|
@@ -1,7 +1,7 @@
|
|
%bcond_with systemd
|
|
%bcond_with systemd
|
|
|
|
|
|
Name: chrony
|
|
Name: chrony
|
|
-Version: 4.1
|
|
|
|
|
|
+Version: 4.5
|
|
Release: 1%{?_dist_release}%{?with_systemd:.systemd}
|
|
Release: 1%{?_dist_release}%{?with_systemd:.systemd}
|
|
Summary: An NTP client/server
|
|
Summary: An NTP client/server
|
|
Group: system
|
|
Group: system
|
|
@@ -12,18 +12,13 @@ Packager: tomop
|
|
License: GPLv2
|
|
License: GPLv2
|
|
URL: https://chrony.tuxfamily.org/
|
|
URL: https://chrony.tuxfamily.org/
|
|
Source0: https://download.tuxfamily.org/chrony/chrony-%{version}%{?prerelease}.tar.gz
|
|
Source0: https://download.tuxfamily.org/chrony/chrony-%{version}%{?prerelease}.tar.gz
|
|
-Source1: chrony.conf
|
|
|
|
Source2: chrony.dhclient
|
|
Source2: chrony.dhclient
|
|
Source3: chronyd.sysconfig
|
|
Source3: chronyd.sysconfig
|
|
Source4: chronyd.init
|
|
Source4: chronyd.init
|
|
-Source5: chrony.logrotate
|
|
|
|
|
|
+Source6: chrony.sysusers
|
|
|
|
|
|
# add distribution-specific bits to DHCP dispatcher
|
|
# add distribution-specific bits to DHCP dispatcher
|
|
Patch1: chrony-nm-dispatcher-dhcp.patch
|
|
Patch1: chrony-nm-dispatcher-dhcp.patch
|
|
-# update seccomp filter for new glibc
|
|
|
|
-Patch2: chrony-seccomp.patch
|
|
|
|
-# harden chronyd and chrony-wait services
|
|
|
|
-Patch3: chrony-services.patch
|
|
|
|
|
|
|
|
BuildRequires: libcap-devel readline-devel ncurses-devel bison
|
|
BuildRequires: libcap-devel readline-devel ncurses-devel bison
|
|
BuildRequires: libseccomp-devel
|
|
BuildRequires: libseccomp-devel
|
|
@@ -58,87 +53,101 @@ clocks, system real-time clock or manual input as time references.
|
|
%prep
|
|
%prep
|
|
%setup -q -n %{name}-%{version}%{?prerelease}
|
|
%setup -q -n %{name}-%{version}%{?prerelease}
|
|
%patch1 -p1 -b .nm-dispatcher-dhcp
|
|
%patch1 -p1 -b .nm-dispatcher-dhcp
|
|
-%patch2 -p1 -b .seccomp
|
|
|
|
-%patch3 -p1 -b .services
|
|
|
|
|
|
|
|
echo '# Keys used by chronyd for command and NTP authentication' > chrony.keys
|
|
echo '# Keys used by chronyd for command and NTP authentication' > chrony.keys
|
|
|
|
|
|
|
|
+# use example chrony.conf as the default config with some modifications:
|
|
|
|
+# - use our vendor zone (2.*pool.ntp.org names include IPv6 addresses)
|
|
|
|
+# - enable leapsectz to get TAI-UTC offset and leap seconds from tzdata
|
|
|
|
+# - use NTP servers from DHCP
|
|
|
|
+sed -e 's|^\(pool \)\(pool.ntp.org\)|\1ntp.nict.jp|' \
|
|
|
|
+ -e 's|#\(leapsectz\)|\1|' \
|
|
|
|
+ -e 's|^pool.*pool.ntp.org.*|&\n\n# Use NTP servers from DHCP.\nsourcedir /run/chrony-dhcp|' \
|
|
|
|
+ < examples/chrony.conf.example2 > chrony.conf
|
|
|
|
+
|
|
|
|
+touch -r examples/chrony.conf.example2 chrony.conf
|
|
|
|
+
|
|
# regenerate the file from getdate.y
|
|
# regenerate the file from getdate.y
|
|
rm -f getdate.c
|
|
rm -f getdate.c
|
|
|
|
|
|
|
|
|
|
%build
|
|
%build
|
|
%configure \
|
|
%configure \
|
|
|
|
+ --chronyrundir=/run/chrony \
|
|
--docdir=%{_docdir} \
|
|
--docdir=%{_docdir} \
|
|
--enable-ntp-signd \
|
|
--enable-ntp-signd \
|
|
--enable-scfilter \
|
|
--enable-scfilter \
|
|
--disable-nts \
|
|
--disable-nts \
|
|
--with-ntp-era=$(date -d '1970-01-01 00:00:00+00:00' +'%s') \
|
|
--with-ntp-era=$(date -d '1970-01-01 00:00:00+00:00' +'%s') \
|
|
--with-user=chrony \
|
|
--with-user=chrony \
|
|
- --with-sendmail=%{_sbindir}/sendmail \
|
|
|
|
-%if %{with systemd}
|
|
|
|
- --chronyrundir=/run/chrony \
|
|
|
|
|
|
+ --with-hwclockfile=%{_sysconfdir}/adjtime \
|
|
--with-pidfile=/run/chrony/chronyd.pid \
|
|
--with-pidfile=/run/chrony/chronyd.pid \
|
|
-%endif
|
|
|
|
|
|
+ --with-sendmail=%{_sbindir}/sendmail \
|
|
%{mil}
|
|
%{mil}
|
|
make %{?_smp_mflags}
|
|
make %{?_smp_mflags}
|
|
|
|
|
|
|
|
|
|
%install
|
|
%install
|
|
-rm -rf %{buildroot}
|
|
|
|
|
|
|
|
make install DESTDIR=%{buildroot}
|
|
make install DESTDIR=%{buildroot}
|
|
|
|
|
|
rm -rf %{buildroot}%{_docdir}
|
|
rm -rf %{buildroot}%{_docdir}
|
|
|
|
|
|
-mkdir -p %{buildroot}%{_sysconfdir}/{sysconfig,logrotate.d}
|
|
|
|
mkdir -p %{buildroot}%{_initrddir}
|
|
mkdir -p %{buildroot}%{_initrddir}
|
|
|
|
+mkdir -p %{buildroot}%{_sysconfdir}/{sysconfig,logrotate.d}
|
|
mkdir -p %{buildroot}%{_localstatedir}/{lib,log}/chrony
|
|
mkdir -p %{buildroot}%{_localstatedir}/{lib,log}/chrony
|
|
mkdir -p %{buildroot}%{_sysconfdir}/dhcp/dhclient.d
|
|
mkdir -p %{buildroot}%{_sysconfdir}/dhcp/dhclient.d
|
|
|
|
+mkdir -p %{buildroot}%{_libexecdir}
|
|
mkdir -p %{buildroot}%{_prefix}/lib/NetworkManager/dispatcher.d
|
|
mkdir -p %{buildroot}%{_prefix}/lib/NetworkManager/dispatcher.d
|
|
|
|
+%if %{with systemd}
|
|
|
|
+mkdir -p %{buildroot}%{_sysusersdir}
|
|
|
|
+mkdir -p %{buildroot}{%{_unitdir},%{_prefix}/lib/systemd/ntp-units.d}
|
|
|
|
+%endif
|
|
|
|
+
|
|
|
|
|
|
-install -m 644 -p %{SOURCE1} %{buildroot}%{_sysconfdir}/chrony.conf
|
|
|
|
-install -m 640 -p chrony.keys %{buildroot}%{_sysconfdir}/chrony.keys
|
|
|
|
|
|
+install -m 644 -p chrony.conf %{buildroot}%{_sysconfdir}/chrony.conf
|
|
install -m 755 -p %{SOURCE2} \
|
|
install -m 755 -p %{SOURCE2} \
|
|
%{buildroot}%{_sysconfdir}/dhcp/dhclient.d/chrony.sh
|
|
%{buildroot}%{_sysconfdir}/dhcp/dhclient.d/chrony.sh
|
|
-install -m 644 -p %{SOURCE5} %{buildroot}%{_sysconfdir}/logrotate.d/chrony
|
|
|
|
|
|
+install -m 644 -p examples/chrony.logrotate \
|
|
|
|
+ %{buildroot}%{_sysconfdir}/logrotate.d/chrony
|
|
install -m 755 -p examples/chrony.nm-dispatcher.onoffline \
|
|
install -m 755 -p examples/chrony.nm-dispatcher.onoffline \
|
|
%{buildroot}%{_prefix}/lib/NetworkManager/dispatcher.d/20-chrony-onoffline
|
|
%{buildroot}%{_prefix}/lib/NetworkManager/dispatcher.d/20-chrony-onoffline
|
|
install -m 755 -p examples/chrony.nm-dispatcher.dhcp \
|
|
install -m 755 -p examples/chrony.nm-dispatcher.dhcp \
|
|
%{buildroot}%{_prefix}/lib/NetworkManager/dispatcher.d/20-chrony-dhcp
|
|
%{buildroot}%{_prefix}/lib/NetworkManager/dispatcher.d/20-chrony-dhcp
|
|
|
|
|
|
-install -m 644 -p %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/chronyd
|
|
|
|
-
|
|
|
|
%if %{with systemd}
|
|
%if %{with systemd}
|
|
-mkdir -p %{buildroot}{%{_unitdir},/lib/systemd/ntp-units.d}
|
|
|
|
install -m 644 -p examples/chronyd.service \
|
|
install -m 644 -p examples/chronyd.service \
|
|
%{buildroot}%{_unitdir}/chronyd.service
|
|
%{buildroot}%{_unitdir}/chronyd.service
|
|
|
|
+install -m 644 -p examples/chronyd-restricted.service \
|
|
|
|
+ %{buildroot}%{_unitdir}/chronyd-restricted.service
|
|
install -m 644 -p examples/chrony-wait.service \
|
|
install -m 644 -p examples/chrony-wait.service \
|
|
%{buildroot}%{_unitdir}/chrony-wait.service
|
|
%{buildroot}%{_unitdir}/chrony-wait.service
|
|
-mkdir -p %{buildroot}%{_libexecdir}
|
|
|
|
|
|
+install -m 644 -p %{SOURCE6} \
|
|
|
|
+ %{buildroot}%{_sysusersdir}/chrony.conf
|
|
echo 'chronyd.service' > \
|
|
echo 'chronyd.service' > \
|
|
- %{buildroot}/lib/systemd/ntp-units.d/50-chronyd.list
|
|
|
|
|
|
+ %{buildroot}/usr/lib/systemd/ntp-units.d/50-chronyd.list
|
|
%else
|
|
%else
|
|
install -m 755 -p %{SOURCE4} %{buildroot}%{_initrddir}/chronyd
|
|
install -m 755 -p %{SOURCE4} %{buildroot}%{_initrddir}/chronyd
|
|
%endif
|
|
%endif
|
|
|
|
|
|
-touch %{buildroot}%{_localstatedir}/lib/chrony/{drift,rtc}
|
|
|
|
-
|
|
|
|
|
|
+install -m 644 -p %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/chronyd
|
|
|
|
|
|
-%clean
|
|
|
|
-rm -rf %{buildroot}
|
|
|
|
|
|
+touch %{buildroot}%{_sysconfdir}/chrony.keys
|
|
|
|
+touch %{buildroot}%{_localstatedir}/lib/chrony/{drift,rtc}
|
|
|
|
|
|
|
|
|
|
%pre
|
|
%pre
|
|
|
|
+%if %{with systemd}
|
|
|
|
+%sysusers_create_compat %{SOURCE6}
|
|
|
|
+%else
|
|
getent group chrony > /dev/null || /usr/sbin/groupadd -r chrony
|
|
getent group chrony > /dev/null || /usr/sbin/groupadd -r chrony
|
|
getent passwd chrony > /dev/null || /usr/sbin/useradd -r -g chrony \
|
|
getent passwd chrony > /dev/null || /usr/sbin/useradd -r -g chrony \
|
|
-d %{_localstatedir}/lib/chrony -s /sbin/nologin chrony
|
|
-d %{_localstatedir}/lib/chrony -s /sbin/nologin chrony
|
|
-:
|
|
|
|
|
|
+exit 0
|
|
|
|
+%endif
|
|
|
|
|
|
%post
|
|
%post
|
|
%if %{with systemd}
|
|
%if %{with systemd}
|
|
-# workaround for late reload of unit file (#1614751)
|
|
|
|
-%{_bindir}/systemctl daemon-reload
|
|
|
|
# migrate from chrony-helper to sourcedir directive
|
|
# migrate from chrony-helper to sourcedir directive
|
|
if test -a %{_libexecdir}/chrony-helper; then
|
|
if test -a %{_libexecdir}/chrony-helper; then
|
|
grep -qi 'sourcedir /run/chrony-dhcp$' %{_sysconfdir}/chrony.conf 2> /dev/null || \
|
|
grep -qi 'sourcedir /run/chrony-dhcp$' %{_sysconfdir}/chrony.conf 2> /dev/null || \
|
|
@@ -149,7 +158,7 @@ if test -a %{_libexecdir}/chrony-helper; then
|
|
sed 's|.*|server &|' < $f > /run/chrony-dhcp/"${f##*servers.}.sources"
|
|
sed 's|.*|server &|' < $f > /run/chrony-dhcp/"${f##*servers.}.sources"
|
|
done 2> /dev/null
|
|
done 2> /dev/null
|
|
fi
|
|
fi
|
|
-%systemd_post chronyd.service chrony-wait.service
|
|
|
|
|
|
+%systemd_post chronyd.service chronyd-restricted.service chrony-wait.service
|
|
%else
|
|
%else
|
|
/sbin/chkconfig --add chronyd
|
|
/sbin/chkconfig --add chronyd
|
|
:
|
|
:
|
|
@@ -157,7 +166,7 @@ fi
|
|
|
|
|
|
%preun
|
|
%preun
|
|
%if %{with systemd}
|
|
%if %{with systemd}
|
|
-%systemd_preun chronyd.service chrony-wait.service
|
|
|
|
|
|
+%systemd_preun chronyd.service chronyd-restricted.service chrony-wait.service
|
|
%else
|
|
%else
|
|
if [ "$1" -eq 0 -o -x /bin/systemctl ]; then
|
|
if [ "$1" -eq 0 -o -x /bin/systemctl ]; then
|
|
/sbin/service chronyd stop &> /dev/null
|
|
/sbin/service chronyd stop &> /dev/null
|
|
@@ -168,7 +177,7 @@ fi
|
|
|
|
|
|
%postun
|
|
%postun
|
|
%if %{with systemd}
|
|
%if %{with systemd}
|
|
-%systemd_postun_with_restart chronyd.service
|
|
|
|
|
|
+%systemd_postun_with_restart chronyd.service chronyd-restricted.service
|
|
%else
|
|
%else
|
|
if [ "$1" -ge 1 ]; then
|
|
if [ "$1" -ge 1 ]; then
|
|
/sbin/service chronyd condrestart &> /dev/null
|
|
/sbin/service chronyd condrestart &> /dev/null
|
|
@@ -182,12 +191,13 @@ fi
|
|
%license COPYING
|
|
%license COPYING
|
|
%doc FAQ NEWS README examples/*
|
|
%doc FAQ NEWS README examples/*
|
|
%config(noreplace) %{_sysconfdir}/chrony.conf
|
|
%config(noreplace) %{_sysconfdir}/chrony.conf
|
|
-%config(noreplace) %verify(not md5 size mtime) %attr(640,root,chrony) %{_sysconfdir}/chrony.keys
|
|
|
|
|
|
+%config(noreplace) %attr(640,root,chrony) %{_sysconfdir}/chrony.keys
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/chronyd
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/chronyd
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/chrony
|
|
%config(noreplace) %{_sysconfdir}/logrotate.d/chrony
|
|
%if %{with systemd}
|
|
%if %{with systemd}
|
|
-/lib/systemd/ntp-units.d/*.list
|
|
|
|
|
|
+/usr/lib/systemd/ntp-units.d/*.list
|
|
%{_unitdir}/chrony*.service
|
|
%{_unitdir}/chrony*.service
|
|
|
|
+%{_sysusersdir}/chrony.conf
|
|
%else
|
|
%else
|
|
%{_initrddir}/chronyd
|
|
%{_initrddir}/chronyd
|
|
%endif
|
|
%endif
|
|
@@ -207,6 +217,9 @@ fi
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
%changelog
|
|
|
|
+* Fri Jul 12 2024 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 4.5-1
|
|
|
|
+- new upstream release.
|
|
|
|
+
|
|
* Wed Nov 24 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 4.1-1
|
|
* Wed Nov 24 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 4.1-1
|
|
- new upstream release.
|
|
- new upstream release.
|
|
|
|
|