[ntp:hackers] #if defined(DEBUG) and ntpd

Danny Mayer mayer at ntp.isc.org
Fri Jan 23 03:31:07 UTC 2009


Dave Hart wrote:
> On Thu, Jan 22, 2009 at 7:51 AM, Danny Mayer <mayer at ntp.isc.org> wrote:
> 
>> Brian Utterback wrote:
>>> The xntpd currently shipped with Solaris is built with DEBUG defined,
>>> and I certainly plan on shipping V4 with DEBUG defined. What is the
>>> downside? It makes it much more difficult to debug problems without
>>> DEBUG.
>>>
>> Bloat. It will also run slower as it has to go through all of the extra
>> debug statements to see if it needs to print something out.
>>
>> In the case of windows you cannot run debug as a service since the
>> output goes to stdout which means that it will just disappear at best. I
>> don't know what happens with other O/S's where there is no stdout defined.
>>
> It would be straightforward to open a file or named pipe and make
> it stdout,if you need to see NTP debugging output while running it as a
> service.  There's rarely going to be need for that, though, as you can just
> run it from the console (after "net stop ntp" if needed).  It's easier to
> run under a debugger if you can get by without running it as a service, as
> well.  You do need SeSystemTime privilege if you're not in the
> Administrators group to run it from a console window.

I know how it works, after all I wrote most of the service code. You
should *not* be running the service under the Adminstrators group (or
LocalSystem which amounts to the same thing). My installer (which I
haven't released for NTP) creates and runs it from an account with
almost no privileges and it is not a member of the Users group.

Danny


More information about the hackers mailing list