firstly the droproot doesn't work for me anymore. the conf.d file changed from -u ntp to -U ntp:ntp which it seems to accept, but the server will immedeatly exit without any error in the log etc., without it it will run "fine" (see below) but as root i upgraded from 4.1.2 to 4.2.0 and noticed that it will continously send packets to the ntp servers (one internal 4.1.2 and 2 external stratum1). it never synced and the ntpdc-peers showed problems like stratum 16, and ever changing poll rate, etc.) so i captured the traffic with tethereal and found out that the originate timestamp field and the one below in the ethereal gui (i think recieve timestamp) are always NULL, which i think means that syncing could not ever work, because this is what it is about. i emerged back to 4.1.2 and everything is fine, but i checked 4.2.0 a few times, rebooting, reemerging, etc. my ntp.conf: restrict default noquery notrust nomodify restrict 127.0.0.1 restrict 192.168.128.0 mask 255.255.255.0 fudge 127.127.1.0 stratum 9 server [...] prefer iburst server [...] iburst peer 192.168.128.100 iburst burst maxpoll 6 driftfile /var/lib/ntp/ntp.drift logfile /var/log/ntp/ntp.log statsdir /var/log/ntp/stats/ enable auth monitor logconfig =all filegen peerstats file peerstats type day enable filegen loopstats file loopstats type day enable filegen clockstats file clockstats type day enable i just removed the server names. Reproducible: Always Steps to Reproduce: 1. stop ntpd 2. use the above config with different servers, though i really don't think that matters 3. start e.g. ethereal -T text -w ~/blah.log -R ntp 4. start ntpd, drop-root doesn't work for me here anymore 5. wait until you have like 20 packets, it's ~1-3p/s for me, because it seems to send packets out forever, probably because they are broken 6. kill ntpd Actual Results: 7. i'm not 1337 enough to look at it without a gui, so i openend it with the ethereal gui 8. expand the ntp part of the packet 9. originate and recieve timestamp (or so) are always NULL Expected Results: well, some valid timestamps of course, with 4.1.2 i have perfectly fine ones i don't have emerge info ntp for 4.2.0 right now config is amd athlon xp palomino @ 1666mhz, epox 8rda3+ (nforce2), 2*512mb twinmos twister pc3500 ddr ram, nvidia onboard lan, realtek onboard lan, 3c59x pci card and 3c2000 gigabit card (sk98lin 6.22) kernel 2.6.3-rc3-gentoo etc.etc. it happens on a similar system (barton @ 2300mhz, same board, 2*512mb corsair, same 3c2000 etc.) using the windows binaries and a slightly different config too (at least it never works out, couldn't do ethereal there) i chose "blocker" because it really makes it unusable sorry if it is a trivial stupidity of myself, but i can't see what's wrong when it's fine with 4.1.2 thank you
Same problem over here. I got ntpd running, but for some reason I had to completely unmerge ntp and after this to emerge it a second time. Nevertheless I'm not able to sync to any server, either. ntpq -p shows stratum 16 for all servers and a jitter of 4000.0. This might be a problem of ntp-4.2.0, but even old ntp-4.1.2 stopped working for me when I switched from kernel 2.6.1 to 2.6.2 and above.
I'm having the same problems as the bug reporter. I also noticed that in the /etc/passwd file the line for ntp is as follows. ntp:x:123:123:added by portage for ntp:/bin/false:/dev/null That kind of doesn't make sense. the ntp-4.1.2 and ntp-4.2.0 ebuilds both set this. ntp:x:123:123:added by portage for ntp:/dev/null:/bin/false is the correct line. The line in the ebuild is as follows... enewuser ntp 123 /bin/false /dev/null ntp Looks like a flop in params is needed. But this doesn't fix the bug, just addressing a seperate issue.
Same here, it just won't sync, not sure why though. Here's what i get from ntpq-p. This is running on 2.6.3 kernel. So i assume all the 2.6.1-3 have confirmed not working. I don't see any weird error msgs in the log files though. remote refid st t when poll reach delay offset jitter ============================================================================== dense.utcc.utor .INIT. 16 u - 512 0 0.000 0.000 4000.00 time1.chu.nrc.c .INIT. 16 u - 512 0 0.000 0.000 4000.00 doghaus.cns.uto .INIT. 16 u - 512 0 0.000 0.000 4000.00 time.nrc.ca .INIT. 16 u - 512 0 0.000 0.000 4000.00 *LOCAL(0) LOCAL(0) 3 l 15 64 377 0.000 0.000 0.001 Best Regards,
I have gs-sources-2.4.25_pre7-r2 as my kernel. So it's not 2.6.x specific.
so everyone with the problem is running in drop root mode ? i.e. you all have -u ntp:ntp what if you run without -u ntp:ntp in conf.d/ntp ? does ntpd still malfunction ?
it clearly states that i (including others) cannot even use ntpd in drop-root mode, it will immedeatly quit (MAYBE because of the /etc/passwd oops, i didn't try) cheers
the wording of the bug report made it sound like 'drop-root is broken because when i use it, it sends out NULL packets' i'm pretty sure all drop-root issues have been fixed, i just need a rev bump to push out the changes
yeah, i admit that, but still, the very first sentence reads: "firstly the droproot doesn't work for me anymore." anyways, i want to thank you very much for taking a look at it! if you need to know anything else, just post it or mail me
could everyone with the problem post `emerge info`
I think I have this problem as well... Although my ntpd starts and continues to run with droproot, but I can't get it to sync towards an external server. ntpdate can successfully set the time of my server but ntpd is not successfull in syncing it continuosly. david ntp # ps -ef |grep ntp ntp 24878 1 0 Feb23 ? 00:00:07 /usr/bin/ntpd -p /var/run/ntpd.pid -u ntp:ntp david ntp # ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== *LOCAL(0) 73.78.73.84 5 l 10 64 377 0.000 0.000 0.001 c-573470d5.06-2 .RSTR. 16 u - 64 0 0.000 0.000 4000.00 david ntp # emerge info Portage 2.0.50-r1 (default-x86-1.4, gcc-3.3.3, glibc-2.3.3_pre20040207-r0, 2.4.22-gentoo-r7) ================================================================= System uname: 2.4.22-gentoo-r7 i686 AMD Athlon(tm) XP 2200+ Gentoo Base System version 1.4.3.13 distcc 2.12.1 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] ccache version 2.3 [enabled] Autoconf: sys-devel/autoconf-2.59-r3 Automake: sys-devel/automake-1.8.2 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-march=athlon-xp -O2 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" COMPILER="gcc3" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.2/share/config /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref /usr/share/config /var/bind /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d" CXXFLAGS="-march=athlon-xp -O2 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache sandbox" GENTOO_MIRRORS="http://ds.thn.htu.se/linux/gentoo http://gentoo.linux.no/ http://gentoo.oregonstate.edu/ http://www.ibiblio.org/pub/Linux/distributions/gentoo" MAKEOPTS="-j5" PKGDIR="/usr/portage/packages/arch/athlon-xp" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://portage.ryttargarden/gentoo-portage" USE="3dnow X alsa apache2 apm arts avi berkdb cdr crypt cups dvd emacs encode esd evms2 fam foomaticdb gdbm gif gphoto2 gpm gtk2 imap imlib java jpeg kde libg++ libwww mad maildir mikmod mmx motif mozilla mpeg ncurses nls oggvorbis opengl oss pam pdflib perl png ppds python qt quicktime readline samba sasl scanner sdl slang spell sse ssl svga tcltk tcpd tiff truetype usb wmf x86 xml2 xmms xv zlib"
Another observation: Other hosts on my internal net running ntp-4.2.0 is able to sync against the host that is supposed to have contact with some external timesource... (wonder if that was understandable at all... english isn't my native language)
SpanKY, here is my emerge info: Portage 2.0.50-r1 (default-x86-1.4, gcc-3.3.2, glibc-2.3.3_pre20040207-r0, 2.6.1-gentoo-r1) ================================================================= System uname: 2.6.1-gentoo-r1 i686 AMD Athlon(tm) XP 2200+ Gentoo Base System version 1.4.3.13p1 Autoconf: sys-devel/autoconf-2.59-r3 Automake: sys-devel/automake-1.8.2 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-mcpu=athlon-xp -O2 -pipe" CHOST="i686-pc-linux-gnu" COMPILER="gcc3" CONFIG_PROTECT="/etc /etc/tomcat /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.2/share/config /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/bind /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d" CXXFLAGS="-mcpu=athlon-xp -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache sandbox usersandbox" GENTOO_MIRRORS="ftp://mirror.iawnet.sandia.gov/pub/gentoo/ http://gentoo.seren.com/gentoo ftp://csociety-ftp.ecn.purdue.edu/pub/gentoo/" MAKEOPTS="-j1" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow X Xaw3d acl acpi acpi4linux alsa amd antlr apache2 apm arts artswrappersuid avi berkdb bonobo cdr crypt cups directfb dnd doc droproot dv dvd dvdr encode esd ethereal evo fbcon fbdev foomaticdb foreign-package foreign-sysvinit freetds gb gd gd-external gdbm gif ginac gnome gnomedb gpm gstreamer gtk gtk2 gtkhtml guile imap imlib innodb ipv6 java jikes jpeg junit kde kerberos ldap libg++ libgda libwww mad maildir mbox mdb mikmod mmx motif mozilla moznoirc moznomail mpeg mysql ncurses nls nptl oci8 odbc ofx oggvorbis opengl oss pam parse-clocks pda pdflib perl pg-hier pic plotutils png postgres ppds python qt quicktime radeon readline ruby ruby18 samba sasl sdk sdl slang slp snmp spell ssl svga tcltk tcpd tetex tiff truetype type1 usb wmf wxwindows x86 xml xml2 xmms xv zeo zlib"
To comment #5: Removing droproot mode makes it not die on start-up. but it still doesn't look to be working correct... ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== ftp08.apple.com .RSTR. 16 u - 64 0 0.000 0.000 4000.00 emerge info Portage 2.0.50-r1 (default-x86-1.4, gcc-3.3.3, glibc-2.3.3_pre20040207-r0, 2.4.25_pre7-gss-r2) ================================================================= System uname: 2.4.25_pre7-gss-r2 i686 Mobile Intel(R) Pentium(R) 4 - M CPU 2.40GHz Gentoo Base System version 1.4.3.13 Autoconf: sys-devel/autoconf-2.59-r3 Automake: sys-devel/automake-1.8.2 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CFLAGS="-march=pentium4 -O3 -pipe -fomit-frame-pointer -fexpensive-optimizations -ffast-math -falign-functions=4 -fforce-addr -funroll-loops -maccumulate-outgoing-args -frerun-loop-opt -fprefetch-loop-arrays -frerun-cse-after-loop -mfpmath=sse" CHOST="i686-pc-linux-gnu" COMPILER="gcc3" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.1/share/config /usr/kde/3.2/share/config /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d" CXXFLAGS="-march=pentium4 -O3 -pipe -fomit-frame-pointer -fexpensive-optimizations -ffast-math -falign-functions=4 -fforce-addr -funroll-loops -maccumulate-outgoing-args -frerun-loop-opt -fprefetch-loop-arrays -frerun-cse-after-loop -mfpmath=sse" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache sandbox" GENTOO_MIRRORS="http://gentoo.oregonstate.edu http://distro.ibiblio.org/pub/Linux/distributions/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync2.us.gentoo.org/gentoo-portage" USE="X alsa apm avi berkdb cdr crypt cups dvd encode esd foomaticdb footmaticdb gdbm gif gnome gnomedb gpm gstreamer gtk gtk2 imlib ipv6 jpeg libg++ libwww mad mikmod motif mozilla moznocompose moznoirc moznomail mozsvg mpeg mysql ncurses nptl oav oggvorbis opengl oss pam pcmcia pdflib perl pic png pnp ppds python qt quicktime readline samba sdl slang slp smooth spell sse ssl svga tcltk tcpd tiff truetype usb wmf x86 xml2 xmms xv zlib"
here's my emerge info: Portage 2.0.50-r1 (default-x86-1.4, gcc-3.3.3, glibc-2.3.3_pre20040207-r0, 2.6.3-mm4) ================================================================= System uname: 2.6.3-mm4 i686 AMD Athlon(tm) XP 2000+ Gentoo Base System version 1.4.3.13p1 Autoconf: sys-devel/autoconf-2.59-r3 Automake: sys-devel/automake-1.8.2 ACCEPT_KEYWORDS="x86 ~x86" ACCEPT_LICENSE="" ARCH="x86" AUTOCLEAN="yes" BASH_ENV="/etc/portage/bashrc" CC="gcc" CFLAGS="-march=athlon-xp -O3 -pipe" CHOST="i686-pc-linux-gnu" CLASSPATH="/opt/blackdown-jdk-1.4.1/jre/lib/rt.jar:." CLEAN_DELAY="3" COMPILER="gcc3" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d" CVS_RSH="ssh" CXX="g++" CXXFLAGS="-march=athlon-xp -O3 -pipe" DCCC_PATH="/usr/lib/distcc/bin" DISTCC_DIR="/var/tmp/portage/.distcc" DISTCC_LOG="" DISTCC_VERBOSE="0" DISTDIR="/usr/portage/distfiles" EDITOR="/bin/nano" FEATURES="autoaddcvs ccache fixpackages sandbox" FETCHCOMMAND="/usr/bin/wget -t 2 --passive-ftp -P ${DISTDIR} ${URI}" GENTOO_MIRRORS="http://gentoo.inode.at/source/" GLIBC_SSP_CHECKED="1" GRP_STAGE23_USE="ipv6 pam tcpd readline nls ssl gpm perl python berkdb acl ncurses" GUILE_LOAD_PATH="/usr/share/guile/1.6" G_BROKEN_FILENAMES="1" HOME="/root" HOSTNAME="fs0" INFODIR="/usr/share/info" INFOPATH="/usr/share/info:/usr/share/gcc-data/i686-pc-linux-gnu/3.3/info" INPUTRC="/etc/inputrc" JAVAC="/opt/blackdown-jdk-1.4.1/bin/javac" JAVA_HOME="/opt/blackdown-jdk-1.4.1" JDK_HOME="/opt/blackdown-jdk-1.4.1" LESS="-R" LESSOPEN="|lesspipe.sh %s" LOGNAME="kiwi128" LS_COLORS="no=00:fi=00:di=01;34:ln=01;36:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.gz=01;31:*.bz2=01;31:*.deb=01;31:*.rpm=01;31:*.jpg=01;35:*.gif=01;35:*.bmp=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.png=01;35:*.mpg=01;35:*.avi=01;35:*.fli=01;35:*.gl=01;35:*.dl=01;35:" MAKEOPTS="-j2" MANPATH="/usr/share/man:/usr/local/share/man:/usr/share/gcc-data/i686-pc-linux-gnu/3.3/man:/opt/blackdown-jdk-1.4.1/man" NOCOLOR="false" PAGER="/usr/bin/less" PATH="/sbin:/bin:/usr/sbin:/usr/bin" PKGDIR="/usr/portage/packages" PORTAGE_BINHOST_CHUNKSIZE="3000" PORTAGE_CACHEDIR="/var/cache/edb/dep/" PORTAGE_CALLER="emerge" PORTAGE_GID="250" PORTAGE_MASTER_PID="12769" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" PRELINK_PATH="" PRELINK_PATH_MASK="" PS1="\[\033[01;32m\]\u@\h \[\033[01;35m\]\W \$ \[\033[00m\]" PWD="/home/kiwi128" RESUMECOMMAND="/usr/bin/wget -c -t 2 --passive-ftp -P ${DISTDIR} ${URI}" RPMDIR="/usr/portage/rpm" RSYNC_RETRIES="1" RSYNC_TIMEOUT="30" SHLVL="2" SSH_AUTH_SOCK="/tmp/ssh-CrYOq11368/agent.11368" SSH_CLIENT="192.168.128.1 1619 22" SSH_CONNECTION="192.168.128.1 1619 192.168.128.99 22" SSH_TTY="/dev/pts/2" SYNC="rsync://rsync.gentoo.org/gentoo-portage" TERM="xterm" USE="3dnow aalib acpi acpi4linux adns apache2 apm avi berkdb bonobo cdr chroot crypt cscope dvd dvdr encode fbcon flac foomaticdb gd gdbm gif gpm guile imap imlib innodb java jbig jpeg kerberos libda libg++ libwww mad matroska mbox mcal md5sum mikmod mmx mpeg mysql mysql4 ncurses nls nptl oggvorbis pam pdf pdflib perl php php4 physfs png python quicktime readline samba slang snmp speex spell sse ssl tcpd tiff truetype unicode usb wmf x86 xml xml2 zlib" USER="kiwi128" USERLAND="GNU" USE_EXPAND="VIDEO_CARDS INPUT_DEVICES LINGUAS" XARGS="xargs -r" _="/usr/bin/emerge" this is with a diffrent kernel than originally filed, but i tested on different ones and don't think it's related
Has anybody verified if this is a gentoo only problem or if it is ntp-4.2.0 in general that behaves like this?
original post: "it happens on a similar system (barton @ 2300mhz, same board, 2*512mb corsair, same 3c2000 etc.) using the windows binaries and a slightly different config too (at least it never works out, couldn't do ethereal there)"
Oups, thnx sblive! Another thing related to drop-root is permission to write to /etc/ntp.drift, It seems like ntpd is trying to write to /etc/ntp.drift.TEMP once an hour which it isn't allowed to do since /etc is only writable by root. Would it be wise to create /etc/ntp/ owned by 'ntp:ntp' and move ntp.drift. How does dhcpcd handle that when trying to create ntp.conf, is it possible to provide dhcpcd with some config telling it where /etc/ntp/ntp.drift is situated to make it produce a correct /etc/ntp.conf file?
no, you need to update your /etc/ntp.conf to fix the file locations review /usr/share/ntp/ntp.conf ... it contains the bare min setup to run in drop-root mode
I had the same problem, and it went away, when I removed notrust modifier from my restrict settings
I can confirm Jani's findings. I removed 'notrust' from my config files some week ago and it works like a charm. Could it be that 'notrust' was ignored in previous versions but now is actually working and demanding you to setup some keys?
is there anyone here who still has this bug when they remove notrust from their /etc/ntp.conf and dont have keys setup ? if not, i'll bump the ntp ebuild and add a check for 'notrust' in /etc/ntp.conf, printing a warning message in case it's found ...
yeah, please do so! thanks everyone for your help, especially jani for finding out! i'm not sure if i should change the status to fixed, so i'm just adding this comment. thanks for all the work again!
Removing "notrust" works for me.
done deal then, 4.2.0-r2 has a check for 'notrust' in /etc/ntp.conf and prints a warning about it thanks all for tracking this down :)
I just emerged the new (4.2.0-r2) ntpd. I have the same problem, and NO notrust in my /etc/ntp.conf. This is the content of my /etc/ntp.conf: server x.x.x.x restrict x.x.x.x noquery nomodify notrap noserve nopeer server y.y.y.y restrict y.y.y.y noquery nomodify notrap noserve nopeer logfile /var/log/ntpd.log driftfile /var/lib/ntp/ntp.drift restrict default ignore restrict 127.0.0.1 restrict 192.168.0.0 mask 255.255.0.0 nomodify notrap It has write-acces to the drift-file: ls -ld /var/lib/ntp/ drwxr-xr-x 2 ntp ntp 4096 Apr 19 13:53 /var/lib/ntp/ But it just hangs with this ".INIT." stuff: ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== x.x.x.x .INIT. 16 u - 1024 0 0.000 0.000 4000.00 y.y.y.y .INIT. 16 u - 1024 0 0.000 0.000 4000.00
What happens if you move the line 'restrict default ignore' to the top of the file?
Ahhh, it seems that it was the "noserve" keyword, that was causing the problem here...
I had trouble with droproot. Turns out it was related to the fact that I'm running a 2.6 kernel with CONFIG_SECURITY_CAPABILITIES as a module. Seems this is required for droproot, so doing "modprobe capability" fixed it
*** Bug 59653 has been marked as a duplicate of this bug. ***
I still have this problem, no notrust noserve, ntp.conf: restrict default ignore restrict 127.0.0.1 driftfile /var/lib/ntp/ntp.drift server xx.xx.xx.xx prefer restrict xx.xx.xx.xx and: gentoo-hardened-2.6.20 with CONFIG_SECURITY_CAPABILITIES=m net-misc/ntp-4.2.4-r1 USE="caps openntpd ssl -debug -ipv6 -parse-clocks (-selinux)
I still have this problem, no notrust noserve, ntp.conf: restrict default ignore restrict 127.0.0.1 driftfile /var/lib/ntp/ntp.drift server xx.xx.xx.xx prefer restrict xx.xx.xx.xx and: gentoo-hardened-2.6.20 with CONFIG_SECURITY_CAPABILITIES=m net-misc/ntp-4.2.4-r1 USE="caps openntpd ssl -debug -ipv6 -parse-clocks (-selinux) error messages: # /etc/init.d/ntpd start * Starting ntpd ... /usr/sbin/ntpd: invalid option -- u usage: ntpd [-dSs] [-f file] * Failed to start ntpd
Invalid option sounds like your /etc/conf.d/ntpd file is bad
This is my /etc/conf.d/ntpd # /etc/conf.d/ntpd: config file for openntpd's ntpd NTPD_HOME=/var/empty # See ntpd(8) man page ... some popular options: # -s Set the time immediately at startup NTPD_OPTS="-u ntp:ntp -s" If I comment the last line, it works. Sorry if this is a stupid problem.
#man ntpd -u string, --user=string Run as userid (or userid:groupid). Specify a user, and optionally a group, to switch to. This option is only available if the OS supports to run the server without full root privileges. Currently, this option is supported under NetBSD (configure with --enable- clockctl ) and Linux (configure with --enable-linuxcaps ). There is no invalid info about -u? If -u is invalid, do you know how to run on droproot?
The USE=caps passes --enable-linuxcaps, which it appears you have enabled. So it looks like it's a bug upstream if we're passing --enable-linuxcaps and they're not actually enabling it.
Hi Now I know where's problem. It's my stupid not software's bug. Please see this: http://forums.gentoo.org/viewtopic-p-4228739.html#4228739 Thank you .