Portable build framework for OpenNTPD
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

38 lines
1.2 KiB

10 years ago
10 years ago
  1. From 0b2940a2ba2e04fe876b7e8828d05e2d6b750797 Mon Sep 17 00:00:00 2001
  2. From: Brent Cook <busterb@gmail.com>
  3. Date: Thu, 1 Jan 2015 13:06:38 -0600
  4. Subject: [PATCH 06/16] be more verbose when logging privsep errors
  5. Make it easy for a sysadmin to diagnose a privilege separation path
  6. problem without looking at the source code.
  7. ---
  8. src/usr.sbin/ntpd/ntp.c | 13 +++++++++----
  9. 1 file changed, 9 insertions(+), 4 deletions(-)
  10. diff --git a/src/usr.sbin/ntpd/ntp.c b/src/usr.sbin/ntpd/ntp.c
  11. index ddbcedd..26701c8 100644
  12. --- a/src/usr.sbin/ntpd/ntp.c
  13. +++ b/src/usr.sbin/ntpd/ntp.c
  14. @@ -121,10 +121,15 @@ ntp_main(int pipe_prnt[2], int fd_ctl, struct ntpd_conf *nconf,
  15. ntp_dns(pipe_dns, nconf, pw);
  16. close(pipe_dns[1]);
  17. - if (stat(pw->pw_dir, &stb) == -1)
  18. - fatal("stat");
  19. - if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0)
  20. - fatalx("bad privsep dir permissions");
  21. + if (stat(pw->pw_dir, &stb) == -1) {
  22. + log_warn("privsep dir %s could not be opened", pw->pw_dir);
  23. + exit(1);
  24. + }
  25. + if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
  26. + log_warnx("bad privsep dir %s permissions: %o",
  27. + pw->pw_dir, stb.st_mode);
  28. + exit(1);
  29. + }
  30. if (chroot(pw->pw_dir) == -1)
  31. fatal("chroot");
  32. if (chdir("/") == -1)
  33. --
  34. 1.9.1