chrony/chrony.helper

114 lines
3.0 KiB
Bash

#!/bin/bash
config=/etc/chrony.conf
keyfile=/etc/chrony.keys
chronyc=/usr/bin/chronyc
dhclient_servers=/var/lib/dhclient/chrony.servers.*
dhclient_added_servers=/var/lib/dhclient/chrony.added_servers
service_name=chronyd.service
get_key() {
awk '/^[ \t]*'$1'\>/ { if ($3 == "") print "MD5", $2;
else print $2, $3; exit }' < $keyfile
}
get_commandkeyid() {
awk '/^[ \t]*commandkey\>/ { keyid=$2 } END { print keyid }' < $config
}
chrony_command() {
commandkeyid=$(get_commandkeyid)
[ -z "$commandkeyid" ] && return 1
commandkey=$(get_key $commandkeyid)
[ -z "$commandkey" ] && return 2
authhash=${commandkey% *}
password=${commandkey#* }
$chronyc <<EOF
authhash $authhash
password $password
$1
EOF
}
generate_commandkey() {
commandkeyid=$(get_commandkeyid)
[ -z "$commandkeyid" ] && return 1
commandkey=$(get_key $commandkeyid)
[ -z "$commandkey" ] || return 0
password=$(tr -c -d '0-9A-F' < /dev/urandom 2> /dev/null | head -c 40)
[ ${#password} -eq 40 ] &&
echo "$commandkeyid SHA1 HEX:$password" >> $keyfile
}
update_dhclient_added_servers() {
new_servers=$(echo "$1" | sort -u)
old_servers=$(cat $dhclient_added_servers 2> /dev/null)
[ "$old_servers" = "$new_servers" ] && return 0
[ -n "$new_servers" ] && echo "$new_servers" > $dhclient_added_servers ||
rm -f $dhclient_added_servers
}
add_dhclient_servers() {
shopt -s nullglob
servers_files=($dhclient_servers)
shopt -u nullglob
(( ${#servers_files[*]} )) || return 0
added_servers=$(
cat $dhclient_added_servers 2> /dev/null
cat ${servers_files[*]} |
while read server serverargs; do
chrony_command "add server $server $serverargs" &> /dev/null &&
echo "$server"
done)
update_dhclient_added_servers "$added_servers"
}
remove_dhclient_servers() {
[ -f $dhclient_added_servers ] || return 0
all_servers=$(
cat $dhclient_servers 2> /dev/null |
while read server serverargs; do
echo "$server"
done | sort -u)
echo "$all_servers" | comm -23 $dhclient_added_servers - |
while read server; do
chrony_command "delete $server" &> /dev/null
done
added_servers=$(echo "$all_servers" | comm -12 $dhclient_added_servers -)
update_dhclient_added_servers "$added_servers"
}
is_running() {
systemctl is-active -q $service_name
}
case "$1" in
generate-commandkey)
generate_commandkey
;;
add-dhclient-servers)
add_dhclient_servers
;;
remove-dhclient-servers)
remove_dhclient_servers
;;
is-running)
is_running
;;
command)
is_running && chrony_command "$2"
;;
forced-command)
chrony_command "$2"
;;
*)
echo $"Usage: $0 {generate-commandkey|add-dhclient-servers|remove-dhclient-servers|is-running|command|forced-command}"
exit 2
esac
exit $?