Fincer
/
openntpd-portable
mirror of https://github.com/Fincer/openntpd-portable
1
0
Fork 0
Code Issues 0 Projects 0 Releases 10 Wiki Activity
Browse Source

update install docs, fix outdated links 

- add OS X privsep user creation instructions from jasper@
- update install instructions to be the same everywhere
- remove outdated compiler flags
OPENBSD_5_7
Brent Cook 10 years ago
parent
2e79e8cb07
commit
aa14b765de
4 changed files with 45 additions and 16 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +24
    -8
      INSTALL
  2. +7
    -2
      Makefile.am
  3. +13
    -5
      README
  4. +1
    -1
      configure.ac

+ 24
- 8
INSTALL View File

@ -54,12 +54,28 @@ are moving the built binaries to another system) then you will need to
do something like the following (although the exact commands required
for creating the user and group are system dependant):
# groupadd _ntp
# useradd -g _ntp -s /sbin/nologin -d /var/empty/ntp -c 'OpenNTP daemon' _ntp
# mkdir -p /var/empty/ntp
# chown 0 /var/empty/ntp
# chgrp 0 /var/empty/ntp
# chmod 0755 /var/empty/ntp
On most Linux and BSD systems, something like should work:
groupadd _ntp
useradd -g _ntp -s /sbin/nologin -d /var/empty/ntp -c 'OpenNTP daemon' _ntp
mkdir -p /var/empty/ntp
chown 0 /var/empty/ntp
chgrp 0 /var/empty/ntp
chmod 0755 /var/empty/ntp
As of OS X 10.10, something this this should work similarly
(thanks to jasper@ for suggesting)
dscl . create /Users/_ntp
dscl . create /Users/_ntp UserShell /sbin/nologin
# Prevent user from showing up on the login screen
dscl . delete /Users/_ntp AuthenticationAuthority
# Arbitrarily chosen UID that was free
dscl . create /Users/_ntp UniqueID 400
dscl . create /Users/_ntp PrimaryGroupID 400
dscl . create /Users/_ntp RealName "OpenNTPD user"
dseditgroup -o create _ntp
dscl . append /Groups/_ntp GroupMembership _ntp
There are a few options to the configure script in addition to the ones
provided by autoconf itself:
@ -77,7 +93,7 @@ If you need to pass special options to the compiler or linker, you
can specify these as environment variables before running ./configure.
For example:
CFLAGS="-O -m486" LDFLAGS="-s" LIBS="-lrubbish" LD="/usr/foo/ld" ./configure
CFLAGS="-O2 " LDFLAGS="-s" ./configure
3. Configuration
@ -88,7 +104,7 @@ whatever you specified as your --sysconfdir (/usr/local/etc by default).
If no configuration file exists, the default one is used. The default
configuration file uses a selection of publicly accessible "pool" servers
(see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers).
(see http://support.ntp.org/bin/view/Servers/NTPPoolServers)
4. Problems?


+ 7
- 2
Makefile.am View File

@ -70,26 +70,31 @@ install-exec-hook:
@if [ ! -d "$(PRIVSEP_PATH)" ]; then \
echo; \
echo " Please created a privilege separation directory for ntpd." ; \
echo " On Linux / BSD systems, this will probably work:"; \
echo " # mkdir -p \"$(PRIVSEP_PATH)\"" ; \
echo " # chown 0 \"$(PRIVSEP_PATH)\"" ; \
echo " # chgrp 0 \"$(PRIVSEP_PATH)\"" ; \
echo " # chmod 0755 "$(PRIVSEP_PATH)\""" ; \
echo " For OS X, see README.OSX" ; \
fi
@if egrep "^$(PRIVSEP_USER):" /etc/group >/dev/null; then \
: ; \
else \
echo; \
echo " Please create a dedicated group for ntpd." ; \
echo " This is system-dependant, possibly:" ; \
echo " On Linux / BSD systems, this will probably work:"; \
echo " # groupadd $(PRIVSEP_USER)" ; \
echo " For OS X, see README.OSX" ; \
fi
@if egrep "^$(PRIVSEP_USER):" /etc/passwd >/dev/null; then \
: ; \
else \
echo; \
echo " Please create a dedicated user for ntpd and ensure it can" ; \
echo " not be used to log in. This is system-dependant, possibly:" ; \
echo " not be used to log in." ; \
echo " On Linux / BSD systems, this will probably work:" ; \
echo " # useradd -g $(PRIVSEP_USER) -s /sbin/nologin -d $(PRIVSEP_PATH) -c 'OpenNTP daemon' $(PRIVSEP_USER)" ; \
echo " For OS X, see README.OSX" ; \
fi
echo


+ 13
- 5
README View File

@ -8,9 +8,11 @@ The current portable tree can be found at https://github.com/openntpd-portable
Platform Requirements
---------------------
adjtime() and settimeofday() syscalls or equivalent.
a working arc4random implementation, OpenSSL or LibreSSL
(this project shares the same arc4random compatibility code from LibreSSL)
- adjtime(2) and settimeofday(2) syscalls or equivalent.
- adjfreq(2) or an equivalent compatibility function for best results
- daemon(3), setresgid(2), setresuid(2) or equivalent
- A working arc4random(2) implementation, OpenSSL or LibreSSL
(this project shares the same arc4random compatibility code from LibreSSL)
At the time of writing the Portable version is known to build and work on:
@ -20,5 +22,11 @@ At the time of writing the Portable version is known to build and work on:
- Solaris (10.x, 11.x)
- Mac OS X (10.9)
It may work on others operating systems, newer and older, but it's still a work
in progress. Reports (success or otherwise) and/or diffs welcome.
OpenNTPD may work on other operating systems, newer and older, but the above
ones are tested regularly by the developer.
Reports (success or otherwise) are welcome. You may report bugs or submit pull
requests at the GitHub project: https://github.com/openntpd-portable
Thanks,
Brent Cook <bcook at openbsd.org>.

+ 1
- 1
configure.ac View File

@ -190,7 +190,7 @@ AC_ARG_WITH(privsep-path,
[ AC_DEFINE_UNQUOTED(NTPD_CHROOT_DIR, "$withval",
[Privilege separation chroot path])
PRIVSEP_PATH=$withval ],
[ PRIVSEP_PATH=/var/empty ]
[ PRIVSEP_PATH=/var/empty/ntp ]
)
AC_SUBST(PRIVSEP_PATH)


Write Preview
Loading…
Cancel
Save