Bug 113552
| Summary: | [request] ntpd(8) driftfile default location inconsistently referenced | ||
|---|---|---|---|
| Product: | Base System | Reporter: | Mike Brown <mike> |
| Component: | conf | Assignee: | Ian Lepore <ian> |
| Status: | Closed FIXED | ||
| Severity: | Affects Only Me | CC: | gonzo, ian, wolfgang |
| Priority: | Normal | ||
| Version: | 6.2-STABLE | ||
| Hardware: | Any | ||
| OS: | Any | ||
| See Also: | https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230561 | ||
Situation is still unchanged 8 years later. What I don't understand is why this PR is in status "In Progress" as nobody ever did anything with it according to the History of the PR. For bugs matching the following conditions: - Status == In Progress - Assignee == "bugs@FreeBSD.org" - Last Modified Year <= 2017 Do - Set Status to "Open" Unfortunately, the documentation situation is hard to fix. The manpage comes from ntp.org along with the source code, so any local changes we make are replaced on each ntpd update. For rc.d/ntpd symlinking the wrong driftfile, I've proposed a fix in a phabricator review: https://reviews.freebsd.org/D15987 It turns out the fix in D15987 was inadequate/inappropriate. The code cited in the original problem description as the major source of inconsistancy in the driftfile name turned out to be dead code that never gets run; it was left over from the original import of rc.d/ntpd from netbsd in 2002. The code was used to set up ntpd to run in a chroot with reduced privileges on netbsd, using a device driver and modifications to libc that never existed in freebsd. To address the chroot issue, the corresponding part of rc.d/ntpd is rewritten to use privilege mechanisms supported by freebsd, see https://reviews.freebsd.org/D16050 A commit references this bug: Author: ian Date: Fri Jul 20 13:59:30 UTC 2018 New revision: 336547 URL: https://svnweb.freebsd.org/changeset/base/336547 Log: Automatically run ntpd as non-root when possible. Ntpd needs only a subset of full root privileges to do its job. Specifically it needs the ability to manipulate system time, and to re-bind to a privileged UDP port after interface changes. The mac_ntpd(4) policy module (see r336525) can grant these privs. These changes detect the availability of mac_ntpd(4). If enabled, and if the ntpd configuration is fairly vanilla, it automatically runs ntpd as the non-root user 'ntpd' (uid 123). "Vanilla" means the config doesn't include command line or ntp.conf options changing the location of files or using any files/dirs likely to be inaccessible to user ntpd. Ntpd can still run as non-root when using such options, but the admin must ensure all required files and dirs are accessible, and then set ntpd_user=ntpd in rc.conf. Note that these changes also address PR 199127 by using the command_args technique suggested in the patch. They also tangentially address PR 113552, which is primarily about inconsistent filenames in documentation, but some of the inconsistancy was caused by old code in rc.d/ntpd which is leftover from the intial import from netbsd. There was code to do chroot setup which required the use of the netbsd clockctl(4) device; that code never had any effect on freebsd, because we lack that device and don't build ntpd with the options that would allow using it. PR: 113552 199127 Relnotes: yes Differential Revision: https://reviews.freebsd.org/D16050 Changes: head/etc/defaults/rc.conf head/etc/rc.d/ntpd Ian, can this PR be closed now? Looks like it's fixed in HEAD. ^Triage: apparently overcome by events. |
The ntpd(8) man page says: /etc/ntp.conf the default name of the configuration file /etc/ntp.drift the default name of the drift file /etc/ntp.keys the default name of the key file (The pidfile isn't mentioned.) /etc/defaults/rc.conf sets ntpd_config to "/etc/ntp.conf" which is consistent with the man page, but it sets ntpd_flags as follows: -d /var/db/ntpd.drift (especially note the "ntpd") -p /var/run/ntpd.pid Meanwhile, /etc/rc.d/ntpd at one point assumes that the driftfile is /var/db/ntp.drift (no "d"). This assumption is apparently only made in chroot situations but is wrong, regardless. On top of that, it's quite common to specify driftfile, if not also pidfile, in one's ntp.conf. This apparently overrides whatever is given on the command line, but I don't know if it's safe to assume that it always will. The fact that the default driftfile and pidfile locations are confusing was raised a couple years ago: http://lists.freebsd.org/pipermail/freebsd-questions/2005-May/087170.html Fix: Ideally, stop using the default driftfile name "ntpd.drift"; change ntpd_flags to refer to ntp.drift. Alternatively, leave the default driftfile as "ntpd.drift"; change /etc/rc.d/ntpd to refer to ${name}.drift (perhaps) instead of ntp.drift. In either case, update the FILES section of the ntpd(8) man page to refer to the actual default. Note that /etc/rc.d/ntpd still won't really be very smart about its symlinking of the driftfile, since it could be overridden by ntpd_flags or within the $ntpd_config file, so consider making that more robust, or at least display a warning if the file isn't where it was assumed to be.