When starting ntpd as the ntp user, it refuses to let go of the privileged user. Something to note, this machine is running 2.4.26-grsec-2.0. I'm not sure if this is specific to grsec or not, but its still annoying. Below is some output:
swallow ramereth # ps aux | grep ntp
ntp 12494 0.0 1.6 5032 7940 ? SL 14:44 0:00 /usr/bin/ntpd -p /var/run/ntpd.pid -u ntp:ntp
root 24011 0.0 1.6 4956 7812 ? S 14:44 0:00 /usr/bin/ntpd -p /var/run/ntpd.pid -u ntp:ntp
If you kill that root process, everything still runs fine. Something either in the ntp code or in grsec is making this happen. I really started noticing these problems after we upgraded our boxes from the 1.8 grsec code to the 2.0 code.
I've been meaning to make a bug for this so we could sort this out one way or the other.
you might want to investigate the grsec thing since that process running as root isnt supposed to exist
on all my boxes, when i start ntpd through init.d, i'm left with just the one running as ntp