CentOS 6.x | OpenVZ
I want to run a NTP server on a vps host of mine. Is this possible?
When I try to start ntpd, it fails immediately and gives the following error:
Mar 14 22:47:44 ev1 ntpd[3456]: cap_set_proc() failed to drop root privileges: Operation not permitted
I've localized it to a setting in /etc/sysconfig/ntpd
# Drop root to id 'ntp:ntp' by default.
OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid -g"
When this line is enabled, it fails (presumably because the shared kernel refuses to allow the privileges change). If I comment it out, ntpd runs fine but runs as root which is A Bad Thing.
Is there anyway to get ntpd to run as the ntp user on openVZ? Admittedly I know it's a great idea to have this running on a OpenVZ server but I'd still like to try.
Best Answer
You should add the Capability option "
sys_time" as stated in [Users] How does the clock work in OpenVZ? via the command:You should of course replace "101" by the CTID of your container.
Then reboot the machine/container. Now,
ntpdshould run as expected with the "ntp" user.You can then check that the
ntpdserver works with:And: