- initial release
This commit is contained in:
parent
7607fff2a3
commit
9709697373
@ -0,0 +1 @@
|
|||||||
|
chrony-1.23.tar.gz
|
25
chrony-1.23-gethost.patch
Normal file
25
chrony-1.23-gethost.patch
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
From f1a74e41b3b89771243294097ebd3472deb019f4 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Miroslav Lichvar <mlichvar@redhat.com>
|
||||||
|
Date: Thu, 6 Nov 2008 17:35:22 +0100
|
||||||
|
Subject: [PATCH] Fix resolving IP addresses into names on 64-bit big endian machines
|
||||||
|
|
||||||
|
---
|
||||||
|
nameserv.c | 2 +-
|
||||||
|
1 files changed, 1 insertions(+), 1 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/nameserv.c b/nameserv.c
|
||||||
|
index f509dfb..dd610df 100644
|
||||||
|
--- a/nameserv.c
|
||||||
|
+++ b/nameserv.c
|
||||||
|
@@ -65,7 +65,7 @@ DNS_IPAddress2Name(unsigned long ip_addr)
|
||||||
|
struct hostent *host;
|
||||||
|
static char buffer[16];
|
||||||
|
unsigned int a, b, c, d;
|
||||||
|
- unsigned long addr;
|
||||||
|
+ uint32_t addr;
|
||||||
|
|
||||||
|
addr = htonl(ip_addr);
|
||||||
|
if (addr == 0UL) {
|
||||||
|
--
|
||||||
|
1.5.6.5
|
||||||
|
|
544
chrony-1.23-gitbe42b4.patch
Normal file
544
chrony-1.23-gitbe42b4.patch
Normal file
@ -0,0 +1,544 @@
|
|||||||
|
From 2f2446c7dc074b2d1728a5e3f7a600c10cea2425 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Goswin Brederlow <brederlo@informatik.uni-tuebingen.de>
|
||||||
|
Date: Sat, 29 Mar 2008 20:49:59 +0000
|
||||||
|
Subject: [PATCH] Fix for chronyc "sources" command on 64 bit machines
|
||||||
|
|
||||||
|
(Taken from
|
||||||
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=348412
|
||||||
|
)
|
||||||
|
|
||||||
|
Attached is a patchlet to make the "sources" command of chrony output properly
|
||||||
|
signed numbers. The chronyd code (see e.g. ntp.h) properly uses int32_t and
|
||||||
|
friends to get the right number of bits per datatype while client.c just uses
|
||||||
|
short, int, long. But long will be 64 bit or 32 bit depending on the cpu.
|
||||||
|
---
|
||||||
|
client.c | 20 +++++++++++++-------
|
||||||
|
1 files changed, 13 insertions(+), 7 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/client.c b/client.c
|
||||||
|
index b7e5bcb..85d6e84 100644
|
||||||
|
--- a/client.c
|
||||||
|
+++ b/client.c
|
||||||
|
@@ -45,6 +45,12 @@
|
||||||
|
#include <readline/history.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+#ifdef HAS_STDINT_H
|
||||||
|
+#include <stdint.h>
|
||||||
|
+#elif defined(HAS_INTTYPES_H)
|
||||||
|
+#include <inttypes.h>
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/* ================================================== */
|
||||||
|
|
||||||
|
static int sock_fd;
|
||||||
|
@@ -1383,16 +1389,16 @@ process_cmd_sources(char *line)
|
||||||
|
int n_sources, i;
|
||||||
|
int verbose = 0;
|
||||||
|
|
||||||
|
- long orig_latest_meas, latest_meas, est_offset;
|
||||||
|
- unsigned long ip_addr;
|
||||||
|
- unsigned long latest_meas_err, est_offset_err;
|
||||||
|
- unsigned long latest_meas_ago;
|
||||||
|
- unsigned short poll, stratum;
|
||||||
|
- unsigned short state, mode;
|
||||||
|
+ int32_t orig_latest_meas, latest_meas, est_offset;
|
||||||
|
+ uint32_t ip_addr;
|
||||||
|
+ uint32_t latest_meas_err, est_offset_err;
|
||||||
|
+ uint32_t latest_meas_ago;
|
||||||
|
+ uint16_t poll, stratum;
|
||||||
|
+ uint16_t state, mode;
|
||||||
|
double resid_freq, resid_skew;
|
||||||
|
const char *dns_lookup;
|
||||||
|
char hostname_buf[32];
|
||||||
|
- unsigned short status;
|
||||||
|
+ uint16_t status;
|
||||||
|
|
||||||
|
/* Check whether to output verbose headers */
|
||||||
|
verbose = check_for_verbose_flag(line);
|
||||||
|
--
|
||||||
|
1.5.6.5
|
||||||
|
|
||||||
|
From 71aa36aa6e5477be5ed9bc97954da19c5885c933 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Thomas Zajic <zlatko@zlatko.fdns.net>
|
||||||
|
Date: Tue, 29 Jul 2008 23:35:42 +0100
|
||||||
|
Subject: [PATCH] Fix IP addressing in chronyc
|
||||||
|
|
||||||
|
Thomas wrote:
|
||||||
|
I found a bug in the chrony client (chronyc) that affects its ability to talk
|
||||||
|
to remote hosts over the control port (323/udp).
|
||||||
|
|
||||||
|
For example, running "chronyc -h 192.168.1.3 sources -v" would just sit there
|
||||||
|
and hang, and eventually timeout. I found out with tcpdump that chronyc
|
||||||
|
actually tries to connect to 255.168.1.3 instead of 192.168.1.3.
|
||||||
|
---
|
||||||
|
client.c | 8 ++++----
|
||||||
|
1 files changed, 4 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/client.c b/client.c
|
||||||
|
index 85d6e84..66f297f 100644
|
||||||
|
--- a/client.c
|
||||||
|
+++ b/client.c
|
||||||
|
@@ -163,10 +163,10 @@ get_address(const char *hostname)
|
||||||
|
exit(1);
|
||||||
|
} else {
|
||||||
|
address0 = host->h_addr_list[0];
|
||||||
|
- result = ((((unsigned long) address0[0]) << 24) |
|
||||||
|
- (((unsigned long) address0[1]) << 16) |
|
||||||
|
- (((unsigned long) address0[2]) << 8) |
|
||||||
|
- (((unsigned long) address0[3])));
|
||||||
|
+ result = ((((unsigned long) address0[0] & 0xff) << 24) |
|
||||||
|
+ (((unsigned long) address0[1] & 0xff) << 16) |
|
||||||
|
+ (((unsigned long) address0[2] & 0xff) << 8) |
|
||||||
|
+ (((unsigned long) address0[3] & 0xff)));
|
||||||
|
}
|
||||||
|
|
||||||
|
return result;
|
||||||
|
--
|
||||||
|
1.5.6.5
|
||||||
|
|
||||||
|
From bc0aaa9217d1ca85dbb0f7a5452a0705e7a28264 Mon Sep 17 00:00:00 2001
|
||||||
|
From: John Hasler <john@dhh.gt.org>
|
||||||
|
Date: Tue, 29 Apr 2008 12:40:15 -0500
|
||||||
|
Subject: [PATCH] Fix fault where chronyd enters an endless loop on x86_64
|
||||||
|
|
||||||
|
John writes:
|
||||||
|
Here is a patch that should prevent the endless loop. I've changed
|
||||||
|
UTI_NormaliseTimeval() to use divide/remainder instead of a loop. It also
|
||||||
|
replaces some similar loops with calls to UTI_NormaliseTimeval() and fixes
|
||||||
|
an unrelated bug in UTI_DiffTimevals().
|
||||||
|
---
|
||||||
|
util.c | 38 +++++++++++---------------------------
|
||||||
|
1 files changed, 11 insertions(+), 27 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/util.c b/util.c
|
||||||
|
index 431be1e..d506ffd 100644
|
||||||
|
--- a/util.c
|
||||||
|
+++ b/util.c
|
||||||
|
@@ -87,15 +87,17 @@ UTI_CompareTimevals(struct timeval *a, struct timeval *b)
|
||||||
|
INLINE_STATIC void
|
||||||
|
UTI_NormaliseTimeval(struct timeval *x)
|
||||||
|
{
|
||||||
|
- while (x->tv_usec >= 1000000) {
|
||||||
|
- ++x->tv_sec;
|
||||||
|
- x->tv_usec -= 1000000;
|
||||||
|
+ /* Reduce tv_usec to within +-1000000 of zero. JGH */
|
||||||
|
+ if ((x->tv_usec >= 1000000) || (x->tv_usec <= -1000000)) {
|
||||||
|
+ x->tv_sec += x->tv_usec/1000000;
|
||||||
|
+ x->tv_usec = x->tv_usec%1000000;
|
||||||
|
}
|
||||||
|
|
||||||
|
- while (x->tv_usec < 0) {
|
||||||
|
+ /* Make tv_usec positive. JGH */
|
||||||
|
+ if (x->tv_usec < 0) {
|
||||||
|
--x->tv_sec;
|
||||||
|
x->tv_usec += 1000000;
|
||||||
|
- }
|
||||||
|
+ }
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -110,17 +112,9 @@ UTI_DiffTimevals(struct timeval *result,
|
||||||
|
result->tv_usec = a->tv_usec - b->tv_usec;
|
||||||
|
|
||||||
|
/* Correct microseconds field to bring it into the range
|
||||||
|
- [0,1000000) */
|
||||||
|
+ (0,1000000) */
|
||||||
|
|
||||||
|
- while (result->tv_usec < 0) {
|
||||||
|
- result->tv_usec += 1000000;
|
||||||
|
- --result->tv_sec;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- while (result->tv_usec > 999999) {
|
||||||
|
- result->tv_usec -= 1000000;
|
||||||
|
- ++result->tv_sec;
|
||||||
|
- }
|
||||||
|
+ UTI_NormaliseTimeval(result); /* JGH */
|
||||||
|
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
@@ -191,7 +185,7 @@ UTI_AverageDiffTimevals (struct timeval *earlier,
|
||||||
|
}
|
||||||
|
|
||||||
|
tvhalf.tv_sec = tvdiff.tv_sec / 2;
|
||||||
|
- tvhalf.tv_usec = tvdiff.tv_usec / 2 + (tvdiff.tv_sec % 2);
|
||||||
|
+ tvhalf.tv_usec = tvdiff.tv_usec / 2 + (tvdiff.tv_sec % 2) * 500000; /* JGH */
|
||||||
|
|
||||||
|
average->tv_sec = earlier->tv_sec + tvhalf.tv_sec;
|
||||||
|
average->tv_usec = earlier->tv_usec + tvhalf.tv_usec;
|
||||||
|
@@ -199,17 +193,7 @@ UTI_AverageDiffTimevals (struct timeval *earlier,
|
||||||
|
/* Bring into range */
|
||||||
|
UTI_NormaliseTimeval(average);
|
||||||
|
|
||||||
|
- while (average->tv_usec >= 1000000) {
|
||||||
|
- ++average->tv_sec;
|
||||||
|
- average->tv_usec -= 1000000;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- while (average->tv_usec < 0) {
|
||||||
|
- --average->tv_sec;
|
||||||
|
- average->tv_usec += 1000000;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
-}
|
||||||
|
+ }
|
||||||
|
|
||||||
|
/* ================================================== */
|
||||||
|
|
||||||
|
--
|
||||||
|
1.5.6.5
|
||||||
|
|
||||||
|
From 8336f14680f59340ad1f6d01910cb9f307de9443 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Miroslav Lichvar <mlichvar@redhat.com>
|
||||||
|
Date: Wed, 5 Nov 2008 23:48:58 +0000
|
||||||
|
Subject: [PATCH] Fix errors detected by valgrind
|
||||||
|
|
||||||
|
I tried running chronyd in valgrind and the result was that there are four
|
||||||
|
places where memory is not initialized. A patch fixing the errors is in the
|
||||||
|
attachment.
|
||||||
|
---
|
||||||
|
cmdmon.c | 4 +++-
|
||||||
|
ntp_core.c | 3 +++
|
||||||
|
sourcestats.c | 8 ++++++--
|
||||||
|
3 files changed, 12 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/cmdmon.c b/cmdmon.c
|
||||||
|
index e88d7c3..819977c 100644
|
||||||
|
--- a/cmdmon.c
|
||||||
|
+++ b/cmdmon.c
|
||||||
|
@@ -166,7 +166,7 @@ CAM_Initialise(void)
|
||||||
|
int port_number;
|
||||||
|
struct sockaddr_in my_addr;
|
||||||
|
unsigned long bind_address;
|
||||||
|
- int on_off;
|
||||||
|
+ int on_off = 1;
|
||||||
|
|
||||||
|
if (initialised) {
|
||||||
|
CROAK("Shouldn't be initialised");
|
||||||
|
@@ -1631,11 +1631,13 @@ read_from_cmd_socket(void *anything)
|
||||||
|
tx_message.reply = htons(RPY_NULL);
|
||||||
|
tx_message.number = htons(1);
|
||||||
|
tx_message.total = htons(1);
|
||||||
|
+ tx_message.pad1 = 0;
|
||||||
|
tx_message.utoken = htonl(utoken);
|
||||||
|
/* Set this to a default (invalid) value. This protects against the
|
||||||
|
token field being set to an arbitrary value if we reject the
|
||||||
|
message, e.g. due to the host failing the access check. */
|
||||||
|
tx_message.token = htonl(0xffffffffUL);
|
||||||
|
+ memset(&tx_message.auth, 0, sizeof(tx_message.auth));
|
||||||
|
|
||||||
|
remote_ip = ntohl(where_from.sin_addr.s_addr);
|
||||||
|
remote_port = ntohs(where_from.sin_port);
|
||||||
|
diff --git a/ntp_core.c b/ntp_core.c
|
||||||
|
index 60d433c..8dfd6cf 100644
|
||||||
|
--- a/ntp_core.c
|
||||||
|
+++ b/ntp_core.c
|
||||||
|
@@ -300,6 +300,9 @@ create_instance(NTP_Remote_Address *remote_addr, NTP_Mode mode, SourceParameters
|
||||||
|
|
||||||
|
result->tx_count = 0;
|
||||||
|
|
||||||
|
+ result->remote_orig.hi = 0;
|
||||||
|
+ result->remote_orig.lo = 0;
|
||||||
|
+
|
||||||
|
result->score = 0;
|
||||||
|
|
||||||
|
if (params->online) {
|
||||||
|
diff --git a/sourcestats.c b/sourcestats.c
|
||||||
|
index 163a2eb..564eb3a 100644
|
||||||
|
--- a/sourcestats.c
|
||||||
|
+++ b/sourcestats.c
|
||||||
|
@@ -721,8 +721,12 @@ SST_PredictOffset(SST_Stats inst, struct timeval *when)
|
||||||
|
if (inst->n_samples < 3) {
|
||||||
|
/* We don't have any useful statistics, and presumably the poll
|
||||||
|
interval is minimal. We can't do any useful prediction other
|
||||||
|
- than use the latest sample */
|
||||||
|
- return inst->offsets[inst->n_samples - 1];
|
||||||
|
+ than use the latest sample or zero if we don't have any samples */
|
||||||
|
+ if (inst->n_samples > 0) {
|
||||||
|
+ return inst->offsets[inst->n_samples - 1];
|
||||||
|
+ } else {
|
||||||
|
+ return 0.0;
|
||||||
|
+ }
|
||||||
|
} else {
|
||||||
|
UTI_DiffTimevalsToDouble(&elapsed, when, &inst->offset_time);
|
||||||
|
return inst->estimated_offset + elapsed * inst->estimated_frequency;
|
||||||
|
--
|
||||||
|
1.5.6.5
|
||||||
|
|
||||||
|
From be42b4eeea268d1eaee25423fabe3a46836f5b08 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Miroslav Lichvar <mlichvar@redhat.com>
|
||||||
|
Date: Wed, 5 Nov 2008 23:50:48 +0000
|
||||||
|
Subject: [PATCH] Linux capabilities support
|
||||||
|
|
||||||
|
Attached is a patch adding a linux capabilities support to chronyd. It
|
||||||
|
adds -u option which can be used to specify the user which chronyd
|
||||||
|
should switch to.
|
||||||
|
---
|
||||||
|
chrony.texi | 3 +++
|
||||||
|
chronyd.8 | 4 ++++
|
||||||
|
configure | 9 +++++++++
|
||||||
|
main.c | 20 ++++++++++++++------
|
||||||
|
sys.c | 8 ++++++++
|
||||||
|
sys.h | 3 +++
|
||||||
|
sys_linux.c | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++
|
||||||
|
sys_linux.h | 2 ++
|
||||||
|
8 files changed, 95 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/chrony.texi b/chrony.texi
|
||||||
|
index 909a0cc..045f02c 100644
|
||||||
|
--- a/chrony.texi
|
||||||
|
+++ b/chrony.texi
|
||||||
|
@@ -1089,6 +1089,9 @@ to work well, it relies on @code{chronyd} having been able to determine
|
||||||
|
accurate statistics for the difference between the real time clock and
|
||||||
|
system clock last time the computer was on.
|
||||||
|
|
||||||
|
+@item -u <user>
|
||||||
|
+When this option is used, chronyd will drop root privileges to the specified
|
||||||
|
+user. So far, it works only on Linux when compiled with capabilities support.
|
||||||
|
@item -v
|
||||||
|
This option displays @code{chronyd's} version number to the terminal and
|
||||||
|
exits.
|
||||||
|
diff --git a/chronyd.8 b/chronyd.8
|
||||||
|
index 78fbe17..dfc4004 100644
|
||||||
|
--- a/chronyd.8
|
||||||
|
+++ b/chronyd.8
|
||||||
|
@@ -79,6 +79,10 @@ been able to determine accurate statistics for the difference
|
||||||
|
between the real time clock and system clock last time the
|
||||||
|
computer was on.
|
||||||
|
.TP
|
||||||
|
+\fB\-u\fR \fIuser\fR
|
||||||
|
+When this option is used, chronyd will drop root privileges to the specified
|
||||||
|
+user. So far, it works only on Linux when compiled with capabilities support.
|
||||||
|
+.TP
|
||||||
|
.B \-v
|
||||||
|
This option displays \fBchronyd\fR's version number to the terminal and exits
|
||||||
|
|
||||||
|
diff --git a/configure b/configure
|
||||||
|
index 2bb2ac0..9027b85 100755
|
||||||
|
--- a/configure
|
||||||
|
+++ b/configure
|
||||||
|
@@ -134,6 +134,7 @@ For better control, use the options below.
|
||||||
|
--readline-lib-dir=DIR Specify where readline lib directory is
|
||||||
|
--with-ncurses-library=DIR Specify where ncurses lib directory is
|
||||||
|
--disable-rtc Don't include RTC even on Linux
|
||||||
|
+ --enable-linuxcaps Enable Linux capabilities support
|
||||||
|
|
||||||
|
Fine tuning of the installation directories:
|
||||||
|
--infodir=DIR info documentation [PREFIX/info]
|
||||||
|
@@ -174,6 +175,7 @@ SYSDEFS=""
|
||||||
|
# Support for readline (on by default)
|
||||||
|
feat_readline=1
|
||||||
|
feat_rtc=1
|
||||||
|
+feat_linuxcaps=0
|
||||||
|
readline_lib=""
|
||||||
|
readline_inc=""
|
||||||
|
ncurses_lib=""
|
||||||
|
@@ -211,6 +213,9 @@ do
|
||||||
|
--disable-rtc)
|
||||||
|
feat_rtc=0
|
||||||
|
;;
|
||||||
|
+ --enable-linuxcaps)
|
||||||
|
+ feat_linuxcaps=1
|
||||||
|
+ ;;
|
||||||
|
--help | -h )
|
||||||
|
usage
|
||||||
|
exit 0
|
||||||
|
@@ -248,6 +253,10 @@ case $SYSTEM in
|
||||||
|
EXTRA_OBJECTS+=" rtc_linux.o"
|
||||||
|
EXTRA_DEFS+=" -DFEAT_RTC=1"
|
||||||
|
fi
|
||||||
|
+ if [ $feat_linuxcaps -eq 1 ] ; then
|
||||||
|
+ EXTRA_DEFS+=" -DFEAT_LINUXCAPS=1"
|
||||||
|
+ EXTRA_LIBS="-lcap"
|
||||||
|
+ fi
|
||||||
|
SYSDEFS="-DLINUX"
|
||||||
|
echo "Configuring for " $SYSTEM
|
||||||
|
if [ "${MACHINE}" = "alpha" ]; then
|
||||||
|
diff --git a/main.c b/main.c
|
||||||
|
index 18312e0..ba6e4a9 100644
|
||||||
|
--- a/main.c
|
||||||
|
+++ b/main.c
|
||||||
|
@@ -83,19 +83,19 @@ MAI_CleanupAndExit(void)
|
||||||
|
SRC_DumpSources();
|
||||||
|
}
|
||||||
|
|
||||||
|
- RTC_Finalise();
|
||||||
|
MNL_Finalise();
|
||||||
|
ACQ_Finalise();
|
||||||
|
- CAM_Finalise();
|
||||||
|
KEY_Finalise();
|
||||||
|
CLG_Finalise();
|
||||||
|
- NIO_Finalise();
|
||||||
|
NSR_Finalise();
|
||||||
|
NCR_Finalise();
|
||||||
|
BRD_Finalise();
|
||||||
|
SRC_Finalise();
|
||||||
|
SST_Finalise();
|
||||||
|
REF_Finalise();
|
||||||
|
+ RTC_Finalise();
|
||||||
|
+ CAM_Finalise();
|
||||||
|
+ NIO_Finalise();
|
||||||
|
SYS_Finalise();
|
||||||
|
SCH_Finalise();
|
||||||
|
LCL_Finalise();
|
||||||
|
@@ -206,6 +206,7 @@ int main
|
||||||
|
(int argc, char **argv)
|
||||||
|
{
|
||||||
|
char *conf_file = NULL;
|
||||||
|
+ char *user = NULL;
|
||||||
|
int debug = 0;
|
||||||
|
int do_init_rtc = 0;
|
||||||
|
int other_pid;
|
||||||
|
@@ -220,6 +221,9 @@ int main
|
||||||
|
conf_file = *argv;
|
||||||
|
} else if (!strcmp("-r", *argv)) {
|
||||||
|
reload = 1;
|
||||||
|
+ } else if (!strcmp("-u", *argv)) {
|
||||||
|
+ ++argv, --argc;
|
||||||
|
+ user = *argv;
|
||||||
|
} else if (!strcmp("-s", *argv)) {
|
||||||
|
do_init_rtc = 1;
|
||||||
|
} else if (!strcmp("-v", *argv) || !strcmp("--version",*argv)) {
|
||||||
|
@@ -269,19 +273,23 @@ int main
|
||||||
|
LCL_Initialise();
|
||||||
|
SCH_Initialise();
|
||||||
|
SYS_Initialise();
|
||||||
|
+ NIO_Initialise();
|
||||||
|
+ CAM_Initialise();
|
||||||
|
+ RTC_Initialise();
|
||||||
|
+
|
||||||
|
+ if (user)
|
||||||
|
+ SYS_DropRoot(user);
|
||||||
|
+
|
||||||
|
REF_Initialise();
|
||||||
|
SST_Initialise();
|
||||||
|
SRC_Initialise();
|
||||||
|
BRD_Initialise();
|
||||||
|
NCR_Initialise();
|
||||||
|
NSR_Initialise();
|
||||||
|
- NIO_Initialise();
|
||||||
|
CLG_Initialise();
|
||||||
|
KEY_Initialise();
|
||||||
|
- CAM_Initialise();
|
||||||
|
ACQ_Initialise();
|
||||||
|
MNL_Initialise();
|
||||||
|
- RTC_Initialise();
|
||||||
|
|
||||||
|
/* From now on, it is safe to do finalisation on exit */
|
||||||
|
initialised = 1;
|
||||||
|
diff --git a/sys.c b/sys.c
|
||||||
|
index 9052cf7..048ba4d 100644
|
||||||
|
--- a/sys.c
|
||||||
|
+++ b/sys.c
|
||||||
|
@@ -97,6 +97,14 @@ SYS_Finalise(void)
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ================================================== */
|
||||||
|
+
|
||||||
|
+void SYS_DropRoot(char *user)
|
||||||
|
+{
|
||||||
|
+#if defined(LINUX) && defined (FEAT_LINUXCAPS)
|
||||||
|
+ SYS_Linux_DropRoot(user);
|
||||||
|
+#endif
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/* ================================================== */
|
||||||
|
/* ================================================== */
|
||||||
|
|
||||||
|
diff --git a/sys.h b/sys.h
|
||||||
|
index 973da42..50b8e46 100644
|
||||||
|
--- a/sys.h
|
||||||
|
+++ b/sys.h
|
||||||
|
@@ -39,4 +39,7 @@ extern void SYS_Initialise(void);
|
||||||
|
/* Called at the end of the run to do final clean-up */
|
||||||
|
extern void SYS_Finalise(void);
|
||||||
|
|
||||||
|
+/* Drop root privileges to the specified user */
|
||||||
|
+extern void SYS_DropRoot(char *user);
|
||||||
|
+
|
||||||
|
#endif /* GOT_SYS_H */
|
||||||
|
diff --git a/sys_linux.c b/sys_linux.c
|
||||||
|
index 137e55b..65eb563 100644
|
||||||
|
--- a/sys_linux.c
|
||||||
|
+++ b/sys_linux.c
|
||||||
|
@@ -39,6 +39,14 @@
|
||||||
|
#include <assert.h>
|
||||||
|
#include <sys/utsname.h>
|
||||||
|
|
||||||
|
+#ifdef FEAT_LINUXCAPS
|
||||||
|
+#include <sys/types.h>
|
||||||
|
+#include <pwd.h>
|
||||||
|
+#include <sys/prctl.h>
|
||||||
|
+#include <sys/capability.h>
|
||||||
|
+#include <grp.h>
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
#include "localp.h"
|
||||||
|
#include "sys_linux.h"
|
||||||
|
#include "sched.h"
|
||||||
|
@@ -831,6 +839,50 @@ SYS_Linux_GetKernelVersion(int *major, int *minor, int *patchlevel)
|
||||||
|
|
||||||
|
/* ================================================== */
|
||||||
|
|
||||||
|
+#ifdef FEAT_LINUXCAPS
|
||||||
|
+void
|
||||||
|
+SYS_Linux_DropRoot(char *user)
|
||||||
|
+{
|
||||||
|
+ struct passwd *pw;
|
||||||
|
+ cap_t cap;
|
||||||
|
+
|
||||||
|
+ if (user == NULL)
|
||||||
|
+ return;
|
||||||
|
+
|
||||||
|
+ if ((pw = getpwnam(user)) == NULL) {
|
||||||
|
+ LOG_FATAL(LOGF_SysLinux, "getpwnam(%s) failed", user);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (prctl(PR_SET_KEEPCAPS, 1)) {
|
||||||
|
+ LOG_FATAL(LOGF_SysLinux, "prcap() failed");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (setgroups(0, NULL)) {
|
||||||
|
+ LOG_FATAL(LOGF_SysLinux, "setgroups() failed");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (setgid(pw->pw_gid)) {
|
||||||
|
+ LOG_FATAL(LOGF_SysLinux, "setgid(%d) failed", pw->pw_gid);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (setuid(pw->pw_uid)) {
|
||||||
|
+ LOG_FATAL(LOGF_SysLinux, "setuid(%d) failed", pw->pw_uid);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if ((cap = cap_from_text("cap_sys_time=ep")) == NULL) {
|
||||||
|
+ LOG_FATAL(LOGF_SysLinux, "cap_from_text() failed");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (cap_set_proc(cap)) {
|
||||||
|
+ LOG_FATAL(LOGF_SysLinux, "cap_set_proc() failed");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ LOG(LOGS_INFO, LOGF_SysLinux, "Privileges dropped to user %s", user);
|
||||||
|
+}
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+/* ================================================== */
|
||||||
|
+
|
||||||
|
#endif /* LINUX */
|
||||||
|
|
||||||
|
/* vim:ts=8
|
||||||
|
diff --git a/sys_linux.h b/sys_linux.h
|
||||||
|
index a17e51e..53639a5 100644
|
||||||
|
--- a/sys_linux.h
|
||||||
|
+++ b/sys_linux.h
|
||||||
|
@@ -37,4 +37,6 @@ extern void SYS_Linux_Finalise(void);
|
||||||
|
|
||||||
|
extern void SYS_Linux_GetKernelVersion(int *major, int *minor, int *patchlevel);
|
||||||
|
|
||||||
|
+extern void SYS_Linux_DropRoot(char *user);
|
||||||
|
+
|
||||||
|
#endif /* GOT_SYS_LINUX_H */
|
||||||
|
--
|
||||||
|
1.5.6.5
|
||||||
|
|
12
chrony-1.23-ppc.patch
Normal file
12
chrony-1.23-ppc.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
diff -up chrony-1.23/io_linux.h.ppc chrony-1.23/io_linux.h
|
||||||
|
--- chrony-1.23/io_linux.h.ppc 2007-12-02 15:53:09.000000000 +0100
|
||||||
|
+++ chrony-1.23/io_linux.h 2008-11-05 19:23:53.000000000 +0100
|
||||||
|
@@ -16,7 +16,7 @@
|
||||||
|
#define CHRONY_IOC_WRITE 1U
|
||||||
|
#define CHRONY_IOC_READ 2U
|
||||||
|
|
||||||
|
-#elif defined(__alpha__) || defined(__sparc__) || defined(__ppc__) || defined(__ppc64__) || defined(__sparc64__)
|
||||||
|
+#elif defined(__alpha__) || defined(__sparc__) || defined(__ppc__) || defined(__ppc64__) || defined(__sparc64__) || defined(__PPC__)
|
||||||
|
#define CHRONY_IOC_NRBITS 8
|
||||||
|
#define CHRONY_IOC_TYPEBITS 8
|
||||||
|
#define CHRONY_IOC_SIZEBITS 13
|
115
chrony-1.23-res.patch
Normal file
115
chrony-1.23-res.patch
Normal file
@ -0,0 +1,115 @@
|
|||||||
|
commit 0148ecaea08691537f51c0aea9c3387cd1d34745
|
||||||
|
Author: Miroslav Lichvar <mlichvar@redhat.com>
|
||||||
|
Date: Mon Nov 10 14:42:41 2008 +0100
|
||||||
|
|
||||||
|
Retry name resolving after temporary failure few times before giving up
|
||||||
|
|
||||||
|
This is a temporary fix to allow starting when resolv.conf is not ready yet
|
||||||
|
(e.g. when using NetworkManager). It may delay start up to 1022 seconds.
|
||||||
|
|
||||||
|
diff --git a/cmdparse.c b/cmdparse.c
|
||||||
|
index 7acc44c..e09db45 100644
|
||||||
|
--- a/cmdparse.c
|
||||||
|
+++ b/cmdparse.c
|
||||||
|
@@ -61,7 +61,7 @@ CPS_ParseNTPSourceAdd(const char *line, CPS_NTP_Source *src)
|
||||||
|
|
||||||
|
ok = 0;
|
||||||
|
if (sscanf(line, "%" SMAXLEN "s%n", hostname, &n) == 1) {
|
||||||
|
- src->ip_addr = DNS_Name2IPAddress(hostname);
|
||||||
|
+ src->ip_addr = DNS_Name2IPAddressRetry(hostname);
|
||||||
|
if (src->ip_addr != DNS_Failed_Address) {
|
||||||
|
ok = 1;
|
||||||
|
}
|
||||||
|
diff --git a/conf.c b/conf.c
|
||||||
|
index e34927e..8e6c1d9 100644
|
||||||
|
--- a/conf.c
|
||||||
|
+++ b/conf.c
|
||||||
|
@@ -584,7 +584,7 @@ parse_initstepslew(const char *line)
|
||||||
|
}
|
||||||
|
while (*p) {
|
||||||
|
if (sscanf(p, "%" SHOSTNAME_LEN "s%n", hostname, &n) == 1) {
|
||||||
|
- ip_addr = DNS_Name2IPAddress(hostname);
|
||||||
|
+ ip_addr = DNS_Name2IPAddressRetry(hostname);
|
||||||
|
if (ip_addr != DNS_Failed_Address) {
|
||||||
|
init_srcs_ip[n_init_srcs] = ip_addr;
|
||||||
|
++n_init_srcs;
|
||||||
|
@@ -746,7 +746,7 @@ parse_allow_deny(const char *line, AllowDeny *list, int allow)
|
||||||
|
}
|
||||||
|
|
||||||
|
} else {
|
||||||
|
- ip_addr = DNS_Name2IPAddress(p);
|
||||||
|
+ ip_addr = DNS_Name2IPAddressRetry(p);
|
||||||
|
if (ip_addr != DNS_Failed_Address) {
|
||||||
|
new_node = MallocNew(AllowDeny);
|
||||||
|
new_node->allow = allow;
|
||||||
|
diff --git a/nameserv.c b/nameserv.c
|
||||||
|
index dd610df..9a25254 100644
|
||||||
|
--- a/nameserv.c
|
||||||
|
+++ b/nameserv.c
|
||||||
|
@@ -32,18 +32,28 @@
|
||||||
|
#include "sysincl.h"
|
||||||
|
|
||||||
|
#include "nameserv.h"
|
||||||
|
+#include <resolv.h>
|
||||||
|
|
||||||
|
/* ================================================== */
|
||||||
|
|
||||||
|
-unsigned long
|
||||||
|
-DNS_Name2IPAddress(const char *name)
|
||||||
|
+static unsigned int retries = 0;
|
||||||
|
+
|
||||||
|
+static unsigned long
|
||||||
|
+Name2IPAddress(const char *name, int retry)
|
||||||
|
{
|
||||||
|
struct hostent *host;
|
||||||
|
unsigned char *address0;
|
||||||
|
unsigned long result;
|
||||||
|
|
||||||
|
+try_again:
|
||||||
|
host = gethostbyname(name);
|
||||||
|
if (host == NULL) {
|
||||||
|
+ if (retry && h_errno == TRY_AGAIN && retries < 10) {
|
||||||
|
+ sleep(2 << retries);
|
||||||
|
+ retries++;
|
||||||
|
+ res_init();
|
||||||
|
+ goto try_again;
|
||||||
|
+ }
|
||||||
|
result = DNS_Failed_Address;
|
||||||
|
} else {
|
||||||
|
address0 = host->h_addr_list[0];
|
||||||
|
@@ -54,7 +64,22 @@ DNS_Name2IPAddress(const char *name)
|
||||||
|
}
|
||||||
|
|
||||||
|
return result;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/* ================================================== */
|
||||||
|
+
|
||||||
|
+unsigned long
|
||||||
|
+DNS_Name2IPAddress(const char *name)
|
||||||
|
+{
|
||||||
|
+ return Name2IPAddress(name, 0);
|
||||||
|
+}
|
||||||
|
|
||||||
|
+/* ================================================== */
|
||||||
|
+
|
||||||
|
+unsigned long
|
||||||
|
+DNS_Name2IPAddressRetry(const char *name)
|
||||||
|
+{
|
||||||
|
+ return Name2IPAddress(name, 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ================================================== */
|
||||||
|
diff --git a/nameserv.h b/nameserv.h
|
||||||
|
index e62f334..69ceef8 100644
|
||||||
|
--- a/nameserv.h
|
||||||
|
+++ b/nameserv.h
|
||||||
|
@@ -36,6 +36,8 @@ static const unsigned long DNS_Failed_Address = 0x0UL;
|
||||||
|
|
||||||
|
extern unsigned long DNS_Name2IPAddress(const char *name);
|
||||||
|
|
||||||
|
+extern unsigned long DNS_Name2IPAddressRetry(const char *name);
|
||||||
|
+
|
||||||
|
const char *DNS_IPAddress2Name(unsigned long ip_addr);
|
||||||
|
|
||||||
|
#endif /* GOT_NAMESERV_H */
|
25
chrony.conf
Normal file
25
chrony.conf
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
# Use public servers from the pool.ntp.org project.
|
||||||
|
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
|
||||||
|
server 0.fedora.pool.ntp.org
|
||||||
|
server 1.fedora.pool.ntp.org
|
||||||
|
server 2.fedora.pool.ntp.org
|
||||||
|
|
||||||
|
driftfile /var/lib/chrony/drift
|
||||||
|
|
||||||
|
# Allow client access from local network.
|
||||||
|
#allow 192.168/16
|
||||||
|
|
||||||
|
# Serve time even if not synchronized to any NTP server.
|
||||||
|
#local stratum 10
|
||||||
|
|
||||||
|
keyfile /etc/chrony.keys
|
||||||
|
|
||||||
|
# Specify the key used as password for chronyc.
|
||||||
|
commandkey 1
|
||||||
|
|
||||||
|
# Send a message to syslog when chronyd has to correct
|
||||||
|
# an error larger than 0.5 seconds.
|
||||||
|
logchange 0.5
|
||||||
|
|
||||||
|
logdir /var/log/chrony
|
||||||
|
#log measurements statistics tracking
|
1
chrony.keys
Normal file
1
chrony.keys
Normal file
@ -0,0 +1 @@
|
|||||||
|
#1 a_key
|
8
chrony.logrotate
Normal file
8
chrony.logrotate
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
/var/log/chrony/*.log {
|
||||||
|
missingok
|
||||||
|
nocreate
|
||||||
|
sharedscripts
|
||||||
|
postrotate
|
||||||
|
/sbin/service chronyd cyclelogs 2> /dev/null > /dev/null || true
|
||||||
|
endscript
|
||||||
|
}
|
131
chrony.spec
Normal file
131
chrony.spec
Normal file
@ -0,0 +1,131 @@
|
|||||||
|
Name: chrony
|
||||||
|
Version: 1.23
|
||||||
|
Release: 2.20081106gitbe42b4%{?dist}
|
||||||
|
Summary: An NTP client/server
|
||||||
|
|
||||||
|
Group: System Environment/Daemons
|
||||||
|
License: GPLv2
|
||||||
|
URL: http://chrony.sunsite.dk
|
||||||
|
Source0: http://chrony.sunsite.dk/download/chrony-%{version}.tar.gz
|
||||||
|
Source1: chrony.conf
|
||||||
|
Source2: chrony.keys
|
||||||
|
Source3: chronyd.sysconfig
|
||||||
|
Source4: chronyd.init
|
||||||
|
Source5: chrony.logrotate
|
||||||
|
# taken from GNU tar-1.13
|
||||||
|
Source6: getdate.y
|
||||||
|
Patch1: chrony-1.23-gitbe42b4.patch
|
||||||
|
Patch2: chrony-1.23-ppc.patch
|
||||||
|
Patch3: chrony-1.23-gethost.patch
|
||||||
|
Patch4: chrony-1.23-res.patch
|
||||||
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
|
|
||||||
|
BuildRequires: libcap-devel readline-devel bison texinfo
|
||||||
|
|
||||||
|
Requires(pre): shadow-utils
|
||||||
|
Requires(post): /sbin/chkconfig /sbin/install-info
|
||||||
|
Requires(preun): /sbin/chkconfig /sbin/service /sbin/install-info
|
||||||
|
Requires(postun): /sbin/service
|
||||||
|
|
||||||
|
%description
|
||||||
|
A client/server for the Network Time Protocol, this program keeps your
|
||||||
|
computer's clock accurate. It was specially designed to support
|
||||||
|
systems with dial-up Internet connections, and also supports computers
|
||||||
|
in permanently connected environments.
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%setup -q
|
||||||
|
cp -p %{SOURCE6} .
|
||||||
|
%patch1 -p1
|
||||||
|
%patch2 -p1 -b .ppc
|
||||||
|
%patch3 -p1 -b .gethost
|
||||||
|
%patch4 -p1 -b .res
|
||||||
|
|
||||||
|
# don't link with ncurses
|
||||||
|
sed -i 's|-lncurses||' configure
|
||||||
|
|
||||||
|
%build
|
||||||
|
bison -o getdate.c getdate.y
|
||||||
|
|
||||||
|
export CFLAGS="$RPM_OPT_FLAGS -pie -fpie"
|
||||||
|
# configure doesn't support --bindir --sbindir options, install manually
|
||||||
|
./configure --enable-linuxcaps
|
||||||
|
make %{?_smp_mflags} all docs
|
||||||
|
|
||||||
|
%install
|
||||||
|
rm -rf $RPM_BUILD_ROOT
|
||||||
|
|
||||||
|
mkdir -p $RPM_BUILD_ROOT{%{_bindir},%{_sbindir}}
|
||||||
|
mkdir -p $RPM_BUILD_ROOT{%{_infodir},%{_mandir}/man{1,5,8}}
|
||||||
|
mkdir -p $RPM_BUILD_ROOT{%{_sysconfdir}/{sysconfig,logrotate.d},%{_initrddir}}
|
||||||
|
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/{lib,log}/chrony
|
||||||
|
|
||||||
|
install -m 755 chronyc $RPM_BUILD_ROOT%{_bindir}
|
||||||
|
install -m 755 chronyd $RPM_BUILD_ROOT%{_sbindir}
|
||||||
|
install -m 644 -p -t $RPM_BUILD_ROOT%{_infodir} chrony.info*
|
||||||
|
install -m 644 -p -t $RPM_BUILD_ROOT%{_mandir}/man1 chrony*.1
|
||||||
|
install -m 644 -p -t $RPM_BUILD_ROOT%{_mandir}/man5 chrony*.5
|
||||||
|
install -m 644 -p -t $RPM_BUILD_ROOT%{_mandir}/man8 chrony*.8
|
||||||
|
|
||||||
|
install -m 644 -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/chrony.conf
|
||||||
|
install -m 640 -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/chrony.keys
|
||||||
|
install -m 644 -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/chronyd
|
||||||
|
install -m 755 -p %{SOURCE4} $RPM_BUILD_ROOT%{_initrddir}/chronyd
|
||||||
|
install -m 644 -p %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/chrony
|
||||||
|
|
||||||
|
touch $RPM_BUILD_ROOT%{_localstatedir}/lib/chrony/{drift,rtc}
|
||||||
|
|
||||||
|
%clean
|
||||||
|
rm -rf $RPM_BUILD_ROOT
|
||||||
|
|
||||||
|
%pre
|
||||||
|
getent group chrony > /dev/null || /usr/sbin/groupadd -r chrony
|
||||||
|
getent passwd chrony > /dev/null || /usr/sbin/useradd -r -g chrony \
|
||||||
|
-d %{_localstatedir}/lib/chrony -s /sbin/nologin chrony
|
||||||
|
:
|
||||||
|
|
||||||
|
%post
|
||||||
|
/sbin/chkconfig --add chronyd
|
||||||
|
/sbin/install-info %{_infodir}/chrony.info.gz %{_infodir}/dir
|
||||||
|
:
|
||||||
|
|
||||||
|
%preun
|
||||||
|
if [ "$1" -eq 0 ]; then
|
||||||
|
/sbin/service chronyd stop &> /dev/null
|
||||||
|
/sbin/chkconfig --del chronyd
|
||||||
|
/sbin/install-info --delete %{_infodir}/chrony.info.gz %{_infodir}/dir
|
||||||
|
fi
|
||||||
|
:
|
||||||
|
|
||||||
|
%postun
|
||||||
|
if [ "$1" -ge 1 ]; then
|
||||||
|
/sbin/service chronyd condrestart &> /dev/null
|
||||||
|
fi
|
||||||
|
:
|
||||||
|
|
||||||
|
%files
|
||||||
|
%defattr(-,root,root,-)
|
||||||
|
%doc COPYING NEWS README chrony.txt faq.txt examples/*
|
||||||
|
%config(noreplace) %{_sysconfdir}/chrony.conf
|
||||||
|
%config(noreplace) %attr(640,root,chrony) %{_sysconfdir}/chrony.keys
|
||||||
|
%config(noreplace) %{_sysconfdir}/sysconfig/chronyd
|
||||||
|
%config(noreplace) %{_sysconfdir}/logrotate.d/chrony
|
||||||
|
%{_initrddir}/chronyd
|
||||||
|
%{_bindir}/chronyc
|
||||||
|
%{_sbindir}/chronyd
|
||||||
|
%{_infodir}/chrony.info*
|
||||||
|
%{_mandir}/man[158]/%{name}*.[158]*
|
||||||
|
%dir %attr(-,chrony,chrony) %{_localstatedir}/lib/chrony
|
||||||
|
%ghost %attr(-,chrony,chrony) %{_localstatedir}/lib/chrony/drift
|
||||||
|
%ghost %attr(-,chrony,chrony) %{_localstatedir}/lib/chrony/rtc
|
||||||
|
%dir %attr(-,chrony,chrony) %{_localstatedir}/log/chrony
|
||||||
|
|
||||||
|
%changelog
|
||||||
|
* Wed Nov 19 2008 Miroslav Lichvar <mlichvar@redhat.com> 1.23-2.20081106gitbe42b4
|
||||||
|
- fix info uninstall
|
||||||
|
- generate random command key in init script
|
||||||
|
- support cyclelogs, online, offline commands in init script
|
||||||
|
- add logrotate script
|
||||||
|
|
||||||
|
* Tue Nov 11 2008 Miroslav Lichvar <mlichvar@redhat.com> 1.23-1.20081106gitbe42b4
|
||||||
|
- initial release
|
158
chronyd.init
Normal file
158
chronyd.init
Normal file
@ -0,0 +1,158 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# chronyd <summary>
|
||||||
|
#
|
||||||
|
# chkconfig: - 58 74
|
||||||
|
# description: Client/server for the Network Time Protocol, \
|
||||||
|
# this program keeps your computer's clock accurate.
|
||||||
|
|
||||||
|
### BEGIN INIT INFO
|
||||||
|
# Provides: chronyd
|
||||||
|
# Required-Start: $network $local_fs $remote_fs
|
||||||
|
# Required-Stop:
|
||||||
|
# Should-Start: $syslog $named
|
||||||
|
# Should-Stop: $syslog
|
||||||
|
# Short-Description: NTP client/server
|
||||||
|
# Description: Client/server for the Network Time Protocol,
|
||||||
|
# this program keeps your computer's clock accurate.
|
||||||
|
### END INIT INFO
|
||||||
|
|
||||||
|
# Source function library.
|
||||||
|
. /etc/rc.d/init.d/functions
|
||||||
|
|
||||||
|
# Source networking configuration.
|
||||||
|
. /etc/sysconfig/network
|
||||||
|
|
||||||
|
exec=/usr/sbin/chronyd
|
||||||
|
prog=chronyd
|
||||||
|
config=/etc/chrony.conf
|
||||||
|
keyfile=/etc/chrony.keys
|
||||||
|
chronyc=/usr/bin/chronyc
|
||||||
|
|
||||||
|
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
|
||||||
|
|
||||||
|
lockfile=/var/lock/subsys/$prog
|
||||||
|
|
||||||
|
get_key() {
|
||||||
|
awk '/^[ \t]*'$1'\>/ { print $2; exit }' < $keyfile
|
||||||
|
}
|
||||||
|
|
||||||
|
get_commandkeyid() {
|
||||||
|
awk '/^[ \t]*commandkey\>/ { keyid=$2 } END { print keyid }' < $config
|
||||||
|
}
|
||||||
|
|
||||||
|
chrony_command() {
|
||||||
|
commandkeyid=$(get_commandkeyid)
|
||||||
|
[ -z "$commandkeyid" ] && return 1
|
||||||
|
commandkey=$(get_key $commandkeyid)
|
||||||
|
[ -z "$commandkey" ] && return 2
|
||||||
|
|
||||||
|
! (
|
||||||
|
$chronyc <<EOF &
|
||||||
|
password $commandkey
|
||||||
|
$1
|
||||||
|
EOF
|
||||||
|
chronycpid=$!
|
||||||
|
|
||||||
|
# chronyc will hang if the daemon doesn't respond, kill it after 3 s
|
||||||
|
(sleep 3; kill $chronycpid) < /dev/null &> /dev/null &
|
||||||
|
killerpid=$!
|
||||||
|
|
||||||
|
wait $chronycpid &> /dev/null
|
||||||
|
kill $killerpid &> /dev/null || echo "chronyd not responding"
|
||||||
|
) | grep -v '200 OK'
|
||||||
|
}
|
||||||
|
|
||||||
|
generate_commandkey() {
|
||||||
|
commandkeyid=$(get_commandkeyid)
|
||||||
|
[ -z "$commandkeyid" ] && return 1
|
||||||
|
commandkey=$(get_key $commandkeyid)
|
||||||
|
[ -z "$commandkey" ] || return 0
|
||||||
|
|
||||||
|
echo -n $"Generating chrony command key: "
|
||||||
|
commandkey=$(tr -c -d '[\041-\176]' < /dev/urandom | head -c 8)
|
||||||
|
[ -n "$commandkey" ] && echo "$commandkeyid $commandkey" >> $keyfile &&
|
||||||
|
success || failure
|
||||||
|
echo
|
||||||
|
}
|
||||||
|
|
||||||
|
start() {
|
||||||
|
[ "$NETWORKING" = "no" ] && exit 1
|
||||||
|
[ -x $exec ] || exit 5
|
||||||
|
[ -f $config ] || exit 6
|
||||||
|
generate_commandkey
|
||||||
|
echo -n $"Starting $prog: "
|
||||||
|
daemon $exec $OPTIONS
|
||||||
|
retval=$?
|
||||||
|
echo
|
||||||
|
[ $retval -eq 0 ] && touch $lockfile
|
||||||
|
return $retval
|
||||||
|
}
|
||||||
|
|
||||||
|
stop() {
|
||||||
|
echo -n $"Stopping $prog: "
|
||||||
|
killproc $prog
|
||||||
|
retval=$?
|
||||||
|
echo
|
||||||
|
[ $retval -eq 0 ] && rm -f $lockfile
|
||||||
|
return $retval
|
||||||
|
}
|
||||||
|
|
||||||
|
restart() {
|
||||||
|
stop
|
||||||
|
start
|
||||||
|
}
|
||||||
|
|
||||||
|
reload() {
|
||||||
|
restart
|
||||||
|
}
|
||||||
|
|
||||||
|
force_reload() {
|
||||||
|
restart
|
||||||
|
}
|
||||||
|
|
||||||
|
rh_status() {
|
||||||
|
status $prog
|
||||||
|
}
|
||||||
|
|
||||||
|
rh_status_q() {
|
||||||
|
rh_status >/dev/null 2>&1
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
start)
|
||||||
|
rh_status_q && exit 0
|
||||||
|
$1
|
||||||
|
;;
|
||||||
|
stop)
|
||||||
|
rh_status_q || exit 0
|
||||||
|
$1
|
||||||
|
;;
|
||||||
|
restart)
|
||||||
|
$1
|
||||||
|
;;
|
||||||
|
reload)
|
||||||
|
rh_status_q || exit 7
|
||||||
|
$1
|
||||||
|
;;
|
||||||
|
force-reload)
|
||||||
|
force_reload
|
||||||
|
;;
|
||||||
|
status)
|
||||||
|
rh_status
|
||||||
|
;;
|
||||||
|
condrestart|try-restart)
|
||||||
|
rh_status_q || exit 0
|
||||||
|
restart
|
||||||
|
;;
|
||||||
|
online|offline|cyclelogs)
|
||||||
|
rh_status_q || exit 7
|
||||||
|
chrony_command $1
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|cyclelogs|online|offline}"
|
||||||
|
exit 2
|
||||||
|
esac
|
||||||
|
exit $?
|
||||||
|
|
1
chronyd.sysconfig
Normal file
1
chronyd.sysconfig
Normal file
@ -0,0 +1 @@
|
|||||||
|
OPTIONS="-u chrony"
|
1
import.log
Normal file
1
import.log
Normal file
@ -0,0 +1 @@
|
|||||||
|
chrony-1_23-2_20081106gitbe42b4_fc10:HEAD:chrony-1.23-2.20081106gitbe42b4.fc10.src.rpm:1227530259
|
Loading…
Reference in New Issue
Block a user