Browse Source

chrony: new package, 4.1 version

3.14-stable
parent
commit
9f39b9d124
  1. 90
      main/chrony/APKBUILD
  2. 7
      main/chrony/chrony.conf
  3. 6
      main/chrony/chrony.pre-install
  4. 1
      main/chrony/chrony.pre-upgrade
  5. 20
      main/chrony/chronyd.confd
  6. 84
      main/chrony/chronyd.initd
  7. 12
      main/chrony/fix-tests.patch
  8. 13
      main/chrony/max_resolve_interval.patch
  9. 216
      main/chrony/timepps.h

90
main/chrony/APKBUILD

@ -0,0 +1,90 @@
# Contributor: Łukasz Jendrysik
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=chrony
pkgver=4.1
pkgrel=1
pkgdesc="NTP client and server programs"
url="https://chrony.tuxfamily.org"
pkgusers="$pkgname"
pkggroups="$pkgname"
arch="all"
license="GPL-2.0-only"
install="$pkgname.pre-install $pkgname.pre-upgrade"
makedepends="asciidoctor libcap-dev texinfo nettle-dev gnutls-dev"
checkdepends="bash"
subpackages="$pkgname-doc $pkgname-openrc"
source="https://download.tuxfamily.org/chrony/chrony-$pkgver.tar.gz
fix-tests.patch
max_resolve_interval.patch
chronyd.confd
chronyd.initd
chrony.conf
timepps.h
"
# secfixes:
# 3.5.1-r0:
# - CVE-2020-14367
prepare() {
default_prepare
# We copy timepps.h to the local build directory instead of
# creating a pps-tools-dev package for ppstime.h
# (See https://github.com/ago/pps-tools)
mkdir -p pps-tools/sys
cp "$srcdir"/timepps.h pps-tools/sys/
}
build() {
CPPFLAGS="$CPPFLAGS -I./pps-tools/" ./configure \
--prefix=/usr \
--mandir=/usr/share/man \
--sysconfdir=/etc/$pkgname \
--disable-readline \
--with-user=$pkgname \
--with-sendmail=/usr/sbin/sendmail \
--enable-ntp-signd
make all docs
}
check() {
make check
}
package() {
make DESTDIR="$pkgdir" install
mkdir -p "$pkgdir"/etc/logrotate.d
install -Dm644 examples/chrony.logrotate "$pkgdir"/etc/logrotate.d/chrony
mkdir -p "$pkgdir"/usr/share/doc/chrony
install -m644 examples/*.example "$pkgdir"/usr/share/doc/chrony/
install -Dm755 "$srcdir"/chronyd.initd "$pkgdir"/etc/init.d/chronyd
install -Dm644 "$srcdir"/chronyd.confd "$pkgdir"/etc/conf.d/chronyd
install -dm2750 -g wheel "$pkgdir"/var/log/chrony
mkdir -p "$pkgdir"/var/lib/chrony \
"$pkgdir"/etc/chrony
# chrony.drift must be writable by chrony user
chown $pkgusers:$pkggroups "$pkgdir"/etc/chrony
install -m644 "$srcdir"/chrony.conf "$pkgdir"/etc/chrony/chrony.conf
chown root:root "$pkgdir"/etc/chrony/*
chown $pkgusers:$pkggroups "$pkgdir"/var/lib/chrony
touch "$pkgdir"/var/lib/chrony/chrony.drift
}
sha512sums="
5e283d6a56e6852606c681a7c29c5786b102d584178cbd7033ebbc95a8e95533605631363b850a3087cca438a5878db7a317f120aab2fd856487d02fccfbcb1f chrony-4.1.tar.gz
067d47224a8c075ec8f63ffc58e65b030fdf228a72c4f03d50a2f2c17414da65bb5d27c7c2e4ba99e909f452041db83eaebe3c9e34c0c8fce18e05ebb489735e fix-tests.patch
b26581ed32680585edea5b8163a0062a87f648394c0f363c77a7d01a36608fcf4d005d9e6ab179ed2827b8a08f598f7bad4801bb5e135cad5107eb77fb19b247 max_resolve_interval.patch
c1ce577ed1af9f3d88a6a2880a4834ae0c6a7f45870d9396d2aacd7716eb8de346ce458e1a45fdd48b1e8b8f5cd3afcba9534ac47fedb517604c9d910a342fac chronyd.confd
1501161812ad12679d47a1b671d2ddbe94ec5825d5e225729057abc3b8869cb813acd8bdd7adaba0cd786afdf04280228e327a3b83f89a11d06bf3cb826c5269 chronyd.initd
663c6316bcca762de119d88e4bb6536bfe0fea19939fe1b673900847619e7f1d6783b789b38ebba97b5dc3778dedf798bafd65f00f8bd7e312bfed7df0caaf71 chrony.conf
eb11fc19243d1789016d88eb7645bfe67c46304547781489bf36eb1dd4c252d523681ff835a6488fa0ef62b6b9e2f781c672279f4439f5d5640a3f214a113048 timepps.h
"

7
main/chrony/chrony.conf

@ -0,0 +1,7 @@
# default config
pool pool.ntp.org iburst
initstepslew 10 pool.ntp.org
driftfile /var/lib/chrony/chrony.drift
rtcsync
cmdport 0

6
main/chrony/chrony.pre-install

@ -0,0 +1,6 @@
#!/bin/sh
addgroup -S chrony 2>/dev/null
adduser -S -D -h /var/log/chrony -s /sbin/nologin -G chrony -g chrony chrony 2>/dev/null
exit 0

1
main/chrony/chrony.pre-upgrade

@ -0,0 +1 @@
chrony.pre-install

20
main/chrony/chronyd.confd

@ -0,0 +1,20 @@
# /etc/conf.d/chronyd
CFGFILE="/etc/chrony/chrony.conf"
# chronyd takes some time to perform a second fork, by enabling this
# option chronyd is deamonized through start-stop-daemon(1) thereby
# significantly reducing the startup time.
FAST_STARTUP=no
# Configuration dependant options :
# -s - Set system time from RTC if rtcfile directive present
# -r - Reload sample histories if dumponexit directive present
#
# The combination of "-s -r" allows chronyd to perform long term averaging of
# the gain or loss rate across system reboots and shutdowns.
ARGS=""
# vrf e.g 'vrf-mgmt'
#vrf=""

84
main/chrony/chronyd.initd

@ -0,0 +1,84 @@
#!/sbin/openrc-run
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-misc/chrony/files/chronyd.rc,v 1.8 2007/03/22 14:32:09 tove Exp $
command="/usr/sbin/chronyd"
description="NTP daemon"
pidfile="/var/run/chrony/chronyd.pid"
depend() {
need net
after firewall
provide ntp-client ntp-server
use dns
}
checkconfig() {
# Note that /etc/chrony/chrony.keys is *NOT* checked. This
# is because the user may have specified another key
# file, and we don't want to force the user to use that
# exact name for the key file.
if [ ! -f "${CFGFILE}" ] ; then
eerror "Please create ${CFGFILE} and the"
eerror "chrony key file (usually /etc/chrony/chrony.keys)"
eerror "by using the"
eerror ""
eerror " chrony.conf.example"
eerror " chrony.keys.example"
eerror ""
eerror "files (from the documentation directory)"
eerror "as templates."
return 1
else
# Actually, I tried it, and chrony seems to ignore the pidfile
# option. I'm going to leave it here anyway, since you never
# know if it might be handy
_cfg_pidfile=`awk '/^ *pidfile/{print $2}' "${CFGFILE}"`
if [ -n "$_cfg_pidfile" ] ; then
pidfile="$_cfg_pidfile"
fi
fi
return 0
}
setxtrarg() {
if [ -c /dev/rtc ]; then
grep -q '^rtcfile' "${CFGFILE}" && ARGS="${ARGS} -s"
fi
grep -q '^dumponexit$' "${CFGFILE}" && ARGS="${ARGS} -r"
return 0
}
start() {
checkconfig || return $?
setxtrarg
# If we are configured to run in a VRF, provide a hint for that
RC_VRF_EXEC=""
if [ -n "$vrf" ]; then
RC_VRF_EXEC="/sbin/ip vrf exec $vrf"
fi
local daemon_args=
if yesno "$FAST_STARTUP"; then
ARGS="${ARGS} -n"
daemon_args="--background"
fi
ebegin "Starting chronyd"
eval ${RC_VRF_EXEC} start-stop-daemon $daemon_args --start --quiet \
--exec "${command}" \
--pidfile "${pidfile}" \
-- -f "${CFGFILE}" ${ARGS}
eend $? "Failed to start chronyd"
}
stop() {
checkconfig || return $?
ebegin "Stopping chronyd"
start-stop-daemon --stop --quiet \
--pidfile "${pidfile}"
eend $? "Failed to stop chronyd"
}

12
main/chrony/fix-tests.patch

@ -0,0 +1,12 @@
diff -upr chrony-3.2.orig/test/unit/test.c chrony-3.2/test/unit/test.c
--- chrony-3.2.orig/test/unit/test.c 2017-11-29 11:32:23.610059580 +0100
+++ chrony-3.2/test/unit/test.c 2017-11-29 11:32:51.213742887 +0100
@@ -23,6 +23,8 @@
#include <logging.h>
#include <localp.h>
+#include <sys/param.h>
+
#include "test.h"
void

13
main/chrony/max_resolve_interval.patch

@ -0,0 +1,13 @@
Try fix behaviour when network is not available at bootup
--- ./ntp_sources.c.orig
+++ ./ntp_sources.c
@@ -87,7 +85,7 @@
#define RESOLVE_INTERVAL_UNIT 7
#define MIN_RESOLVE_INTERVAL 2
-#define MAX_RESOLVE_INTERVAL 9
+#define MAX_RESOLVE_INTERVAL 6
#define MIN_REPLACEMENT_INTERVAL 8
static struct UnresolvedSource *unresolved_sources = NULL;

216
main/chrony/timepps.h

@ -0,0 +1,216 @@
/*
* timepps.h -- PPS API main header
*
* Copyright (C) 2005-2007 Rodolfo Giometti <giometti@linux.it>
* Copyright (C) 2009-2011 Alexander Gordeev <alex@gordick.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* Source: https://github.com/ago/pps-tools/ - Retreived Dec 2013
*/
#ifndef _SYS_TIMEPPS_H_
#define _SYS_TIMEPPS_H_
#include <errno.h>
#include <sys/time.h>
#include <sys/ioctl.h>
#include <linux/types.h>
#include <linux/pps.h>
#define LINUXPPS 1 /* signal we are using LinuxPPS */
/*
* New data structures
*/
struct ntp_fp {
unsigned int integral;
unsigned int fractional;
};
union pps_timeu {
struct timespec tspec;
struct ntp_fp ntpfp;
unsigned long longpad[3];
};
struct pps_info {
unsigned long assert_sequence; /* seq. num. of assert event */
unsigned long clear_sequence; /* seq. num. of clear event */
union pps_timeu assert_tu; /* time of assert event */
union pps_timeu clear_tu; /* time of clear event */
int current_mode; /* current mode bits */
};
struct pps_params {
int api_version; /* API version # */
int mode; /* mode bits */
union pps_timeu assert_off_tu; /* offset compensation for assert */
union pps_timeu clear_off_tu; /* offset compensation for clear */
};
typedef int pps_handle_t; /* represents a PPS source */
typedef unsigned long pps_seq_t; /* sequence number */
typedef struct ntp_fp ntp_fp_t; /* NTP-compatible time stamp */
typedef union pps_timeu pps_timeu_t; /* generic data type for time stamps */
typedef struct pps_info pps_info_t;
typedef struct pps_params pps_params_t;
#define assert_timestamp assert_tu.tspec
#define clear_timestamp clear_tu.tspec
#define assert_timestamp_ntpfp assert_tu.ntpfp
#define clear_timestamp_ntpfp clear_tu.ntpfp
#define assert_offset assert_off_tu.tspec
#define clear_offset clear_off_tu.tspec
#define assert_offset_ntpfp assert_off_tu.ntpfp
#define clear_offset_ntpfp clear_off_tu.ntpfp
/*
* The PPS API
*/
static __inline int time_pps_create(int source, pps_handle_t *handle)
{
int ret;
struct pps_kparams dummy;
if (!handle) {
errno = EINVAL;
return -1;
}
/* First we check if current device is a valid PPS one by
* doing a dummy PPS_GETPARAMS...
*/
ret = ioctl(source, PPS_GETPARAMS, &dummy);
if (ret) {
errno = EOPNOTSUPP;
return -1;
}
/* ... then since in LinuxPPS there are no differences between a
* "PPS source" and a "PPS handle", we simply return the same value.
*/
*handle = source;
return 0;
}
static __inline int time_pps_destroy(pps_handle_t handle)
{
return close(handle);
}
static __inline int time_pps_getparams(pps_handle_t handle,
pps_params_t *ppsparams)
{
int ret;
struct pps_kparams __ppsparams;
ret = ioctl(handle, PPS_GETPARAMS, &__ppsparams);
ppsparams->api_version = __ppsparams.api_version;
ppsparams->mode = __ppsparams.mode;
ppsparams->assert_off_tu.tspec.tv_sec = __ppsparams.assert_off_tu.sec;
ppsparams->assert_off_tu.tspec.tv_nsec = __ppsparams.assert_off_tu.nsec;
ppsparams->clear_off_tu.tspec.tv_sec = __ppsparams.clear_off_tu.sec;
ppsparams->clear_off_tu.tspec.tv_nsec = __ppsparams.clear_off_tu.nsec;
return ret;
}
static __inline int time_pps_setparams(pps_handle_t handle,
const pps_params_t *ppsparams)
{
struct pps_kparams __ppsparams;
__ppsparams.api_version = ppsparams->api_version;
__ppsparams.mode = ppsparams->mode;
__ppsparams.assert_off_tu.sec = ppsparams->assert_off_tu.tspec.tv_sec;
__ppsparams.assert_off_tu.nsec = ppsparams->assert_off_tu.tspec.tv_nsec;
__ppsparams.clear_off_tu.sec = ppsparams->clear_off_tu.tspec.tv_sec;
__ppsparams.clear_off_tu.nsec = ppsparams->clear_off_tu.tspec.tv_nsec;
return ioctl(handle, PPS_SETPARAMS, &__ppsparams);
}
/* Get capabilities for handle */
static __inline int time_pps_getcap(pps_handle_t handle, int *mode)
{
return ioctl(handle, PPS_GETCAP, mode);
}
static __inline int time_pps_fetch(pps_handle_t handle, const int tsformat,
pps_info_t *ppsinfobuf,
const struct timespec *timeout)
{
struct pps_fdata __fdata;
int ret;
/* Sanity checks */
if (tsformat != PPS_TSFMT_TSPEC) {
errno = EINVAL;
return -1;
}
if (timeout) {
__fdata.timeout.sec = timeout->tv_sec;
__fdata.timeout.nsec = timeout->tv_nsec;
__fdata.timeout.flags = ~PPS_TIME_INVALID;
} else
__fdata.timeout.flags = PPS_TIME_INVALID;
ret = ioctl(handle, PPS_FETCH, &__fdata);
ppsinfobuf->assert_sequence = __fdata.info.assert_sequence;
ppsinfobuf->clear_sequence = __fdata.info.clear_sequence;
ppsinfobuf->assert_tu.tspec.tv_sec = __fdata.info.assert_tu.sec;
ppsinfobuf->assert_tu.tspec.tv_nsec = __fdata.info.assert_tu.nsec;
ppsinfobuf->clear_tu.tspec.tv_sec = __fdata.info.clear_tu.sec;
ppsinfobuf->clear_tu.tspec.tv_nsec = __fdata.info.clear_tu.nsec;
ppsinfobuf->current_mode = __fdata.info.current_mode;
return ret;
}
#ifdef PPS_KC_BIND
static __inline int time_pps_kcbind(pps_handle_t handle,
const int kernel_consumer,
const int edge, const int tsformat)
{
struct pps_bind_args __bind_args;
__bind_args.tsformat = tsformat;
__bind_args.edge = edge;
__bind_args.consumer = kernel_consumer;
return ioctl(handle, PPS_KC_BIND, &__bind_args);
}
#else /* !PPS_KC_BIND */
static __inline int time_pps_kcbind(pps_handle_t handle,
const int kernel_consumer,
const int edge, const int tsformat)
{
/* LinuxPPS doesn't implement kernel consumer feature */
errno = EOPNOTSUPP;
return -1;
}
#endif /* PPS_KC_BIND */
#endif /* _SYS_TIMEPPS_H_ */
Loading…
Cancel
Save