Hi, On Tue, Jan 20, 2015 at 08:21:32AM -0600, Brent Cook wrote: > On Tue, Jan 20, 2015 at 5:46 AM, John Long <codeb...@inbox.lv> wrote: > > Does portable NTPD use a drift file? I didn't see one in the previous > > version and a new install of 5.7p1 doesn't seem to have one either. I didn't > > see any discussion of a drift file in the manpage for ntpd nor for ntpd.conf > > in the portable version, though it is mentioned in the man pages for the > > OpenBSD version. > > It is mentioned in the ntpd(8) man page at the bottom
Some confusion on my part because when I removed the distro's ntp package it left the man pages. And the ntpd and ntpd.conf man pages say the first version was for OpenBSD 3.6 at the bottom so I thought those were the right pages! Once I ripped them out the correct ntp* man pages show up. And there it is. > though I should fix the the portable version to adjust the manpage to > point where it actually gets configured for installation. Some packagers > have already been patching this for their distributions. By default, it > should get written to: > > LOCALSTATEDIR "/db/ntpd.drift" Thanks, this helps. It was there, just not where I wanted since I install addons in /usr/local. Unfortunately now that I fixed the build to use /var like everything else I see there is a problem because /var/db is only root writeable and I believe the _ntp user is the one trying to write the drift file. It would be unfortunate to have to create a whole directory hierachy no matter how small just to have a place the _ntp user could write his drift file. I think I would even prefer /var/tmp to that. Any suggestions? > > Also, what is the purpose of /var/empty/ntp in the portable version? It's > > empty ;) > > Thanks for bringing that up. This is a privilege-separation directory > that the unprivileged ntpd processes chroot to on startup. It is > intentionally empty and unwritable by the unprivileged processes. > Having this directory empty and unwritable prevents the processes from > having access to any files or file system privileges that they do not > need to do their jobs. > > Since /var/empty might not exist, e.g. Debian does not provide it, > your OS's package may have altered the privilege separation user > directory to be somewhere else, like '/var/run/openntpd'. But, that > should also be empty and unwritable. Ok, this was also fixed, presumably, when I set localstatedir for the build. /jl -- ASCII ribbon campaign ( ) Powered by Lemote Fuloong against HTML e-mail X Loongson MIPS and OpenBSD and proprietary / \ http://www.mutt.org attachments / \ Code Blue or Go Home! Encrypted email preferred PGP Key 2048R/DA65BC04
