The child process retains root privileges, but can only perform a very limited
range of privileged system calls on behalf of the parent.
+*-U*::
+This option disables a check for root privileges to allow *chronyd* to be
+started under a non-root user, assuming the process will have all capabilities
+(e.g. provided by the service manager) and access to all files, directories,
+and devices, needed to operate correctly in the specified configuration. Note
+that different capabilities might be needed with different configurations and
+different Linux kernel versions. Starting *chronyd* under a non-root user is
+not recommended when the configuration is not known, or at least limited to
+specific directives.
+
*-F* _level_::
This option configures a system call filter when *chronyd* is compiled with
support for the Linux secure computing (seccomp) facility. In level 1 the
int do_init_rtc = 0, restarted = 0, client_only = 0, timeout = -1;
int scfilter_level = 0, lock_memory = 0, sched_priority = 0;
int clock_control = 1, system_log = 1, log_severity = LOGS_INFO;
- int config_args = 0, print_config = 0;
+ int user_check = 1, config_args = 0, print_config = 0;
do_platform_checks();
optind = 1;
/* Parse short command-line options */
- while ((opt = getopt(argc, argv, "46df:F:hl:L:mnpP:qQrRst:u:vx")) != -1) {
+ while ((opt = getopt(argc, argv, "46df:F:hl:L:mnpP:qQrRst:u:Uvx")) != -1) {
switch (opt) {
case '4':
case '6':
break;
case 'p':
print_config = 1;
- client_only = 1;
+ user_check = 0;
nofork = 1;
system_log = 0;
break;
ref_mode = REF_ModePrintOnce;
nofork = 1;
client_only = 1;
+ user_check = 0;
clock_control = 0;
system_log = 0;
break;
case 'u':
user = optarg;
break;
+ case 'U':
+ user_check = 0;
+ break;
case 'v':
print_version();
return 0;
}
}
- if (getuid() && !client_only)
+ if (user_check && getuid() != 0)
LOG_FATAL("Not superuser");
/* Turn into a daemon */
projects / thirdparty / chrony.git / commitdiff
