Starting with reduced capabilities (non root)
Gary E. Miller
gem at rellim.com
Fri Feb 16 18:15:53 UTC 2018
Yo Hal!
On Thu, 15 Feb 2018 19:55:02 -0800
Hal Murray <hmurray at megapathdsl.net> wrote:
> > Doesn't ntpd need to be started as root to set that?
> > But how does ntpd set its caps before it starts?
>
> man 8 setcap
You know our users do not read man pages! Can you provide a script,
or at least a detailed procedure?
Also, I do not see a CAP for /dev/pps* or /dev/tty* specific access.
Did I miss something?
> You set them on your ntpd when you mark it setuid as part of the
> install process.
Does our install process do that now?
RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
gem at rellim.com Tel:+1 541 382 8588
Veritas liberabit vos. -- Quid est veritas?
"If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20180216/b8eeaf81/attachment.bin>
More information about the devel
mailing list