Hal Murray via devel writes: > I've been running on Linux with ntpd starting as non-root with reduced > capabilities. Do we want to merge this in?
Yes, please. I see no reason why ntpd should start up as root these days. > It's not a big deal, but one more small step in the right direction. The > biggest disadvantage I can see is the increased complexity in the startup > scripts. It'll be better in the long run to get fixed. > I think we can avoid cap_setgid and cap_setuid by not switching to > ntp:ntp. Yes, that is something systemd should take care of. > You also have to get the permissions right on log files and refclock device > files. Device files can be taken care of by udev rules. Statistics files already are owned by ntp:ntp. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ Wavetables for the Terratec KOMPLEXER: http://Synth.Stromeko.net/Downloads.html#KomplexerWaves _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
