[ntp:questions] NTP daemon broken in 2.6.19?
Timo.Felbinger at physik.uni-potsdam.de
Fri Dec 29 10:16:16 UTC 2006
On Sat, 23 Dec 2006, MH wrote:
> Timo Felbinger wrote:
> > On Sun, 17 Dec 2006, MH wrote:
> >> I recently upgraded my kernel from 2.6.13 to 2.6.19 and discovered that
> >> NTP service is no longer functional. The NTP daemon logs the following:
> >> cap_set_proc() failed to drop root privileges: Operation not permitted
> > Make sure you have the "default linux capabilities" in your new kernel,
> > either as a module (modprobe capability), or just compile them statically
> > into the kernel (somewhere under "security options" in the kernel config
> > menu).
> They were. Tried compiling them into the kernel as well. Same end result.
> Weird thing is that NTPD actually synchronized successfully ONCE after the
> new kernel was installed. It did not initially, nor has it since. Very odd.
If it is really the cap_set_proc() call which fails and you are sure you
start ntpd with root privileges initially, then maybe you need to recompile
and reinstall libcap to make it work with the new kernel? (I dimly recall
that I had to do this at some point).
The library version seems to be not critical, both 1.10 and 1.92 work for
me with various 2.6.x kernels.
BTW, /proc/<pid>/status shows the current privileges of a process;
for a root shell it should contain the lines
For a running ntpd, it should look like
Timo Felbinger http://www.felbinger.net
Quantum Physics Group Phone: +49 331 977 1793 Fax: -1767
Institut fuer Physik Mobile: +49 177 735 1936
Universitaet Potsdam, Germany PGP key-id: E92567B2
More information about the questions