NAME
clockctl —
Clock subsystem user control
SYNOPSIS
pseudo-device clockctl
DESCRIPTION
Theclockctl interface brings clock control to non-root
users. Any user with write access to /dev/clockctl
will be able to perform operations such as
settimeofday(2),
clock_settime(2),
adjtime(2), or
ntp_adjtime(2), which are normally restricted to the
super-user. Using the clockctl pseudo-device, it is
possible to run daemons such as
ntpd(8) as non-privileged users, thus reducing the security exposure if
a compromise is found in such a daemon.
The clockctl pseudo-device driver provides
an ioctl(2) call for each privileged clock-related system call. The
system call stubs in C library will use the
ioctl(2) on /dev/clockctl if the special file
is present and accessible, or will revert to the plain super-user-restricted
system call if the special file is not accessible.
The following
ioctl(2) calls are defined in
<sys/clockctl.h>:
CLOCKCTL_SETTIMEOFDAY- This will run the
settimeofday(2) system call. Argument should be a pointer
to a struct clockctl_settimeofday:
struct clockctl_settimeofday { const struct timeval *tv; const void *tzp; }; CLOCKCTL_CLOCK_SETTIME- This will run the
clock_settime(2) system call. Argument should be a pointer
to a struct clockctl_clock_settime:
struct clockctl_clock_settime { clockid_t clock_id; struct timespec *tp; }; CLOCKCTL_ADJTIME- This will run the
adjtime(2) system call. Argument should be a pointer to a
struct clockctl_adjtime:
struct clockctl_adjtime { const struct timeval *delta; struct timeval *olddelta; }; CLOCKCTL_NTP_ADJTIME- This will run the
ntp_adjtime(2) system call. Argument should be a pointer to
a struct clockctl_ntp_adjtime:
struct clockctl_ntp_adjtime { struct timex *tp; };
SEE ALSO
HISTORY
clockctl appeared in
NetBSD 1.6.