[oe] [OE-devel] [PATCH] ntp: Resolve some abnormal behaviors
Paul Eggleton
paul.eggleton at linux.intel.com
Fri May 31 11:14:00 UTC 2013
On Friday 31 May 2013 17:08:23 Xufeng Zhang wrote:
> On 05/31/2013 04:34 PM, Paul Eggleton wrote:
> > On Friday 31 May 2013 14:18:45 Xufeng Zhang wrote:
> >> The main changes include:
> >> 1). Add ntp:ntp(user:group) to system.
> >> 2). Running ntpd dameon as ntp:ntp.
> >>
> >>
> >> 3). Move relevant files from /usr/bin to /usr/sbin.
>
> Thanks for your review, Paul!
>
> > I'm not sure but I think the way this has been done
> > (--with-binsubdir=sbin) is going to bypass the ability to set sbindir in
> > the distro config. If that's the case then I don't think this is a good
> > change, although I appreciate having ntpd in /usr/sbin by default would
> > be more appropriate.
>
> But currently it's the proper and easy way to do that, right?
> I can think out any better way to do the same job.
I'm not sure of the details of ntp's build system, but perhaps we could patch
it to use sbindir instead of bindir for the appropriate binaries?
> >> 4). Add crypto support.
> >
> > The support is already there, it's just off by default and that was
> > intentional. Those that need this can easily enable it in their distro
> > config.
>
> I'm not sure why we do that intentional, but shouldn't the package run
> as secure as possible by default?
The main concern is the dependency on OpenSSL that this introduces which many
users do not want. I suspect it also depends on whether the NTP servers you
are using support SSL.
Cheers,
Paul
--
Paul Eggleton
Intel Open Source Technology Centre
More information about the Openembedded-devel
mailing list