ntpd seems to load the TLS certificate and key before dropping privileges. Unfortunately, when it tries to *reload* the certificate later, it has dropped privileges and fails. This is a bit of a trap, as a sysadmin can think a setup is working when it isn't. (This bit me.) I think it would be better to do the initial load after dropping privileges so that it is consistent with reloading.
-- Richard
signature.asc
Description: OpenPGP digital signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
