Conflict:NA
Reference:https://bugs.ntp.org/attachment.cgi?id=1880

diff -Nru a/ntpd/ntpd.c b/ntpd/ntpd.c
--- a/ntpd/ntpd.c	2024-01-22 05:23:37 +0000
+++ b/ntpd/ntpd.c	2024-01-22 05:23:37 +0000
@@ -204,10 +204,6 @@
 int mdnstries = 5;
 #endif  /* HAVE_DNSREGISTRATION */
 
-#ifdef HAVE_LINUX_CAPABILITIES
-int have_caps;		/* runtime check whether capabilities work */
-#endif /* HAVE_LINUX_CAPABILITIES */
-
 #ifdef HAVE_DROPROOT
 int droproot;
 int root_dropped;
@@ -813,8 +809,8 @@
 #ifndef SIM
 int
 ntpdmain(
-	int argc,
-	char *argv[]
+	int	argc,
+	char *	argv[]
 	)
 {
 	l_fp		now;
@@ -837,7 +833,7 @@
 # ifdef NEED_PTHREAD_WARMUP
 	my_pthread_warmup();
 # endif
-	
+
 # ifdef HAVE_UMASK
 	uv = umask(0);
 	if (uv)
@@ -861,9 +857,9 @@
 # ifdef DEBUG
 	    || debug
 # endif
-	    || HAVE_OPT(SAVECONFIGQUIT))
+	    || HAVE_OPT(SAVECONFIGQUIT)) {
 		nofork = TRUE;
-
+	}
 	init_logging(progname, NLOG_SYNCMASK, TRUE);
 	/* honor -l/--logfile option to log to a file */
 	if (HAVE_OPT(LOGFILE)) {
@@ -931,32 +927,33 @@
 	}
 # endif
 
-/*
- * Enable the Multi-Media Timer for Windows?
- */
+	/*
+	 * Enable the Multi-Media Timer for Windows?
+	 */
 # ifdef SYS_WINNT
-	if (HAVE_OPT( MODIFYMMTIMER ))
+	if (HAVE_OPT(MODIFYMMTIMER)) {
 		set_mm_timer(MM_TIMER_HIRES);
+	}
 # endif
 
 #ifdef HAVE_DNSREGISTRATION
-/*
- * Enable mDNS registrations?
- */
+	/*
+	 * Enable mDNS registrations?
+	 */
 	if (HAVE_OPT( MDNS )) {
 		mdnsreg = TRUE;
 	}
 #endif  /* HAVE_DNSREGISTRATION */
 
-	if (HAVE_OPT( NOVIRTUALIPS ))
+	if (HAVE_OPT(NOVIRTUALIPS)) {
 		listen_to_virtual_ips = 0;
-
+	}
 	/*
 	 * --interface, listen on specified interfaces
 	 */
 	if (HAVE_OPT( INTERFACE )) {
 		int		ifacect = STACKCT_OPT( INTERFACE );
-		const char**	ifaces  = STACKLST_OPT( INTERFACE );
+		const char **	ifaces = STACKLST_OPT( INTERFACE );
 		sockaddr_u	addr;
 
 		while (ifacect-- > 0) {
@@ -969,9 +966,9 @@
 		}
 	}
 
-	if (HAVE_OPT( NICE ))
+	if (HAVE_OPT(NICE)) {
 		priority_done = 0;
-
+	}
 # ifdef HAVE_SCHED_SETSCHEDULER
 	if (HAVE_OPT( PRIORITY )) {
 		config_priority = OPT_VALUE_PRIORITY;
@@ -1036,7 +1033,7 @@
 	 * on the base CPU than the other CPUs (for multiprocessor systems),
 	 * so we must lock to the base CPU.
 	 */
-	fd = open("/dev/at1", O_RDONLY);		
+	fd = open("/dev/at1", O_RDONLY);
 	if (fd >= 0) {
 		zero = 0;
 		if (ioctl(fd, ACPU_LOCK, &zero) < 0)
@@ -1144,7 +1141,7 @@
 #  ifdef RLIMIT_MEMLOCK
 		    && -1 != DFLT_RLIMIT_MEMLOCK
 #  endif
-		    && 0 != mlockall(MCL_CURRENT|MCL_FUTURE))
+		    && 0 != mlockall(MCL_CURRENT | MCL_FUTURE))
 			msyslog(LOG_ERR, "mlockall(): %m");
 # else	/* !HAVE_MLOCKALL follows */
 #  ifdef HAVE_PLOCK
@@ -1174,28 +1171,30 @@
 	initializing = FALSE;
 
 # ifdef HAVE_LINUX_CAPABILITIES
-	{
+	if (droproot) {
+		int	have_caps;
+		cap_t	caps;
+
 		/*  Check that setting capabilities actually works; we might be
 		 *  run on a kernel with disabled capabilities. We must not
 		 *  drop privileges in this case.
 		 */
-		cap_t caps;
 		caps = cap_from_text("cap_sys_time,cap_setuid,cap_setgid,cap_sys_chroot,cap_net_bind_service=pe");
-		if ( ! caps) {
-			msyslog( LOG_ERR, "cap_from_text() failed: %m" );
+		if (!caps) {
+			msyslog(LOG_ERR, "cap_from_text() failed: %m");
 			exit(-1);
 		}
 		have_caps = (cap_set_proc(caps) == 0);
 		cap_free(caps);	/* caps not NULL here! */
+		if (!have_caps) {
+			msyslog(LOG_ERR, ("Fatal: unable to drop root privs: %m"));
+			exit(-1);
+		}
 	}
 # endif /* HAVE_LINUX_CAPABILITIES */
 
 # ifdef HAVE_DROPROOT
-#  ifdef HAVE_LINUX_CAPABILITIES
-	if (droproot && have_caps) {
-#  else
 	if (droproot) {
-#  endif /*HAVE_LINUX_CAPABILITIES*/
 
 #  ifdef NEED_EARLY_FORK
 		fork_nonchroot_worker();