summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRichard Ipsum <richard.ipsum@codethink.co.uk>2015-04-13 19:14:31 (GMT)
committerRichard Ipsum <richard.ipsum@codethink.co.uk>2015-04-16 09:23:01 (GMT)
commit784ba5a7c019f120a6a818c3ff0aaf6714aeab32 (patch)
treedadd9d5c78a3c528581bfad25bf3c4b1c905e5c6
parentba804d367743d9bfee7380707c80d00b9dafc303 (diff)
downloaddefinitions-784ba5a7c019f120a6a818c3ff0aaf6714aeab32.tar.gz
Run ntpd as non-root user
Building with libcap allows ntpd to drop root privileges it doesn't need, we also don't want to run ntpd as root, so we create an ntp user and an ntp group. Change-Id: Idd8a7916af97c10704290234c1bb1f34a14baf2c
-rw-r--r--strata/ntpd.morph3
-rw-r--r--strata/ntpd/ntpd.morph10
2 files changed, 12 insertions, 1 deletions
diff --git a/strata/ntpd.morph b/strata/ntpd.morph
index 969e3d8..4c5483e 100644
--- a/strata/ntpd.morph
+++ b/strata/ntpd.morph
@@ -1,9 +1,10 @@
name: ntpd
kind: stratum
build-depends:
-- morph: strata/core.morph
+- morph: strata/foundation.morph
chunks:
- name: ntpd
+ morph: strata/ntpd/ntpd.morph
repo: upstream:ntp
ref: b2ccf8dd31d1457ae9f0ae270054117179220370
unpetrify-ref: ntp-4.2.8p2
diff --git a/strata/ntpd/ntpd.morph b/strata/ntpd/ntpd.morph
new file mode 100644
index 0000000..fd561de
--- /dev/null
+++ b/strata/ntpd/ntpd.morph
@@ -0,0 +1,10 @@
+name: ntpd
+kind: chunk
+build-system: autotools
+configure-commands:
+ - ./configure --prefix="$PREFIX" --enable-linuxcaps
+system-integration:
+ ntpd-misc:
+ 00-add-ntpd-user:
+ - groupadd -r ntp
+ - useradd -g ntp -d /home/ntp -s /bin/false -r ntp