Bug#855290: ntpd.sock created in /var/lib/openntpd/run/ instead of /run/openntpd ?

Sat, 18 Feb 2017 10:34:11 -0800 

Le 18/02/17 à 13:12, Dererk a écrit :

On 16/02/17 10:19, Laurent Bigonville wrote:

Package: openntpd
Version: 1:6.0p1-2
Severity: normal

Hi,

Is that expected that the ntpd.sock socket is created in
/var/lib/openntpd/run/ instead of /run/openntpd ?

IMHO, it should be put in /run and only the drift files should be put in
/var/lib

Regards,

Hi!

Would you mind sharing how this represents an issue w/ severity normal?
This is default severity of a bug, what really matters is IMHO RC vs non-RC bugs the rest is at the maintainer discretion... 


On the other hand, both path mentioned are hardcoded at ntpd.h
#define DRIFTFILE   LOCALSTATEDIR "/db/ntpd.drift"
#define CTLSOCKET   LOCALSTATEDIR "/run/ntpd.sock"

As you can see, either you patch the patch the thing or you use /run to
store both drift and sock files, which since the whole reason for the
driftfile to exists is tracking, renders the last statement unacceptable.
The default value for LOCALSTATEDIR is usually /var, so the intent from upstream seems to install the drift files in /var/db/ntpd.drift and the socket in /var/run/ntpd.sock if I'm not wrong.
As /var/db is not used often/at all in debian, I can understand why the drift file is put in /var/lib/openntpd, not sure why the socket is created in /var/lib though, most of the packages are creating that kind of thing in /var/run.
Please also note that after upgrading a machine from jessie, I get 2 drift files, one in /var/lib/openntpd (looking at the date this is the old file and owned by ntpd user) and one in /var/lib/openntpd/db (the new one owned by root), so the situation has changed since stable.
IMVHO, you should remove the "--localstatedir=/var/lib/openntpd" flag from the configure and patch the code to change the path from /var/db to /var/lib/openntpd.
What is not clear to me is whether the privilege separation mechanism is interfering here (I didn't read the complete code but I don't think it's the case). 

Kind regards,

Laurent Bigonville



I would love to help, but honestly I don't get why this represents an issue!

Thanks for reporting and for caring about openntpd.

Cheers,

Dererk

Reply via email to