git: 067cf605f884 - stable/13 - Revert "ntpd: Use the ntpd -u option in preference to the rc su plumbing"

Tue, 11 Mar 2025 11:17:04 -0700 

The branch stable/13 has been updated by cy:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=067cf605f884d888fd269ca269d9dda3b66a8787

commit 067cf605f884d888fd269ca269d9dda3b66a8787
Author:     Cy Schubert <c...@freebsd.org>
AuthorDate: 2025-03-11 17:51:11 +0000
Commit:     Cy Schubert <c...@freebsd.org>
CommitDate: 2025-03-11 17:59:36 +0000

    Revert "ntpd: Use the ntpd -u option in preference to the rc su plumbing"
    
    Using the ntpd -u option to set the credentials ntpd is to run under
    while still using rc(8) to invoke causes some FreeBSD installs to fail
    to load mac_ntp. The fact that that can_run_nonroot() does not
    indicate why failures occur leaves people on the mailing lists
    guessing as to why there are failures. Let's revert back to using
    the rc(8) provided su. The ntpd rc script will be rewritten when
    the ntpd chroot will be implemented.
    
    Reported on:    freebsd-stable@
    
    This reverts commit 521f66715afb312b356afafc68cbc044a436a753.
    
    (cherry picked from commit 5ca7754519e8c618968d8acbf54d653b6e968829)
---
 libexec/rc/rc.d/ntpd | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/libexec/rc/rc.d/ntpd b/libexec/rc/rc.d/ntpd
index 36df4ae08c96..76d83149ae1a 100755
--- a/libexec/rc/rc.d/ntpd
+++ b/libexec/rc/rc.d/ntpd
@@ -98,6 +98,7 @@ ntpd_precmd()
        # by the admin, we don't add the option.  If the file exists in the old
        # default location we use that, else we use the new default location.
        if can_run_nonroot; then
+               _user="ntpd"
                driftopt="-f ${_ntp_default_driftfile}"
        elif grep -q "^[ \t]*driftfile" "${ntpd_config}" ||
             [ -n "${rc_flags}" ] &&
@@ -111,13 +112,7 @@ ntpd_precmd()
        fi
 
        # Set command_args based on the various config vars.
-       command_args="-p ${pidfile} -c ${ntpd_config} ${driftopt} -u 
${ntpd_user:=ntpd:ntpd}"
-
-       # Unset ntpd_user because rc.subr uses $${name}_user to determine
-       # whether to invoke su(1) to setuid() to $ntpd_user for us. We want
-       # ntpd to do the setuid() itself through the -u argument, above.
-       unset ntpd_user
-
+       command_args="-p ${pidfile} -c ${ntpd_config} ${driftopt}"
        if checkyesno ntpd_sync_on_start; then
                command_args="${command_args} -g"
        fi

Reply via email to