1.\" $NetBSD: clockctl.4,v 1.8 2010/03/22 18:58:31 joerg Exp $ 2.\" 3.\" Copyright (c) 2001 The NetBSD Foundation, Inc. 4.\" All rights reserved. 5.\" 6.\" This code is derived from software contributed to The NetBSD Foundation 7.\" by Emmanuel Dreyfus. 8.\" 9.\" Redistribution and use in source and binary forms, with or without 10.\" modification, are permitted provided that the following conditions 11.\" are met: 12.\" 1. Redistributions of source code must retain the above copyright 13.\" notice, this list of conditions and the following disclaimer. 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 18.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 19.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 20.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 21.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 22.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28.\" POSSIBILITY OF SUCH DAMAGE. 29.\" 30.Dd February 19, 2009 31.Dt CLOCKCTL 4 32.Os 33.Sh NAME 34.Nm clockctl 35.Nd Clock subsystem user control 36.Sh SYNOPSIS 37.Cd pseudo-device clockctl 38.Sh DESCRIPTION 39The 40.Nm 41interface brings clock control to non-root users. 42Any user with write access to 43.Pa /dev/clockctl 44will be able to perform operations such as 45.Xr settimeofday 2 , 46.Xr clock_settime 2 , 47.Xr adjtime 2 , 48or 49.Xr ntp_adjtime 2 , 50which are normally restricted to the super-user. 51Using the 52.Nm 53pseudo-device, it is possible to run daemons such as 54.Xr ntpd 8 55as non-privileged users, thus reducing the security exposure if a 56compromise is found in such a daemon. 57.Pp 58The 59.Nm 60pseudo-device driver provides an 61.Xr ioctl 2 62call for each privileged clock-related system call. 63The system call stubs in C library will use the 64.Xr ioctl 2 65on 66.Pa /dev/clockctl 67if the special file is present and accessible, or will revert to the 68plain super-user-restricted system call if the special file is not accessible. 69.Pp 70The following 71.Xr ioctl 2 72calls are defined in 73.In sys/clockctl.h : 74.Bl -tag -width CLOCKCTL 75.It Dv CLOCKCTL_SETTIMEOFDAY 76This will run the 77.Xr settimeofday 2 78system call. 79Argument should be a pointer to a 80.Va struct clockctl_settimeofday : 81.Bd -literal 82struct clockctl_settimeofday { 83 const struct timeval *tv; 84 const void *tzp; 85}; 86.Ed 87.It Dv CLOCKCTL_CLOCK_SETTIME 88This will run the 89.Xr clock_settime 2 90system call. 91Argument should be a pointer to a 92.Va struct clockctl_clock_settime : 93.Bd -literal 94struct clockctl_clock_settime { 95 clockid_t clock_id; 96 struct timespec *tp; 97}; 98.Ed 99.It Dv CLOCKCTL_ADJTIME 100This will run the 101.Xr adjtime 2 102system call. 103Argument should be a pointer to a 104.Va struct clockctl_adjtime : 105.Bd -literal 106struct clockctl_adjtime { 107 const struct timeval *delta; 108 struct timeval *olddelta; 109}; 110.Ed 111.It Dv CLOCKCTL_NTP_ADJTIME 112This will run the 113.Xr ntp_adjtime 2 114system call. 115Argument should be a pointer to a 116.Va struct clockctl_ntp_adjtime : 117.Bd -literal 118struct clockctl_ntp_adjtime { 119 struct timex *tp; 120.\" Following member is commented out intentionally. 121.\" register_t retval; 122}; 123.Ed 124.El 125.Sh SEE ALSO 126.Xr adjtime 2 , 127.Xr clock_settime 2 , 128.Xr ioctl 2 , 129.Xr settimeofday 2 130.Sh HISTORY 131.Nm 132appeared in 133.Nx 1.6 . 134