State of the microserver HOWTO
Gary E. Miller
gem at rellim.com
Tue Jun 7 22:42:38 UTC 2016
Yo Mike!
On Tue, 7 Jun 2016 18:35:13 -0400
Mike <bellyacres at gmail.com> wrote:
> > I opened a bug:
> >
> > https://gitlab.com/NTPsec/ntpsec/issues/76
> >
> Gary,
>
> I'm not seeing that once I set the ownership to nobody.
>
> mike at 3142:/var/lib/ntp $ ls -al
> total 12
> drwxr-xr-x 2 nobody root 4096 Jun 7 18:13 .
> drwxr-xr-x 31 root root 4096 Jun 4 22:51 ..
> -rw------- 1 nobody nogroup 8 Jun 7 18:13 ntp.drift
Ugh. ntpd should run as user ntp, not nobody. The trend used to
be to have all daemons run as nobody, but then one currupted daemon
running as nobody could control all the other daemons running as nobody.
If the howto say to run as nobody it is bad.
> mike at 3142:/var/lib/ntp $
>
> mike at 3142:/var/lib/ntp $ ntpq --version
> ntpd 0.9.4-44652aa Jun 5 2016 02:26:08
>
> Ntpd writes the drift file and no errors are logged.
Hal says the driftfile is not written on shutdown, so my tests
are not valid. Or they point to a different sort of bug...
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160607/6ed7832f/attachment.bin>
More information about the devel
mailing list