devel@ntpsec.org said:
> You know our users do not read man pages! Can you provide a script, or at
> least a detailed procedure?
Sure. If you look back in the message that started this thread there are
snippets of code.
The initial message was asking if there was any interest. (Or implicitly,
any objections.) I wasn't going to polish things like documentation if
somebody pointed out a fatal flaw.
> Also, I do not see a CAP for /dev/pps* or /dev/tty* specific access. Did I
> miss something?
We don't need anything for that since you can set the owner to ntp.
There is a capability for that. It covers all file access, not just /dev/
CAP_DAC_OVERRIDE
Bypass file read, write, and execute permission checks. (DAC is
an abbreviation of "discretionary access control".)
>> You set them on your ntpd when you mark it setuid as
>> part of the install process.
> Does our install process do that now?
No. I have a script that I use as a wrapper for install. I put it in there
because that was the simplest way for me to get off the ground and see if it
worked.
I may need help fixing the waf install stuff. (I haven't looked yet.)
--
These are my opinions. I hate spam.
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
