Portable build framework for OpenNTPD
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

38 lines
1.2 KiB

From b0d68d365d6b4512a5a07d14e56f0c51cdeae0c3 Mon Sep 17 00:00:00 2001
From: Brent Cook <busterb@gmail.com>
Date: Thu, 1 Jan 2015 13:06:38 -0600
Subject: [PATCH 05/16] be more verbose when logging privsep errors
Make it easy for a sysadmin to diagnose a privilege separation path
problem without looking at the source code.
---
src/usr.sbin/ntpd/ntp.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/usr.sbin/ntpd/ntp.c b/src/usr.sbin/ntpd/ntp.c
index ddbcedd..26701c8 100644
--- a/src/usr.sbin/ntpd/ntp.c
+++ b/src/usr.sbin/ntpd/ntp.c
@@ -121,10 +121,15 @@ ntp_main(int pipe_prnt[2], int fd_ctl, struct ntpd_conf *nconf,
ntp_dns(pipe_dns, nconf, pw);
close(pipe_dns[1]);
- if (stat(pw->pw_dir, &stb) == -1)
- fatal("stat");
- if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0)
- fatalx("bad privsep dir permissions");
+ if (stat(pw->pw_dir, &stb) == -1) {
+ log_warn("privsep dir %s could not be opened", pw->pw_dir);
+ exit(1);
+ }
+ if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
+ log_warnx("bad privsep dir %s permissions: %o",
+ pw->pw_dir, stb.st_mode);
+ exit(1);
+ }
if (chroot(pw->pw_dir) == -1)
fatal("chroot");
if (chdir("/") == -1)
--
1.9.1