Conflict:NA Reference:https://bugs.ntp.org/attachment.cgi?id=1880 diff -Nru a/ntpd/ntpd.c b/ntpd/ntpd.c --- a/ntpd/ntpd.c 2024-01-22 05:23:37 +0000 +++ b/ntpd/ntpd.c 2024-01-22 05:23:37 +0000 @@ -204,10 +204,6 @@ int mdnstries = 5; #endif /* HAVE_DNSREGISTRATION */ -#ifdef HAVE_LINUX_CAPABILITIES -int have_caps; /* runtime check whether capabilities work */ -#endif /* HAVE_LINUX_CAPABILITIES */ - #ifdef HAVE_DROPROOT int droproot; int root_dropped; @@ -813,8 +809,8 @@ #ifndef SIM int ntpdmain( - int argc, - char *argv[] + int argc, + char * argv[] ) { l_fp now; @@ -837,7 +833,7 @@ # ifdef NEED_PTHREAD_WARMUP my_pthread_warmup(); # endif - + # ifdef HAVE_UMASK uv = umask(0); if (uv) @@ -861,9 +857,9 @@ # ifdef DEBUG || debug # endif - || HAVE_OPT(SAVECONFIGQUIT)) + || HAVE_OPT(SAVECONFIGQUIT)) { nofork = TRUE; - + } init_logging(progname, NLOG_SYNCMASK, TRUE); /* honor -l/--logfile option to log to a file */ if (HAVE_OPT(LOGFILE)) { @@ -931,32 +927,33 @@ } # endif -/* - * Enable the Multi-Media Timer for Windows? - */ + /* + * Enable the Multi-Media Timer for Windows? + */ # ifdef SYS_WINNT - if (HAVE_OPT( MODIFYMMTIMER )) + if (HAVE_OPT(MODIFYMMTIMER)) { set_mm_timer(MM_TIMER_HIRES); + } # endif #ifdef HAVE_DNSREGISTRATION -/* - * Enable mDNS registrations? - */ + /* + * Enable mDNS registrations? + */ if (HAVE_OPT( MDNS )) { mdnsreg = TRUE; } #endif /* HAVE_DNSREGISTRATION */ - if (HAVE_OPT( NOVIRTUALIPS )) + if (HAVE_OPT(NOVIRTUALIPS)) { listen_to_virtual_ips = 0; - + } /* * --interface, listen on specified interfaces */ if (HAVE_OPT( INTERFACE )) { int ifacect = STACKCT_OPT( INTERFACE ); - const char** ifaces = STACKLST_OPT( INTERFACE ); + const char ** ifaces = STACKLST_OPT( INTERFACE ); sockaddr_u addr; while (ifacect-- > 0) { @@ -969,9 +966,9 @@ } } - if (HAVE_OPT( NICE )) + if (HAVE_OPT(NICE)) { priority_done = 0; - + } # ifdef HAVE_SCHED_SETSCHEDULER if (HAVE_OPT( PRIORITY )) { config_priority = OPT_VALUE_PRIORITY; @@ -1036,7 +1033,7 @@ * on the base CPU than the other CPUs (for multiprocessor systems), * so we must lock to the base CPU. */ - fd = open("/dev/at1", O_RDONLY); + fd = open("/dev/at1", O_RDONLY); if (fd >= 0) { zero = 0; if (ioctl(fd, ACPU_LOCK, &zero) < 0) @@ -1144,7 +1141,7 @@ # ifdef RLIMIT_MEMLOCK && -1 != DFLT_RLIMIT_MEMLOCK # endif - && 0 != mlockall(MCL_CURRENT|MCL_FUTURE)) + && 0 != mlockall(MCL_CURRENT | MCL_FUTURE)) msyslog(LOG_ERR, "mlockall(): %m"); # else /* !HAVE_MLOCKALL follows */ # ifdef HAVE_PLOCK @@ -1174,28 +1171,30 @@ initializing = FALSE; # ifdef HAVE_LINUX_CAPABILITIES - { + if (droproot) { + int have_caps; + cap_t caps; + /* Check that setting capabilities actually works; we might be * run on a kernel with disabled capabilities. We must not * drop privileges in this case. */ - cap_t caps; caps = cap_from_text("cap_sys_time,cap_setuid,cap_setgid,cap_sys_chroot,cap_net_bind_service=pe"); - if ( ! caps) { - msyslog( LOG_ERR, "cap_from_text() failed: %m" ); + if (!caps) { + msyslog(LOG_ERR, "cap_from_text() failed: %m"); exit(-1); } have_caps = (cap_set_proc(caps) == 0); cap_free(caps); /* caps not NULL here! */ + if (!have_caps) { + msyslog(LOG_ERR, ("Fatal: unable to drop root privs: %m")); + exit(-1); + } } # endif /* HAVE_LINUX_CAPABILITIES */ # ifdef HAVE_DROPROOT -# ifdef HAVE_LINUX_CAPABILITIES - if (droproot && have_caps) { -# else if (droproot) { -# endif /*HAVE_LINUX_CAPABILITIES*/ # ifdef NEED_EARLY_FORK fork_nonchroot_worker();