Starting with reduced capabilities (non root)

Gary E. Miller gem at
Fri Feb 16 18:15:53 UTC 2018

Yo Hal!

On Thu, 15 Feb 2018 19:55:02 -0800
Hal Murray <hmurray at> wrote:

> > Doesn't ntpd need to be started as root to set that?
> > But how does ntpd set its caps before it starts?  
> man 8 setcap

You know our users do not read man pages!  Can you provide a script,
or at least a detailed procedure?

Also, I do not see a CAP for /dev/pps* or /dev/tty* specific access.
Did I miss something?

> You set them on your ntpd when you mark it setuid as part of the
> install process.

Does our install process do that now?

Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the devel mailing list