| Re: [chrony-dev] [PATCH] MacOS X - Drop root privilege |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-dev Archives
]
On Tue, Nov 24, 2015 at 08:41:06AM +1300, Bryan Christianson wrote:
> @@ -978,7 +978,8 @@ This option sets the name of the system user to which @code{chronyd} will
> switch after start in order to drop root privileges. It overrides the
> @code{user} directive (default @code{@DEFAULT_USER@}). It may be set to a
> non-root user only when @code{chronyd} is compiled with support for Linux
> -capabilities (libcap) or on NetBSD with the @code{/dev/clockctl} device.
> +capabilities (libcap), on NetBSD with the @code{/dev/clockctl} device or on
> +MacOS X.
Could this explain the privilege separation? The users might want to
know why there are two processes running and one keeps the root
privileges. Please feel free to rewrite that section completely if it
doesn't fit well there.
Also, is it MacOS X or Mac OS X? Wikipedia suggests the latter.
> --- a/sys_macosx.c
> +++ b/sys_macosx.c
> @@ -31,16 +31,7 @@
>
> #ifdef MACOSX
>
> -#include <sys/sysctl.h>
> -#include <sys/time.h>
> -
> -#include <nlist.h>
> -#include <fcntl.h>
> -#include <assert.h>
> -#include <sys/time.h>
> -
> -#include <stdio.h>
> -#include <signal.h>
> +#include "sysincl.h"
This looks like an unrelated change, that would be better to put in a
separate patch. Commits are cheap :).
--
Miroslav Lichvar
--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.