faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

main: add option to disable check for root

Browse source 
The -U option can be used to start chronyd under a non-root user if it
is provided with all capabilities and access to files, directories, and
devices, needed to operate correctly in the specified configuration. It
is not recommended in cases where the configuration is unknown.
This commit is contained in:
Miroslav Lichvar 2020-09-15 12:11:08 +02:00
parent c28c2cde43
commit 02c38934ea
2 changed files with 18 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
doc/chronyd.adoc
View file

@ -145,6 +145,16 @@ On macOS, FreeBSD, NetBSD and Solaris *chronyd* forks into two processes.
The child process retains root privileges, but can only perform a very limited The child process retains root privileges, but can only perform a very limited
range of privileged system calls on behalf of the parent. range of privileged system calls on behalf of the parent.
*-U*::
This option disables a check for root privileges to allow *chronyd* to be
started under a non-root user, assuming the process will have all capabilities
(e.g. provided by the service manager) and access to all files, directories,
and devices, needed to operate correctly in the specified configuration. Note
that different capabilities might be needed with different configurations and
different Linux kernel versions. Starting *chronyd* under a non-root user is
not recommended when the configuration is not known, or at least limited to
specific directives.
*-F* _level_:: *-F* _level_::
This option configures a system call filter when *chronyd* is compiled with This option configures a system call filter when *chronyd* is compiled with
support for the Linux secure computing (seccomp) facility. In level 1 the support for the Linux secure computing (seccomp) facility. In level 1 the

12
main.c
View file

@ -411,7 +411,7 @@ int main
int do_init_rtc = 0, restarted = 0, client_only = 0, timeout = -1; int do_init_rtc = 0, restarted = 0, client_only = 0, timeout = -1;
int scfilter_level = 0, lock_memory = 0, sched_priority = 0; int scfilter_level = 0, lock_memory = 0, sched_priority = 0;
int clock_control = 1, system_log = 1, log_severity = LOGS_INFO; int clock_control = 1, system_log = 1, log_severity = LOGS_INFO;
int config_args = 0, print_config = 0; int user_check = 1, config_args = 0, print_config = 0;
do_platform_checks(); do_platform_checks();
@ -431,7 +431,7 @@ int main
optind = 1; optind = 1;
/* Parse short command-line options */ /* Parse short command-line options */
while ((opt = getopt(argc, argv, "46df:F:hl:L:mnpP:qQrRst:u:vx")) != -1) { while ((opt = getopt(argc, argv, "46df:F:hl:L:mnpP:qQrRst:u:Uvx")) != -1) {
switch (opt) { switch (opt) {
case '4': case '4':
case '6': case '6':
@ -462,7 +462,7 @@ int main
break; break;
case 'p': case 'p':
print_config = 1; print_config = 1;
client_only = 1; user_check = 0;
nofork = 1; nofork = 1;
system_log = 0; system_log = 0;
break; break;
@ -479,6 +479,7 @@ int main
ref_mode = REF_ModePrintOnce; ref_mode = REF_ModePrintOnce;
nofork = 1; nofork = 1;
client_only = 1; client_only = 1;
user_check = 0;
clock_control = 0; clock_control = 0;
system_log = 0; system_log = 0;
break; break;
@ -497,6 +498,9 @@ int main
case 'u': case 'u':
user = optarg; user = optarg;
break; break;
case 'U':
user_check = 0;
break;
case 'v': case 'v':
print_version(); print_version();
return 0; return 0;
@ -509,7 +513,7 @@ int main
} }
} }
if (getuid() && !client_only) if (user_check && getuid() != 0)
LOG_FATAL("Not superuser"); LOG_FATAL("Not superuser");
/* Turn into a daemon */ /* Turn into a daemon */