[chrony-dev] [PATCH v4 1/3] sys_linux: report if CAP_SYS_TIME is not present

[Christian Ehrhardt <christian.ehrhardt@xxxxxxxxxxxxx>]

Instead of having adjtimex just fail with a permission issue
improve the error messaging by warning for the lack of
CAP_SYS_TIME on SYS_Linux_Initialise.

Message will look like (instead of only the latter message):
 CAP_SYS_TIME not present
 adjtimex(0x8001) failed : Operation not permitted

Signed-off-by: Christian Ehrhardt <christian.ehrhardt@xxxxxxxxxxxxx>
---
 sys_linux.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/sys_linux.c b/sys_linux.c
index f445727..7848816 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -381,6 +381,15 @@ test_step_offset(void)
 }
 
 /* ================================================== */
+
+static void SYS_Linux_ReportTimeAdjustBlockers(void)
+{
+  if (CAP_IS_SUPPORTED(CAP_SYS_TIME) && cap_get_bound(CAP_SYS_TIME))
+    return;
+  LOG(LOGS_WARN, "CAP_SYS_TIME not present");
+}
+
+/* ================================================== */
 /* Initialisation code for this module */
 
 void
@@ -388,6 +397,10 @@ SYS_Linux_Initialise(void)
 {
   get_version_specific_details();
 
+#if defined (FEAT_PRIVDROP)
+  SYS_Linux_ReportTimeAdjustBlockers();
+#endif
+
   reset_adjtime_offset();
 
   if (have_setoffset && !test_step_offset()) {
-- 
2.7.4


-- 
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.