.gear/chrony.sh | 26 +++ .gear/chrony.spec | 250 +++++++++++++++++++++ .gear/chronyd.init | 86 +++++++ .gear/rules | 7 + .../tags/a2e0c463161c6fe44b684ab65bd9c98992c6480d | 22 ++ .../tags/f04fffd5830313056150673e816110ee10ee5af3 | 22 ++ .gear/tags/list | 2 + .gear/upstream/remotes | 3 + doc/Makefile.in | 4 +- 9 files changed, 420 insertions(+), 2 deletions(-) diff --git a/.gear/chrony.sh b/.gear/chrony.sh new file mode 100755 index 0000000..8995c83 --- /dev/null +++ b/.gear/chrony.sh @@ -0,0 +1,26 @@ +#!/bin/sh + +. /etc/control.d/functions + +CONFIG=/etc/chrony.conf +EXE=/etc/init.d/chrony + +new_subst server \ + '^[[:space:]]*allow[[:space:]]' \ + 's,^#\([[:space:]]*allow[[:space:]].*\),allow all,' +new_subst client \ + '^[[:space:]]*#allow[[:space:]]' \ + 's,^\([[:space:]]*allow[[:space:]]\),#\1,' + +new_help client "Disable access to the chrony server by commenting \"allow \" directive, see man 5 chrony.conf" +new_help server "Enable access to the chrony server by uncommenting or adding \"allow all\" directive, see man 5 chrony.conf" + +new_summary "Network Time Protocol daemon Chrony" + +is_builtin_mode "$*" || + [ "$*" != "`control_subst "$CONFIG" status`" ] || exit 0 + +control_subst "$CONFIG" "$*" || exit 1 + +is_builtin_mode "$*" || + [ ! -x "$EXE" ] || "$EXE" condrestart || exit 0 diff --git a/.gear/chrony.spec b/.gear/chrony.spec new file mode 100644 index 0000000..7105bf4 --- /dev/null +++ b/.gear/chrony.spec @@ -0,0 +1,250 @@ +%define vendorzone ru. + +Name: chrony +Version: 4.4 +Release: alt1 + +Summary: Chrony clock synchronization program +License: GPLv2 +Group: System/Configuration/Other + +Url: http://chrony.tuxfamily.org +Source0: http://download.tuxfamily.org/chrony/%name-%version.tar +Source1: clknetsim-chrony-%version.tar +Patch0: %name-%version-alt.patch +Source2: chronyd.init +Source3: chrony.sh + +BuildRequires: libcap-devel libncurses-devel libedit-devel +BuildRequires: libnss-devel asciidoctor lynx libseccomp-devel +BuildRequires: libgnutls-devel +BuildRequires: libnettle-devel +BuildRequires: makeinfo control +BuildRequires: pps-tools-devel +# for tests +BuildRequires: /proc gcc-c++ /dev/kvm rpm-build-vm + +Provides: ntp-server + +Conflicts: ntpd openntpd + +%define _localstatedir %_var + +%description +A pair of programs for keeping computer clocks accurate. chronyd is a daemon +program and chronyc is a command-line interface to it. Time reference sources +for chronyd can be RFC1305 NTP servers, human (via keyboard and chronyc), and +the computer's real-time clock at boot time. chronyd can determine the rate at +which the computer gains or loses time and compensate for it whilst no external +reference is present. chronyd's use of NTP servers can be switched on and off +(through chronyc) to support computers with dial-up/intermittent access to the +Internet. chronyd can also act as an RFC1305-compatible NTP server. + +%prep +%setup -a 1 +%patch0 -p1 +mv clknetsim-chrony-* test/simulation/clknetsim +# prepare git sources (make_release) +# version in version.txt file +echo %version > version.txt + +# regenerate the file from getdate.y +rm -f getdate.c + +# use our vendor zone +sed -e 's|\([0-3]\.\)\(pool.ntp.org\)|\1%{vendorzone}\2|' \ + < examples/chrony.conf.example2 > chrony.conf + +echo '# Keys used by chronyd for command and NTP authentication' > chrony.keys + +echo '# Pass extra arguments to chronyd' > chronyd.sysconfig +echo '#CHRONYD_ARGS=' >> chronyd.sysconfig + +sed -i -e 's/OPTIONS/CHRONYD_ARGS/' examples/chronyd.service + +%build +%configure \ + --with-user=_chrony \ + --with-hwclockfile=%_sysconfdir/adjtime \ + --chronyrundir=/run/chrony \ + --with-pidfile=/run/chrony/chronyd.pid \ + --enable-ntp-signd \ + --enable-scfilter \ + --with-ntp-era=$(date -d '1970-01-01 00:00:00+00:00' +'%%s') \ + --with-sendmail=%_sbindir/sendmail + +%make_build all docs +make -C doc txt + +%check +export CLKNETSIM_RANDOM_SEED=34653 +%make_build -C test/simulation/clknetsim +%make check + +# chronyc dump + scfilter always falls when working in virtual environment under fakeroot, but in +# real system it works fine. need to investigate +rm -f test/system/099-scfilter + +# system tests must be run in kvm with fakeroot for permissions override +pushd test/system +vm-run fakeroot ./run +popd + +%install +%makeinstall_std +install -pD -m755 %SOURCE2 %buildroot%_initrddir/chronyd +install -pD -m644 chrony.conf %buildroot%_sysconfdir/chrony.conf +install -pD -m644 chrony.keys %buildroot%_sysconfdir/chrony.keys +install -pD -m755 examples/chrony.nm-dispatcher.dhcp %buildroot%_sysconfdir/NetworkManager/dispatcher.d/20-chrony-dhcp +install -pD -m755 examples/chrony.nm-dispatcher.onoffline %buildroot%_sysconfdir/NetworkManager/dispatcher.d/21-chrony-onoffline +install -pD -m644 examples/chrony.logrotate %buildroot%_sysconfdir/logrotate.d/chrony +install -pD -m644 chronyd.sysconfig %buildroot%_sysconfdir/sysconfig/chronyd +install -pD -m644 examples/chronyd.service %buildroot%_unitdir/chronyd.service +install -pD -m644 examples/chrony-wait.service %buildroot%_unitdir/chrony-wait.service +install -pD -m755 %SOURCE3 %buildroot%_sysconfdir/control.d/facilities/chrony + +install -d %buildroot/lib/systemd/ntp-units.d + +echo 'chronyd.service' > \ + %buildroot/lib/systemd/ntp-units.d/50-chronyd.list + +rm -rf %buildroot/usr/doc +install -d %buildroot%_localstatedir/{lib,log}/%name +touch %buildroot%_localstatedir/lib/%name/{drift,rtc} + +mkdir -p %buildroot%_tmpfilesdir +echo 'd /run/chrony 0750 _chrony _chrony' >> %buildroot%_tmpfilesdir/chronyd.conf + +%pre +%_sbindir/groupadd -r -f _chrony 2> /dev/null ||: +%_sbindir/useradd -r -g _chrony -d %_localstatedir/lib/%name -s /dev/null -c "Chrony User" _chrony 2> /dev/null ||: + +%post +# Move old configs to /etc +[ -e %_sysconfdir/%name/chrony.conf ] && mv %_sysconfdir/%name/chrony.conf %_sysconfdir/chrony.conf >/dev/null 2>&1 || : +[ -e %_sysconfdir/%name/chrony.keys ] && mv %_sysconfdir/%name/chrony.keys %_sysconfdir/chrony.keys >/dev/null 2>&1 || : + +%post_service chronyd + +%preun +%preun_service chronyd + +%files +%doc COPYING NEWS README doc/*.txt +%_initrddir/chronyd +%_unitdir/*.service +/lib/systemd/ntp-units.d/50-chronyd.list +%config(noreplace) %_sysconfdir/sysconfig/chronyd +%config(noreplace) %_sysconfdir/chrony.conf +%config(noreplace) %verify(not md5 size mtime) %attr(640,root,_chrony) %_sysconfdir/chrony.keys +%config(noreplace) %_sysconfdir/logrotate.d/chrony +%config(noreplace) %_sysconfdir/control.d/facilities/chrony +%_tmpfilesdir/chronyd.conf +%_sysconfdir/NetworkManager/dispatcher.d/20-chrony-dhcp +%_sysconfdir/NetworkManager/dispatcher.d/21-chrony-onoffline +%_bindir/* +%_sbindir/* +%dir %attr(-,_chrony,_chrony) %_localstatedir/lib/%name +%ghost %attr(-,_chrony,_chrony) %_localstatedir/lib/%name/drift +%ghost %attr(-,_chrony,_chrony) %_localstatedir/lib/%name/rtc +%dir %attr(1775,root,_chrony) %_localstatedir/log/%name +%_man1dir/* +%_man5dir/* +%_man8dir/* + +%changelog +* Tue Sep 05 2023 Anton Farygin 4.4-alt1 +- 4.3 -> 4.4 + +* Thu Sep 01 2022 Anton Farygin 4.3-alt1 +- 4.2 -> 4.3 + +* Sat May 21 2022 Anton Farygin 4.2-alt2 +- use %%_tmpfilesdir + +* Thu Dec 23 2021 Anton Farygin 4.2-alt1 +- 4.1 -> 4.2 +- enable system tests via run-vm +- added tmpfiles config + +* Mon May 17 2021 Anton Farygin 4.1-alt1 +- 4.1 + +* Wed Mar 10 2021 Anton Farygin 4.0-alt2 +- build with PPS support (closes: #39773) + +* Wed Oct 28 2020 Anton Farygin 4.0-alt1 +- 4.0 +- built with gnutls and nettle to enable NTS support +- built with libedit instead of libreadline + +* Wed Aug 26 2020 Anton Farygin 3.5.1-alt1 +- 3.5.1 (fixes: CVE-2020-14367) + +* Wed Apr 01 2020 Anton Farygin 3.5-alt3 +- set ntp era (fixed FTBFS, thanks to glebfm for the investigation) + +* Wed Oct 16 2019 Anton Farygin 3.5-alt2 +- fixed help in chrony control script (closes: #37340) + +* Tue May 21 2019 Anton Farygin 3.5-alt1 +- 3.5 + +* Mon Oct 01 2018 Anton Farygin 3.4-alt1 +- 3.4 +- enabled tests + +* Wed Aug 15 2018 Anton Farygin 3.3-alt2 +- enabled seccomp filter and signd features + +* Tue Apr 10 2018 Anton Farygin 3.3-alt1 +- 3.3 + +* Mon Oct 02 2017 Anton Farygin 3.2-alt1 +- new version + +* Tue Aug 01 2017 Anton Farygin 3.1-alt1 +- new version + +* Sun Mar 12 2017 Evgeny Sinelnikov 2.2-alt2 +- Build with universal build tag + +* Fri Dec 23 2016 Denis Medvedev 2.2-alt2 +- Provides ntp-server, needed for alterator-datetime. +Added chrony control. + +* Sat Dec 19 2015 Terechkov Evgenii 2.2-alt1.1 +- change ownership/mode of logdir according to SPP (ALT #31640) + +* Thu Dec 10 2015 Alexey Shabalin 2.2-alt1 +- 2.2 + +* Wed Sep 17 2014 Alexey Shabalin 1.31-alt1 +- 1.31 + +* Thu Jul 10 2014 Alexey Shabalin 1.30-alt1 +- 1.30 +- moved configs to /etc + +* Fri Mar 07 2014 Alexey Shabalin 1.29.1-alt1 +- 1.29.1 +- drop root priveleges to user _chrony for chronyd daemon +- add /etc/sysconfig/chronyd +- add systemd support +- update chronyd config +- update chronyd logrotate + +* Mon Jul 18 2011 Victor Forsiuk 1.26-alt1 +- 1.26 + +* Sat Jun 11 2011 Victor Forsiuk 1.25-alt1 +- 1.25 + +* Mon Feb 08 2010 Victor Forsiuk 1.24-alt1 +- 1.24. Contains security fixes for CVE-2010-0292, CVE-2010-0293, CVE-2010-0294. + +* Fri Nov 06 2009 Victor Forsyuk 1.23-alt2 +- Project homepage moved, so fix Url. + +* Mon Feb 25 2008 Victor Forsyuk 1.23-alt1 +- Initial build. diff --git a/.gear/chronyd.init b/.gear/chronyd.init new file mode 100644 index 0000000..559b4f1 --- /dev/null +++ b/.gear/chronyd.init @@ -0,0 +1,86 @@ +#! /bin/bash +# chkconfig: - 58 74 +# description: Chronyd is an implementation of NTP that supports disconnected +### BEGIN INIT INFO +# Provides: chronyd +# Required-Start: $syslog $remote_fs $network $time +# Should-Start: $time +# Required-Stop: $syslog $remote_fs $network $time +# Should-Stop: +# Default-Start: 3 4 5 +# Default-Stop: 0 1 2 6 +# Short-Decription: Chrony daemon providing system clock synchronization +# Description: Chronyd is an implementation of NTP that supports disconnected +# operation +### END INIT INFO + +# Source function library. +WITHOUT_RC_COMPAT=1 +. /etc/init.d/functions + +# Source networking configuration. +SourceIfNotEmpty /etc/sysconfig/network + +SourceIfNotEmpty /etc/sysconfig/chronyd + +LOCKFILE=/var/lock/subsys/chronyd +RETVAL=0 + +start() +{ + is_yes "$NETWORKING" || return 0 + start_daemon --lockfile "$LOCKFILE" -- chronyd $CHRONYD_ARGS + RETVAL=$? + return $RETVAL +} + +stop() +{ + stop_daemon --lockfile "$LOCKFILE" -- chronyd + RETVAL=$? + return $RETVAL +} + +chronyd_status() +{ + status --lockfile "$LOCKFILE" -- chronyd + RETVAL=$? + return $RETVAL +} + +restart() +{ + stop + start +} + +# See how we were called. +case "$1" in + start) + start + ;; + stop) + stop + ;; + reload|restart) + restart + ;; + status) + chronyd_status + ;; + condstop) + if [ -e "$LOCKFILE" ]; then + stop + fi + ;; + condreload|condrestart) + if [ -e "$LOCKFILE" ]; then + restart + fi + ;; + *) + msg_usage "${0##*/} {start|stop|reload|restart|status|condstop|condreload|condrestart}" + RETVAL=1 +esac + +exit $RETVAL diff --git a/.gear/rules b/.gear/rules new file mode 100644 index 0000000..401ee1e --- /dev/null +++ b/.gear/rules @@ -0,0 +1,7 @@ +tar: @version@:. +tar: clknetsim-@version@:. name=clknetsim-chrony-@version@ +diff: @version@:. . name=@name@-@version@-alt.patch +copy?: .gear/*.patch +spec: .gear/chrony.spec +copy: .gear/chronyd.init +copy: .gear/chrony.sh diff --git a/.gear/tags/a2e0c463161c6fe44b684ab65bd9c98992c6480d b/.gear/tags/a2e0c463161c6fe44b684ab65bd9c98992c6480d new file mode 100644 index 0000000..0b4e6d8 --- /dev/null +++ b/.gear/tags/a2e0c463161c6fe44b684ab65bd9c98992c6480d @@ -0,0 +1,22 @@ +object 43320a1d6b3ef0e35ef377e3b0899990f31023ac +type commit +tag 4.4 +tagger Miroslav Lichvar 1691588016 +0200 + +Release 4.4 +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEjzdcfo0O4SWj071RU34rdvdoDawFAmTTlbQACgkQU34rdvdo +DazDRRAApadannicTSLwe24DNZnK0fGXfLu+G8Rv2reAyBt1BYMoAQsC9PMMekyR +lBU5opPde6qfro1nbsFxzO1v5C00de4oiXQNdcYUBDNyGqyo0WENyLdmNEoXBZrU +dSciPivufPnphbexpJOZh60SIzfFkx12UVuqaXzfEGX9ji4fGJl2CvElw9Q8UKbN +x8QYYLQ8bRd/n7Z55pbytD+/VlB6LoQu8Iz48UEHubmuZHJsnxKg8gdXaNE4RiwJ +8J83KGhTMhWh6y2wcNXr+Q0klhs7nCdlfsj7qTgtrMHJ83/z7vxbRAtLYWl6z091 +3zswIFgQ86JK4XZEKXFrSh0qpiBVtE8liOvLedLC8Sq3bGRFC13vhjlK5VnfUHwN +IkqwEJQvxZypeoQ3gI6TBN97VuMbZpOg3Ekn1eYafAx/cetb/GfDcg2bG0YScLmX +xnz/az30/BbG/ZGZcEt23tc4tS3g0GlDSAeKHitXXYseRX6FyHnxWdIM9ezR/cIz +qqKdgLCKRr+ZP/8FJzvWxWZ33TAQJX5ZGQIDSZqrFXw1W/hLh0UvywwC2k0B0mNM +COQX+fWlK2bl9jQ+TpYP6/wKmFAx4lFQ3Z0uyuKJrJ2fMB+3xrRfMSC1xjIuY+v/ +qcjmD/LhUt55nXcW/qAZF2lmLYbqjPV9ySMO3N8Z1PrWlLHFCUw= +=rJ6j +-----END PGP SIGNATURE----- diff --git a/.gear/tags/f04fffd5830313056150673e816110ee10ee5af3 b/.gear/tags/f04fffd5830313056150673e816110ee10ee5af3 new file mode 100644 index 0000000..b82cc99 --- /dev/null +++ b/.gear/tags/f04fffd5830313056150673e816110ee10ee5af3 @@ -0,0 +1,22 @@ +object ba2a7b33b05d6ff82bbbc11a6b7d1e07bb833c9e +type commit +tag clknetsim-4.4 +tagger Anton Farygin 1693892566 +0300 + +clknetsim-4.4 +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEvcguXVtTRQGvCPvxd0K5CgkPKR4FAmT2v9oACgkQd0K5CgkP +KR4wjw//S4SXAoQek2XJJ41KSEIcVGYA9OurAbt0RIGQV7hlkIevN5C77LSyHLtP +AWlJcuZPnUwpsQTQfuawHK/ENIo5T13xvsLbxUqPOKPVLVrfJBdVpdEFMQfoLERr +TpK//3XscaVF1JNng94O2Z+vwkSkTM4vmEywYDvCnNcMhVLEemLtdra+YhaWC5Mo +RHqTL36Iqh9mePTnn4ZOivT9ARxVemvQ+86D/WTeyhjWo3/prAE56Qysf9wPsTE1 ++4dWOoIsCumYqDU8Fms2jTIwMMMRwWOlqHaY4fTiiSKSIUAnpTcXsPYEuOxNb9WQ +4Si3CJyWbkYpLOWo1RoM3n/cSxGR5LF/t1fJWMtpd+/YQP7uZW8oWylQzk9UjwJC +pjgaq5I5TGu+yiYkuJsP4QLIWwJy8J9wV7InIgAXgMeuzJB6c7nhvoRSM3h5jElq +AfwKXIG1uU7DwQ2x1FpPvTPmxC+o9iKd9CqJPIAEwS5szMe1gsSUHdy//Q4kwOok +niSI0hkv5CtGchJ6H7+8etfBJLS07/anB2paPGfOf2gzyDGupgxNgBiCAve+Dvkl +5mD0WmVSMT97kCt8CvAKkKnNlMiq/siXnZLlbE5GTYSVRmehymzaksKpIGgozrlZ +o431Ah9Kl7asJK5DrDK2dooZSVj8JUr3Bv08+yFpRPlDHS6TXjs= +=gs+W +-----END PGP SIGNATURE----- diff --git a/.gear/tags/list b/.gear/tags/list new file mode 100644 index 0000000..2bafa1c --- /dev/null +++ b/.gear/tags/list @@ -0,0 +1,2 @@ +a2e0c463161c6fe44b684ab65bd9c98992c6480d 4.4 +f04fffd5830313056150673e816110ee10ee5af3 clknetsim-4.4 diff --git a/.gear/upstream/remotes b/.gear/upstream/remotes new file mode 100644 index 0000000..f85a837 --- /dev/null +++ b/.gear/upstream/remotes @@ -0,0 +1,3 @@ +[remote "upstream"] + url = git://git.tuxfamily.org/gitroot/chrony/chrony.git + fetch = +refs/heads/*:refs/remotes/upstream/* diff --git a/doc/Makefile.in b/doc/Makefile.in index 1777da5..8b8946f 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -1,7 +1,7 @@ ADOC = asciidoctor ADOC_FLAGS = SED = sed -HTML_TO_TXT = w3m -dump -T text/html +HTML_TO_TXT = lynx --dump MAN_FILES = chrony.conf.man chronyc.man chronyd.man TXT_FILES = faq.txt installation.txt @@ -47,7 +47,7 @@ docs: man html $(SED) -e $(SED_COMMANDS) < $< > $@ %.txt: %.html - $(HTML_TO_TXT) < $< > $@ + $(HTML_TO_TXT) $< > $@ install: $(MAN_FILES) [ -d $(DESTDIR)$(MANDIR)/man1 ] || mkdir -p $(DESTDIR)$(MANDIR)/man1