I've committed some work on a pseudo-device named clockctl. This driver
offers alternate entry points to time setting related system calls:
settimeofday(2), clock_settime(2), adjtime(2) and ntp_adjtime(2). The
access control is made upon the /dev/clockctl file: if a user can write
to it, then the user is allowed to change system time. The goal is to
enable daemons such as ntpd to run in a chroot jail and hence to enhence
the security of the system.

In order to use it:
- add this to your kernel config file and rebuild it:
pseudo-device   clockctl

- if you don't have it yet, add the ntpd user and group to your passwd
and group files (it's uid and gid 15, with /var/chroot/ntpd as the home
directory)

- create the clockctl device
cd /etc && ./MAKEDEV clockctl
It's made mode 660 root/ntpd

- then you can run=20
ntpd -u ntpd:ntpd=20
it's -u user:group, there is also a -t chrootdir option.


Notes:
- other time related programs can now set the date when run as non-root:
date, ntpdate, rdate ...

- if you run ntpd as root, nothing is changed, /dev/clockctl is just
ignored. Also if you just delete /dev/clockctl, you fall back to the
original behavior: only root can adjust time.

- all the testings were made on macppc. The code should be okay on
little-endian ports, but it has not been tested yet.

- The following ports did not had clockctl enabled because they don't
have a conf.c file:
amigappc, cats, evbarm, hpcarm, netwinder

- A few ports have no MAKEDEV file in the tree, hence clockctl was
added, but not in MAKEDEV. Here is how to create the device on these
ports:
cesfic: mknod c 22 0 /dev/clockctl
ofppc: mknod c 19 0 /dev/clockctl
x86_64: mknod c 79 0 /dev/clockctl

As usual, please report any bug you encounter using this new feature.

--=20
Emmanuel Dreyfus.
Windows 95, Windows 98, Windows 2000, Windows Millenium
D=E9sormais, les OS portent la date de peremption dans leurs noms.
manu@netbsd.org