-
Theo de Raadt authored
and coping with error conditions... that lets us avoid a pledge "wpath". Putting it all together, this lets the master ntpd pledge "stdio rpath inet settime proc id". It works like this: "rpath" to load the certificates, "proc" to create constraint processes, "id" to chroot and lock the constraint processes into a jail, then "inet" to open a https session. "settime" is used by the master to manage the system time when the ntp-speaking engine instructs the master. with help from naddy
03d476ec