FS#9485 - openntpd should run as a specific user and could actually use adjtimex
Attached to Project:
Community Packages
Opened by Giorgio Lando (patroclo7) - Thursday, 07 February 2008, 13:27 GMT
Last edited by Vesa Kaihlavirta (vegai) - Friday, 08 February 2008, 08:06 GMT
Opened by Giorgio Lando (patroclo7) - Thursday, 07 February 2008, 13:27 GMT
Last edited by Vesa Kaihlavirta (vegai) - Friday, 08 February 2008, 08:06 GMT
|
Details
Description:
The PKGBUILD for openntpd is a bit confused. In the source array there is a sync_fix_with_adjtimex.patch, which is neither in the tarball nor anywhere else. Probably the idea (a very good one!) was to use one of those patches: http://www.zipworld.com.au/~dtucker/openntpd/patches/ aimed to add support for the Linux adjtimex call to OpenNTPD, to adjust the kernel to compensate for systematic clock skew/drift. However, the patch needs to be ported to the 3.9p1 version of openntpd. I have done this, see the tarball attached. In the PKGBUILD openntpd is configured with the --with-adjtimex timex, so the new feature is actually used. I know that such an important patch should be applied upstream, but actually it has been applied to the upstream version for openbsd, while the development of the portable version seems stalled, so perhaps it is a good idea to apply it in arch. Moreover, the package chooses nobody as user for openntpd, while the openntpd developers invite to create a specific user (and its seems to me that it is also the arch policies to create specific users in these cases, see postfix or bitlbee). In the tarball attached, a user openntpd and a group openntpd are created if absent and openntpd will be run as the openntpd user. The folder where openntpd is moved from /var/empty to /var/lib/openntpd (for analogy with other archlinux packages). Finally, the arch and license fields are added. The tarball included the fixed PKGBUILD, a openntpd.install which creates the group and the user when needed and the updated linux-adjtimex.patch. The rc.d/openntpd and conf.d/openntpd are unmodified. Additional info: * package version(s) openntpd-3.9p1-4 |
This task depends upon
Closed by Vesa Kaihlavirta (vegai)
Friday, 08 February 2008, 08:06 GMT
Reason for closing: Fixed
Additional comments about closing: Applied, tested, uploaded
Friday, 08 February 2008, 08:06 GMT
Reason for closing: Fixed
Additional comments about closing: Applied, tested, uploaded
It should create them with explicitly provided UID/GID number that must not conflict with any other from our UID/GID database:
http://wiki.archlinux.org/index.php/UID_and_GID_List
Thanks!
3.9p1-6:
- installed license file
3.9p1-5:
- fix greps in .install, echo when adding groups
- removed $Id$ in patch
Uploaded i686 & x86_64