git: 5ca7754519e8 - main - Revert "ntpd: Use the ntpd -u option in preference to the rc su plumbing"

Tue, 11 Mar 2025 10:58:19 -0700 

The branch main has been updated by cy:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=5ca7754519e8c618968d8acbf54d653b6e968829

commit 5ca7754519e8c618968d8acbf54d653b6e968829
Author:     Cy Schubert <c...@freebsd.org>
AuthorDate: 2025-03-11 17:51:11 +0000
Commit:     Cy Schubert <c...@freebsd.org>
CommitDate: 2025-03-11 17:51:11 +0000

    Revert "ntpd: Use the ntpd -u option in preference to the rc su plumbing"
    
    Using the ntpd -u option to set the credentials ntpd is to run under
    while still using rc(8) to invoke causes some FreeBSD installs to fail
    to load mac_ntp. The fact that that can_run_nonroot() does not
    indicate why failures occur leaves people on the mailing lists
    guessing as to why there are failures. Let's revert back to using
    the rc(8) provided su. The ntpd rc script will be rewritten when
    the ntpd chroot will be implemented.
    
    Reported on:    freebsd-stable@
    MFC after:      immediately
    
    This reverts commit 521f66715afb312b356afafc68cbc044a436a753.
---
 libexec/rc/rc.d/ntpd | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/libexec/rc/rc.d/ntpd b/libexec/rc/rc.d/ntpd
index 8babda09455c..e7e42da8acc7 100755
--- a/libexec/rc/rc.d/ntpd
+++ b/libexec/rc/rc.d/ntpd
@@ -101,6 +101,7 @@ ntpd_precmd()
        # by the admin, we don't add the option.  If the file exists in the old
        # default location we use that, else we use the new default location.
        if can_run_nonroot; then
+               _user="ntpd"
                driftopt="-f ${_ntp_default_driftfile}"
        elif grep -q "^[ \t]*driftfile" "${ntpd_config}" ||
             [ -n "${rc_flags}" ] &&
@@ -114,13 +115,7 @@ ntpd_precmd()
        fi
 
        # Set command_args based on the various config vars.
-       command_args="-p ${pidfile} -c ${ntpd_config} ${driftopt} -u 
${ntpd_user:=ntpd:ntpd}"
-
-       # Unset ntpd_user because rc.subr uses $${name}_user to determine
-       # whether to invoke su(1) to setuid() to $ntpd_user for us. We want
-       # ntpd to do the setuid() itself through the -u argument, above.
-       unset ntpd_user
-
+       command_args="-p ${pidfile} -c ${ntpd_config} ${driftopt}"
        if checkyesno ntpd_sync_on_start; then
                command_args="${command_args} -g"
        fi

Reply via email to