|
|
- From 063ba13b18c72994a3fdf9a3db04b56cc5a6738c Mon Sep 17 00:00:00 2001
- From: Brent Cook <busterb@gmail.com>
- Date: Mon, 8 Jun 2020 06:53:53 -0500
- Subject: [PATCH 17/18] handle KERN_SECURELVL when available
-
- ---
- src/usr.sbin/ntpd/ntpd.c | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
- diff --git a/src/usr.sbin/ntpd/ntpd.c b/src/usr.sbin/ntpd/ntpd.c
- index bae6abd00f..7ea24dc58c 100644
- --- a/src/usr.sbin/ntpd/ntpd.c
- +++ b/src/usr.sbin/ntpd/ntpd.c
- @@ -23,7 +23,9 @@
- #include <sys/types.h>
- #include <sys/resource.h>
- #include <sys/socket.h>
- +#ifdef KERN_SECURELVL
- #include <sys/sysctl.h>
- +#endif
- #include <sys/wait.h>
- #include <sys/un.h>
- #include <netinet/in.h>
- @@ -123,12 +125,14 @@ usage(void)
- int
- auto_preconditions(const struct ntpd_conf *cnf)
- {
- + int constraints, securelevel = 0;
- +
- +#ifdef KERN_SECURELVL
- int mib[2] = { CTL_KERN, KERN_SECURELVL };
- - int constraints, securelevel;
- size_t sz = sizeof(int);
- -
- if (sysctl(mib, 2, &securelevel, &sz, NULL, 0) == -1)
- err(1, "sysctl");
- +#endif
- constraints = !TAILQ_EMPTY(&cnf->constraints);
- return !cnf->settime && (constraints || cnf->trusted_peers ||
- conf->trusted_sensors) && securelevel == 0;
- --
- 2.27.0
-
|
