Error when running ntpd on openVZ host: cap_set_proc() failed to drop root privileges:
You should add the Capability option "sys_time
" as stated in [Users] How does the clock work in OpenVZ? via the command:
vzctl set 101 --capability sys_time:on --save
You should of course replace "101" by the CTID of your container.
Then reboot the machine/container. Now, ntpd
should run as expected with the "ntp
" user.
You can then check that the ntpd
server works with:
/etc/init.d/ntpd status
And:
ntpq -c as
ntpq -c pe
Related videos on Youtube
Mike B
Updated on September 18, 2022Comments
-
Mike B over 1 year
CentOS 6.x | OpenVZ
I want to run a NTP server on a vps host of mine. Is this possible?
When I try to start ntpd, it fails immediately and gives the following error:
Mar 14 22:47:44 ev1 ntpd[3456]: cap_set_proc() failed to drop root privileges: Operation not permitted
I've localized it to a setting in /etc/sysconfig/ntpd
# Drop root to id 'ntp:ntp' by default. OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid -g"
When this line is enabled, it fails (presumably because the shared kernel refuses to allow the privileges change). If I comment it out, ntpd runs fine but runs as root which is A Bad Thing.
Is there anyway to get ntpd to run as the ntp user on openVZ? Admittedly I know it's a great idea to have this running on a OpenVZ server but I'd still like to try.