2011-06-24 13:36:06 +00:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
config=/etc/chrony.conf
|
|
|
|
keyfile=/etc/chrony.keys
|
|
|
|
chronyc=/usr/bin/chronyc
|
|
|
|
dhclient_servers=/var/lib/dhclient/chrony.servers.*
|
2012-02-10 16:22:48 +00:00
|
|
|
dhclient_added_servers=/var/lib/dhclient/chrony.added_servers
|
2011-06-24 13:36:06 +00:00
|
|
|
service_name=chronyd.service
|
|
|
|
|
|
|
|
get_key() {
|
2012-02-28 12:47:51 +00:00
|
|
|
awk '/^[ \t]*'$1'\>/ { if ($3 == "") print "MD5", $2;
|
|
|
|
else print $2, $3; exit }' < $keyfile
|
2011-06-24 13:36:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
get_commandkeyid() {
|
|
|
|
awk '/^[ \t]*commandkey\>/ { keyid=$2 } END { print keyid }' < $config
|
|
|
|
}
|
|
|
|
|
|
|
|
chrony_command() {
|
|
|
|
commandkeyid=$(get_commandkeyid)
|
|
|
|
[ -z "$commandkeyid" ] && return 1
|
|
|
|
commandkey=$(get_key $commandkeyid)
|
|
|
|
[ -z "$commandkey" ] && return 2
|
|
|
|
|
2012-02-28 12:47:51 +00:00
|
|
|
authhash=${commandkey% *}
|
|
|
|
password=${commandkey#* }
|
|
|
|
|
2011-06-24 13:36:06 +00:00
|
|
|
$chronyc <<EOF
|
2012-02-28 12:47:51 +00:00
|
|
|
authhash $authhash
|
|
|
|
password $password
|
2011-06-24 13:36:06 +00:00
|
|
|
$1
|
|
|
|
EOF
|
|
|
|
}
|
|
|
|
|
|
|
|
generate_commandkey() {
|
|
|
|
commandkeyid=$(get_commandkeyid)
|
|
|
|
[ -z "$commandkeyid" ] && return 1
|
|
|
|
commandkey=$(get_key $commandkeyid)
|
|
|
|
[ -z "$commandkey" ] || return 0
|
|
|
|
|
2013-03-12 17:04:03 +00:00
|
|
|
password=$(tr -c -d '0-9A-F' < /dev/urandom 2> /dev/null | head -c 40)
|
2012-02-28 12:47:51 +00:00
|
|
|
[ ${#password} -eq 40 ] &&
|
|
|
|
echo "$commandkeyid SHA1 HEX:$password" >> $keyfile
|
2011-06-24 13:36:06 +00:00
|
|
|
}
|
|
|
|
|
2012-02-10 16:22:48 +00:00
|
|
|
update_dhclient_added_servers() {
|
|
|
|
new_servers=$(echo "$1" | sort -u)
|
|
|
|
old_servers=$(cat $dhclient_added_servers 2> /dev/null)
|
|
|
|
[ "$old_servers" = "$new_servers" ] && return 0
|
|
|
|
[ -n "$new_servers" ] && echo "$new_servers" > $dhclient_added_servers ||
|
|
|
|
rm -f $dhclient_added_servers
|
|
|
|
}
|
|
|
|
|
2011-06-24 13:36:06 +00:00
|
|
|
add_dhclient_servers() {
|
2012-02-10 16:22:48 +00:00
|
|
|
shopt -s nullglob
|
|
|
|
servers_files=($dhclient_servers)
|
|
|
|
shopt -u nullglob
|
|
|
|
(( ${#servers_files[*]} )) || return 0
|
|
|
|
|
|
|
|
added_servers=$(
|
|
|
|
cat $dhclient_added_servers 2> /dev/null
|
|
|
|
cat ${servers_files[*]} |
|
|
|
|
while read server serverargs; do
|
|
|
|
chrony_command "add server $server $serverargs" &> /dev/null &&
|
|
|
|
echo "$server"
|
|
|
|
done)
|
|
|
|
update_dhclient_added_servers "$added_servers"
|
|
|
|
}
|
|
|
|
|
|
|
|
remove_dhclient_servers() {
|
|
|
|
[ -f $dhclient_added_servers ] || return 0
|
|
|
|
all_servers=$(
|
|
|
|
cat $dhclient_servers 2> /dev/null |
|
|
|
|
while read server serverargs; do
|
|
|
|
echo "$server"
|
|
|
|
done | sort -u)
|
|
|
|
echo "$all_servers" | comm -23 $dhclient_added_servers - |
|
|
|
|
while read server; do
|
|
|
|
chrony_command "delete $server" &> /dev/null
|
|
|
|
done
|
|
|
|
added_servers=$(echo "$all_servers" | comm -12 $dhclient_added_servers -)
|
|
|
|
update_dhclient_added_servers "$added_servers"
|
2011-06-24 13:36:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
is_running() {
|
2012-04-06 12:08:00 +00:00
|
|
|
systemctl is-active -q $service_name
|
2011-06-24 13:36:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
case "$1" in
|
|
|
|
generate-commandkey)
|
|
|
|
generate_commandkey
|
|
|
|
;;
|
|
|
|
add-dhclient-servers)
|
|
|
|
add_dhclient_servers
|
|
|
|
;;
|
2012-02-10 16:22:48 +00:00
|
|
|
remove-dhclient-servers)
|
|
|
|
remove_dhclient_servers
|
|
|
|
;;
|
|
|
|
is-running)
|
|
|
|
is_running
|
|
|
|
;;
|
2011-06-24 13:36:06 +00:00
|
|
|
command)
|
|
|
|
is_running && chrony_command "$2"
|
|
|
|
;;
|
2011-09-06 13:50:07 +00:00
|
|
|
forced-command)
|
|
|
|
chrony_command "$2"
|
|
|
|
;;
|
2011-06-24 13:36:06 +00:00
|
|
|
*)
|
2012-02-10 16:22:48 +00:00
|
|
|
echo $"Usage: $0 {generate-commandkey|add-dhclient-servers|remove-dhclient-servers|is-running|command|forced-command}"
|
2011-06-24 13:36:06 +00:00
|
|
|
exit 2
|
|
|
|
esac
|
|
|
|
exit $?
|
|
|
|
|