third_party/chrony: support dropping privileges Enables the configuration flags to build with privdrop and capabilities support and adds the libcap dependency. This makes chrony capable of running without root privileges. Change-Id: Ia80dcde80cc7a72c47a1fd30ab4dfb21c902f737 Reviewed-on: https://review.monogon.dev/c/monogon/+/318 Reviewed-by: Sergiusz Bazanski <serge@monogon.tech>

commit: 68dcee136984e2e16b7682e0c0758c1df831a84c [log] [tgz]
author: Lorenz Brun <lorenz@monogon.tech> Tue Aug 31 13:12:07 2021 +0200
committer: Lorenz Brun <lorenz@monogon.tech> Wed Sep 01 10:33:47 2021 +0000
tree: 56e89baa3ba3a88b23fe7acf6929c357107509e4
parent: 40025ff859d65f1a50ae38b20841f9e0a908050b [diff] [blame]
diff --git a/third_party/chrony/chrony.bzl b/third_party/chrony/chrony.bzl
index 7c15ff3..fd5c7e9 100644
--- a/third_party/chrony/chrony.bzl
+++ b/third_party/chrony/chrony.bzl

@@ -7,7 +7,7 @@
     substitutions = {
         # ONCHANGE(//third_party/chrony:external.bzl): version needs to be kept in sync
         "%CHRONY_VERSION%": "4.1-monogon",
-    }
+    },
 )
 
 # Headers which couldn't be decoupled into sub-libraries.
@@ -88,7 +88,6 @@
     ],
 )
 
-
 # MD5 library used by keys.c, which does #include "md5.c".
 cc_library(
     name = "md5",
@@ -120,7 +119,6 @@
         "nts_ntp_auth.h",
         "nts_ntp_server.h",
         "nts_ntp.h",
-
         "ntp_auth.h",
         "ntp_auth.c",
         "ntp_core.c",
@@ -155,6 +153,7 @@
     deps = [
         ":common",
         "@seccomp//:seccomp",
+        "@cap//:cap",
     ],
 )
 
@@ -190,7 +189,6 @@
         "main.h",
         "main.c",
         "stubs.c",
-
     ],
     deps = [
         ":common",
commit	68dcee136984e2e16b7682e0c0758c1df831a84c	[log] [tgz]
author	Lorenz Brun <lorenz@monogon.tech>	Tue Aug 31 13:12:07 2021 +0200
committer	Lorenz Brun <lorenz@monogon.tech>	Wed Sep 01 10:33:47 2021 +0000
tree	56e89baa3ba3a88b23fe7acf6929c357107509e4
parent	40025ff859d65f1a50ae38b20841f9e0a908050b [diff] [blame]