busybox: add check for capabilities file

Similar to the previous commit adding a check to the init script of
umdns, do a similar change for sysntpd, just to be on the safe side.

Inspired-by: 520403cd49 ("umdns: add check for seccomp list")

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This commit is contained in:
Daniel Golle 2020-11-27 23:45:54 +00:00
parent 520403cd49
commit aa6fe00a48
2 changed files with 2 additions and 2 deletions

View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=busybox PKG_NAME:=busybox
PKG_VERSION:=1.31.1 PKG_VERSION:=1.31.1
PKG_RELEASE:=6 PKG_RELEASE:=7
PKG_FLAGS:=essential PKG_FLAGS:=essential
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2

View File

@ -55,7 +55,7 @@ start_ntpd_instance() {
procd_append_param command -p $peer procd_append_param command -p $peer
done done
procd_set_param respawn procd_set_param respawn
[ -x /sbin/ujail ] && { [ -x /sbin/ujail -a -e /etc/capabilities/ntpd.json ] && {
procd_add_jail ntpd procd_add_jail ntpd
procd_set_param capabilities /etc/capabilities/ntpd.json procd_set_param capabilities /etc/capabilities/ntpd.json
procd_set_param user ntp procd_set_param user ntp