CLOCKCTL(4) BSD Kernel Interfaces Manual CLOCKCTL(4)NAME
clockctl — Clock subsystem user control
SYNOPSIS
pseudo-device clockctl
DESCRIPTION
The clockctl interface brings clock control to non-root users. Any user
with write access to /dev/clockctl will be able to perform operations
such as settimeofday(2), clock_settime(2), adjtime(2), or ntp_adjtime(2),
which are normally restricted to the super-user. Using the clockctl
pseudo-device, it is possible to run daemons such as ntpd(8) as non-priv‐
ileged users, thus reducing the security exposure if a compromise is
found in such a daemon.
The clockctl pseudo-device driver provides an ioctl(2) call for each
privileged clock-related system call. The system call stubs in C library
will use the ioctl(2) on /dev/clockctl if the special file is present and
accessible, or will revert to the plain super-user-restricted system call
if the special file is not accessible.
The following ioctl(2) calls are defined in <sys/clockctl.h>:
CLOCKCTL_SETTIMEOFDAY
This will run the settimeofday(2) system call. Argument should
be a pointer to a struct clockctl_settimeofday:
struct clockctl_settimeofday {
const struct timeval *tv;
const void *tzp;
};
CLOCKCTL_CLOCK_SETTIME
This will run the clock_settime(2) system call. Argument
should be a pointer to a struct clockctl_clock_settime:
struct clockctl_clock_settime {
clockid_t clock_id;
struct timespec *tp;
};
CLOCKCTL_ADJTIME
This will run the adjtime(2) system call. Argument should be a
pointer to a struct clockctl_adjtime:
struct clockctl_adjtime {
const struct timeval *delta;
struct timeval *olddelta;
};
CLOCKCTL_NTP_ADJTIME
This will run the ntp_adjtime(2) system call. Argument should
be a pointer to a struct clockctl_ntp_adjtime:
struct clockctl_ntp_adjtime {
struct timex *tp;
};
SEE ALSOadjtime(2), clock_settime(2), ioctl(2), settimeofday(2)HISTORY
clockctl appeared in NetBSD 1.6.
BSD February 19, 2009 BSD