GNU bug report logs -
#24366
ntpd cannot write to its drift file.
Previous Next
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 24366 in the body.
You can then email your comments to 24366 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guix <at> gnu.org
:
bug#24366
; Package
guix
.
(Sun, 04 Sep 2016 17:47:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
John Darrington <john <at> darrington.wattle.id.au>
:
New bug report received and forwarded. Copy sent to
bug-guix <at> gnu.org
.
(Sun, 04 Sep 2016 17:47:01 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Running the ntpd service I see lots of messages in /var/log/messages like:
Sep 4 13:02:21 localhost ntpd[302]: frequency file /var/run/ntp.drift.TEMP: Permission denied
J'
--
Avoid eavesdropping. Send strong encryted email.
PGP Public key ID: 1024D/2DE827B3
fingerprint = 8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org
:
bug#24366
; Package
guix
.
(Sun, 04 Sep 2016 20:23:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 24366 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Sun, Sep 04, 2016 at 07:45:47PM +0200, John Darrington wrote:
> Running the ntpd service I see lots of messages in /var/log/messages like:
>
> Sep 4 13:02:21 localhost ntpd[302]: frequency file /var/run/ntp.drift.TEMP: Permission denied
Can the user that runs ntpd write to that directory?
Is there a build time configuration that we should tweak?
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org
:
bug#24366
; Package
guix
.
(Sun, 04 Sep 2016 20:25:01 GMT)
Full text and
rfc822 format available.
Message #11 received at 24366 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Sun, Sep 04, 2016 at 04:22:09PM -0400, Leo Famulari wrote:
On Sun, Sep 04, 2016 at 07:45:47PM +0200, John Darrington wrote:
> Running the ntpd service I see lots of messages in /var/log/messages like:
>
> Sep 4 13:02:21 localhost ntpd[302]: frequency file /var/run/ntp.drift.TEMP: Permission denied
Can the user that runs ntpd write to that directory?
No. ntpd runs as its own user. /var/run is owned by root.
Is there a build time configuration that we should tweak?
Not that I'm aware of.
J'
--
Avoid eavesdropping. Send strong encryted email.
PGP Public key ID: 1024D/2DE827B3
fingerprint = 8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org
:
bug#24366
; Package
guix
.
(Sun, 04 Sep 2016 20:44:01 GMT)
Full text and
rfc822 format available.
Message #14 received at 24366 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Sun, Sep 04, 2016 at 10:24:54PM +0200, John Darrington wrote:
> On Sun, Sep 04, 2016 at 04:22:09PM -0400, Leo Famulari wrote:
> On Sun, Sep 04, 2016 at 07:45:47PM +0200, John Darrington wrote:
> > Running the ntpd service I see lots of messages in /var/log/messages like:
> >
> > Sep 4 13:02:21 localhost ntpd[302]: frequency file /var/run/ntp.drift.TEMP: Permission denied
>
> Can the user that runs ntpd write to that directory?
>
> No. ntpd runs as its own user. /var/run is owned by root.
>
> Is there a build time configuration that we should tweak?
>
> Not that I'm aware of.
Hm, how do other distros avoid this problem?
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org
:
bug#24366
; Package
guix
.
(Sun, 04 Sep 2016 21:13:01 GMT)
Full text and
rfc822 format available.
Message #17 received at 24366 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Sun, Sep 04, 2016 at 04:43:53PM -0400, Leo Famulari wrote:
On Sun, Sep 04, 2016 at 10:24:54PM +0200, John Darrington wrote:
> On Sun, Sep 04, 2016 at 04:22:09PM -0400, Leo Famulari wrote:
> On Sun, Sep 04, 2016 at 07:45:47PM +0200, John Darrington wrote:
> > Running the ntpd service I see lots of messages in /var/log/messages like:
> >
> > Sep 4 13:02:21 localhost ntpd[302]: frequency file /var/run/ntp.drift.TEMP: Permission denied
>
> Can the user that runs ntpd write to that directory?
>
> No. ntpd runs as its own user. /var/run is owned by root.
>
> Is there a build time configuration that we should tweak?
>
> Not that I'm aware of.
Hm, how do other distros avoid this problem?
Well the obvious way would be to use a directory which is owned by the ntpd user.
J'
--
Avoid eavesdropping. Send strong encryted email.
PGP Public key ID: 1024D/2DE827B3
fingerprint = 8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
bug-guix <at> gnu.org
:
bug#24366
; Package
guix
.
(Tue, 06 Sep 2016 19:07:01 GMT)
Full text and
rfc822 format available.
Message #20 received at 24366 <at> debbugs.gnu.org (full text, mbox):
I think this fixes the problem. What do you think?
* gnu/services/networking.scm (ntp-shepherd-service): Create new
directory at startup.
---
gnu/services/networking.scm | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index 71f49a0..714dc80 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -271,8 +271,11 @@ Protocol (DHCP) client, on all the non-loopback network interfaces."
(($ <ntp-configuration> ntp servers)
(let ()
;; TODO: Add authentication support.
+ (define %user
+ (getpw "ntpd"))
+
(define config
- (string-append "driftfile /var/run/ntp.drift\n"
+ (string-append "driftfile /var/run/ntpd/ntp.drift\n"
(string-join (map (cut string-append "server " <>)
servers)
"\n")
@@ -294,6 +297,8 @@ restrict -6 ::1\n"))
(documentation "Run the Network Time Protocol (NTP) daemon.")
(requirement '(user-processes networking))
(start #~(make-forkexec-constructor
+ (mkdir-p "/var/run/ntpd")
+ (chown "/var/run/nptd" (passwd:uid %user) (passwd:gid %user))
(list (string-append #$ntp "/bin/ntpd") "-n"
"-c" #$ntpd.conf "-u" "ntpd")))
(stop #~(make-kill-destructor))))))))
--
2.1.4
Reply sent
to
ludo <at> gnu.org (Ludovic Courtès)
:
You have taken responsibility.
(Fri, 09 Sep 2016 14:28:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
John Darrington <john <at> darrington.wattle.id.au>
:
bug acknowledged by developer.
(Fri, 09 Sep 2016 14:28:02 GMT)
Full text and
rfc822 format available.
Message #25 received at 24366-done <at> debbugs.gnu.org (full text, mbox):
Fixed in 1c6c0ad067b558fcbebd87e8cb51d342d808163e.
Ludo’.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org
.
(Sat, 08 Oct 2016 11:24:03 GMT)
Full text and
rfc822 format available.
This bug report was last modified 7 years and 194 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.