diff options
Diffstat (limited to 'src/timesync')
-rw-r--r-- | src/timesync/timesyncd-gperf.gperf | 2 | ||||
-rw-r--r-- | src/timesync/timesyncd-manager.c | 2 | ||||
-rw-r--r-- | src/timesync/timesyncd.c | 18 |
3 files changed, 14 insertions, 8 deletions
diff --git a/src/timesync/timesyncd-gperf.gperf b/src/timesync/timesyncd-gperf.gperf index 7d4cd2808e..b5020276af 100644 --- a/src/timesync/timesyncd-gperf.gperf +++ b/src/timesync/timesyncd-gperf.gperf @@ -10,7 +10,7 @@ struct ConfigPerfItem; %null_strings %language=ANSI-C %define slot-name section_and_lvalue -%define hash-function-name timesyncdd_gperf_hash +%define hash-function-name timesyncd_gperf_hash %define lookup-function-name timesyncd_gperf_lookup %readonly-tables %omit-struct-type diff --git a/src/timesync/timesyncd-manager.c b/src/timesync/timesyncd-manager.c index 8bd111fe0c..a6d336c461 100644 --- a/src/timesync/timesyncd-manager.c +++ b/src/timesync/timesyncd-manager.c @@ -552,7 +552,7 @@ static int manager_receive_response(sd_event_source *source, int fd, uint32_t re /* check our "time cookie" (we just stored nanoseconds in the fraction field) */ if (be32toh(ntpmsg.origin_time.sec) != m->trans_time.tv_sec + OFFSET_1900_1970 || - be32toh(ntpmsg.origin_time.frac) != m->trans_time.tv_nsec) { + be32toh(ntpmsg.origin_time.frac) != (unsigned long) m->trans_time.tv_nsec) { log_debug("Invalid reply; not our transmit time. Ignoring."); return 0; } diff --git a/src/timesync/timesyncd.c b/src/timesync/timesyncd.c index 962285f7b1..bea800171b 100644 --- a/src/timesync/timesyncd.c +++ b/src/timesync/timesyncd.c @@ -66,6 +66,7 @@ static int load_clock_timestamp(uid_t uid, gid_t gid) { if (r < 0) return log_error_errno(errno, "Failed to change file access mode: %m"); r = fchown(fd, uid, gid); + if (r < 0) return log_error_errno(errno, "Failed to change file owner: %m"); } @@ -96,7 +97,7 @@ static int load_clock_timestamp(uid_t uid, gid_t gid) { int main(int argc, char *argv[]) { _cleanup_(manager_freep) Manager *m = NULL; const char *user = "systemd-timesync"; - uid_t uid; + uid_t uid, uid_current; gid_t gid; int r; @@ -113,10 +114,15 @@ int main(int argc, char *argv[]) { goto finish; } - r = get_user_creds(&user, &uid, &gid, NULL, NULL); - if (r < 0) { - log_error_errno(r, "Cannot resolve user name %s: %m", user); - goto finish; + uid = uid_current = geteuid(); + gid = getegid(); + + if (uid_current == 0) { + r = get_user_creds(&user, &uid, &gid, NULL, NULL); + if (r < 0) { + log_error_errno(r, "Cannot resolve user name %s: %m", user); + goto finish; + } } r = load_clock_timestamp(uid, gid); @@ -125,7 +131,7 @@ int main(int argc, char *argv[]) { /* Drop privileges, but only if we have been started as root. If we are not running as root we assume all * privileges are already dropped. */ - if (geteuid() == 0) { + if (uid_current == 0) { r = drop_privileges(uid, gid, (1ULL << CAP_SYS_TIME)); if (r < 0) goto finish; |