blob: 91b63d0bf85ff791455862f79e5992caab7ef1ea (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
From: Martin Pitt <martin.pitt@ubuntu.com>
Subject: runtime check for capabilities
Bug: http://bugs.ntp.org/1433
Bug-Debian: http://bugs.debian.org/282941
Bug-Debian: http://bugs.debian.org/298059
add runtime check whether the kernel really supports capabilities; do
not drop root privileges if not
Index: ntp-4.2.6.p3+dfsg/ntpd/ntpd.c
===================================================================
--- ntp-4.2.6.p3+dfsg.orig/ntpd/ntpd.c 2011-06-03 15:26:02.000000000 +0000
+++ ntp-4.2.6.p3+dfsg/ntpd/ntpd.c 2011-06-03 15:26:29.000000000 +0000
@@ -175,6 +175,8 @@
int droproot = 0;
char *user = NULL; /* User to switch to */
char *group = NULL; /* group to switch to */
+int have_caps = 0; /* runtime check whether capabilities work,
+ leave at 0 here */
const char *chrootdir = NULL; /* directory to chroot to */
int sw_uid;
int sw_gid;
@@ -865,8 +867,29 @@
loop_config(LOOP_DRIFTCOMP, old_drift);
initializing = 0;
+#ifdef HAVE_LINUX_CAPABILITIES
+ {
+ /* Check that setting capabilities actually works; we might be
+ * run on a kernel with disabled capabilities. We must not
+ * drop privileges in this case.
+ */
+ cap_t caps;
+ if( ! ( caps = cap_from_text( "cap_sys_time,cap_setuid,cap_setgid,cap_sys_chroot,cap_net_bind_service=pe" ) ) ) {
+ msyslog( LOG_ERR, "cap_from_text() failed: %m" );
+ exit(-1);
+ }
+ if( cap_set_proc( caps ) == 0 )
+ have_caps = 1;
+ cap_free( caps );
+ }
+#endif /* HAVE_LINUX_CAPABILITIES */
+
#ifdef HAVE_DROPROOT
+#ifdef HAVE_LINUX_CAPABILITIES
+ if( droproot && have_caps ) {
+#else
if( droproot ) {
+#endif
/* Drop super-user privileges and chroot now if the OS supports this */
#ifdef HAVE_LINUX_CAPABILITIES
|
