ntpd-rs: Set cap_net_bind_service on startup

Allows it to run in server mode and listen on port 123

srcpkgs/ntpd-rs/INSTALL

@@ -1,5 +0,0 @@
-case "${ACTION}" in
-post)
-	setcap CAP_SYS_TIME=+ep usr/bin/ntp-daemon
-	;;
-esac

srcpkgs/ntpd-rs/files/ntpd-rs/run

@@ -1,4 +1,10 @@
 #!/bin/sh
 exec 2>&1
+[ -r conf ] && . ./conf
 [ ! -d /run/ntpd-rs ] && mkdir /run/ntpd-rs && chown _ntpd_rs:_ntpd_rs /run/ntpd-rs
-exec chpst -u _ntpd_rs:_ntpd_rs ntp-daemon
+
+exec setpriv --reuid _ntpd_rs --regid _ntpd_rs --clear-groups \
+	--ambient-caps -all,+sys_time,+net_bind_service \
+	--inh-caps -all,+sys_time,+net_bind_service \
+	--bounding-set -all,+sys_time,+net_bind_service \
+	--no-new-privs -- ntp-daemon

srcpkgs/ntpd-rs/template

@@ -1,7 +1,7 @@
 # Template file for 'ntpd-rs'
 pkgname=ntpd-rs
 version=1.4.0
-revision=1
+revision=2
 build_style=cargo
 make_check_args="--
  --skip daemon::keyexchange::tests::client_connection_refused
@@ -9,7 +9,6 @@ make_check_args="--
  --skip daemon::keyexchange::tests::key_exchange_weird_packet
 "
 make_install_args="--path ntpd"
-depends="libcap-progs"
 short_desc="Full-featured implementation of the Network Time Protocol"
 maintainer="tranzystorekk <tranzystorek.io@protonmail.com>"
 license="Apache-2.0 OR MIT"