From mboxrd@z Thu Jan 1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] addon chrony
Date: Wed, 22 Mar 2023 10:03:15 +0000
Message-ID: <54D1D26E-1BFA-45E0-A8E3-CFEDAE756319@ipfire.org>
In-Reply-To: <20230320201837.1887027-1-gerd@hoerst.net>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============8107860077274542337=="
List-Id: <development.lists.ipfire.org>
--===============8107860077274542337==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Hello Gerd,
Once again, what is the benefit of having a second time sync daemon as an add=
on?
The one that we use works and it will set the time correctly. So this won=E2=
=80=99t have any benefit at all. Especially as there is no way to disable the=
existing ntp-based scripts.
-Michael
> On 20 Mar 2023, at 20:18, Gerd Hoerst <gerd(a)hoerst.net> wrote:
>=20
> Signed-off-by: Gerd Hoerst <gerd(a)hoerst.net>
> ---
> config/chrony/etc/chrony/chrony.conf | 32 +++++++++
> config/chrony/etc/chrony/chrony.keys | 10 +++
> config/chrony/etc/rc.d/init.d/chrony | 56 +++++++++++++++
> config/rootfiles/packages/chrony | 12 ++++
> lfs/chrony | 102 +++++++++++++++++++++++++++
> make.sh | 1 +
> src/paks/chrony/install.sh | 33 +++++++++
> src/paks/chrony/uninstall.sh | 31 ++++++++
> src/paks/chrony/update.sh | 26 +++++++
> 9 files changed, 303 insertions(+)
> create mode 100644 config/chrony/etc/chrony/chrony.conf
> create mode 100644 config/chrony/etc/chrony/chrony.keys
> create mode 100755 config/chrony/etc/rc.d/init.d/chrony
> create mode 100644 config/rootfiles/packages/chrony
> create mode 100644 lfs/chrony
> create mode 100644 src/paks/chrony/install.sh
> create mode 100644 src/paks/chrony/uninstall.sh
> create mode 100644 src/paks/chrony/update.sh
>=20
> diff --git a/config/chrony/etc/chrony/chrony.conf b/config/chrony/etc/chron=
y/chrony.conf
> new file mode 100644
> index 000000000..6c65f5c22
> --- /dev/null
> +++ b/config/chrony/etc/chrony/chrony.conf
> @@ -0,0 +1,32 @@
> +# Welcome to the chrony configuration file. See chrony.conf(5) for more
> +# information about usuable directives.
> +
> +pool 0.ipfire.pool.ntp.org
> +
> +# refclock SOCK /var/run/chrony.ttyAMA0.sock delay 0.0 refid SOCK
> +# refclock PPS /dev/pps0 refid PPS
> +
> +# This directive specify the location of the file containing ID/key pairs =
for
> +# NTP authentication.
> +keyfile /etc/chrony/chrony.keys
> +
> +# This directive specify the file into which chronyd will store the rate
> +# information.
> +driftfile /var/lib/chrony/chrony.drift
> +
> +# Uncomment the following line to turn logging on.
> +#log tracking measurements statistics
> +
> +# Log files location.
> +logdir /var/log/chrony
> +
> +# Stop bad estimates upsetting machine clock.
> +maxupdateskew 100.0
> +
> +# This directive enables kernel synchronisation (every 11 minutes) of the
> +# real-time clock. Note that it can=E2=80=99t be used along with the 'rtcf=
ile' directive.
> +rtcsync
> +
> +# Step the system clock instead of slewing it if the adjustment is larger =
than
> +# one second, but only in the first three clock updates.
> +makestep 1 3
> diff --git a/config/chrony/etc/chrony/chrony.keys b/config/chrony/etc/chron=
y/chrony.keys
> new file mode 100644
> index 000000000..cee70b392
> --- /dev/null
> +++ b/config/chrony/etc/chrony/chrony.keys
> @@ -0,0 +1,10 @@
> +# This file is solely used for NTP authentication with symmetric keys
> +# as defined by RFC 1305 and RFC 5905.
> +#
> +# It can contain ID/key pairs which can be generated using the =E2=80=9Cke=
ygen=E2=80=9D option
> +# from =E2=80=9Cchronyc=E2=80=9D; for example:
> +# chronyc keygen 1 SHA256 256 >> /etc/chrony/chrony.keys
> +# would generate a 256-bit SHA-256 key using ID 1.
> +#
> +# A list of supported hash functions and output encoding can be found in
> +# the "keyfile" section from the "/usr/share/doc/chrony/chrony.txt.gz" fil=
e.
> diff --git a/config/chrony/etc/rc.d/init.d/chrony b/config/chrony/etc/rc.d/=
init.d/chrony
> new file mode 100755
> index 000000000..0a2a0ee8e
> --- /dev/null
> +++ b/config/chrony/etc/rc.d/init.d/chrony
> @@ -0,0 +1,56 @@
> +#!/bin/sh
> +########################################################################
> +# Begin $rc_base/init.d/
> +#
> +# Description : chrony initscript 4 ipfire 2.1x
> +#
> +# Authors : goerdi
> +#
> +# Version : 01.00
> +#
> +# Notes : GPLv3
> +#
> +########################################################################
> +
> +. /etc/sysconfig/rc
> +. $rc_functions
> +
> +SERVER=3D"Chrony Time Server"
> +BINARY=3Dchronyd
> +DAEMON=3D/usr/sbin/$BINARY
> +CONFIG=3D/etc/chrony/chrony.conf
> +PIDFILE=3D/run/chronyd.pid
> +START=3D"$DAEMON -f $CONFIG"
> +
> +#test -f $DAEMON || exit 0
> +[ -x $DAEMON ] || exit 0
> +[ -f $CONFIG ] || exit 0
> +
> +
> +
> +
> +case "$1" in
> + start)
> + boot_mesg "Starting $SERVER"
> + loadproc $START
> + ;;
> + stop)
> + boot_mesg "Stopping $SERVER"
> + killproc -p $PIDFILE $DAEMON
> + ;;
> + restart)
> + boot_mesg "Restarting $CAMSERVER"=20
> + killproc -p $PIDFILE $DAEMON
> + sleep 3
> + loadproc $START
> + ;;
> + status)
> + statusproc $DAEMON
> + ;;
> + *)
> + echo "Usage: /etc/init.d/chrony {start|stop|restart|status}"
> + exit 1
> + ;;
> +esac
> +
> +exit 0
> diff --git a/config/rootfiles/packages/chrony b/config/rootfiles/packages/c=
hrony
> new file mode 100644
> index 000000000..8386502d4
> --- /dev/null
> +++ b/config/rootfiles/packages/chrony
> @@ -0,0 +1,12 @@
> +#etc/chrony
> +etc/chrony/chrony.keys
> +etc/chrony/chrony.conf
> +etc/rc.d/init.d/chrony
> +usr/bin/chronyc
> +#usr/lib/chrony
> +usr/lib/chrony/chrony-helper
> +usr/sbin/chronyd
> +#usr/share/man/man1/chronyc.1
> +#usr/share/man/man5/chrony.conf.5
> +#usr/share/man/man8/chronyd.8
> +#var/lib/chrony
> diff --git a/lfs/chrony b/lfs/chrony
> new file mode 100644
> index 000000000..8e471ef77
> --- /dev/null
> +++ b/lfs/chrony
> @@ -0,0 +1,102 @@
> +##########################################################################=
#####
> +# =
#
> +# IPFire.org - A linux based firewall =
#
> +# Copyright (C) 2007-2020 IPFire Team <info(a)ipfire.org> =
#
> +# =
#
> +# This program is free software: you can redistribute it and/or modify =
#
> +# it under the terms of the GNU General Public License as published by =
#
> +# the Free Software Foundation, either version 3 of the License, or =
#
> +# (at your option) any later version. =
#
> +# =
#
> +# This program is distributed in the hope that it will be useful, =
#
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of =
#
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the =
#
> +# GNU General Public License for more details. =
#
> +# =
#
> +# You should have received a copy of the GNU General Public License =
#
> +# along with this program. If not, see <http://www.gnu.org/licenses/>. =
#
> +# =
#
> +##########################################################################=
#####
> +
> +##########################################################################=
#####
> +# Definitions
> +##########################################################################=
#####
> +
> +include Config
> +
> +VER =3D 4.3
> +
> +THISAPP =3D chrony-$(VER)
> +DL_FILE =3D $(THISAPP).tar.gz
> +DL_FROM =3D https://download.tuxfamily.org/chrony
> +DIR_APP =3D $(DIR_SRC)/$(THISAPP)
> +TARGET =3D $(DIR_INFO)/$(THISAPP)
> +PROG =3D chrony
> +PAK_VER =3D 1
> +DEPS =3D ""
> +##########################################################################=
#####
> +# Top-level Rules
> +##########################################################################=
#####
> +
> +objects =3D $(DL_FILE)
> +
> +$(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
> +
> +$(DL_FILE)_BLAKE2 =3D 51ba6d19312fd52cd6d6d8ab9437c886a3779877170674db6dc3=
7d657e849101e2669fd6c8723d24e43c895cd1924c3d8d2ff442baeef9abe8a6c313929edf5f
> +
> +
> +install : $(TARGET)
> +
> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
> +
> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
> +b2 : $(subst %,%_BLAKE2,$(objects))
> +
> +dist:=20
> + @$(PAK)
> +##########################################################################=
#####
> +# Downloading, checking, md5sum
> +##########################################################################=
#####
> +
> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
> + @$(CHECK)
> +
> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
> + @$(LOAD)
> +
> +$(subst %,%_MD5,$(objects)) :
> + @$(MD5)
> +
> +##########################################################################=
#####
> +# Installation Details
> +##########################################################################=
#####
> +
> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> + @$(PREBUILD)
> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
> + cd $(DIR_APP) && \
> + ./configure \
> + --prefix=3D/usr \
> + --mandir=3D/usr/share/man \
> + --sysconfdir=3D/etc/chrony \
> + --without-readline \
> + --enable-scfilter \
> + --chronyrundir=3D/run/chrony \
> + --with-ntp-era=3D$(shell date -d '1970-01-01 00:00:00+00:00' +'%s') \
> + --enable-ntp-signd \
> + --with-hwclockfile=3D/etc/adjtime \
> + --with-pidfile=3D/run/chronyd.pid \
> + --host-system=3DLinux
> +
> +
> + cd $(DIR_APP) && make $(MAKETUNING)
> + cd $(DIR_APP) && make install
> +
> + mkdir -p /etc/chrony
> + cp -avf $(DIR_CONF)/chrony/etc/chrony/* /etc/chrony
> + cp -vrf $(DIR_CONF)/chrony/etc/rc.d/init.d/chrony /etc/rc.d/init.d
> + mkdir -p /usr/lib/chrony
> + cp -avf $(DIR_CONF)/chrony/usr/lib/chrony/* /usr/lib/chrony
> +
> + @rm -rf $(DIR_APP)
> + @$(POSTBUILD)
> diff --git a/make.sh b/make.sh
> index 3b7f9850c..ab995c20e 100755
> --- a/make.sh
> +++ b/make.sh
> @@ -1397,6 +1397,7 @@ buildipfire() {
> lfsmake2 python3-docutils
> lfsmake2 python3-daemon
> lfsmake2 ntp
> + lfsmake2 chrony
> lfsmake2 openssh
> lfsmake2 fontconfig
> lfsmake2 dejavu-fonts-ttf
> diff --git a/src/paks/chrony/install.sh b/src/paks/chrony/install.sh
> new file mode 100644
> index 000000000..b0b053bd6
> --- /dev/null
> +++ b/src/paks/chrony/install.sh
> @@ -0,0 +1,33 @@
> +#!/bin/bash
> +##########################################################################=
##
> +# =
#
> +# This file is part of the IPFire Firewall. =
#
> +# =
#
> +# IPFire is free software; you can redistribute it and/or modify =
#
> +# it under the terms of the GNU General Public License as published by =
#
> +# the Free Software Foundation; either version 2 of the License, or =
#
> +# (at your option) any later version. =
#
> +# =
#
> +# IPFire is distributed in the hope that it will be useful, =
#
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of =
#
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the =
#
> +# GNU General Public License for more details. =
#
> +# =
#
> +# You should have received a copy of the GNU General Public License =
#
> +# along with IPFire; if not, write to the Free Software =
#
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA=
#
> +# =
#
> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. =
#
> +# =
#
> +##########################################################################=
##
> +#
> +. /opt/pakfire/lib/functions.sh=20
> +
> +extract_files=20
> +restore_backup ${NAME}
> +chmod ugo+x /etc/rc.d/init.d/chrony
> +ln -svf ../init.d/chrony /etc/rc.d/rc0.d/K46chrony
> +ln -svf ../init.d/chrony /etc/rc.d/rc3.d/S26chrony
> +ln -svf ../init.d/chrony /etc/rc.d/rc6.d/K46chrony
> +
> +start_service --background ${NAME}
> diff --git a/src/paks/chrony/uninstall.sh b/src/paks/chrony/uninstall.sh
> new file mode 100644
> index 000000000..9472553d3
> --- /dev/null
> +++ b/src/paks/chrony/uninstall.sh
> @@ -0,0 +1,31 @@
> +#!/bin/bash
> +##########################################################################=
##
> +# =
#
> +# This file is part of the IPFire Firewall. =
#
> +# =
#
> +# IPFire is free software; you can redistribute it and/or modify =
#
> +# it under the terms of the GNU General Public License as published by =
#
> +# the Free Software Foundation; either version 2 of the License, or =
#
> +# (at your option) any later version. =
#
> +# =
#
> +# IPFire is distributed in the hope that it will be useful, =
#
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of =
#
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the =
#
> +# GNU General Public License for more details. =
#
> +# =
#
> +# You should have received a copy of the GNU General Public License =
#
> +# along with IPFire; if not, write to the Free Software =
#
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA=
#
> +# =
#
> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. =
#
> +# =
#
> +##########################################################################=
##
> +#
> +. /opt/pakfire/lib/functions.sh
> +stop_service ${NAME}
> +# wait2 terminate
> +sleep 3
> +make_backup ${NAME}
> +remove_files
> +rm -rf /etc/rc.d/rc*.d/*chrony
> +rm /etc/rc.d/rc3.d/off/*chrony
> diff --git a/src/paks/chrony/update.sh b/src/paks/chrony/update.sh
> new file mode 100644
> index 000000000..89c40d0d7
> --- /dev/null
> +++ b/src/paks/chrony/update.sh
> @@ -0,0 +1,26 @@
> +#!/bin/bash
> +##########################################################################=
##
> +# =
#
> +# This file is part of the IPFire Firewall. =
#
> +# =
#
> +# IPFire is free software; you can redistribute it and/or modify =
#
> +# it under the terms of the GNU General Public License as published by =
#
> +# the Free Software Foundation; either version 2 of the License, or =
#
> +# (at your option) any later version. =
#
> +# =
#
> +# IPFire is distributed in the hope that it will be useful, =
#
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of =
#
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the =
#
> +# GNU General Public License for more details. =
#
> +# =
#
> +# You should have received a copy of the GNU General Public License =
#
> +# along with IPFire; if not, write to the Free Software =
#
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA=
#
> +# =
#
> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. =
#
> +# =
#
> +##########################################################################=
##
> +#
> +. /opt/pakfire/lib/functions.sh
> +./uninstall.sh
> +./install.sh
> --=20
> 2.25.1
>=20
--===============8107860077274542337==--