955c12fbc7
Resolves: #2047415
183 lines
6.6 KiB
Diff
183 lines
6.6 KiB
Diff
commit 5bd13c8d593a74ad168057efe94dd2b3aeeffe14
|
|
Author: Miroslav Lichvar <mlichvar@redhat.com>
|
|
Date: Mon Feb 7 13:27:25 2022 +0100
|
|
|
|
examples: support DHCPv6 NTP servers in NM dispatcher script
|
|
|
|
Latest NetworkManager code provides NTP servers from the DHCPv6 NTP
|
|
option (RFC 5908) in the DHCP6_DHCP6_NTP_SERVERS variable to dispatcher
|
|
scripts.
|
|
|
|
Check for invalid characters (which can come from the FQDN suboption)
|
|
and include the servers in the interface-specific sources file.
|
|
|
|
diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher.dhcp
|
|
index 6ea4c370..4454f037 100644
|
|
--- a/examples/chrony.nm-dispatcher.dhcp
|
|
+++ b/examples/chrony.nm-dispatcher.dhcp
|
|
@@ -1,8 +1,7 @@
|
|
#!/bin/sh
|
|
# This is a NetworkManager dispatcher script for chronyd to update
|
|
-# its NTP sources passed from DHCP options. Note that this script is
|
|
-# specific to NetworkManager-dispatcher due to use of the
|
|
-# DHCP4_NTP_SERVERS environment variable.
|
|
+# its NTP sources with servers from DHCP options passed by NetworkManager
|
|
+# in the DHCP4_NTP_SERVERS and DHCP6_DHCP6_NTP_SERVERS environment variables.
|
|
|
|
export LC_ALL=C
|
|
|
|
@@ -10,17 +9,19 @@ interface=$1
|
|
action=$2
|
|
|
|
chronyc=/usr/bin/chronyc
|
|
-default_server_options=iburst
|
|
+server_options=iburst
|
|
server_dir=/var/run/chrony-dhcp
|
|
|
|
dhcp_server_file=$server_dir/$interface.sources
|
|
-# DHCP4_NTP_SERVERS is passed from DHCP options by NetworkManager.
|
|
-nm_dhcp_servers=$DHCP4_NTP_SERVERS
|
|
+dhcp_ntp_servers="$DHCP4_NTP_SERVERS $DHCP6_DHCP6_NTP_SERVERS"
|
|
|
|
add_servers_from_dhcp() {
|
|
rm -f "$dhcp_server_file"
|
|
- for server in $nm_dhcp_servers; do
|
|
- echo "server $server $default_server_options" >> "$dhcp_server_file"
|
|
+ for server in $dhcp_ntp_servers; do
|
|
+ # Check for invalid characters (from the DHCPv6 NTP FQDN suboption)
|
|
+ printf '%s\n' "$server" | grep -E -q '^[-A-Za-z0-9:.]{1,255}$' || continue
|
|
+
|
|
+ printf 'server %s %s\n' "$server" "$server_options" >> "$dhcp_server_file"
|
|
done
|
|
$chronyc reload sources > /dev/null 2>&1 || :
|
|
}
|
|
@@ -34,10 +35,11 @@ clear_servers_from_dhcp() {
|
|
|
|
mkdir -p $server_dir
|
|
|
|
-if [ "$action" = "up" ] || [ "$action" = "dhcp4-change" ]; then
|
|
- add_servers_from_dhcp
|
|
-elif [ "$action" = "down" ]; then
|
|
- clear_servers_from_dhcp
|
|
-fi
|
|
+case "$action" in
|
|
+ up|dhcp4-change|dhcp6-change)
|
|
+ add_servers_from_dhcp;;
|
|
+ down)
|
|
+ clear_servers_from_dhcp;;
|
|
+esac
|
|
|
|
exit 0
|
|
|
|
commit e55f174bd3a7ae82fb24afd43443d0b55d5536cf
|
|
Author: Miroslav Lichvar <mlichvar@redhat.com>
|
|
Date: Mon Feb 7 13:27:48 2022 +0100
|
|
|
|
examples: handle more actions in NM dispatcher script
|
|
|
|
Run the chronyc onoffline command also when the connectivity-change
|
|
and dhcp6-change actions are reported by the NetworkManager dispatcher.
|
|
|
|
The latter should not be necessary, but there currently doesn't seem to
|
|
be any action for IPv6 becoming routable after duplicate address
|
|
detection, so at least in networks using DHCPv6, IPv6 NTP servers should
|
|
not be stuck in the offline state from a previously reported action.
|
|
|
|
diff --git a/examples/chrony.nm-dispatcher.onoffline b/examples/chrony.nm-dispatcher.onoffline
|
|
index 34cfa0db..01e6fdb1 100644
|
|
--- a/examples/chrony.nm-dispatcher.onoffline
|
|
+++ b/examples/chrony.nm-dispatcher.onoffline
|
|
@@ -7,8 +7,18 @@ export LC_ALL=C
|
|
|
|
chronyc=/usr/bin/chronyc
|
|
|
|
-# For NetworkManager consider only up/down events
|
|
-[ $# -ge 2 ] && [ "$2" != "up" ] && [ "$2" != "down" ] && exit 0
|
|
+# For NetworkManager consider only selected events
|
|
+if [ $# -ge 2 ]; then
|
|
+ case "$2" in
|
|
+ up|down|connectivity-change)
|
|
+ ;;
|
|
+ dhcp6-change)
|
|
+ # No other action is reported for routable IPv6
|
|
+ ;;
|
|
+ *)
|
|
+ exit 0;;
|
|
+ esac
|
|
+fi
|
|
|
|
# Note: for networkd-dispatcher routable.d ~= on and off.d ~= off
|
|
|
|
commit fca8966adaaf8376536af86ba2afe02501463588
|
|
Author: Miroslav Lichvar <mlichvar@redhat.com>
|
|
Date: Wed Mar 23 15:17:03 2022 +0100
|
|
|
|
examples: replace grep command in NM dispatcher script
|
|
|
|
Some grep implementations detect binary data and return success without
|
|
matching whole line. This might be an issue for the DHCPv6 NTP FQDN
|
|
check. The GNU grep in the C locale seems to check only for the NUL
|
|
character, which cannot be passed in an environment variable, but other
|
|
implementations might behave differently and there doesn't seem to be a
|
|
portable way to force matching the whole line.
|
|
|
|
Instead of the grep command, check for invalid characters by comparing
|
|
the length of the input passed through "tr -d -c".
|
|
|
|
diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher.dhcp
|
|
index 4454f037..547ce83f 100644
|
|
--- a/examples/chrony.nm-dispatcher.dhcp
|
|
+++ b/examples/chrony.nm-dispatcher.dhcp
|
|
@@ -19,7 +19,11 @@ add_servers_from_dhcp() {
|
|
rm -f "$dhcp_server_file"
|
|
for server in $dhcp_ntp_servers; do
|
|
# Check for invalid characters (from the DHCPv6 NTP FQDN suboption)
|
|
- printf '%s\n' "$server" | grep -E -q '^[-A-Za-z0-9:.]{1,255}$' || continue
|
|
+ len1=$(printf '%s' "$server" | wc -c)
|
|
+ len2=$(printf '%s' "$server" | tr -d -c 'A-Za-z0-9:.-' | wc -c)
|
|
+ if [ "$len1" -ne "$len2" ] || [ "$len2" -lt 1 ] || [ "$len2" -gt 255 ]; then
|
|
+ continue
|
|
+ fi
|
|
|
|
printf 'server %s %s\n' "$server" "$server_options" >> "$dhcp_server_file"
|
|
done
|
|
From: Robert Fairley <rfairley@redhat.com>
|
|
Date: Wed, 17 Jun 2020 10:14:19 -0400
|
|
Subject: [PATCH] examples/nm-dispatcher.dhcp: use sysconfig
|
|
|
|
Use the PEERNTP and NTPSERVERARGS environment variables from
|
|
/etc/sysconfig/network{-scripts}.
|
|
|
|
Co-Authored-By: Christian Glombek <cglombek@redhat.com>
|
|
|
|
diff --git a/examples/chrony.nm-dispatcher.dhcp b/examples/chrony.nm-dispatcher.dhcp
|
|
index 6ea4c37..a6ad35a 100644
|
|
--- a/examples/chrony.nm-dispatcher.dhcp
|
|
+++ b/examples/chrony.nm-dispatcher.dhcp
|
|
@@ -8,15 +8,23 @@ export LC_ALL=C
|
|
interface=$1
|
|
action=$2
|
|
|
|
+[ -f /etc/sysconfig/network ] && . /etc/sysconfig/network
|
|
+[ -f /etc/sysconfig/network-scripts/ifcfg-"${interface}" ] && \
|
|
+ . /etc/sysconfig/network-scripts/ifcfg-"${interface}"
|
|
+
|
|
chronyc=/usr/bin/chronyc
|
|
-server_options=iburst
|
|
-server_dir=/var/run/chrony-dhcp
|
|
+server_options=${NTPSERVERARGS:-iburst}
|
|
+server_dir=/run/chrony-dhcp
|
|
|
|
dhcp_server_file=$server_dir/$interface.sources
|
|
dhcp_ntp_servers="$DHCP4_NTP_SERVERS $DHCP6_DHCP6_NTP_SERVERS"
|
|
|
|
add_servers_from_dhcp() {
|
|
rm -f "$dhcp_server_file"
|
|
+
|
|
+ # Don't add NTP servers if PEERNTP=no specified; return early.
|
|
+ [ "$PEERNTP" = "no" ] && return
|
|
+
|
|
for server in $dhcp_ntp_servers; do
|
|
# Check for invalid characters (from the DHCPv6 NTP FQDN suboption)
|
|
len1=$(printf '%s' "$server" | wc -c)
|