#!/bin/bash config=/etc/chrony.conf keyfile=/etc/chrony.keys chronyc=/usr/bin/chronyc dhclient_servers=/var/lib/dhclient/chrony.servers.* dhclient_added_servers=/var/lib/dhclient/chrony.added_servers service_name=chronyd.service get_key() { awk '/^[ \t]*'$1'\>/ { if ($3 == "") print "MD5", $2; else print $2, $3; exit }' < $keyfile } get_commandkeyid() { awk '/^[ \t]*commandkey\>/ { keyid=$2 } END { print keyid }' < $config } chrony_command() { commandkeyid=$(get_commandkeyid) [ -z "$commandkeyid" ] && return 1 commandkey=$(get_key $commandkeyid) [ -z "$commandkey" ] && return 2 authhash=${commandkey% *} password=${commandkey#* } $chronyc < /dev/null | head -c 40) [ ${#password} -eq 40 ] && echo "$commandkeyid SHA1 HEX:$password" >> $keyfile } update_dhclient_added_servers() { new_servers=$(echo "$1" | sort -u) old_servers=$(cat $dhclient_added_servers 2> /dev/null) [ "$old_servers" = "$new_servers" ] && return 0 [ -n "$new_servers" ] && echo "$new_servers" > $dhclient_added_servers || rm -f $dhclient_added_servers } add_dhclient_servers() { shopt -s nullglob servers_files=($dhclient_servers) shopt -u nullglob (( ${#servers_files[*]} )) || return 0 added_servers=$( cat $dhclient_added_servers 2> /dev/null cat ${servers_files[*]} | while read server serverargs; do chrony_command "add server $server $serverargs" &> /dev/null && echo "$server" done) update_dhclient_added_servers "$added_servers" } remove_dhclient_servers() { [ -f $dhclient_added_servers ] || return 0 all_servers=$( cat $dhclient_servers 2> /dev/null | while read server serverargs; do echo "$server" done | sort -u) echo "$all_servers" | comm -23 $dhclient_added_servers - | while read server; do chrony_command "delete $server" &> /dev/null done added_servers=$(echo "$all_servers" | comm -12 $dhclient_added_servers -) update_dhclient_added_servers "$added_servers" } is_running() { systemctl is-active -q $service_name } case "$1" in generate-commandkey) generate_commandkey ;; add-dhclient-servers) add_dhclient_servers ;; remove-dhclient-servers) remove_dhclient_servers ;; is-running) is_running ;; command) is_running && chrony_command "$2" ;; forced-command) chrony_command "$2" ;; *) echo $"Usage: $0 {generate-commandkey|add-dhclient-servers|remove-dhclient-servers|is-running|command|forced-command}" exit 2 esac exit $?