the line limits -C daemon su -m ntpd -c 'sh -c "/usr/sbin/ntpd -p /var/db/ntp/ntpd.pid -c /etc/ntp.conf -f /var/db/ntp/ntpd.drift"'
drops me to a shell. On a system without that weird problem I get "11 Apr 10:30:50 ntpd[95617]: must be run as root, not uid 123". When I then "kldload mac_ntpd" and execute that command again it's running fine. I compared the hashsums of limits, su, ntpd and ntp.conf and they are all the same, the login class from login.conf is also the same. Even the shared libraries of limits, su and ntpd have the same hashsum. On that specific system, when I execute the command I am dropped to a shell of user ntpd. When mac_ntpd is loaded and I exit the shell, the service is started like normal, when I exit the shell without mac_ntpd loaded after printing exit the console prints the "must be run as root" message from above.