As Gary pointed out, our home base is on GitLab, so comments here will be hard to find.
Let's move the discussion to devel@ntpsec.org Henrique Moraes said: > I may be misunderstanding something, but I was under the impression that > ntpd can drop privileges using the -u option to run as a non-root user, > and use CAP_SYS_TIME capability to adjust the system time. Could you > please clarify how this aligns with the decision that non-root user and > processes may never have an input on the system time? We had a similar request a while ago. The details of how to get started seemed complicated, but maybe we overlooked a critical idea. How are you planning to start a program with the right user and capabilities? (and scheduler priority) I consider splitting ntpd into 2 programs too disruptive. I think it would be reasonable to patch the root-check to check for the needed capabilities if started as non-root. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org https://lists.ntpsec.org/mailman/listinfo/devel
