Browse Source

remove --with-privsep-path

This has effectively been a no-op during the 5.7 release series and
nobody has yelped (other than being slightly confused about its
purpose). Remove it as an option, since the home dir of the privsep user
is always used as the actual privsep directory anyway.
OPENBSD_5_7
Brent Cook 9 years ago
parent
commit
5daa36f023
2 changed files with 6 additions and 16 deletions
  1. +5
    -9
      INSTALL
  2. +1
    -7
      configure.ac

+ 5
- 9
INSTALL View File

@ -64,8 +64,8 @@ On most Linux and BSD systems, something like should work:
chmod 0755 /var/empty chmod 0755 /var/empty
/var/empty here is a chroot directory used by ntpd for privilege separation of /var/empty here is a chroot directory used by ntpd for privilege separation of
the DNS and NTP processes. This directory should not contain any files, must be
owned by root, and must not be group or world-writable.
the DNS and NTP processes. This directory should be completely empty, owned by
root, and must not be group or world-writable.
NOTE: NOTE:
If you installed a previous OpenNTPD release and created a /var/empty/ntp If you installed a previous OpenNTPD release and created a /var/empty/ntp
@ -90,17 +90,13 @@ As of OS X 10.10, something like this should work similarly
dseditgroup -o create _ntp dseditgroup -o create _ntp
dscl . append /Groups/_ntp GroupMembership _ntp dscl . append /Groups/_ntp GroupMembership _ntp
There are a few options to the configure script in addition to the ones
There are few options to the configure script in addition to the ones
provided by autoconf itself: provided by autoconf itself:
--with-privsep-user=[user] --with-privsep-user=[user]
Specify unprivileged user used for privilege separation. The default Specify unprivileged user used for privilege separation. The default
is "_ntp".
--with-privsep-path=path
ntpd will always use the home directory of the privsep user
to chroot to, but specifying this parameter will change the
post-installation checks and instructions to match the specified path.
is "_ntp". The home directory of this user will be used for privilege
separation.
If you need to pass special options to the compiler or linker, you If you need to pass special options to the compiler or linker, you
can specify these as environment variables before running ./configure. can specify these as environment variables before running ./configure.


+ 1
- 7
configure.ac View File

@ -221,13 +221,7 @@ AC_ARG_WITH(privsep-user,
) )
AC_SUBST(PRIVSEP_USER) AC_SUBST(PRIVSEP_USER)
AC_ARG_WITH(privsep-path,
[ --with-privsep-path=path Specify privilege separation chroot path],
[ AC_DEFINE_UNQUOTED(NTPD_CHROOT_DIR, "$withval",
[Privilege separation chroot path])
PRIVSEP_PATH=$withval ],
[ PRIVSEP_PATH=/var/empty ]
)
PRIVSEP_PATH=/var/empty
AC_SUBST(PRIVSEP_PATH) AC_SUBST(PRIVSEP_PATH)
AC_CONFIG_FILES([ AC_CONFIG_FILES([


Loading…
Cancel
Save