update to 4.3-pre1
This commit is contained in:
parent
9d18b2f3ab
commit
7a0122bf71
6
.gitignore
vendored
6
.gitignore
vendored
@ -1,3 +1,3 @@
|
|||||||
/chrony-4.2.tar.gz
|
/chrony-4.3-pre1.tar.gz
|
||||||
/chrony-4.2-tar-gz-asc.txt
|
/chrony-4.3-pre1-tar-gz-asc.txt
|
||||||
/clknetsim-470b5e.tar.gz
|
/clknetsim-f00531.tar.gz
|
||||||
|
@ -1,113 +1,3 @@
|
|||||||
commit 5bd13c8d593a74ad168057efe94dd2b3aeeffe14
|
|
||||||
Author: Miroslav Lichvar <mlichvar@redhat.com>
|
|
||||||
Date: Mon Feb 7 13:27:25 2022 +0100
|
|
||||||
|
|
||||||
examples: support DHCPv6 NTP servers in NM dispatcher script
|
|
||||||
|
|
||||||
Latest NetworkManager code provides NTP servers from the DHCPv6 NTP
|
|
||||||
option (RFC 5908) in the DHCP6_DHCP6_NTP_SERVERS variable to dispatcher
|
|
||||||
scripts.
|
|
||||||
|
|
||||||
Check for invalid characters (which can come from the FQDN suboption)
|
|
||||||
and include the servers in the interface-specific sources file.
|
|
||||||
|
|
||||||
diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher.dhcp
|
|
||||||
index 6ea4c370..4454f037 100644
|
|
||||||
--- a/examples/chrony.nm-dispatcher.dhcp
|
|
||||||
+++ b/examples/chrony.nm-dispatcher.dhcp
|
|
||||||
@@ -1,8 +1,7 @@
|
|
||||||
#!/bin/sh
|
|
||||||
# This is a NetworkManager dispatcher script for chronyd to update
|
|
||||||
-# its NTP sources passed from DHCP options. Note that this script is
|
|
||||||
-# specific to NetworkManager-dispatcher due to use of the
|
|
||||||
-# DHCP4_NTP_SERVERS environment variable.
|
|
||||||
+# its NTP sources with servers from DHCP options passed by NetworkManager
|
|
||||||
+# in the DHCP4_NTP_SERVERS and DHCP6_DHCP6_NTP_SERVERS environment variables.
|
|
||||||
|
|
||||||
export LC_ALL=C
|
|
||||||
|
|
||||||
@@ -10,17 +9,19 @@ interface=$1
|
|
||||||
action=$2
|
|
||||||
|
|
||||||
chronyc=/usr/bin/chronyc
|
|
||||||
-default_server_options=iburst
|
|
||||||
+server_options=iburst
|
|
||||||
server_dir=/var/run/chrony-dhcp
|
|
||||||
|
|
||||||
dhcp_server_file=$server_dir/$interface.sources
|
|
||||||
-# DHCP4_NTP_SERVERS is passed from DHCP options by NetworkManager.
|
|
||||||
-nm_dhcp_servers=$DHCP4_NTP_SERVERS
|
|
||||||
+dhcp_ntp_servers="$DHCP4_NTP_SERVERS $DHCP6_DHCP6_NTP_SERVERS"
|
|
||||||
|
|
||||||
add_servers_from_dhcp() {
|
|
||||||
rm -f "$dhcp_server_file"
|
|
||||||
- for server in $nm_dhcp_servers; do
|
|
||||||
- echo "server $server $default_server_options" >> "$dhcp_server_file"
|
|
||||||
+ for server in $dhcp_ntp_servers; do
|
|
||||||
+ # Check for invalid characters (from the DHCPv6 NTP FQDN suboption)
|
|
||||||
+ printf '%s\n' "$server" | grep -E -q '^[-A-Za-z0-9:.]{1,255}$' || continue
|
|
||||||
+
|
|
||||||
+ printf 'server %s %s\n' "$server" "$server_options" >> "$dhcp_server_file"
|
|
||||||
done
|
|
||||||
$chronyc reload sources > /dev/null 2>&1 || :
|
|
||||||
}
|
|
||||||
@@ -34,10 +35,11 @@ clear_servers_from_dhcp() {
|
|
||||||
|
|
||||||
mkdir -p $server_dir
|
|
||||||
|
|
||||||
-if [ "$action" = "up" ] || [ "$action" = "dhcp4-change" ]; then
|
|
||||||
- add_servers_from_dhcp
|
|
||||||
-elif [ "$action" = "down" ]; then
|
|
||||||
- clear_servers_from_dhcp
|
|
||||||
-fi
|
|
||||||
+case "$action" in
|
|
||||||
+ up|dhcp4-change|dhcp6-change)
|
|
||||||
+ add_servers_from_dhcp;;
|
|
||||||
+ down)
|
|
||||||
+ clear_servers_from_dhcp;;
|
|
||||||
+esac
|
|
||||||
|
|
||||||
exit 0
|
|
||||||
|
|
||||||
commit e55f174bd3a7ae82fb24afd43443d0b55d5536cf
|
|
||||||
Author: Miroslav Lichvar <mlichvar@redhat.com>
|
|
||||||
Date: Mon Feb 7 13:27:48 2022 +0100
|
|
||||||
|
|
||||||
examples: handle more actions in NM dispatcher script
|
|
||||||
|
|
||||||
Run the chronyc onoffline command also when the connectivity-change
|
|
||||||
and dhcp6-change actions are reported by the NetworkManager dispatcher.
|
|
||||||
|
|
||||||
The latter should not be necessary, but there currently doesn't seem to
|
|
||||||
be any action for IPv6 becoming routable after duplicate address
|
|
||||||
detection, so at least in networks using DHCPv6, IPv6 NTP servers should
|
|
||||||
not be stuck in the offline state from a previously reported action.
|
|
||||||
|
|
||||||
diff --git a/examples/chrony.nm-dispatcher.onoffline b/examples/chrony.nm-dispatcher.onoffline
|
|
||||||
index 34cfa0db..01e6fdb1 100644
|
|
||||||
--- a/examples/chrony.nm-dispatcher.onoffline
|
|
||||||
+++ b/examples/chrony.nm-dispatcher.onoffline
|
|
||||||
@@ -7,8 +7,18 @@ export LC_ALL=C
|
|
||||||
|
|
||||||
chronyc=/usr/bin/chronyc
|
|
||||||
|
|
||||||
-# For NetworkManager consider only up/down events
|
|
||||||
-[ $# -ge 2 ] && [ "$2" != "up" ] && [ "$2" != "down" ] && exit 0
|
|
||||||
+# For NetworkManager consider only selected events
|
|
||||||
+if [ $# -ge 2 ]; then
|
|
||||||
+ case "$2" in
|
|
||||||
+ up|down|connectivity-change)
|
|
||||||
+ ;;
|
|
||||||
+ dhcp6-change)
|
|
||||||
+ # No other action is reported for routable IPv6
|
|
||||||
+ ;;
|
|
||||||
+ *)
|
|
||||||
+ exit 0;;
|
|
||||||
+ esac
|
|
||||||
+fi
|
|
||||||
|
|
||||||
# Note: for networkd-dispatcher routable.d ~= on and off.d ~= off
|
|
||||||
|
|
||||||
From: Robert Fairley <rfairley@redhat.com>
|
From: Robert Fairley <rfairley@redhat.com>
|
||||||
Date: Wed, 17 Jun 2020 10:14:19 -0400
|
Date: Wed, 17 Jun 2020 10:14:19 -0400
|
||||||
Subject: [PATCH] examples/nm-dispatcher.dhcp: use sysconfig
|
Subject: [PATCH] examples/nm-dispatcher.dhcp: use sysconfig
|
||||||
@ -146,4 +36,4 @@ index 6ea4c37..a6ad35a 100644
|
|||||||
+
|
+
|
||||||
for server in $dhcp_ntp_servers; do
|
for server in $dhcp_ntp_servers; do
|
||||||
# Check for invalid characters (from the DHCPv6 NTP FQDN suboption)
|
# Check for invalid characters (from the DHCPv6 NTP FQDN suboption)
|
||||||
printf '%s\n' "$server" | grep -E -q '^[-A-Za-z0-9:.]{1,255}$' || continue
|
len1=$(printf '%s' "$server" | wc -c)
|
||||||
|
@ -1,31 +0,0 @@
|
|||||||
commit 8bb8f15a7d049ed26c69d95087065b381f76ec4d
|
|
||||||
Author: Michael Hudson-Doyle <michael.hudson@canonical.com>
|
|
||||||
Date: Wed Feb 9 09:06:13 2022 +0100
|
|
||||||
|
|
||||||
sys_linux: allow rseq in seccomp filter
|
|
||||||
|
|
||||||
Libc 2.35 will use rseq syscalls [1][2] by default and thereby
|
|
||||||
break chrony in seccomp isolation.
|
|
||||||
|
|
||||||
[1]: https://www.efficios.com/blog/2019/02/08/linux-restartable-sequences/
|
|
||||||
[2]: https://sourceware.org/pipermail/libc-alpha/2022-February/136040.html
|
|
||||||
|
|
||||||
Tested-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
|
|
||||||
Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
|
|
||||||
Signed-off-by: Michael Hudson-Doyle <michael.hudson@canonical.com>
|
|
||||||
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
|
|
||||||
|
|
||||||
diff --git a/sys_linux.c b/sys_linux.c
|
|
||||||
index 9cab2efa..cc3c9311 100644
|
|
||||||
--- a/sys_linux.c
|
|
||||||
+++ b/sys_linux.c
|
|
||||||
@@ -497,6 +497,9 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
|
|
||||||
SCMP_SYS(getrlimit),
|
|
||||||
SCMP_SYS(getuid),
|
|
||||||
SCMP_SYS(getuid32),
|
|
||||||
+#ifdef __NR_rseq
|
|
||||||
+ SCMP_SYS(rseq),
|
|
||||||
+#endif
|
|
||||||
SCMP_SYS(rt_sigaction),
|
|
||||||
SCMP_SYS(rt_sigreturn),
|
|
||||||
SCMP_SYS(rt_sigprocmask),
|
|
10
chrony.spec
10
chrony.spec
@ -1,5 +1,6 @@
|
|||||||
%global _hardened_build 1
|
%global _hardened_build 1
|
||||||
%global clknetsim_ver 470b5e
|
%global prerelease -pre1
|
||||||
|
%global clknetsim_ver f00531
|
||||||
%bcond_without debug
|
%bcond_without debug
|
||||||
%bcond_without nts
|
%bcond_without nts
|
||||||
|
|
||||||
@ -8,7 +9,7 @@
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
Name: chrony
|
Name: chrony
|
||||||
Version: 4.2
|
Version: 4.3
|
||||||
Release: 7%{?dist}
|
Release: 7%{?dist}
|
||||||
Summary: An NTP client/server
|
Summary: An NTP client/server
|
||||||
|
|
||||||
@ -25,8 +26,6 @@ Source10: https://github.com/mlichvar/clknetsim/archive/%{clknetsim_ver}/c
|
|||||||
|
|
||||||
# add distribution-specific bits to DHCP dispatcher
|
# add distribution-specific bits to DHCP dispatcher
|
||||||
Patch1: chrony-nm-dispatcher-dhcp.patch
|
Patch1: chrony-nm-dispatcher-dhcp.patch
|
||||||
# update seccomp filter for latest glibc
|
|
||||||
Patch2: chrony-seccomp.patch
|
|
||||||
|
|
||||||
BuildRequires: libcap-devel libedit-devel nettle-devel pps-tools-devel
|
BuildRequires: libcap-devel libedit-devel nettle-devel pps-tools-devel
|
||||||
BuildRequires: gcc gcc-c++ make bison systemd gnupg2
|
BuildRequires: gcc gcc-c++ make bison systemd gnupg2
|
||||||
@ -58,7 +57,6 @@ service to other computers in the network.
|
|||||||
%setup -q -n %{name}-%{version}%{?prerelease} -a 10
|
%setup -q -n %{name}-%{version}%{?prerelease} -a 10
|
||||||
%{?gitpatch:%patch0 -p1}
|
%{?gitpatch:%patch0 -p1}
|
||||||
%patch1 -p1 -b .nm-dispatcher-dhcp
|
%patch1 -p1 -b .nm-dispatcher-dhcp
|
||||||
%patch2 -p1 -b .seccomp
|
|
||||||
|
|
||||||
%{?gitpatch: echo %{version}-%{gitpatch} > version.txt}
|
%{?gitpatch: echo %{version}-%{gitpatch} > version.txt}
|
||||||
|
|
||||||
@ -68,7 +66,7 @@ md5sum -c <<-EOF | (! grep -v 'OK$')
|
|||||||
2d01b94bc1a7b7fb70cbee831488d121 examples/chrony.conf.example2
|
2d01b94bc1a7b7fb70cbee831488d121 examples/chrony.conf.example2
|
||||||
96999221eeef476bd49fe97b97503126 examples/chrony.keys.example
|
96999221eeef476bd49fe97b97503126 examples/chrony.keys.example
|
||||||
6a3178c4670de7de393d9365e2793740 examples/chrony.logrotate
|
6a3178c4670de7de393d9365e2793740 examples/chrony.logrotate
|
||||||
5d0c4758207a89a9a19471177b1107b9 examples/chrony.nm-dispatcher.dhcp
|
c3992e2f985550739cd1cd95f98c9548 examples/chrony.nm-dispatcher.dhcp
|
||||||
2b81c60c020626165ac655b2633608eb examples/chrony.nm-dispatcher.onoffline
|
2b81c60c020626165ac655b2633608eb examples/chrony.nm-dispatcher.onoffline
|
||||||
677ad16d6439daa369da44a1b75d1772 examples/chronyd.service
|
677ad16d6439daa369da44a1b75d1772 examples/chronyd.service
|
||||||
EOF
|
EOF
|
||||||
|
6
sources
6
sources
@ -1,3 +1,3 @@
|
|||||||
SHA512 (chrony-4.2.tar.gz) = 7f946b27de605b3ebea62cf23916dfad77c99e8b2338ba239ede6b8216ce436b3d4d87770f371c8d8e006507c51d5c831b51f067957abd2935adfdec3f5aa67d
|
SHA512 (chrony-4.3-pre1.tar.gz) = 6a97b11cd7604808aa57db8cd67ae854391ef2bca84bb0256c043464e33683e15682a8ebadec3d2fcca83203d2c731953dfd4972976fe193246ca4af7fb7e0e7
|
||||||
SHA512 (chrony-4.2-tar-gz-asc.txt) = d8ae4b540ce3529a5a72e10c14765a33ca6fc41529b6fdc9928fb171f25bd6fb87f930b7783638892f42f4cbcfaab4cb1064c930bae1d5204a71babad72b6e10
|
SHA512 (chrony-4.3-pre1-tar-gz-asc.txt) = 3a9cd53fcd0f2842241817d5bdeb3c6151eec9e1d0864ae4a89a2d7b93924ac28be7d4f090a32b99ab4b229437d027c2663bb552433182a97eca347175138164
|
||||||
SHA512 (clknetsim-470b5e.tar.gz) = 5245414a0e2371ef22725b0cf8cf4b1f033ba9e5493a4a48ffb26e2cac6bb1975583216beb9c0800664159c52e632018ea93d36477dd520f164a55db44e89413
|
SHA512 (clknetsim-f00531.tar.gz) = a44f543574519d1d5b5778f91b88fc73a976de511b97011c8ff3bc61a7ebff868fe9c6b46947ff4b58b29bd45520ffa68147934b1d289b1ffada4a329c048df5
|
||||||
|
Loading…
Reference in New Issue
Block a user