summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRichard Ipsum <richard.ipsum@codethink.co.uk>2015-04-13 19:14:31 +0000
committerRichard Ipsum <richard.ipsum@codethink.co.uk>2015-04-16 09:23:01 +0000
commit784ba5a7c019f120a6a818c3ff0aaf6714aeab32 (patch)
treedadd9d5c78a3c528581bfad25bf3c4b1c905e5c6
parentba804d367743d9bfee7380707c80d00b9dafc303 (diff)
downloaddefinitions-784ba5a7c019f120a6a818c3ff0aaf6714aeab32.tar.gz
Run ntpd as non-root user
Building with libcap allows ntpd to drop root privileges it doesn't need, we also don't want to run ntpd as root, so we create an ntp user and an ntp group. Change-Id: Idd8a7916af97c10704290234c1bb1f34a14baf2c
-rw-r--r--strata/ntpd.morph3
-rw-r--r--strata/ntpd/ntpd.morph10
2 files changed, 12 insertions, 1 deletions
diff --git a/strata/ntpd.morph b/strata/ntpd.morph
index 969e3d85..4c5483e5 100644
--- a/strata/ntpd.morph
+++ b/strata/ntpd.morph
@@ -1,9 +1,10 @@
name: ntpd
kind: stratum
build-depends:
-- morph: strata/core.morph
+- morph: strata/foundation.morph
chunks:
- name: ntpd
+ morph: strata/ntpd/ntpd.morph
repo: upstream:ntp
ref: b2ccf8dd31d1457ae9f0ae270054117179220370
unpetrify-ref: ntp-4.2.8p2
diff --git a/strata/ntpd/ntpd.morph b/strata/ntpd/ntpd.morph
new file mode 100644
index 00000000..fd561de1
--- /dev/null
+++ b/strata/ntpd/ntpd.morph
@@ -0,0 +1,10 @@
+name: ntpd
+kind: chunk
+build-system: autotools
+configure-commands:
+ - ./configure --prefix="$PREFIX" --enable-linuxcaps
+system-integration:
+ ntpd-misc:
+ 00-add-ntpd-user:
+ - groupadd -r ntp
+ - useradd -g ntp -d /home/ntp -s /bin/false -r ntp