Andreas Kusalananda Kähäri <andreas.kah...@icm.uu.se> writes:
> Hi,
>
> I noticed that ntpd would die if I tried to use ntpctl to check on it:
>
> [...]
> 29946 ntpd CALL poll(0xda8993ab5c0,4,1000)
> 29946 ntpd RET poll 1
> 29946 ntpd CALL kbind(0x7f7ffffc2558,0x18,0x7bb3facd5f812ed9)
> 29946 ntpd RET kbind 0
> 29946 ntpd CALL accept(5,0x7f7ffffc2630,0x7f7ffffc262c)
> 29946 ntpd PLDG accept, "unix", errno 1 Operation not permitted
> 29946 ntpd PSIG SIGABRT SIG_DFL
> [...]
>
> I also get ntpd(<pid>): syscall 30 "unix" in the console.
Confirmed, the failure is in control_accept(), which should be allowed
to speak on a Unix socket.
See the diff below.
> Cheer,
>
> ps. is tech@ the right list for these sorts of things?
For this case I'd say "yes", as it was trivial for me to reproduce the
bug.
Index: ntp.c
===================================================================
RCS file: /cvs/src/usr.sbin/ntpd/ntp.c,v
retrieving revision 1.139
diff -u -p -p -u -r1.139 ntp.c
--- ntp.c 30 Oct 2015 16:41:53 -0000 1.139
+++ ntp.c 20 Nov 2015 13:03:29 -0000
@@ -149,7 +149,7 @@ ntp_main(int pipe_prnt[2], int fd_ctl, s
endservent();
/* The ntp process will want to open NTP client sockets -> "inet" */
- if (pledge("stdio inet", NULL) == -1)
+ if (pledge("stdio unix inet", NULL) == -1)
err(1, "pledge");
signal(SIGTERM, ntp_sighdlr);
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
