Is it time to drop seccomp?
Hal Murray
hmurray at megapathdsl.net
Wed Feb 13 04:15:42 UTC 2019
Speaking of apparmor and friends...
It's possible to start ntpd non-root.
I've been using the following:
Post normal install:
chown ntp:ntp /usr/local/sbin/ntpd
chmod +s /usr/local/sbin/ntpd
setcap cap_setgid,cap_setuid,cap_sys_resource,cap_ipc_lock,\
cap_sys_nice,cap_sys_time,cap_net_bind_service=pe /usr/local/sbin/ntpd
Patch to ntpd.service for Fedora/systemd
ExecStart=/usr/sbin/runuser -u ntp -- /usr/local/sbin/ntpd $OPTIONS
For debian:
start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE
--startas /sbin/runuser -- -u ntp -- $DAEMON -p $PIDFILE $NTPD_OPTS
It needs a patch to ntpd.c to not bail when not run as root.
----------
The idea is to run it starting as user ntp rather than start as root and
switch to ntp half way through initialization.
The runuser stuff is needed because running something as root ignores the
setuid stuff and runs it as root.
This seemed sufficiently complicated that I didn't go any farther.
I think we can get the same benefits by doing the equivalent in the first few
lines of code. Is that worth pursuing?
---------
Anybody using -i <jaildir> on the command line?
--
These are my opinions. I hate spam.
More information about the devel
mailing list