[Git][NTPsec/ntpsec][master] Address GitLab issue #95: ... configuring with "--disable-droproot"

Eric S. Raymond gitlab at mg.gitlab.com
Mon Jul 11 00:27:06 UTC 2016 

Eric S. Raymond pushed to branch master at NTPsec / ntpsec


Commits:
6fbf7027 by Eric S. Raymond at 2016-07-10T20:26:08-04:00
Address GitLab issue #95: ... configuring with "--disable-droproot"

- - - - -


2 changed files:

- ntpd/ntp_sandbox.c
- ntpd/ntpd.c


Changes:

=====================================
ntpd/ntp_sandbox.c
=====================================
--- a/ntpd/ntp_sandbox.c
+++ b/ntpd/ntp_sandbox.c
@@ -54,10 +54,17 @@ bool sandbox(const bool droproot,
 	     const char *chrootdir,
 	     bool want_dynamic_interface_tracking)
 {
+	bool nonroot = false;
+#ifndef ENABLE_DROPROOT
+	UNUSED_ARG(droproot);
+	UNUSED_ARG(user);
+	UNUSED_ARG(group);
+	UNUSED_ARG(chrootdir);
+	UNUSED_ARG(want_dynamic_interface_tracking);
+#else
 #ifndef HAVE_LINUX_CAPABILITY
 	UNUSED_ARG(want_dynamic_interface_tracking);
 #endif /* HAVE_LINUX_CAPABILITY */
-	bool nonroot = false;
 #if !defined(HAVE_LINUX_CAPABILITY) && !defined(HAVE_SOLARIS_PRIVS) && !defined(HAVE_SYS_CLOCKCTL_H)
 	if (droproot) {
 		msyslog(LOG_ERR,
@@ -65,7 +72,6 @@ bool sandbox(const bool droproot,
 		exit(-1);
 	}
 #endif /* !defined(HAVE_LINUX_CAPABILITY) && !defined(HAVE_SOLARIS_PRIVS)  && !defined(HAVE_SYS_CLOCKCTL) */
-# ifdef ENABLE_DROPROOT
 	if (droproot) {
 		/* Drop super-user privileges and chroot now if the OS supports this */
 #  ifdef HAVE_LINUX_CAPABILITY


=====================================
ntpd/ntpd.c
=====================================
--- a/ntpd/ntpd.c
+++ b/ntpd/ntpd.c
@@ -96,12 +96,10 @@ bool mdnsreg = false;
 int mdnstries = 5;
 #endif  /* ENABLE_MDNS_REGISTRATION */
 
-#ifdef ENABLE_DROPROOT
-bool droproot;
+bool droproot = false;
 char *user;		/* User to switch to */
 char *group;		/* group to switch to */
 const char *chrootdir;	/* directory to chroot to */
-#endif /* ENABLE_DROPROOT */
 
 #ifdef HAVE_WORKING_FORK
 int	waitsync_fd_to_close = -1;	/* -w/--wait-sync */



View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/6fbf7027d2826929ecaab659ea0a6867741e39c2
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntpsec.org/pipermail/vc/attachments/20160711/ad7c9560/attachment.html>

More information about the vc mailing list