chronyd as non-root user WAS (Re: [chrony-dev] [Regression 3.5 -> 4.0-pre1]: Could not remove /run/chronyd.pid : Permission denied) |
[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]
On 2020-05-14 07:19, Miroslav Lichvar wrote:
That is exactly it. We would like to run chronyd as a non-root user, using only CAP_SYS_TIME and any other capabilities that are needed short of CAP_SYS_ADMIN. Thank you for the pointers, I'll take some time to look through the list archives and see what's been discussed/implemented so far.On Wed, May 13, 2020 at 08:34:27PM +0000, Easwar Hariharan wrote:Apologies, I let my excitement get away from me and inadvertently replied from my Outlook mailbox. I should have also taken a closer look at the thread and the code. I'll take a deeper look at FEAT_PRIVDROP and associated code to see what's already been implemented in this space. Sorry about the tangent.I'm not sure what exactly would you like to support, but starting chronyd under a non-root user was discussed few times on this list and the users list, so you might also want to search the archives.
Thanks, Easwar -- To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject. For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject. Trouble? Email listmaster@xxxxxxxxxxxxxxxxxxxx.
Mail converted by MHonArc 2.6.19+ | http://listengine.tuxfamily.org/ |