[ntp:questions] ntp.conf: ownership and permissions

Richard B. Gilbert rgilbert88 at comcast.net
Tue Dec 19 16:11:45 UTC 2006


woger151 at jqpx37.cotse.net wrote:

> What is the minimal access rights that can be placed on ntp.conf in
> order for ntpd to work properly?
> 
> I.e., does the non-root user (say, "ntp") that runs ntpd need read
> access?  Or does ntpd start up as root, read ntp.conf, then spawn a
> process owned by ntp and hand the information off without user ntp ever
> needing to read ntp.conf?
> 

I suspect that a great deal depends on what O/S you are using.   On 
Solaris, ntpd runs as root (necessary to adjust system clock).  I 
believe that some flavors of Linux somehow "drop root privileges" but 
I'm not familiar with the details.

Whatever account is running nptd needs read access.  Since there is 
normally nothing particularly secret about an ntpd configuration you
need not worry about who can read it.  Since it's not "executable" you 
need not worry about who can execute it.  It should normally be 
writeable only by root.

Mine is:
sunblok_$ ls -al /etc/ntp.conf
-rw-r--r--   1 root     other       1657 May 27  2006 /etc/ntp.conf




More information about the questions mailing list