[Bug 230700] New: ntpd and DCF clocks
https://bugzilla.novell.com/show_bug.cgi?id=230700 Summary: ntpd and DCF clocks Product: openSUSE 10.2 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: AppArmor AssignedTo: dreynolds@novell.com ReportedBy: suse-beta@cboltz.de QAContact: dreynolds@novell.com found in opensuse-de (thread "AppArmor, ntp und DCF-Uhr" from october 2006): If you have a DCF clock at the serial port, ntpd needs access to /dev/ttyS0. (Allowing /dev/ttyS* would be a good idea perhaps.) /var/log/audit/audit.log: type=APPARMOR msg=audit(1160733147.127:24): REJECTING rw access to /dev/ttyS0 (ntpd(25674) profile /usr/sbin/ntpd active /usr/sbin/ntpd) Disclaimer: this is dumped from the mailinglist post, I can't verify it because I don't have a DCF clock at the serial port. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=230700 dreynolds@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|dreynolds@novell.com |seth.arnold@novell.com ------- Comment #1 from dreynolds@novell.com 2007-01-26 14:26 MST ------- Seth - what do you think? Seems like its worth an update. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=230700 ------- Comment #2 from seth.arnold@novell.com 2007-01-26 15:16 MST ------- Something feels odd about this one: on the one hand, very few people hook up anything to serial ports any more, so its not like granting this access would compromise much access. On the other hand, since there are so few people with serial radio clocks I'm not sure it makes sense adding this to every ntpd profile on all systems to support the dozen or however many people have them. But it'd be pretty easy for us to add it anyway.. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=230700 seth.arnold@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=230700 sbeattie@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sbeattie@novell.com ------- Comment #3 from sbeattie@novell.com 2007-01-31 11:24 MST ------- "so its not like granting this access would compromise much access." .. unless you happen to have a serial console that you use for logins (particularly root). I really dislike adding any of the serial devices to the ntpd profile(s). Instead, what I'd rather see is tunables/ntpd that contains @NTPD_DEVICE= and have the ntpd profile contain: @{NTPD_DEVICE} r, and then people with serial radio clocks can add their device to the tunables/ntpd file (it'd be fantastic if, assuming the yast interface lets you specify hardware devices, the yast interface could also edit the tunable file). That's my preference, anyway. Thanks. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=230700 ------- Comment #4 from seth.arnold@novell.com 2007-01-31 18:04 MST ------- Steve, that would be fantastic. :) We should really write tools to programmatically modify these tunables some day, so that the YaST folks could easily call out to them.. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=230700 John Johansen <jjohansen@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jjohansen@novell.com AssignedTo|msvec@novell.com |jjohansen@novell.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=230700 Michal Svec <msvec@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- QAContact|msvec@novell.com |qa@suse.de -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com