ntpd Certificate Loading
hmurray at megapathdsl.net
Thu May 21 15:20:47 UTC 2020
rlaager at wiktel.com said:
> ntpd seems to load the TLS certificate and key before dropping privileges.
> Unfortunately, when it tries to *reload* the certificate later, it has
> dropped privileges and fails. This is a bit of a trap, as a sysadmin can
> think a setup is working when it isn't. (This bit me.) I think it would be
> better to do the initial load after dropping privileges so that it is
> consistent with reloading.
Apologies for dropping the ball on this.
This feels like the tip of an iceberg.
I think fixing this will be easy, but I wonder what friends are lurking?
These are my opinions. I hate spam.
More information about the devel