ntpd Certificate Loading

Hal Murray hmurray at megapathdsl.net
Thu May 21 15:20:47 UTC 2020

rlaager at wiktel.com said:
> ntpd seems to load the TLS certificate and key before dropping privileges.
> Unfortunately, when it tries to *reload* the certificate later, it has
> dropped privileges and fails. This is a bit of a trap, as a sysadmin can
> think a setup is working when it isn't. (This bit me.) I think it would be
> better to do the initial load after dropping privileges so that it is
> consistent with reloading. 

Apologies for dropping the ball on this.

This feels like the tip of an iceberg.

I think fixing this will be easy, but I wonder what friends are lurking?

These are my opinions.  I hate spam.

More information about the devel mailing list