1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-16 10:20:30 +00:00
freebsd/etc
Ian Lepore d11f4dfd21 Automatically run ntpd as non-root when possible.
Ntpd needs only a subset of full root privileges to do its job. Specifically
it needs the ability to manipulate system time, and to re-bind to a
privileged UDP port after interface changes. The mac_ntpd(4) policy module
(see r336525) can grant these privs.

These changes detect the availability of mac_ntpd(4). If enabled, and if the
ntpd configuration is fairly vanilla, it automatically runs ntpd as the
non-root user 'ntpd' (uid 123). "Vanilla" means the config doesn't include
command line or ntp.conf options changing the location of files or using any
files/dirs likely to be inaccessible to user ntpd.  Ntpd can still run as
non-root when using such options, but the admin must ensure all required
files and dirs are accessible, and then set ntpd_user=ntpd in rc.conf.

Note that these changes also address PR 199127 by using the command_args
technique suggested in the patch. They also tangentially address PR 113552,
which is primarily about inconsistent filenames in documentation, but some
of the inconsistancy was caused by old code in rc.d/ntpd which is leftover
from the intial import from netbsd. There was code to do chroot setup which
required the use of the netbsd clockctl(4) device; that code never had any
effect on freebsd, because we lack that device and don't build ntpd with the
options that would allow using it.

PR:		113552 199127
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D16050
2018-07-20 13:59:29 +00:00
..
autofs etc: clean up trailing whitespace in autofs 2018-02-15 11:41:38 +00:00
bluetooth
cron.d Conditionally handle the crontab entry for atrun(8) 2017-05-18 06:33:55 +00:00
defaults Automatically run ntpd as non-root when possible. 2018-07-20 13:59:29 +00:00
devd Fix quoting in sending the NOMATCH event to devmatch 2018-06-28 15:00:18 +00:00
etc.aarch64 For video consoles, only launch a getty if the device exists. 2018-05-09 20:49:00 +00:00
etc.amd64 For video consoles, only launch a getty if the device exists. 2018-05-09 20:49:00 +00:00
etc.arm For video consoles, only launch a getty if the device exists. 2018-05-09 20:49:00 +00:00
etc.i386 For video consoles, only launch a getty if the device exists. 2018-05-09 20:49:00 +00:00
etc.mips Enable all callin ttys if the tty is an available console. 2015-10-20 16:10:46 +00:00
etc.powerpc For video consoles, only launch a getty if the device exists. 2018-05-09 20:49:00 +00:00
etc.riscv For video consoles, only launch a getty if the device exists. 2018-05-09 20:49:00 +00:00
etc.sparc64 For video consoles, only launch a getty if the device exists. 2018-05-09 20:49:00 +00:00
gss
mail Replace send-mail with the more standarized sendmail, we do not create 2017-12-27 06:23:50 +00:00
mtree Make it possible to run ntpd as a non-root user, add ntpd uid and gid. 2018-07-19 23:55:29 +00:00
newsyslog.conf.d Handle the logfiles in newsyslog and syslogd conditionally, based on 2017-05-13 03:10:50 +00:00
ntp Replace the leap-seconds file in r320242 from USNO - 2017-06-23 01:05:49 +00:00
pam.d various: general adoption of SPDX licensing ID tags. 2017-11-27 15:37:16 +00:00
periodic filter all passwords (not only changed) from periodic passwd backup 2017-11-21 20:31:54 +00:00
pkg
rc.d Automatically run ntpd as non-root when possible. 2018-07-20 13:59:29 +00:00
root Fix typo introduced in r320672 - check for existence of the right file. 2017-07-05 15:42:33 +00:00
sendmail Only create /var/log/sendmail.st if start sendmail. 2018-06-06 01:51:05 +00:00
syslog.d Handle the logfiles in newsyslog and syslogd conditionally, based on 2017-05-13 03:10:50 +00:00
amd.map
apmd.conf
auto_master Stop appending "noatime" in the autofs -media map, and instead add it 2016-09-20 04:52:01 +00:00
blacklistd.conf Add basic blacklist build support 2016-06-02 19:06:04 +00:00
crontab Set the $PATH in /etc/crontab like it is set by the cron(8) 2018-06-10 02:13:30 +00:00
csh.cshrc
csh.login
csh.logout
ddb.conf
devd.conf User service foo rather than /etc/rc.d/foo. 2018-06-11 22:48:34 +00:00
devfs.conf
dhclient.conf
disktab
fbtab
freebsd-update.conf
ftpusers
gettytab
group Make it possible to run ntpd as a non-root user, add ntpd uid and gid. 2018-07-19 23:55:29 +00:00
hosts
hosts.allow
hosts.equiv
hosts.lpd
inetd.conf Remove rcmds. 2017-10-06 08:43:14 +00:00
libalias.conf
libmap.conf
login.access
login.conf Fix handling of umtxp resource limit in sh(1)/ulimit(1), limits(1), add 2016-03-12 14:54:34 +00:00
mac.conf
Makefile WITHOUT_SERVICESDB: 2018-07-04 17:18:35 +00:00
Makefile.depend META MODE: Update dependencies with 'the-lot' and add missing directories. 2015-12-01 05:23:19 +00:00
master.passwd Make it possible to run ntpd as a non-root user, add ntpd uid and gid. 2018-07-19 23:55:29 +00:00
minfree
motd
netconfig
netstart Remove NATM configuration bits and assorted NATM and ATM remnants. 2017-04-25 21:59:34 +00:00
network.subr Reduce code duplication for wlan(4) interface creation in network.subr. 2017-11-19 20:18:21 +00:00
networks
newsyslog.conf [etc] Update newsyslog.conf default comment 2018-05-03 00:57:19 +00:00
nls.alias
nscd.conf
nsmb.conf
nsswitch.conf Implement an NSS backend for netgroups and add getnetgrent_r(3). 2016-06-09 01:28:44 +00:00
ntp.conf Fix a comment; the ntp leaplist file is updated periodically, but not weekly 2018-06-24 03:31:23 +00:00
opieaccess
pccard_ether Do not try to recreate wlan(4) interface if it already exists. 2016-12-04 15:58:34 +00:00
pf.os pf.os: Add OpenBSD:6.1 2017-12-02 06:23:02 +00:00
phones
portsnap.conf userland: Fix several typos and minor errors 2017-12-27 03:23:01 +00:00
printcap Update several more URLs 2017-10-29 08:17:03 +00:00
profile
protocols etc: minor spelling fixes. 2016-05-01 16:43:22 +00:00
rc Fix firstboot fs mount logic 2018-02-06 20:12:05 +00:00
rc.bsdextended
rc.firewall The firewall_type is ignored if not set in rc.conf or rc.conf.local, 2018-02-22 08:25:39 +00:00
rc.initdiskless userland: Fix several typos and minor errors 2017-12-27 03:23:01 +00:00
rc.resume
rc.sendmail
rc.shutdown Since r275359, there is no need to provide a bogus service name. 2015-10-26 15:16:27 +00:00
rc.subr rc.subr: Support loading environmental variables from a file 2018-05-25 19:36:26 +00:00
rc.suspend
regdomain.xml Correct Russia spelling in regdomain.xml 2018-02-05 18:45:21 +00:00
remote
rpc
services Add VXLAN (RFC 7348) port 2017-12-31 17:11:12 +00:00
shells
snmpd.config Move the mibII module up so uncommenting the bridge module works 2017-01-07 09:03:40 +00:00
sysctl.conf
syslog.conf Handle the logfiles in newsyslog and syslogd conditionally, based on 2017-05-13 03:10:50 +00:00
termcap.small