bin/128886: ntpd -L flag doesn't work
Timothy Cava
timothy.cava at gmail.com
Sat Nov 15 04:00:12 PST 2008
>Number: 128886
>Category: bin
>Synopsis: ntpd -L flag doesn't work
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Nov 15 12:00:11 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Timothy Cava
>Release: 7.0-STABLE
>Organization:
>Environment:
FreeBSD summit.localdomain 7.0-STABLE FreeBSD 7.0-STABLE #5: Sun Mar 9 06:03:02 PDT 2008 root at summit.localdomain:/usr/obj/usr/src/sys/SUMMIT i386
>Description:
ntpd's -L flag is supposed to prevent listening on "virtual ips", but doesn't because address_okay() (ntp_io.c:938) determines an address is virtual if it has a ':' in its name. Our aliases don't so it ends up listening on every address.
NOTE: The problem remains in sources from today (2008-11-15).
>How-To-Repeat:
Add "-L" to ntpd_flags in /etc/rc.conf, /etc/rc.d/ntpd restart, sockstat |grep ntpd and notice it listens on every ip.
>Fix:
Make address_okay() check (ntp_io.c:938) if an interface is an alias or not in a BSD way.
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list