svn commit: r475132 - in head/net/ntp: . files

Ian Lepore ian at FreeBSD.org
Mon Jul 23 00:33:00 UTC 2018 

Author: ian (src committer)
Date: Mon Jul 23 00:32:59 2018
New Revision: 475132
URL: https://svnweb.freebsd.org/changeset/ports/475132

Log:
  Add TrustedBSD MAC(4) support to ntpd.
  
  These changes add support for running ntpd as non-root, and improve support
  for the --jaildir (chroot) option when running on freebsd. These correspond
  to the changes made in the base system with r336525.
  
  The new patches in this change are exactly what was submitted upstream in
  https://bugs.ntp.org/show_bug.cgi?id=3509
  
  Approved by:	cy@
  Differential Revision:	https://reviews.freebsd.org/D16396

Added:
  head/net/ntp/files/patch-ntpd_ntpd.c   (contents, props changed)
  head/net/ntp/files/patch-sntp_m4_ntp__libntp.m4   (contents, props changed)
Modified:
  head/net/ntp/Makefile

Modified: head/net/ntp/Makefile
==============================================================================
--- head/net/ntp/Makefile	Sun Jul 22 23:59:35 2018	(r475131)
+++ head/net/ntp/Makefile	Mon Jul 23 00:32:59 2018	(r475132)
@@ -3,7 +3,7 @@
 
 PORTNAME=	ntp
 PORTVERSION=	4.2.8p11
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	net ipv6
 MASTER_SITES=	http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ \
 		http://archive.ntp.org/ntp4/ntp-4.2/ \
@@ -19,9 +19,10 @@ CONFLICTS=	ntp-devel-* openntpd-*
 
 USES=		cpe pathfix shebangfix libedit libtool localbase:ldflags \
 		pkgconfig
+USES+=		autoreconf # until trustedbsd-mac changes accepted upstream
 
 GNU_CONFIGURE=	yes
-CONFIGURE_ARGS=	--enable-leap-smear
+CONFIGURE_ARGS=	--enable-leap-smear --enable-trustedbsd-mac
 
 TEST_TARGET=	check
 

Added: head/net/ntp/files/patch-ntpd_ntpd.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/ntp/files/patch-ntpd_ntpd.c	Mon Jul 23 00:32:59 2018	(r475132)
@@ -0,0 +1,45 @@
+--- ntpd/ntpd.c.orig	2018-02-27 15:15:48 UTC
++++ ntpd/ntpd.c
+@@ -123,6 +123,9 @@
+ #if defined(HAVE_PRIV_H) && defined(HAVE_SOLARIS_PRIVS)
+ # include <priv.h>
+ #endif /* HAVE_PRIV_H */
++#if defined(HAVE_TRUSTEDBSD_MAC)
++# include <sys/mac.h>
++#endif /* HAVE_TRUSTEDBSD_MAC */
+ #endif /* HAVE_DROPROOT */
+ 
+ #if defined (LIBSECCOMP) && (KERN_SECCOMP)
+@@ -634,7 +637,12 @@ ntpdmain(
+ 	/* MPE lacks the concept of root */
+ # if defined(HAVE_GETUID) && !defined(MPE)
+ 	uid = getuid();
+-	if (uid && !HAVE_OPT( SAVECONFIGQUIT )) {
++	if (uid && !HAVE_OPT( SAVECONFIGQUIT )
++#  if defined(HAVE_TRUSTEDBSD_MAC)
++	    /* We can run as non-root if the mac_ntpd policy is enabled. */
++	    && mac_is_present("ntpd") != 1
++#  endif
++	    ) {
+ 		msyslog_term = TRUE;
+ 		msyslog(LOG_ERR,
+ 			"must be run as root, not uid %ld", (long)uid);
+@@ -1082,7 +1090,17 @@ getgroup:
+ 			exit (-1);
+ 		}
+ 
+-#  if !defined(HAVE_LINUX_CAPABILITIES) && !defined(HAVE_SOLARIS_PRIVS)
++#  if defined(HAVE_TRUSTEDBSD_MAC)
++		/*
++		 * To manipulate system time and (re-)bind to NTP_PORT as needed
++		 * following interface changes, we must either run as uid 0 or
++		 * the mac_ntpd policy module must be enabled.
++		 */
++		if (sw_uid != 0 && mac_is_present("ntpd") != 1) {
++			msyslog(LOG_ERR, "Need MAC 'ntpd' policy enabled to drop root privileges");
++			exit (-1);
++		}
++#  elif !defined(HAVE_LINUX_CAPABILITIES) && !defined(HAVE_SOLARIS_PRIVS)
+ 		/*
+ 		 * for now assume that the privilege to bind to privileged ports
+ 		 * is associated with running with uid 0 - should be refined on

Added: head/net/ntp/files/patch-sntp_m4_ntp__libntp.m4
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/ntp/files/patch-sntp_m4_ntp__libntp.m4	Mon Jul 23 00:32:59 2018	(r475132)
@@ -0,0 +1,32 @@
+--- sntp/m4/ntp_libntp.m4.orig	2017-02-01 09:47:13 UTC
++++ sntp/m4/ntp_libntp.m4
+@@ -693,7 +693,28 @@ esac
+ 
+ AC_MSG_RESULT([$ntp_have_solarisprivs])
+ 
+-case "$ntp_use_dev_clockctl$ntp_have_linuxcaps$ntp_have_solarisprivs" in
++AC_CHECK_HEADERS([sys/mac.h])
++
++AC_ARG_ENABLE(
++    [trustedbsd_mac],
++    [AS_HELP_STRING(
++	[--enable-trustedbsd-mac],
++	[- Use TrustedBSD MAC policy for non-root clock control]
++    )],
++    [ntp_use_trustedbsd_mac=$enableval]
++)
++
++AC_MSG_CHECKING([if we should use TrustedBSD MAC privileges])
++
++case "$ntp_use_trustedbsd_mac$ac_cv_header_sys_mac_h" in
++ yesyes)
++    AC_DEFINE([HAVE_TRUSTEDBSD_MAC], [1],
++	[Are TrustedBSD MAC policy privileges available?])
++esac
++
++AC_MSG_RESULT([$ntp_use_trustedbsd_mac])
++
++case "$ntp_use_dev_clockctl$ntp_have_linuxcaps$ntp_have_solarisprivs$ntp_use_trustedbsd_mac" in
+  *yes*)
+     AC_DEFINE([HAVE_DROPROOT], [1],
+ 	[Can we drop root privileges?])

More information about the svn-ports-all mailing list