7

CentOS 6.x | OpenVZ

I want to run a NTP server on a vps host of mine. Is this possible?

When I try to start ntpd, it fails immediately and gives the following error: 

Mar 14 22:47:44 ev1 ntpd[3456]: cap_set_proc() failed to drop root privileges: Operation not permitted

I've localized it to a setting in /etc/sysconfig/ntpd

# Drop root to id 'ntp:ntp' by default.
OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid -g"

When this line is enabled, it fails (presumably because the shared kernel refuses to allow the privileges change). If I comment it out, ntpd runs fine but runs as root which is A Bad Thing.

Is there anyway to get ntpd to run as the ntp user on openVZ? Admittedly I know it's a great idea to have this running on a OpenVZ server but I'd still like to try.

Mike B
  • 8,769
  • 24
  • 70
  • 96

1 Answers1

6

You should add the Capability option "sys_time" as stated in [Users] How does the clock work in OpenVZ? via the command:

vzctl set 101 --capability sys_time:on --save

You should of course replace "101" by the CTID of your container.

Then reboot the machine/container. Now, ntpd should run as expected with the "ntp" user.

You can then check that the ntpd server works with:

/etc/init.d/ntpd status

And:

ntpq -c as
ntpq -c pe
maximd
  • 121
  • 2
  • 4