CLOCKCTL(4) | Device Drivers Manual | CLOCKCTL(4) |
clockctl
—
pseudo-device clockctl
clockctl
interface brings clock control to non-root
users. Any user with write access to /dev/clockctl
will be able to perform operations such as
settimeofday(2),
clock_settime(2),
adjtime(2), or
ntp_adjtime(2), which are
normally restricted to the super-user. Using the
clockctl
pseudo-device, it is possible to run daemons
such as ntpd(8) as non-privileged
users, thus reducing the security exposure if a compromise is found in such a
daemon.
The clockctl
pseudo-device driver provides
an ioctl(2) call for each
privileged clock-related system call. The system call stubs in C library
will use the ioctl(2) on
/dev/clockctl if the special file is present and
accessible, or will revert to the plain super-user-restricted system call if
the special file is not accessible.
The following
ioctl(2) calls are defined in
<sys/clockctl.h>
:
CLOCKCTL_SETTIMEOFDAY
struct clockctl_settimeofday { const struct timeval *tv; const void *tzp; };
CLOCKCTL_CLOCK_SETTIME
struct clockctl_clock_settime { clockid_t clock_id; struct timespec *tp; };
CLOCKCTL_ADJTIME
struct clockctl_adjtime { const struct timeval *delta; struct timeval *olddelta; };
CLOCKCTL_NTP_ADJTIME
struct clockctl_ntp_adjtime { struct timex *tp; };
clockctl
appeared in NetBSD 1.6.
February 19, 2009 | NetBSD 9.4 |