From: Harlan Stenn Date: Sun, 23 Sep 2007 07:16:18 +0000 (-0400) Subject: [Bug 899] Only show -i/--jaildir -u/--user options if we HAVE_DROPROOT X-Git-Tag: NTP_4_2_5P80~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=958ebcfc149a8bbf0f3fb180bf488a7e19d5b450;p=thirdparty%2Fntp.git [Bug 899] Only show -i/--jaildir -u/--user options if we HAVE_DROPROOT bk: 46f612c2zQHU7kSjOVOz0qJu2HOFIw --- diff --git a/ChangeLog b/ChangeLog index 72d6a2d5f..ed00aed55 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,4 @@ -* [Bug 899] Only show -i/--jaildir option if we HAVE_DROPROOT. +* [Bug 899] Only show -i/--jaildir -u/--user options if we HAVE_DROPROOT. * [Bug 916] 'cryptosw' is undefined if built without OpenSSL. * [Bug 891] 'restrict' config file keyword does not work (partial fix). * [Bug 890] the crypto command seems to be required now. diff --git a/ntpd/ntpd-opts.c b/ntpd/ntpd-opts.c index 1809b62d2..88ea34fac 100644 --- a/ntpd/ntpd-opts.c +++ b/ntpd/ntpd-opts.c @@ -1,7 +1,7 @@ /* * EDIT THIS FILE WITH CAUTION (ntpd-opts.c) * - * It has been AutoGen-ed Sunday September 23, 2007 at 01:59:26 AM EDT + * It has been AutoGen-ed Sunday September 23, 2007 at 03:12:15 AM EDT * From the definitions ntpd-opts.def * and the template file options * @@ -181,7 +181,7 @@ tSCC zPanicgate_Name[] = "panicgate"; /* * Jaildir option description: */ -#ifdef DROPROOT +#ifdef HAVE_DROPROOT tSCC zJaildirText[] = "Jail directory"; tSCC zJaildir_NAME[] = "JAILDIR"; @@ -195,7 +195,7 @@ tSCC zJaildir_Name[] = "jaildir"; #define zJaildirText NULL #define zJaildir_NAME NULL #define zJaildir_Name NULL -#endif /* DROPROOT */ +#endif /* HAVE_DROPROOT */ /* * Interface option description: @@ -311,16 +311,6 @@ tSCC zPropagationdelay_Name[] = "propagationdelay"; #define PROPAGATIONDELAY_FLAGS (OPTST_DISABLED \ | OPTST_SET_ARGTYPE(OPARG_TYPE_STRING)) -/* - * Updateinterval option description: - */ -tSCC zUpdateintervalText[] = - "interval in seconds between scans for new or dropped interfaces"; -tSCC zUpdateinterval_NAME[] = "UPDATEINTERVAL"; -tSCC zUpdateinterval_Name[] = "updateinterval"; -#define UPDATEINTERVAL_FLAGS (OPTST_DISABLED \ - | OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC)) - /* * Statsdir option description: */ @@ -344,6 +334,7 @@ tSCC zTrustedkey_Name[] = "trustedkey"; /* * User option description: */ +#ifdef HAVE_DROPROOT tSCC zUserText[] = "Run as userid (or userid:groupid)"; tSCC zUser_NAME[] = "USER"; @@ -351,6 +342,24 @@ tSCC zUser_Name[] = "user"; #define USER_FLAGS (OPTST_DISABLED \ | OPTST_SET_ARGTYPE(OPARG_TYPE_STRING)) +#else /* disable User */ +#define VALUE_OPT_USER NO_EQUIVALENT +#define USER_FLAGS (OPTST_OMITTED | OPTST_NO_INIT) +#define zUserText NULL +#define zUser_NAME NULL +#define zUser_Name NULL +#endif /* HAVE_DROPROOT */ + +/* + * Updateinterval option description: + */ +tSCC zUpdateintervalText[] = + "interval in seconds between scans for new or dropped interfaces"; +tSCC zUpdateinterval_NAME[] = "UPDATEINTERVAL"; +tSCC zUpdateinterval_Name[] = "updateinterval"; +#define UPDATEINTERVAL_FLAGS (OPTST_DISABLED \ + | OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC)) + /* * Var option description: */ @@ -707,20 +716,8 @@ static tOptDesc optDesc[ OPTION_CT ] = { /* desc, NAME, name */ zPropagationdelayText, zPropagationdelay_NAME, zPropagationdelay_Name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 22, VALUE_OPT_UPDATEINTERVAL, - /* equiv idx, value */ 22, VALUE_OPT_UPDATEINTERVAL, - /* equivalenced to */ NO_EQUIVALENT, - /* min, max, act ct */ 0, 1, 0, - /* opt state flags */ UPDATEINTERVAL_FLAGS, 0, - /* last opt argumnt */ { NULL }, - /* arg list/cookie */ NULL, - /* must/cannot opts */ NULL, NULL, - /* option proc */ optionNumericVal, - /* desc, NAME, name */ zUpdateintervalText, zUpdateinterval_NAME, zUpdateinterval_Name, - /* disablement strs */ NULL, NULL }, - - { /* entry idx, value */ 23, VALUE_OPT_STATSDIR, - /* equiv idx, value */ 23, VALUE_OPT_STATSDIR, + { /* entry idx, value */ 22, VALUE_OPT_STATSDIR, + /* equiv idx, value */ 22, VALUE_OPT_STATSDIR, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ STATSDIR_FLAGS, 0, @@ -731,8 +728,8 @@ static tOptDesc optDesc[ OPTION_CT ] = { /* desc, NAME, name */ zStatsdirText, zStatsdir_NAME, zStatsdir_Name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 24, VALUE_OPT_TRUSTEDKEY, - /* equiv idx, value */ 24, VALUE_OPT_TRUSTEDKEY, + { /* entry idx, value */ 23, VALUE_OPT_TRUSTEDKEY, + /* equiv idx, value */ 23, VALUE_OPT_TRUSTEDKEY, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, NOLIMIT, 0, /* opt state flags */ TRUSTEDKEY_FLAGS, 0, @@ -743,8 +740,8 @@ static tOptDesc optDesc[ OPTION_CT ] = { /* desc, NAME, name */ zTrustedkeyText, zTrustedkey_NAME, zTrustedkey_Name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 25, VALUE_OPT_USER, - /* equiv idx, value */ 25, VALUE_OPT_USER, + { /* entry idx, value */ 24, VALUE_OPT_USER, + /* equiv idx, value */ 24, VALUE_OPT_USER, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ USER_FLAGS, 0, @@ -755,6 +752,18 @@ static tOptDesc optDesc[ OPTION_CT ] = { /* desc, NAME, name */ zUserText, zUser_NAME, zUser_Name, /* disablement strs */ NULL, NULL }, + { /* entry idx, value */ 25, VALUE_OPT_UPDATEINTERVAL, + /* equiv idx, value */ 25, VALUE_OPT_UPDATEINTERVAL, + /* equivalenced to */ NO_EQUIVALENT, + /* min, max, act ct */ 0, 1, 0, + /* opt state flags */ UPDATEINTERVAL_FLAGS, 0, + /* last opt argumnt */ { NULL }, + /* arg list/cookie */ NULL, + /* must/cannot opts */ NULL, NULL, + /* option proc */ optionNumericVal, + /* desc, NAME, name */ zUpdateintervalText, zUpdateinterval_NAME, zUpdateinterval_Name, + /* disablement strs */ NULL, NULL }, + { /* entry idx, value */ 26, VALUE_OPT_VAR, /* equiv idx, value */ 26, VALUE_OPT_VAR, /* equivalenced to */ NO_EQUIVALENT, diff --git a/ntpd/ntpd-opts.h b/ntpd/ntpd-opts.h index da5a53952..059b645d6 100644 --- a/ntpd/ntpd-opts.h +++ b/ntpd/ntpd-opts.h @@ -1,7 +1,7 @@ /* * EDIT THIS FILE WITH CAUTION (ntpd-opts.h) * - * It has been AutoGen-ed Sunday September 23, 2007 at 01:59:25 AM EDT + * It has been AutoGen-ed Sunday September 23, 2007 at 03:12:14 AM EDT * From the definitions ntpd-opts.def * and the template file options * @@ -74,10 +74,10 @@ typedef enum { INDEX_OPT_PRIORITY = 19, INDEX_OPT_QUIT = 20, INDEX_OPT_PROPAGATIONDELAY = 21, - INDEX_OPT_UPDATEINTERVAL = 22, - INDEX_OPT_STATSDIR = 23, - INDEX_OPT_TRUSTEDKEY = 24, - INDEX_OPT_USER = 25, + INDEX_OPT_STATSDIR = 22, + INDEX_OPT_TRUSTEDKEY = 23, + INDEX_OPT_USER = 24, + INDEX_OPT_UPDATEINTERVAL = 25, INDEX_OPT_VAR = 26, INDEX_OPT_DVAR = 27, INDEX_OPT_SLEW = 28, @@ -203,10 +203,6 @@ typedef enum { # warning undefining PROPAGATIONDELAY due to option name conflict # undef PROPAGATIONDELAY # endif -# ifdef UPDATEINTERVAL -# warning undefining UPDATEINTERVAL due to option name conflict -# undef UPDATEINTERVAL -# endif # ifdef STATSDIR # warning undefining STATSDIR due to option name conflict # undef STATSDIR @@ -219,6 +215,10 @@ typedef enum { # warning undefining USER due to option name conflict # undef USER # endif +# ifdef UPDATEINTERVAL +# warning undefining UPDATEINTERVAL due to option name conflict +# undef UPDATEINTERVAL +# endif # ifdef VAR # warning undefining VAR due to option name conflict # undef VAR @@ -254,10 +254,10 @@ typedef enum { # undef PRIORITY # undef QUIT # undef PROPAGATIONDELAY -# undef UPDATEINTERVAL # undef STATSDIR # undef TRUSTEDKEY # undef USER +# undef UPDATEINTERVAL # undef VAR # undef DVAR # undef SLEW @@ -282,9 +282,9 @@ typedef enum { #endif /* DEBUG */ #define VALUE_OPT_DRIFTFILE 'f' #define VALUE_OPT_PANICGATE 'g' -#ifdef DROPROOT +#ifdef HAVE_DROPROOT #define VALUE_OPT_JAILDIR 'i' -#endif /* DROPROOT */ +#endif /* HAVE_DROPROOT */ #define VALUE_OPT_INTERFACE 'I' #define VALUE_OPT_KEYFILE 'k' #define VALUE_OPT_LOGFILE 'l' @@ -299,11 +299,13 @@ typedef enum { #define OPT_VALUE_PRIORITY (DESC(PRIORITY).optArg.argInt) #define VALUE_OPT_QUIT 'q' #define VALUE_OPT_PROPAGATIONDELAY 'r' -#define VALUE_OPT_UPDATEINTERVAL 'U' -#define OPT_VALUE_UPDATEINTERVAL (DESC(UPDATEINTERVAL).optArg.argInt) #define VALUE_OPT_STATSDIR 's' #define VALUE_OPT_TRUSTEDKEY 't' +#ifdef HAVE_DROPROOT #define VALUE_OPT_USER 'u' +#endif /* HAVE_DROPROOT */ +#define VALUE_OPT_UPDATEINTERVAL 'U' +#define OPT_VALUE_UPDATEINTERVAL (DESC(UPDATEINTERVAL).optArg.argInt) #define VALUE_OPT_VAR 26 #define VALUE_OPT_DVAR 27 #define VALUE_OPT_SLEW 'x' diff --git a/ntpd/ntpd-opts.texi b/ntpd/ntpd-opts.texi index 7d5f844c2..82d298c62 100644 --- a/ntpd/ntpd-opts.texi +++ b/ntpd/ntpd-opts.texi @@ -6,7 +6,7 @@ # # EDIT THIS FILE WITH CAUTION (ntpd-opts.texi) # -# It has been AutoGen-ed Sunday September 23, 2007 at 01:59:28 AM EDT +# It has been AutoGen-ed Sunday September 23, 2007 at 03:12:17 AM EDT # From the definitions ntpd-opts.def # and the template file aginfo.tpl @end ignore @@ -272,7 +272,7 @@ This is the ``jail directory'' option. This option has some usage constraints. It: @itemize @bullet @item -must be compiled in by defining @code{DROPROOT} during the compilation. +must be compiled in by defining @code{HAVE_DROPROOT} during the compilation. @end itemize Chroot the server to the directory @@ -403,16 +403,6 @@ Note: The kernel time discipline is disabled with this option. This is the ``broadcast/propagation delay'' option. Specify the default propagation delay from the broadcast/multicast server to this client. This is necessary only if the delay cannot be computed automatically by the protocol. -@node ntpd updateinterval -@subsection updateinterval option (-U) -@cindex ntpd-updateinterval - -This is the ``interval in seconds between scans for new or dropped interfaces'' option. -Give the time in seconds between two scans for new or dropped interfaces. -For systems with routing socket support the scans will be performed shortly after the interface change -has been detected by the system. -Use 0 to disable scanning. 60 seconds is the minimum time between scans. - @node ntpd statsdir @subsection statsdir option (-s) @cindex ntpd-statsdir @@ -442,6 +432,13 @@ Add a key number to the trusted key list. @cindex ntpd-user This is the ``run as userid (or userid:groupid)'' option. + +This option has some usage constraints. It: +@itemize @bullet +@item +must be compiled in by defining @code{HAVE_DROPROOT} during the compilation. +@end itemize + Specify a user, and optionally a group, to switch to. This option is only available if the OS supports to run the server without full root privileges. Currently, this option is supported under NetBSD (configure with @@ -450,6 +447,16 @@ Currently, this option is supported under NetBSD (configure with --enable-linuxcaps ). +@node ntpd updateinterval +@subsection updateinterval option (-U) +@cindex ntpd-updateinterval + +This is the ``interval in seconds between scans for new or dropped interfaces'' option. +Give the time in seconds between two scans for new or dropped interfaces. +For systems with routing socket support the scans will be performed shortly after the interface change +has been detected by the system. +Use 0 to disable scanning. 60 seconds is the minimum time between scans. + @node ntpd var @subsection var option @cindex ntpd-var diff --git a/ntpd/ntpd.1 b/ntpd/ntpd.1 index 6809fb8d5..629847127 100644 --- a/ntpd/ntpd.1 +++ b/ntpd/ntpd.1 @@ -1,7 +1,7 @@ .TH NTPD 1 2007-09-23 "( 4.2.5p79)" "Programmer's Manual" .\" EDIT THIS FILE WITH CAUTION (ntpd.1) .\" -.\" It has been AutoGen-ed Sunday September 23, 2007 at 01:59:27 AM EDT +.\" It has been AutoGen-ed Sunday September 23, 2007 at 03:12:16 AM EDT .\" From the definitions ntpd-opts.def .\" and the template file agman1.tpl .\" @@ -200,15 +200,6 @@ Broadcast/propagation delay. .sp Specify the default propagation delay from the broadcast/multicast server to this client. This is necessary only if the delay cannot be computed automatically by the protocol. .TP -.BR \-U " \fInumber\fP, " \--updateinterval "=" \fInumber\fP -interval in seconds between scans for new or dropped interfaces. -This option takes an integer number as its argument. -.sp -Give the time in seconds between two scans for new or dropped interfaces. -For systems with routing socket support the scans will be performed shortly after the interface change -has been detected by the system. -Use 0 to disable scanning. 60 seconds is the minimum time between scans. -.TP .BR \-s " \fIstring\fP, " \--statsdir "=" \fIstring\fP Statistics file location. .sp @@ -234,6 +225,15 @@ Currently, this option is supported under NetBSD (configure with --enable-linuxcaps ). .TP +.BR \-U " \fInumber\fP, " \--updateinterval "=" \fInumber\fP +interval in seconds between scans for new or dropped interfaces. +This option takes an integer number as its argument. +.sp +Give the time in seconds between two scans for new or dropped interfaces. +For systems with routing socket support the scans will be performed shortly after the interface change +has been detected by the system. +Use 0 to disable scanning. 60 seconds is the minimum time between scans. +.TP .BR \--var "=\fInvar\fP" make ARG an ntp variable (RW). This option may appear an unlimited number of times. diff --git a/ntpd/ntpdbase-opts.def b/ntpd/ntpdbase-opts.def index 7e30d01d7..39cb81741 100644 --- a/ntpd/ntpdbase-opts.def +++ b/ntpd/ntpdbase-opts.def @@ -141,7 +141,7 @@ flag = { #endif flag = { - ifdef = DROPROOT; + ifdef = HAVE_DROPROOT; name = jaildir; value = i; arg-type = string; @@ -304,19 +304,6 @@ flag = { _EndOfDoc_; }; -flag = { - name = updateinterval; - value = U; - arg-type = number; - descrip = "interval in seconds between scans for new or dropped interfaces"; - doc = <<- _EndOfDoc_ - Give the time in seconds between two scans for new or dropped interfaces. - For systems with routing socket support the scans will be performed shortly after the interface change - has been detected by the system. - Use 0 to disable scanning. 60 seconds is the minimum time between scans. - _EndOfDoc_; -}; - flag = { name = statsdir; value = s; @@ -365,18 +352,8 @@ flag = { }; #endif -#ifdef SIM -flag = { - name = walknoise; - value = W; - arg-type = string; - descrip = "Simulation random walk noise"; - doc = <<- _EndOfDoc_ - _EndOfDoc_; -}; -#endif - flag = { + ifdef = HAVE_DROPROOT; name = user; value = u; arg-type = string; @@ -392,6 +369,19 @@ flag = { _EndOfDoc_; }; +flag = { + name = updateinterval; + value = U; + arg-type = number; + descrip = "interval in seconds between scans for new or dropped interfaces"; + doc = <<- _EndOfDoc_ + Give the time in seconds between two scans for new or dropped interfaces. + For systems with routing socket support the scans will be performed shortly after the interface change + has been detected by the system. + Use 0 to disable scanning. 60 seconds is the minimum time between scans. + _EndOfDoc_; +}; + flag = { name = var; /* value = v; Bug 817 */ @@ -416,6 +406,17 @@ flag = { _EndOfDoc_; }; +#ifdef SIM +flag = { + name = walknoise; + value = W; + arg-type = string; + descrip = "Simulation random walk noise"; + doc = <<- _EndOfDoc_ + _EndOfDoc_; +}; +#endif + flag = { name = slew; value = x;