diff --git a/chrony-nm-dispatcher-dhcp.patch b/chrony-nm-dispatcher-dhcp.patch index 23087d6..d4d02c8 100644 --- a/chrony-nm-dispatcher-dhcp.patch +++ b/chrony-nm-dispatcher-dhcp.patch @@ -1,3 +1,113 @@ +commit 5bd13c8d593a74ad168057efe94dd2b3aeeffe14 +Author: Miroslav Lichvar +Date: Mon Feb 7 13:27:25 2022 +0100 + + examples: support DHCPv6 NTP servers in NM dispatcher script + + Latest NetworkManager code provides NTP servers from the DHCPv6 NTP + option (RFC 5908) in the DHCP6_DHCP6_NTP_SERVERS variable to dispatcher + scripts. + + Check for invalid characters (which can come from the FQDN suboption) + and include the servers in the interface-specific sources file. + +diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher.dhcp +index 6ea4c370..4454f037 100644 +--- a/examples/chrony.nm-dispatcher.dhcp ++++ b/examples/chrony.nm-dispatcher.dhcp +@@ -1,8 +1,7 @@ + #!/bin/sh + # This is a NetworkManager dispatcher script for chronyd to update +-# its NTP sources passed from DHCP options. Note that this script is +-# specific to NetworkManager-dispatcher due to use of the +-# DHCP4_NTP_SERVERS environment variable. ++# its NTP sources with servers from DHCP options passed by NetworkManager ++# in the DHCP4_NTP_SERVERS and DHCP6_DHCP6_NTP_SERVERS environment variables. + + export LC_ALL=C + +@@ -10,17 +9,19 @@ interface=$1 + action=$2 + + chronyc=/usr/bin/chronyc +-default_server_options=iburst ++server_options=iburst + server_dir=/var/run/chrony-dhcp + + dhcp_server_file=$server_dir/$interface.sources +-# DHCP4_NTP_SERVERS is passed from DHCP options by NetworkManager. +-nm_dhcp_servers=$DHCP4_NTP_SERVERS ++dhcp_ntp_servers="$DHCP4_NTP_SERVERS $DHCP6_DHCP6_NTP_SERVERS" + + add_servers_from_dhcp() { + rm -f "$dhcp_server_file" +- for server in $nm_dhcp_servers; do +- echo "server $server $default_server_options" >> "$dhcp_server_file" ++ for server in $dhcp_ntp_servers; do ++ # Check for invalid characters (from the DHCPv6 NTP FQDN suboption) ++ printf '%s\n' "$server" | grep -E -q '^[-A-Za-z0-9:.]{1,255}$' || continue ++ ++ printf 'server %s %s\n' "$server" "$server_options" >> "$dhcp_server_file" + done + $chronyc reload sources > /dev/null 2>&1 || : + } +@@ -34,10 +35,11 @@ clear_servers_from_dhcp() { + + mkdir -p $server_dir + +-if [ "$action" = "up" ] || [ "$action" = "dhcp4-change" ]; then +- add_servers_from_dhcp +-elif [ "$action" = "down" ]; then +- clear_servers_from_dhcp +-fi ++case "$action" in ++ up|dhcp4-change|dhcp6-change) ++ add_servers_from_dhcp;; ++ down) ++ clear_servers_from_dhcp;; ++esac + + exit 0 + +commit e55f174bd3a7ae82fb24afd43443d0b55d5536cf +Author: Miroslav Lichvar +Date: Mon Feb 7 13:27:48 2022 +0100 + + examples: handle more actions in NM dispatcher script + + Run the chronyc onoffline command also when the connectivity-change + and dhcp6-change actions are reported by the NetworkManager dispatcher. + + The latter should not be necessary, but there currently doesn't seem to + be any action for IPv6 becoming routable after duplicate address + detection, so at least in networks using DHCPv6, IPv6 NTP servers should + not be stuck in the offline state from a previously reported action. + +diff --git a/examples/chrony.nm-dispatcher.onoffline b/examples/chrony.nm-dispatcher.onoffline +index 34cfa0db..01e6fdb1 100644 +--- a/examples/chrony.nm-dispatcher.onoffline ++++ b/examples/chrony.nm-dispatcher.onoffline +@@ -7,8 +7,18 @@ export LC_ALL=C + + chronyc=/usr/bin/chronyc + +-# For NetworkManager consider only up/down events +-[ $# -ge 2 ] && [ "$2" != "up" ] && [ "$2" != "down" ] && exit 0 ++# For NetworkManager consider only selected events ++if [ $# -ge 2 ]; then ++ case "$2" in ++ up|down|connectivity-change) ++ ;; ++ dhcp6-change) ++ # No other action is reported for routable IPv6 ++ ;; ++ *) ++ exit 0;; ++ esac ++fi + + # Note: for networkd-dispatcher routable.d ~= on and off.d ~= off + From: Robert Fairley Date: Wed, 17 Jun 2020 10:14:19 -0400 Subject: [PATCH] examples/nm-dispatcher.dhcp: use sysconfig @@ -11,33 +121,29 @@ diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher. index 6ea4c37..a6ad35a 100644 --- a/examples/chrony.nm-dispatcher.dhcp +++ b/examples/chrony.nm-dispatcher.dhcp -@@ -6,16 +6,24 @@ - - chronyc=/usr/bin/chronyc - default_server_options=iburst --server_dir=/var/run/chrony-dhcp -+server_dir=/run/chrony-dhcp - - dhcp_server_file=$server_dir/$interface.sources - # DHCP4_NTP_SERVERS is passed from DHCP options by NetworkManager. - nm_dhcp_servers=$DHCP4_NTP_SERVERS +@@ -8,15 +8,23 @@ export LC_ALL=C + interface=$1 + action=$2 +[ -f /etc/sysconfig/network ] && . /etc/sysconfig/network +[ -f /etc/sysconfig/network-scripts/ifcfg-"${interface}" ] && \ + . /etc/sysconfig/network-scripts/ifcfg-"${interface}" + + chronyc=/usr/bin/chronyc +-server_options=iburst +-server_dir=/var/run/chrony-dhcp ++server_options=${NTPSERVERARGS:-iburst} ++server_dir=/run/chrony-dhcp + + dhcp_server_file=$server_dir/$interface.sources + dhcp_ntp_servers="$DHCP4_NTP_SERVERS $DHCP6_DHCP6_NTP_SERVERS" + add_servers_from_dhcp() { rm -f "$dhcp_server_file" + + # Don't add NTP servers if PEERNTP=no specified; return early. + [ "$PEERNTP" = "no" ] && return + - for server in $nm_dhcp_servers; do -- echo "server $server $default_server_options" >> "$dhcp_server_file" -+ echo "server $server ${NTPSERVERARGS:-$default_server_options}" >> "$dhcp_server_file" - done - $chronyc reload sources > /dev/null 2>&1 || : - } --- -2.29.2 - + for server in $dhcp_ntp_servers; do + # Check for invalid characters (from the DHCPv6 NTP FQDN suboption) + printf '%s\n' "$server" | grep -E -q '^[-A-Za-z0-9:.]{1,255}$' || continue diff --git a/chrony.spec b/chrony.spec index 523d2f2..f84fbd9 100644 --- a/chrony.spec +++ b/chrony.spec @@ -64,8 +64,8 @@ md5sum -c <<-EOF | (! grep -v 'OK$') 2d01b94bc1a7b7fb70cbee831488d121 examples/chrony.conf.example2 96999221eeef476bd49fe97b97503126 examples/chrony.keys.example 6a3178c4670de7de393d9365e2793740 examples/chrony.logrotate - a7054c9352c07384bd7ea0477e6e8a8c examples/chrony.nm-dispatcher.dhcp - 8f5a98fcb400a482d355b929d04b5518 examples/chrony.nm-dispatcher.onoffline + 5d0c4758207a89a9a19471177b1107b9 examples/chrony.nm-dispatcher.dhcp + 2b81c60c020626165ac655b2633608eb examples/chrony.nm-dispatcher.onoffline 677ad16d6439daa369da44a1b75d1772 examples/chronyd.service EOF