From owner-freebsd-current@freebsd.org Sat Jul 21 18:23:45 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BC0B31052A5D for ; Sat, 21 Jul 2018 18:23:45 +0000 (UTC) (envelope-from pete@nomadlogic.org) Received: from vps-mail.nomadlogic.org (mail.nomadlogic.org [IPv6:2607:f2f8:a098::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2FDBD72EE5 for ; Sat, 21 Jul 2018 18:23:45 +0000 (UTC) (envelope-from pete@nomadlogic.org) Received: from [IPv6:2605:e000:1313:89:223:24ff:fea8:4fb5] (2605:e000:1313:89:223:24ff:fea8:4fb5 [IPv6:2605:e000:1313:89:223:24ff:fea8:4fb5]) by vps-mail.nomadlogic.org (OpenSMTPD) with ESMTPSA id 6b9d106e TLS version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO for ; Sat, 21 Jul 2018 11:23:41 -0700 (PDT) Subject: Re: ntpd as ntpd user question To: freebsd-current@freebsd.org References: <5b90c49f-4616-9ef7-28a1-6445137245ef@nomadlogic.org> <1532191655.1344.80.camel@freebsd.org> <4b7acbd2-0230-345c-4370-24a72d0b492a@nomadlogic.org> <1532193285.1344.83.camel@freebsd.org> From: Pete Wright Message-ID: Date: Sat, 21 Jul 2018 11:23:37 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <1532193285.1344.83.camel@freebsd.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jul 2018 18:23:46 -0000 On 07/21/2018 10:14, Ian Lepore wrote: > On Sat, 2018-07-21 at 10:11 -0700, Pete Wright wrote: >> On 07/21/2018 09:47, Ian Lepore wrote: >>> On Sat, 2018-07-21 at 09:41 -0700, Pete Wright wrote: >>>> hello - i am testing out the new ntpd that was committed >>>> yesterday and >>>> am attempting to run as non-root.  i've created a ntpd >>>> user/group, and >>>> verified permissions look good on pertinent directories.  i am >>>> running >>>> into an issue with the rc script tho - it's complaining about >>>> multiple >>>> pid files being specified? >>>> >>>> $ sudo /etc/rc.d/ntpd start >>>> Starting ntpd. >>>> ntpd error:  only one pidfile option allowed >>>> ntpd - NTP daemon program - Ver. 4.2.8p11 >>>> Usage:  ntpd [ - [] | --[{=| }] ]... \ >>>>           [  ...  ] >>>> Try 'ntpd --help' for more information. >>>> /etc/rc.d/ntpd: WARNING: failed to start ntpd >>>> >>>> >>>> has anyone else seen this issue? not sure if this is an issue >>>> with my >>>> local config or not, i've read through the rc script and its not >>>> obvious >>>> to me yet why it may be getting multiple pid arguments passed. >>>> the only >>>> relevant bit i have set in rc.conf is: >>>> >>>> $ grep ntpd /etc/rc.conf >>>> ntpd_enable="YES" >>>> >>>> >>>> thanks! >>>> -pete >>>> >>> You say you created an ntpd user/group, that seems to imply you >>> didn't >>> run mergemaster (which would have done that). If that's the case, >>> you >>> probably also didn't get /etc/defaults/rc.conf updated, so it still >>> has >>> the old ntpd_flags that includes the pidfile (which is now provided >>> by >>> the startup script and shouldn't be set in ntpd_flags). >>> >>> If all of that is the wrong guess, let me know and we'll figure it >>> out. >> that's Ian - that's most likely it (defaults/rc.conf).  i did run >> mergemaster but i suspect i didn't run it correctly b/c it didn't >> copy >> over any files, nor create the ntpd uid/gid.  my buildworld script >> does >> a "mergemaster -m $CHECKOUT -a".  i'll re-read the man page today >> and >> update my scripts accordingly. >> >> thanks again for the bread-crumb! >> -pete >> > There's a "pre-world" stage of mergemaster (-Fp option I think) which > isn't needed often, but one of the times it is needed is apparently > when new user ids are added.  (So I've been told, I've never much used > mergemaster myself). I think there are some words about it at the very > bottom of UPDATING. so i was running the "pre-world" mergemaster, but i think what bit me was relying on the "-a" switch.  after reading UPDATING as you suggested i re-ran mergemaster like so: "sudo mergemaster -m $CHECKOUT -rvF" which seems closer in-line with the documentation.  i had a ton of stuff missing, which would explain some funky behaviour i've seen in regards to devd, so glad i sorted this out. as someone RW mentions later in this thread, it would be sweet if mergemaster could auto add users/groups.  i missed this in the diff during my pre-installworld mergemaster run.  easily fixed - but def something i'll have to keep my eye out for. cheers, -pete -- Pete Wright pete@nomadlogic.org @nomadlogicLA