/usr/sbin/ntpd runs as uid=123 not root on 12.0 & fails
Julian H. Stacey
jhs at berklix.com
Wed Mar 13 12:13:18 UTC 2019
Hi, Reference:
> From: "Julian H. Stacey" <jhs at berklix.com>
> Date: Wed, 13 Mar 2019 12:50:07 +0100
"Julian H. Stacey" wrote:
> Hi hackers at freebsd.org,
> Has anyone else noticed release 12.0-p3 /usr/sbin/ntpd runs as
> uid=123 not root on 12.0, the process runs, But fails to correct
> the time ! Next thing to diagnose it, would be a kill of ntpd &
> restart direct as root, I'm not root there so I'll wait for that.
>
> Are others 12 systems slipping time too ?
>
> -------------------------------------------------------------------------------
>
> The bad host: 12.0-p3
> grep ntp /etc/rc.conf
> ntpd_enable="YES"
> Identical: /etc/ntp.conf /usr/src/usr.sbin/ntp/ntpd/ntp.conf
> ps -laxww | grep ntp| grep -v grep
> UID PID PPID CPU PRI NI VSZ RSS MWCHAN STAT TT TIME COMMAND
> 123 17872 1 0 20 0 19424 19520 select Ss - 0:01.59 /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift
> ntpd is running not as root, but as 123
> ntpd:*:123:123:NTP Daemon:/var/db/ntp:/usr/sbin/nologin
> -r-xr-xr-x 1 root wheel 842896 Dec 7 05:16 /usr/sbin/ntpd
> ntpd has no s or g bits, so can not set time I presume,
> /var/log/messages has nothing since admin started it :
> Mar 11 20:51:53 hostname [16744]: ntpd 4.2.8p12-a (1): Starting
> Mar 11 20:51:54 hostname [16745]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
> Mar 11 20:51:54 hostname [16745]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2019-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
> Mar 11 21:37:46 hostname [16745]: ntpd exiting on signal 15 (Terminated)
> Mar 11 22:39:10 hostname [17871]: ntpd 4.2.8p12-a (1): Starting
> Mar 11 22:39:10 hostname [17872]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): good hash signature
> Mar 11 22:39:10 hostname [17872]: leapsecond file ('/var/db/ntpd.leap-seconds.list'): loaded, expire=2019-06-28T00:00:00Z last=2017-01-01T00:00:00Z ofs=37
> ls -l /var/db/ntpd*
> -rw-r--r-- 1 root wheel 10663 Dec 31 02:30 /var/db/ntpd.leap-seconds.list
>
> -------------------------------------------------------------------------------
>
> A good host for comparison : 10.3-STABLE on time with radio wall clock:
>
> UID PID PPID CPU PRI NI VSZ RSS MWCHAN STAT TT TIME COMMAND
> 0 580 1 0 20 0 21900 13812 select Ss - 0:45.10 /usr/sbin/ntpd -g -c /etc/ntp.conf -p /var/run/ntpd.pid -f /var/db/ntpd.drift
> -r-xr-xr-x 1 root wheel 763888 Aug 17 2016 /usr/sbin/ntpd*
> Non root manual invocation of ntpd command above:
> must be run as root, not uid 200
> grep ntp /etc/rc*
> /etc/rc.conf:ntpd_enable="YES"
> /etc/rc.conf:ntpd_sync_on_start="YES" # Sync time on ntpd startup, even if offset is high
> /etc/rc.conf:ntpdate_enable="YES" # Sync time on boot # as ntpd later refuses to compensate > 1 hour
> ls -l /var/db/ntpd*
> -rw-r--r-- 1 root wheel 8 Mar 13 10:14 /var/db/ntpd.drift
> -rw-r--r-- 1 root wheel 10663 Oct 27 14:10 /var/db/ntpd.leap-seconds.list
PS A CURRENT host built Sunday 13.0-CURRENT #13944 also runs as 123, not root
UID PID PPID CPU PRI NI VSZ RSS MWCHAN STAT TT TIME COMMAND
123 89944 1 0 23 0 18656 18752 select Ss - 0:00.12 /usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift
(that box is currently inside a firewall though
but that host is currently on time (with timed), on line inside a
firewall, though if necessary to test ntpd, I could move it outside firewall &
disrupt the time to see if ntpd corrects it.
Cheers,
Julian
--
Julian Stacey, Consultant Systems Engineer, BSD Linux Unix, Munich Aachen Kent
Brexit now minority: 2.1 M now over 18, More Remainers; 1.5 M died, less
Leavers; 700 K votes Stolen from British Remainers in EU; + 3 M globaly
dis- franchised; + drift to Remain + avoid chaos. MPs should urge Queen:
Dismiss May, appoint new PM for unity government & 2nd Referendum. Revoke
Art. 50, plan better, refile Art.50 later? http://ExitBrexit.UK/#email_an_mp
More information about the freebsd-hackers
mailing list