Anybody running on FreeBSD?
I've had an eye on that hole in our code for a long time and finally stumbled into how to do it. The trick is that you have to load a kernel module: mac_ntpd That adds 2 new slots to sysctl: security.mac.ntpd.uid: 123 security.mac.ntpd.enabled: 1 If you are not root, but the module is loaded and enabled and your userid matches, you can fiddle the clock. 123 is conveniently setup to be user ntpd so adding -u ntpd:ntpd to ntpd's command line works as expected, but only if the module is loaded. The startup script in /etc/rc.d/ntpd sets the user to ntpd:ntpd before running ntpd, but only if your config file doesn't have any files that might not work with a jail, or something like that. That failed for me with network permission problems. I didn't investigate. You can load the module with kldload or by adding kld_list="mac_ntpd" to your /etc/rc.conf and rebooting. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
