DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-03 17:35:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

sys_macosx: drop root privileges

Browse Source 
Run chronyd as a non-privileged user, using the privops helper to
perform adjtime(), settimeofday() and bind() functions on its behalf.
This commit is contained in:
Bryan Christianson
2015-11-24 21:01:59 +13:00
committed by Miroslav Lichvar
parent 139fc667aa
commit 750d82f1d1
7 changed files with 61 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ntp_io.c
View File

@@ -37,6 +37,7 @@
#include "local.h"
#include "logging.h"
#include "conf.h"
#include "privops.h"
#include "util.h"
#define INVALID_SOCK_FD -1
@@ -221,7 +222,7 @@ prepare_socket(int family, int port_number, int client_only)
#endif
/* Bind the socket if a port or address was specified */
if (my_addr_len > 0 && bind(sock_fd, &my_addr.u, my_addr_len) < 0) {
if (my_addr_len > 0 && PRV_BindSocket(sock_fd, &my_addr.u, my_addr_len) < 0) {
LOG(LOGS_ERR, LOGF_NtpIO, "Could not bind %s NTP socket : %s",
UTI_SockaddrFamilyToString(family), strerror(errno));
close(sock_fd);