| Re: [chrony-dev] [Regression 3.5 -> 4.0-pre1]: Could not remove /run/chronyd.pid : Permission denied |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-dev Archives
]
- To: chrony-dev@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [chrony-dev] [Regression 3.5 -> 4.0-pre1]: Could not remove /run/chronyd.pid : Permission denied
- From: Miroslav Lichvar <mlichvar@xxxxxxxxxx>
- Date: Tue, 28 Apr 2020 10:26:13 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1588062378; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nnhVe2dmiwmfPJVkz9Z/+AqGPcM2d8o2hGXCx1d+3OI=; b=WPZGUvcCIKAJladmxGjdomARmaLVY3jNIMPa0JoYap3R8npybO+W0Mr3T6uRL4K2RZ5iTY hCp8u0bUJeI1VNi6WRlwpTglqK/PKoFVOcM1AKAf+ShmPQoufOUZ2xI0QzMHGnHHAmI+Hw rj+HRokcumCZ34+R7Fp7sB/1M/OiZTc=
On Mon, Apr 27, 2020 at 10:12:59PM +0200, Vincent Blut wrote:
> $ getfacl /run/chrony 2>/dev/null
> # file: run/chrony
> # owner: _chrony
> # group: _chrony
> user::rwx
> group::r-x
> other::---
>
> Nonetheless, from a security point of view, would it not be better to change
> the group ownership to root and set the permissions to 770?
Maybe. I don't know. I what case it would make a difference?
--
Miroslav Lichvar
--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.