[Samba] ntp and samba4
Andrew Bartlett
abartlet at samba.org
Tue May 7 13:25:08 MDT 2013
On Mon, 2013-05-06 at 17:15 +0200, Michael De Groote wrote:
> Hi all
>
> Recently i noticed that upon starting the samba4 'samba' daemon, that it
> changes the group ownership of the socket for ntpd to *staff*
>
> $ls -l /usr/local/samba/var/lib/ntp_signd/
> total 0
> srwxrwxrwx 1 root *staff* 0 May 6 16:35 socket
>
>
> The documentation says it needs to be *ntp*....
>
> (FYI: i'm running this on debian wheezy)
>
> I have just added ntp to group staff, but that seems like a workaround...
I don't know why this is happening. I've examined the code, and it does
not change the group ID, it only creates the directory, forcing the uid.
Indeed, the same code is using for the winbind privileged pipe, which is
likewise deliberately designed so that you can set the group to a
specific group for use by squid et al. In this case the group is meant
to be 'ntp' to allow only NTP access to the pipe.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list