Date: Sat, 21 Jul 2018 12:14:10 -0600 From: Ian Lepore <ian@freebsd.org> To: bob prohaska <fbsd@www.zefox.net> Cc: Pete Wright <pete@nomadlogic.org>, FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: ntpd as ntpd user question Message-ID: <1532196850.1344.87.camel@freebsd.org> In-Reply-To: <20180721174722.GA40167@www.zefox.net> References: <5b90c49f-4616-9ef7-28a1-6445137245ef@nomadlogic.org> <1532191655.1344.80.camel@freebsd.org> <4b7acbd2-0230-345c-4370-24a72d0b492a@nomadlogic.org> <1532193285.1344.83.camel@freebsd.org> <20180721174722.GA40167@www.zefox.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 2018-07-21 at 10:47 -0700, bob prohaska wrote: > On Sat, Jul 21, 2018 at 11:14:45AM -0600, Ian Lepore wrote: > > > > > > There's a "pre-world" stage of mergemaster (-Fp option I think) which > > isn't needed often, but one of the times it is needed is apparently > > when new user ids are added. ?(So I've been told, I've never much used > > mergemaster myself). I think there are some words about it at the very > > bottom of UPDATING. > > > FWIW, installkernel stopped with the note about needing an ntpd user/group. > Never having been successful with mergemaster (couldn't make heads nor tails > of the "what to do" prompts) I just ran adduser, creating a locked ntpd user > and group. Nothing else special done. The machine is up to r336567 on arm64. > > Installkernel ran, I didn't touch anthing in /etc manually and reboot looked normal. > For now it seems ignorance is bliss.... > > If there's something special I should do (beyond locking) to secure the ntpd > account please warn me. > > Thanks for reading, > > bob prohaska I can't see any way that installkernel would lead to the complaint about the ntpd user not existing; that check is tied to the installworld target. A quick way to check whether ntpd is running as ntpd user: procstat cred `pgrep ntpd` PID COMM EUID RUID SVUID EGID RGID SVGID UMASK FLAGS GROUPS 1176 ntpd 123 123 123 123 123 123 022 - 123 -- Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1532196850.1344.87.camel>