Subject: Re: step-systime: EPERM
To: Jukka Salmi <j+nbsd@2006.salmi.ch>
From: Frank Kardel <kardel@netbsd.org>
List: current-users
Date: 09/23/2006 20:11:29
Jukka Salmi wrote:
>Jukka Salmi --> current-users (2006-09-23 17:08:33 +0200):
>
>
>>Elad Efrat --> current-users (2006-09-22 18:38:30 +0200):
>>
>>
>>>Jukka Salmi wrote:
>>>
>>>
>>>
>>>>since I recently updated a -current NetBSD/i386 system syslog receives
>>>>the following message every few minutes:
>>>>
>>>> ntpd[...]: step-systime: Operation not permitted
>>>>
>>>>
>>>>Any hints?
>>>>
>>>>
>>>Can you try revision 1.7 of
>>>src/sys/secmodel/bsd44/secmodel_bsd44_securelevel.c?
>>>
>>>
>>This seems to have fixed it, thanks!
>>
>>
>
>Sorry, I just didn't wait long enough... syslogd just received that
>message again, running a kernel with secmodel_bsd44_securelevel.c rev
>1.7.
>
>I'm running ntpd with `ntpd_chrootdir=/var/chroot/ntpd', in case this
>matters.
>
>
>Regards, Jukka
>
>
>
you need to make sure /var/chroot/dev/clockctl exists and is accessible
to the user
ntpd is running under (usually user root group ntpd). Also make sure
your kernel
supports pseudo-device clockctl.
Frank