Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 711534

Summary: net-misc/ntp-4.2.8_p14-r1: cap_set_proc() failed to drop root privs: Operation not permitted
Product: Gentoo Linux Reporter: Craig Andrews <candrews>
Component: Current packagesAssignee: Gentoo's Team for Core System packages <base-system>
Status: RESOLVED DUPLICATE    
Severity: normal CC: candrews
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Craig Andrews gentoo-dev 2020-03-04 17:12:16 UTC 
[ebuild   R    ] net-misc/ntp-4.2.8_p14-r1::gentoo  USE="caps ipv6 readline ssl threads zeroconf -debug -libressl -openntpd -parse-clocks -samba (-selinux) -snmp -vim-syntax"

Using systemd to start the service:
systemctl start ntpd
The service fails to the start. Here's the failure info from journalctl:
---
Mar 04 12:11:13 irrational ntpd[2054819]: ntpd 4.2.8p14@1.3728-o Wed Mar  4 16:25:48 UTC 2020 (1): Starting
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: ntpd 4.2.8p14@1.3728-o Wed Mar  4 16:25:48 UTC 2020 (1): Starting
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Command line: /usr/sbin/ntpd -g -n -u ntp:ntp
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: ----------------------------------------------------
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: ntp-4 is maintained by Network Time Foundation,
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: corporation.  Support and training for ntp-4 are
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: available at https://www.nwtime.org/support
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: ----------------------------------------------------
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: proto: precision = 0.064 usec (-24)
Mar 04 12:11:13 irrational ntpd[2054819]: Command line: /usr/sbin/ntpd -g -n -u ntp:ntp
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: basedate set to 2020-02-21
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: gps base set to 2020-02-23 (week 2094)
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen and drop on 0 v6wildcard [::]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen and drop on 1 v4wildcard 0.0.0.0:123
Mar 04 12:11:13 irrational ntpd[2054819]: ----------------------------------------------------
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 2 lo 127.0.0.1:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 3 wlan0 192.168.0.102:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 4 eth0 192.168.0.101:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 5 tun0 10.14.11.6:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 6 lo [::1]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 7 wlan0 [fdc7:1f7c:2fff::a57]:123
Mar 04 12:11:13 irrational ntpd[2054819]: ntp-4 is maintained by Network Time Foundation,
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 8 wlan0 [2001:470:1f07:281::a57]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 9 wlan0 [fdc7:1f7c:2fff:0:cdf8:27bd:6cf3:561f]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 10 wlan0 [2001:470:1f07:281:8b29:9458:dd6c:ba68]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 11 wlan0 [fe80::d4ac:5d77:7e0b:a3d3%3]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 12 eth0 [fdc7:1f7c:2fff::bc3]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 13 eth0 [2001:470:1f07:281::bc3]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 14 eth0 [fdc7:1f7c:2fff:0:d250:99ff:fe87:75b5]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 15 eth0 [2001:470:1f07:281:d250:99ff:fe87:75b5]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 16 eth0 [fe80::d250:99ff:fe87:75b5%4]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listen normally on 17 tun0 [fe80::6953:3bc6:e1bc:5164%6]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Inc. (NTF), a non-profit 501(c)(3) public-benefit
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: Listening on routing socket on fd #34 for interface updates
Mar 04 12:11:13 irrational ntpd[2054819]: corporation.  Support and training for ntp-4 are
Mar 04 12:11:13 irrational ntpd[2054819]: available at https://www.nwtime.org/support
Mar 04 12:11:13 irrational ntpd[2054819]: ----------------------------------------------------
Mar 04 12:11:13 irrational ntpd[2054819]: proto: precision = 0.064 usec (-24)
Mar 04 12:11:13 irrational ntpd[2054819]: basedate set to 2020-02-21
Mar 04 12:11:13 irrational ntpd[2054819]: gps base set to 2020-02-23 (week 2094)
Mar 04 12:11:13 irrational ntpd[2054819]: Listen and drop on 0 v6wildcard [::]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen and drop on 1 v4wildcard 0.0.0.0:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 2 lo 127.0.0.1:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 3 wlan0 192.168.0.102:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 4 eth0 192.168.0.101:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 5 tun0 10.14.11.6:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 6 lo [::1]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 7 wlan0 [fdc7:1f7c:2fff::a57]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 8 wlan0 [2001:470:1f07:281::a57]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 9 wlan0 [fdc7:1f7c:2fff:0:cdf8:27bd:6cf3:561f]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 10 wlan0 [2001:470:1f07:281:8b29:9458:dd6c:ba68]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 11 wlan0 [fe80::d4ac:5d77:7e0b:a3d3%3]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 12 eth0 [fdc7:1f7c:2fff::bc3]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 13 eth0 [2001:470:1f07:281::bc3]:123
Mar 04 12:11:13 irrational ntpd[2054819]:  4 Mar 12:11:13 ntpd[2054819]: cap_set_proc() failed to drop root privs: Operation not permitted
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 14 eth0 [fdc7:1f7c:2fff:0:d250:99ff:fe87:75b5]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 15 eth0 [2001:470:1f07:281:d250:99ff:fe87:75b5]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 16 eth0 [fe80::d250:99ff:fe87:75b5%4]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listen normally on 17 tun0 [fe80::6953:3bc6:e1bc:5164%6]:123
Mar 04 12:11:13 irrational ntpd[2054819]: Listening on routing socket on fd #34 for interface updates
Mar 04 12:11:13 irrational ntpd[2054819]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
Mar 04 12:11:13 irrational ntpd[2054819]: kernel reports TIME_ERROR: 0x2041: Clock Unsynchronized
Mar 04 12:11:13 irrational ntpd[2054819]: cap_set_proc() failed to drop root privs: Operation not permitted
Mar 04 12:11:13 irrational systemd[1]: ntpd.service: Main process exited, code=exited, status=255/EXCEPTION
Mar 04 12:11:13 irrational systemd[1]: ntpd.service: Failed with result 'exit-code'.
---

The service has not been modified:
---
# systemctl cat ntpd
# /lib/systemd/system/ntpd.service
[Unit]
Description=Network Time Service
After=ntpdate.service sntp.service
Conflicts=systemd-timesyncd.service

[Service]
ExecStart=/usr/sbin/ntpd -g -n -u ntp:ntp
PrivateTmp=true

[Install]
WantedBy=multi-user.target
---

Reproducible: Always
Comment 1 Marek Szuba (RETIRED) archtester gentoo-dev 2020-03-04 17:21:42 UTC 

*** This bug has been marked as a duplicate of bug 711530 ***