The ntpd init.d script makes these assumptions: ntpconf=/etc/ntp.conf ntpstep=/etc/ntp/step-tickers These assumptions will be wrong if the -T option was specified in OPTIONS in /etc/sysconfig/ntpd, because $ntpconf and $ntpstep will then be relative to the chroot() jail. Version-Release number of selected component (if applicable): ntp-4.1.2-4.EL3.1
Created attachment 101635 [details] patch for ntpd init.d script This patch makes the ntpd init.d script smart enough to locate $ntpconf and $ntpstep correctly, even if -T was specified.
This is a bug in ntpd documentation (launch at the command prompt "man ntpd"). Right flag (to chroot the ntpd server process into chroot_dir) is '-i' not '-T'. The flag '-T' is really used only by NTP simulator engine (created by Harish Nair, University of Delaware, 2001) and does something different than '-i' (than chroot into chrootdir). The binary distribution does not contain this simulation. The flag '-T' should not be documented in man-pages at all. We make change in man-pages. Correct ntpd-man-page could be: --------------------------------------------------------------- ntpd(1) ntpd(1) NAME ntpd - Network Time Protocol (NTP) daemon SYNOPSIS ntpd [ -aAbdgLmNPqx ] [ -c conffile ] [ -f driftfile ] [ -g ] [ -k keyfile ] [ -l logfile ] [ -N high ] [ -p pidfile ] [ -r broadcast-delay ] [ -s statsdir ] [ -t key ] [ -v variable ] [ -V variable ] [ -i chroot_dir ] [ -u server_user ] [ -x ] ... ... ... -i chroot_dir Chroot the ntpd server process into chroot_dir. To use this option you have to copy all the files that ntpd process needs into the chroot directory. This option adds security only if the server also drops root privileges (see -u option). --------------------------------------------------------------- This bug is duplicate of #168220 *** This bug has been marked as a duplicate of 168220 ***