  
>>      /* The ntp process will want to open NTP client sockets -> "inet" */
>> -    if (pledge("stdio inet", NULL) == -1)
>> +    if (pledge("stdio unix inet", NULL) == -1)
>>              err(1, "pledge");
>>  
>>      signal(SIGTERM, ntp_sighdlr);
>> 
>> -- 
>> jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE
>> 


-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Reply via email to