sys_netbsd: allow running without root privileges

On NetBSD programs with write access to /dev/clockctl can adjust or set the system clock without the root privileges. Add a function to drop the privileges and check if the process has write access to the device to get a more descriptive error message when the chrony uid/gid doesn't match the owner of the device.
2025-12-03 16:35:06 -05:00 · 2015-08-25 12:15:58 +02:00
parent 8854c00d48
commit 7b6435b2b8
4 changed files with 36 additions and 0 deletions
--- a/sys_netbsd.c
+++ b/sys_netbsd.c
@@ -324,5 +324,29 @@ SYS_NetBSD_Finalise(void)

 /* ================================================== */

+#ifdef FEAT_PRIVDROP
+void
+SYS_NetBSD_DropRoot(uid_t uid, gid_t gid)
+{
+  int fd;
+
+  if (setgroups(0, NULL))
+    LOG_FATAL(LOGF_SysNetBSD, "setgroups() failed : %s", strerror(errno));
+
+  if (setgid(gid))
+    LOG_FATAL(LOGF_SysNetBSD, "setgid(%d) failed : %s", gid, strerror(errno));
+
+  if (setuid(uid))
+    LOG_FATAL(LOGF_SysNetBSD, "setuid(%d) failed : %s", uid, strerror(errno));
+
+  DEBUG_LOG(LOGF_SysNetBSD, "Root dropped to uid %d gid %d", uid, gid);
+
+  /* Check if we have write access to /dev/clockctl */
+  fd = open("/dev/clockctl", O_WRONLY);
+  if (fd < 0)
+    LOG_FATAL(LOGF_SysNetBSD, "Can't write to /dev/clockctl");
+  close(fd);
+}
+#endif

 #endif /* NETBSD */