chrony/chrony-nm-dispatcher-dhcp.patch

commit 5bd13c8d593a74ad168057efe94dd2b3aeeffe14
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date:   Mon Feb 7 13:27:25 2022 +0100

    examples: support DHCPv6 NTP servers in NM dispatcher script
    
    Latest NetworkManager code provides NTP servers from the DHCPv6 NTP
    option (RFC 5908) in the DHCP6_DHCP6_NTP_SERVERS variable to dispatcher
    scripts.
    
    Check for invalid characters (which can come from the FQDN suboption)
    and include the servers in the interface-specific sources file.

diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher.dhcp
index 6ea4c370..4454f037 100644
--- a/examples/chrony.nm-dispatcher.dhcp
+++ b/examples/chrony.nm-dispatcher.dhcp
@@ -1,8 +1,7 @@
 #!/bin/sh
 # This is a NetworkManager dispatcher script for chronyd to update
-# its NTP sources passed from DHCP options. Note that this script is
-# specific to NetworkManager-dispatcher due to use of the
-# DHCP4_NTP_SERVERS environment variable.
+# its NTP sources with servers from DHCP options passed by NetworkManager
+# in the DHCP4_NTP_SERVERS and DHCP6_DHCP6_NTP_SERVERS environment variables.
 
 export LC_ALL=C
 
@@ -10,17 +9,19 @@ interface=$1
 action=$2
 
 chronyc=/usr/bin/chronyc
-default_server_options=iburst
+server_options=iburst
 server_dir=/var/run/chrony-dhcp
 
 dhcp_server_file=$server_dir/$interface.sources
-# DHCP4_NTP_SERVERS is passed from DHCP options by NetworkManager.
-nm_dhcp_servers=$DHCP4_NTP_SERVERS
+dhcp_ntp_servers="$DHCP4_NTP_SERVERS $DHCP6_DHCP6_NTP_SERVERS"
 
 add_servers_from_dhcp() {
     rm -f "$dhcp_server_file"
-    for server in $nm_dhcp_servers; do
-        echo "server $server $default_server_options" >> "$dhcp_server_file"
+    for server in $dhcp_ntp_servers; do
+        # Check for invalid characters (from the DHCPv6 NTP FQDN suboption)
+        printf '%s\n' "$server" | grep -E -q '^[-A-Za-z0-9:.]{1,255}$' || continue
+
+        printf 'server %s %s\n' "$server" "$server_options" >> "$dhcp_server_file"
     done
     $chronyc reload sources > /dev/null 2>&1 || :
 }
@@ -34,10 +35,11 @@ clear_servers_from_dhcp() {
 
 mkdir -p $server_dir
 
-if [ "$action" = "up" ] || [ "$action" = "dhcp4-change" ]; then
-    add_servers_from_dhcp
-elif [ "$action" = "down" ]; then
-    clear_servers_from_dhcp
-fi
+case "$action" in
+    up|dhcp4-change|dhcp6-change)
+        add_servers_from_dhcp;;
+    down)
+        clear_servers_from_dhcp;;
+esac
 
 exit 0

commit e55f174bd3a7ae82fb24afd43443d0b55d5536cf
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date:   Mon Feb 7 13:27:48 2022 +0100

    examples: handle more actions in NM dispatcher script
    
    Run the chronyc onoffline command also when the connectivity-change
    and dhcp6-change actions are reported by the NetworkManager dispatcher.
    
    The latter should not be necessary, but there currently doesn't seem to
    be any action for IPv6 becoming routable after duplicate address
    detection, so at least in networks using DHCPv6, IPv6 NTP servers should
    not be stuck in the offline state from a previously reported action.

diff --git a/examples/chrony.nm-dispatcher.onoffline b/examples/chrony.nm-dispatcher.onoffline
index 34cfa0db..01e6fdb1 100644
--- a/examples/chrony.nm-dispatcher.onoffline
+++ b/examples/chrony.nm-dispatcher.onoffline
@@ -7,8 +7,18 @@ export LC_ALL=C
 
 chronyc=/usr/bin/chronyc
 
-# For NetworkManager consider only up/down events
-[ $# -ge 2 ] && [ "$2" != "up" ] && [ "$2" != "down" ] && exit 0
+# For NetworkManager consider only selected events
+if [ $# -ge 2 ]; then
+    case "$2" in
+        up|down|connectivity-change)
+            ;;
+        dhcp6-change)
+            # No other action is reported for routable IPv6
+            ;;
+        *)
+            exit 0;;
+    esac
+fi
 
 # Note: for networkd-dispatcher routable.d ~= on and off.d ~= off
 
commit fca8966adaaf8376536af86ba2afe02501463588
Author: Miroslav Lichvar <mlichvar@redhat.com>
Date:   Wed Mar 23 15:17:03 2022 +0100

    examples: replace grep command in NM dispatcher script
    
    Some grep implementations detect binary data and return success without
    matching whole line. This might be an issue for the DHCPv6 NTP FQDN
    check. The GNU grep in the C locale seems to check only for the NUL
    character, which cannot be passed in an environment variable, but other
    implementations might behave differently and there doesn't seem to be a
    portable way to force matching the whole line.
    
    Instead of the grep command, check for invalid characters by comparing
    the length of the input passed through "tr -d -c".

diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher.dhcp
index 4454f037..547ce83f 100644
--- a/examples/chrony.nm-dispatcher.dhcp
+++ b/examples/chrony.nm-dispatcher.dhcp
@@ -19,7 +19,11 @@ add_servers_from_dhcp() {
     rm -f "$dhcp_server_file"
     for server in $dhcp_ntp_servers; do
         # Check for invalid characters (from the DHCPv6 NTP FQDN suboption)
-        printf '%s\n' "$server" | grep -E -q '^[-A-Za-z0-9:.]{1,255}$' || continue
+        len1=$(printf '%s' "$server" | wc -c)
+        len2=$(printf '%s' "$server" | tr -d -c 'A-Za-z0-9:.-' | wc -c)
+        if [ "$len1" -ne "$len2" ] || [ "$len2" -lt 1 ] || [ "$len2" -gt 255 ]; then
+          continue
+        fi
 
         printf 'server %s %s\n' "$server" "$server_options" >> "$dhcp_server_file"
     done
From: Robert Fairley <rfairley@redhat.com>
Date: Wed, 17 Jun 2020 10:14:19 -0400
Subject: [PATCH] examples/nm-dispatcher.dhcp: use sysconfig

Use the PEERNTP and NTPSERVERARGS environment variables from
/etc/sysconfig/network{-scripts}.

Co-Authored-By: Christian Glombek <cglombek@redhat.com>

diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher.dhcp
index 6ea4c37..a6ad35a 100644
--- a/examples/chrony.nm-dispatcher.dhcp
+++ b/examples/chrony.nm-dispatcher.dhcp
@@ -8,15 +8,23 @@ export LC_ALL=C
 interface=$1
 action=$2
 
+[ -f /etc/sysconfig/network ] && . /etc/sysconfig/network
+[ -f /etc/sysconfig/network-scripts/ifcfg-"${interface}" ] && \
+    . /etc/sysconfig/network-scripts/ifcfg-"${interface}"
+
 chronyc=/usr/bin/chronyc
-server_options=iburst
-server_dir=/var/run/chrony-dhcp
+server_options=${NTPSERVERARGS:-iburst}
+server_dir=/run/chrony-dhcp
 
 dhcp_server_file=$server_dir/$interface.sources
 dhcp_ntp_servers="$DHCP4_NTP_SERVERS $DHCP6_DHCP6_NTP_SERVERS"
 
 add_servers_from_dhcp() {
     rm -f "$dhcp_server_file"
+
+    # Don't add NTP servers if PEERNTP=no specified; return early.
+    [ "$PEERNTP" = "no" ] && return
+
     for server in $dhcp_ntp_servers; do
         # Check for invalid characters (from the DHCPv6 NTP FQDN suboption)
         len1=$(printf '%s' "$server" | wc -c)
use NTP servers from DHCPv6 NTP server option (#2047415) Resolves: #2047415 2022-03-22 13:31:29 +00:00			`commit 5bd13c8d593a74ad168057efe94dd2b3aeeffe14`
			`Author: Miroslav Lichvar <mlichvar@redhat.com>`
			`Date: Mon Feb 7 13:27:25 2022 +0100`

			`examples: support DHCPv6 NTP servers in NM dispatcher script`

			`Latest NetworkManager code provides NTP servers from the DHCPv6 NTP`
			`option (RFC 5908) in the DHCP6_DHCP6_NTP_SERVERS variable to dispatcher`
			`scripts.`

			`Check for invalid characters (which can come from the FQDN suboption)`
			`and include the servers in the interface-specific sources file.`

			`diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher.dhcp`
			`index 6ea4c370..4454f037 100644`
			`--- a/examples/chrony.nm-dispatcher.dhcp`
			`+++ b/examples/chrony.nm-dispatcher.dhcp`
			`@@ -1,8 +1,7 @@`
			`#!/bin/sh`
			`# This is a NetworkManager dispatcher script for chronyd to update`
			`-# its NTP sources passed from DHCP options. Note that this script is`
			`-# specific to NetworkManager-dispatcher due to use of the`
			`-# DHCP4_NTP_SERVERS environment variable.`
			`+# its NTP sources with servers from DHCP options passed by NetworkManager`
			`+# in the DHCP4_NTP_SERVERS and DHCP6_DHCP6_NTP_SERVERS environment variables.`

			`export LC_ALL=C`

			`@@ -10,17 +9,19 @@ interface=$1`
			`action=$2`

			`chronyc=/usr/bin/chronyc`
			`-default_server_options=iburst`
			`+server_options=iburst`
			`server_dir=/var/run/chrony-dhcp`

			`dhcp_server_file=$server_dir/$interface.sources`
			`-# DHCP4_NTP_SERVERS is passed from DHCP options by NetworkManager.`
			`-nm_dhcp_servers=$DHCP4_NTP_SERVERS`
			`+dhcp_ntp_servers="$DHCP4_NTP_SERVERS $DHCP6_DHCP6_NTP_SERVERS"`

			`add_servers_from_dhcp() {`
			`rm -f "$dhcp_server_file"`
			`- for server in $nm_dhcp_servers; do`
			`- echo "server $server $default_server_options" >> "$dhcp_server_file"`
			`+ for server in $dhcp_ntp_servers; do`
			`+ # Check for invalid characters (from the DHCPv6 NTP FQDN suboption)`
			`+ printf '%s\n' "$server" \| grep -E -q '^[-A-Za-z0-9:.]{1,255}$' \|\| continue`
			`+`
			`+ printf 'server %s %s\n' "$server" "$server_options" >> "$dhcp_server_file"`
			`done`
			`$chronyc reload sources > /dev/null 2>&1 \|\| :`
			`}`
			`@@ -34,10 +35,11 @@ clear_servers_from_dhcp() {`

			`mkdir -p $server_dir`

			`-if [ "$action" = "up" ] \|\| [ "$action" = "dhcp4-change" ]; then`
			`- add_servers_from_dhcp`
			`-elif [ "$action" = "down" ]; then`
			`- clear_servers_from_dhcp`
			`-fi`
			`+case "$action" in`
			`+ up\|dhcp4-change\|dhcp6-change)`
			`+ add_servers_from_dhcp;;`
			`+ down)`
			`+ clear_servers_from_dhcp;;`
			`+esac`

			`exit 0`

			`commit e55f174bd3a7ae82fb24afd43443d0b55d5536cf`
			`Author: Miroslav Lichvar <mlichvar@redhat.com>`
			`Date: Mon Feb 7 13:27:48 2022 +0100`

			`examples: handle more actions in NM dispatcher script`

			`Run the chronyc onoffline command also when the connectivity-change`
			`and dhcp6-change actions are reported by the NetworkManager dispatcher.`

			`The latter should not be necessary, but there currently doesn't seem to`
			`be any action for IPv6 becoming routable after duplicate address`
			`detection, so at least in networks using DHCPv6, IPv6 NTP servers should`
			`not be stuck in the offline state from a previously reported action.`

			`diff --git a/examples/chrony.nm-dispatcher.onoffline b/examples/chrony.nm-dispatcher.onoffline`
			`index 34cfa0db..01e6fdb1 100644`
			`--- a/examples/chrony.nm-dispatcher.onoffline`
			`+++ b/examples/chrony.nm-dispatcher.onoffline`
			`@@ -7,8 +7,18 @@ export LC_ALL=C`

			`chronyc=/usr/bin/chronyc`

			`-# For NetworkManager consider only up/down events`
			`-[ $# -ge 2 ] && [ "$2" != "up" ] && [ "$2" != "down" ] && exit 0`
			`+# For NetworkManager consider only selected events`
			`+if [ $# -ge 2 ]; then`
			`+ case "$2" in`
			`+ up\|down\|connectivity-change)`
			`+ ;;`
			`+ dhcp6-change)`
			`+ # No other action is reported for routable IPv6`
			`+ ;;`
			`+ *)`
			`+ exit 0;;`
			`+ esac`
			`+fi`

			`# Note: for networkd-dispatcher routable.d ~= on and off.d ~= off`

			`commit fca8966adaaf8376536af86ba2afe02501463588`
			`Author: Miroslav Lichvar <mlichvar@redhat.com>`
			`Date: Wed Mar 23 15:17:03 2022 +0100`

			`examples: replace grep command in NM dispatcher script`

			`Some grep implementations detect binary data and return success without`
			`matching whole line. This might be an issue for the DHCPv6 NTP FQDN`
			`check. The GNU grep in the C locale seems to check only for the NUL`
			`character, which cannot be passed in an environment variable, but other`
			`implementations might behave differently and there doesn't seem to be a`
			`portable way to force matching the whole line.`

			`Instead of the grep command, check for invalid characters by comparing`
			`the length of the input passed through "tr -d -c".`

			`diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher.dhcp`
			`index 4454f037..547ce83f 100644`
			`--- a/examples/chrony.nm-dispatcher.dhcp`
			`+++ b/examples/chrony.nm-dispatcher.dhcp`
			`@@ -19,7 +19,11 @@ add_servers_from_dhcp() {`
			`rm -f "$dhcp_server_file"`
			`for server in $dhcp_ntp_servers; do`
			`# Check for invalid characters (from the DHCPv6 NTP FQDN suboption)`
			`- printf '%s\n' "$server" \| grep -E -q '^[-A-Za-z0-9:.]{1,255}$' \|\| continue`
			`+ len1=$(printf '%s' "$server" \| wc -c)`
			`+ len2=$(printf '%s' "$server" \| tr -d -c 'A-Za-z0-9:.-' \| wc -c)`
			`+ if [ "$len1" -ne "$len2" ] \|\| [ "$len2" -lt 1 ] \|\| [ "$len2" -gt 255 ]; then`
			`+ continue`
			`+ fi`

			`printf 'server %s %s\n' "$server" "$server_options" >> "$dhcp_server_file"`
			`done`
RHEL 9.0.0 Alpha bootstrap The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/chrony#38e248d3375971d1b61e17b0daedf7537f98dc97 2020-10-14 20:49:42 +00:00			`From: Robert Fairley <rfairley@redhat.com>`
			`Date: Wed, 17 Jun 2020 10:14:19 -0400`
sync with fedora Resolves: #1961131 2021-05-26 13:46:14 +00:00			`Subject: [PATCH] examples/nm-dispatcher.dhcp: use sysconfig`
RHEL 9.0.0 Alpha bootstrap The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/chrony#38e248d3375971d1b61e17b0daedf7537f98dc97 2020-10-14 20:49:42 +00:00
			`Use the PEERNTP and NTPSERVERARGS environment variables from`
sync with fedora Resolves: #1961131 2021-05-26 13:46:14 +00:00			`/etc/sysconfig/network{-scripts}.`
Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/chrony.git#ed6f12d1c1f5c3419fcbd28c3c03e54bcec4d8bd 2021-02-05 17:55:55 +00:00
			`Co-Authored-By: Christian Glombek <cglombek@redhat.com>`
RHEL 9.0.0 Alpha bootstrap The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/chrony#38e248d3375971d1b61e17b0daedf7537f98dc97 2020-10-14 20:49:42 +00:00
			`diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher.dhcp`
Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/chrony.git#ed6f12d1c1f5c3419fcbd28c3c03e54bcec4d8bd 2021-02-05 17:55:55 +00:00			`index 6ea4c37..a6ad35a 100644`
RHEL 9.0.0 Alpha bootstrap The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/chrony#38e248d3375971d1b61e17b0daedf7537f98dc97 2020-10-14 20:49:42 +00:00			`--- a/examples/chrony.nm-dispatcher.dhcp`
			`+++ b/examples/chrony.nm-dispatcher.dhcp`
use NTP servers from DHCPv6 NTP server option (#2047415) Resolves: #2047415 2022-03-22 13:31:29 +00:00			`@@ -8,15 +8,23 @@ export LC_ALL=C`
			`interface=$1`
			`action=$2`
RHEL 9.0.0 Alpha bootstrap The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/chrony#38e248d3375971d1b61e17b0daedf7537f98dc97 2020-10-14 20:49:42 +00:00
use NTP servers from DHCPv6 NTP server option (#2047415) Resolves: #2047415 2022-03-22 13:31:29 +00:00			`+[ -f /etc/sysconfig/network ] && . /etc/sysconfig/network`
			`+[ -f /etc/sysconfig/network-scripts/ifcfg-"${interface}" ] && \`
			`+ . /etc/sysconfig/network-scripts/ifcfg-"${interface}"`
			`+`
Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/chrony.git#ed6f12d1c1f5c3419fcbd28c3c03e54bcec4d8bd 2021-02-05 17:55:55 +00:00			`chronyc=/usr/bin/chronyc`
use NTP servers from DHCPv6 NTP server option (#2047415) Resolves: #2047415 2022-03-22 13:31:29 +00:00			`-server_options=iburst`
Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/chrony.git#ed6f12d1c1f5c3419fcbd28c3c03e54bcec4d8bd 2021-02-05 17:55:55 +00:00			`-server_dir=/var/run/chrony-dhcp`
use NTP servers from DHCPv6 NTP server option (#2047415) Resolves: #2047415 2022-03-22 13:31:29 +00:00			`+server_options=${NTPSERVERARGS:-iburst}`
Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/chrony.git#ed6f12d1c1f5c3419fcbd28c3c03e54bcec4d8bd 2021-02-05 17:55:55 +00:00			`+server_dir=/run/chrony-dhcp`

			`dhcp_server_file=$server_dir/$interface.sources`
use NTP servers from DHCPv6 NTP server option (#2047415) Resolves: #2047415 2022-03-22 13:31:29 +00:00			`dhcp_ntp_servers="$DHCP4_NTP_SERVERS $DHCP6_DHCP6_NTP_SERVERS"`
RHEL 9.0.0 Alpha bootstrap The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/chrony#38e248d3375971d1b61e17b0daedf7537f98dc97 2020-10-14 20:49:42 +00:00
			`add_servers_from_dhcp() {`
			`rm -f "$dhcp_server_file"`
			`+`
			`+ # Don't add NTP servers if PEERNTP=no specified; return early.`
			`+ [ "$PEERNTP" = "no" ] && return`
			`+`
use NTP servers from DHCPv6 NTP server option (#2047415) Resolves: #2047415 2022-03-22 13:31:29 +00:00			`for server in $dhcp_ntp_servers; do`
			`# Check for invalid characters (from the DHCPv6 NTP FQDN suboption)`
			`len1=$(printf '%s' "$server" \| wc -c)`