Add user directive for dropping root privileges

This is equivalent to the -u option.

diff --git a/chrony.texi b/chrony.texi
index 94e8323a8ebec6ca09e9e43286ce628bfe66e4e5..d0617c709d9d0ad451ce591ced3a33acf5dadc5b 100644 (file)
--- a/chrony.texi
+++ b/chrony.texi
@@ -1219,6 +1219,7 @@ directives can occur in any order in the file.
 * stratumweight directive::     Specify how important is stratum when selecting source
 * lock_all directive::          Require that chronyd be locked into RAM. 
 * tempcomp directive::          Specify temperature sensor and compensation coefficients
+* user directive::              Specify user for dropping root privileges
 
 @end menu
 @c }}}
@@ -2882,6 +2883,15 @@ every 30 seconds.  When the temperature is 26 degress (26000), the system clock
 frequency will not be adjusted.  When it is 27 degrees (27000), the clock will
 be set to run 0.183ppm faster than it would be without the compensation, etc.
 
+@c }}}
+@c {{{ user
+@node user directive
+@subsection user
+The @code{user} directive sets the name of the user to which will
+@code{chronyd} drop root privileges after the initialisation. So far, it works
+only on Linux when compiled with capabilities support.
+
+By default, root privileges are not dropped.
 @c }}}
 @c }}}
 @c {{{ S:Running chronyc

diff --git a/conf.c b/conf.c
index 6136cb7c25a01b8d9dae21c3da3dc40fcc5c0c08..0d330e8236ef13e9f6da450d7e8f197bf8a8d0cf 100644 (file)
--- a/conf.c
+++ b/conf.c
@@ -113,6 +113,7 @@ static void parse_lockall(const char *);
 static void parse_tempcomp(const char *);
 static void parse_include(const char *);
 static void parse_leapsectz(const char *);
+static void parse_user(const char *);
 
 /* ================================================== */
 /* Configuration variables */
@@ -229,6 +230,9 @@ static int lock_memory = 0;
 /* Name of a system timezone containing leap seconds occuring at midnight */
 static char *leapsec_tz = NULL;
 
+/* Name of the user to which will be dropped root privileges. */
+static char *user = NULL;
+
 /* ================================================== */
 
 typedef struct {
@@ -284,6 +288,7 @@ static const Command commands[] = {
   {"leapsectz", 9, parse_leapsectz},
   {"linux_hz", 8, parse_linux_hz},
   {"linux_freq_scale", 16, parse_linux_freq_scale},
+  {"user", 4, parse_user},
   {"sched_priority", 14, parse_sched_priority},
   {"lock_all", 8, parse_lockall}
 };
@@ -1343,6 +1348,16 @@ parse_linux_freq_scale(const char *line)
 
 /* ================================================== */
 
+static void
+parse_user(const char *line)
+{
+  /* This must allocate enough space! */
+  user = MallocArray(char, 1 + strlen(line));
+  sscanf(line, "%s", user);
+}
+
+/* ================================================== */
+
 void
 CNF_ProcessInitStepSlew(void (*after_hook)(void *), void *anything)
 {
@@ -1797,3 +1812,10 @@ CNF_GetTempComp(char **file, double *interval, double *T0, double *k0, double *k
   *k2 = tempcomp_k2;
 }
 
+/* ================================================== */
+
+char *
+CNF_GetUser(void)
+{
+  return user;
+}

diff --git a/conf.h b/conf.h
index cbe15ed2ab1d2fccbf96af18c18102280c8c4bf4..68ea0e1e8d43b88c98dd97b403aeb131abe0014e 100644 (file)
--- a/conf.h
+++ b/conf.h
@@ -92,4 +92,6 @@ extern int CNF_GetLockMemory(void);
 
 extern void CNF_GetTempComp(char **file, double *interval, double *T0, double *k0, double *k1, double *k2);
 
+extern char *CNF_GetUser(void);
+
 #endif /* GOT_CONF_H */

diff --git a/main.c b/main.c
index 6968ded209012a2bd2fed2787119b0fe6401d33f..dd08ca23df53020fb9be41b30c67b5c1249c1acf 100644 (file)
--- a/main.c
+++ b/main.c
@@ -394,6 +394,9 @@ int main
     SYS_LockMemory();
   }
 
+  if (!user) {
+    user = CNF_GetUser();
+  }
   if (user) {
     SYS_DropRoot(user);
   }