[gentoo-commits] proj/musl:master commit in: net-misc/chrony/files/, net-misc/chrony/ - gentoo-commits

From:	"Anthony G. Basile" <blueness@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/musl:master commit in: net-misc/chrony/files/, net-misc/chrony/
Date:	Thu, 28 May 2020 12:43:18
Message-Id:	`1590669785.8378a79d9aa538e3df9df159d45b4e80a4d19f5d.blueness@gentoo`

1

commit:     8378a79d9aa538e3df9df159d45b4e80a4d19f5d

2

Author:     layman <layman <AT> localhost>

3

AuthorDate: Sat May 23 21:22:06 2020 +0000

4

Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

5

CommitDate: Thu May 28 12:43:05 2020 +0000

6

URL:        https://gitweb.gentoo.org/proj/musl.git/commit/?id=8378a79d

7

8

Adding ebuild for a current stable version of chrony (based on ebuild from gentoo/main repository). Successfully tested at a couple of different arm64-musl-hardened installations.

9

10

Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>

11

12

 net-misc/chrony/Manifest                           |   1 +

13

 net-misc/chrony/chrony-3.5-r4.ebuild               | 167 +++++++++++++++++++++

14

 .../files/chrony-3.5-pool-vendor-gentoo.patch      |  16 ++

15

 .../files/chrony-3.5-r3-systemd-gentoo.patch       |  12 ++

16

 net-misc/chrony/files/chronyd.conf-r1              |  12 ++

17

 net-misc/chrony/files/chronyd.init-r2              |  70 +++++++++

18

 6 files changed, 278 insertions(+)

19

20

diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest

21

index f4828b8..32e4543 100644

22

--- a/net-misc/chrony/Manifest

23

+++ b/net-misc/chrony/Manifest

24

@@ -1 +1,2 @@

25

 DIST chrony-3.2.tar.gz 433882 SHA256 329f6718dd8c3ece3eee78be1f4821cbbeb62608e7d23f25da293cfa433c4116 SHA512 496af5bed91600f268c1a0fa577bb8c7785e485f78598b666829c674e94770c16548cec4289a2ae9d0a51191d2705eda00886cb6cccae3828aa201a49d4783a4 WHIRLPOOL b8a9045c81970653393c2afadece1e3a5e093c893b7ac3bae061bbd40bc043439e426df8da6598e36ef9589b4dd402419199307a9bfa48df526206952814667e

26

+DIST chrony-3.5.tar.gz 458226 BLAKE2B 611f21e36c6e745208e00eba988519fcd912c6c0c3518c953591f43224dc3da79f627027a6cd4bf9c4227e9f8659a69adbdb634252ff3920d2ef677e32012456 SHA512 c4f6376a44d71b6ac2b6d86e3d6fb4348642faeef7f3f3a4d6431627b5645efcc868b005cc398c8292bc3b63a1161fbd1a042c6ac2a0595843f908fe32eed90c

27

28

diff --git a/net-misc/chrony/chrony-3.5-r4.ebuild b/net-misc/chrony/chrony-3.5-r4.ebuild

29

new file mode 100644

30

index 0000000..0ee9240

31

--- /dev/null

32

+++ b/net-misc/chrony/chrony-3.5-r4.ebuild

33

@@ -0,0 +1,167 @@

34

+# Copyright 1999-2020 Gentoo Authors

35

+# Distributed under the terms of the GNU General Public License v2

36

+

37

+EAPI=7

38

+inherit systemd tmpfiles toolchain-funcs

39

+

40

+DESCRIPTION="NTP client and server programs"

41

+HOMEPAGE="https://chrony.tuxfamily.org/"

42

+SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"

43

+LICENSE="GPL-2"

44

+SLOT="0"

45

+

46

+KEYWORDS="~alpha ~amd64 ~arm arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86"

47

+IUSE="

48

+	+adns +caps +cmdmon html ipv6 libedit +ntp +phc pps readline +refclock +rtc

49

+	+seccomp selinux

50

+"

51

+REQUIRED_USE="

52

+	?? ( libedit readline )

53

+"

54

+

55

+CDEPEND="

56

+	caps? ( acct-group/ntp acct-user/ntp sys-libs/libcap )

57

+	libedit? ( dev-libs/libedit )

58

+	readline? ( >=sys-libs/readline-4.1-r4:= )

59

+	seccomp? ( sys-libs/libseccomp )

60

+"

61

+DEPEND="

62

+	${CDEPEND}

63

+	html? ( dev-ruby/asciidoctor )

64

+	pps? ( net-misc/pps-tools )

65

+"

66

+RDEPEND="

67

+	${CDEPEND}

68

+	selinux? ( sec-policy/selinux-chronyd )

69

+"

70

+

71

+RESTRICT=test

72

+

73

+S="${WORKDIR}/${P/_/-}"

74

+

75

+PATCHES=(

76

+	"${FILESDIR}"/${PN}-3.2-no-glob_magic.patch

77

+	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch

78

+	"${FILESDIR}"/${PN}-3.5-r3-systemd-gentoo.patch

79

+)

80

+

81

+src_prepare() {

82

+	default

83

+	sed -i \

84

+		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \

85

+		doc/* examples/* || die

86

+

87

+	# Copy for potential user fixup

88

+	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf

89

+	cp examples/chronyd.service "${T}"/chronyd.service

90

+

91

+	# Set config for privdrop

92

+	if ! use caps; then

93

+		sed -i \

94

+			-e 's/-u ntp//' \

95

+			"${T}"/chronyd.conf "${T}"/chronyd.service || die

96

+	fi

97

+}

98

+

99

+src_configure() {

100

+	tc-export CC

101

+

102

+	local CHRONY_EDITLINE

103

+	# ./configure legend:

104

+	# --disable-readline : disable line editing entirely

105

+	# --without-readline : do not use sys-libs/readline (enabled by default)

106

+	# --without-editline : do not use dev-libs/libedit (enabled by default)

107

+	if ! use readline && ! use libedit; then

108

+		CHRONY_EDITLINE='--disable-readline'

109

+	else

110

+		CHRONY_EDITLINE+=" $(usex readline '' --without-readline)"

111

+		CHRONY_EDITLINE+=" $(usex libedit '' --without-editline)"

112

+	fi

113

+

114

+	# not an autotools generated script

115

+	local myconf=(

116

+		$(use_enable seccomp scfilter)

117

+		$(usex adns '' --disable-asyncdns)

118

+		$(usex caps '' --disable-linuxcaps)

119

+		$(usex cmdmon '' --disable-cmdmon)

120

+		$(usex ipv6 '' --disable-ipv6)

121

+		$(usex ntp '' --disable-ntp)

122

+		$(usex phc '' --disable-phc)

123

+		$(usex pps '' --disable-pps)

124

+		$(usex refclock '' --disable-refclock)

125

+		$(usex rtc '' --disable-rtc)

126

+		${CHRONY_EDITLINE}

127

+		${EXTRA_ECONF}

128

+		--chronysockdir="${EPREFIX}/run/chrony"

129

+		--disable-sechash

130

+		--docdir="${EPREFIX}/usr/share/doc/${PF}"

131

+		--mandir="${EPREFIX}/usr/share/man"

132

+		--prefix="${EPREFIX}/usr"

133

+		--sysconfdir="${EPREFIX}/etc/chrony"

134

+		--with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"

135

+		--without-nss

136

+		--without-tomcrypt

137

+	)

138

+

139

+	# print the ./configure call to aid in future debugging

140

+	echo bash ./configure "${myconf[@]}" >&2

141

+	bash ./configure "${myconf[@]}" || die

142

+}

143

+

144

+src_compile() {

145

+	emake all docs $(usex html '' 'ADOC=true')

146

+}

147

+

148

+src_install() {

149

+	default

150

+

151

+	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd

152

+	newconfd "${T}"/chronyd.conf chronyd

153

+

154

+	insinto /etc/${PN}

155

+	newins examples/chrony.conf.example1 chrony.conf

156

+

157

+	docinto examples

158

+	dodoc examples/*.example*

159

+

160

+	newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"

161

+

162

+	if use html; then

163

+		docinto html

164

+		dodoc doc/*.html

165

+	fi

166

+

167

+	keepdir /var/{lib,log}/chrony

168

+

169

+	if use caps; then

170

+		# Prepare a directory for the chrony.drift file (a la ntpsec)

171

+		# Ensures the environment is sane on new installs

172

+		fowners ntp:ntp /var/{lib,log}/chrony

173

+		fperms 770 /var/lib/chrony

174

+	fi

175

+

176

+	insinto /etc/logrotate.d

177

+	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony

178

+

179

+	systemd_dounit "${T}"/chronyd.service

180

+	systemd_dounit examples/chrony-wait.service

181

+	systemd_enable_ntpunit 50-chrony chronyd.service

182

+}

183

+

184

+pkg_preinst() {

185

+	HAD_CAPS=false

186

+

187

+	if has_version 'net-misc/chrony[caps]'; then

188

+		HAD_CAPS=true

189

+	fi

190

+}

191

+

192

+pkg_postinst() {

193

+	tmpfiles_process chronyd.conf

194

+

195

+	if [[ -n ${REPLACING_VERSIONS} ]] && use caps && ! ${HAD_CAPS}; then

196

+		ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"

197

+		ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"

198

+		ewarn "This is necessary for chrony to drop privileges"

199

+	fi

200

+}

201

202

diff --git a/net-misc/chrony/files/chrony-3.5-pool-vendor-gentoo.patch b/net-misc/chrony/files/chrony-3.5-pool-vendor-gentoo.patch

203

new file mode 100644

204

index 0000000..817a410

205

--- /dev/null

206

+++ b/net-misc/chrony/files/chrony-3.5-pool-vendor-gentoo.patch

207

@@ -0,0 +1,16 @@

208

+- Use the Gentoo pool

209

+- Use the server directive instead of the pool directive so we get four time

210

+  sources and not twelve.

211

+

212

+--- a/examples/chrony.conf.example1

213

++++ b/examples/chrony.conf.example1

214

+@@ -1,5 +1,8 @@

215

+ # Use public NTP servers from the pool.ntp.org project.

216

+-pool pool.ntp.org iburst

217

++server 0.gentoo.pool.ntp.org iburst

218

++server 1.gentoo.pool.ntp.org iburst

219

++server 2.gentoo.pool.ntp.org iburst

220

++server 3.gentoo.pool.ntp.org iburst

221

+

222

+ # Record the rate at which the system clock gains/losses time.

223

+ driftfile /var/lib/chrony/drift

224

225

diff --git a/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch b/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch

226

new file mode 100644

227

index 0000000..7c46b6d

228

--- /dev/null

229

+++ b/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch

230

@@ -0,0 +1,12 @@

231

+--- a/examples/chronyd.service

232

++++ b/examples/chronyd.service

233

+@@ -8,8 +8,7 @@

234

+ [Service]

235

+ Type=forking

236

+ PIDFile=/run/chrony/chronyd.pid

237

+-EnvironmentFile=-/etc/sysconfig/chronyd

238

+-ExecStart=/usr/sbin/chronyd $OPTIONS

239

++ExecStart=/usr/sbin/chronyd -u ntp

240

+ PrivateTmp=yes

241

+ ProtectHome=yes

242

+ ProtectSystem=full

243

244

diff --git a/net-misc/chrony/files/chronyd.conf-r1 b/net-misc/chrony/files/chronyd.conf-r1

245

new file mode 100644

246

index 0000000..c641d98

247

--- /dev/null

248

+++ b/net-misc/chrony/files/chronyd.conf-r1

249

@@ -0,0 +1,12 @@

250

+# /etc/conf.d/chronyd

251

+

252

+CFGFILE="/etc/chrony/chrony.conf"

253

+

254

+# Configuration dependant options :

255

+#      -s - Set system time from RTC if rtcfile directive present

256

+#      -r - Reload sample histories if dumponexit directive present

257

+#

258

+# The combination of "-s -r" allows chronyd to perform long term averaging of

259

+# the gain or loss rate across system reboots and shutdowns.

260

+

261

+ARGS="-u ntp"

262

263

diff --git a/net-misc/chrony/files/chronyd.init-r2 b/net-misc/chrony/files/chronyd.init-r2

264

new file mode 100644

265

index 0000000..4892a57

266

--- /dev/null

267

+++ b/net-misc/chrony/files/chronyd.init-r2

268

@@ -0,0 +1,70 @@

269

+#!/sbin/openrc-run

270

+# Copyright 1999-2018 Gentoo Foundation

271

+# Distributed under the terms of the GNU General Public License v2

272

+

273

+depend() {

274

+	use dns

275

+}

276

+

277

+checkconfig() {

278

+	# Note that /etc/chrony/chrony.keys is *NOT* checked. This

279

+	# is because the user may have specified another key

280

+	# file, and we don't want to force the user to use that

281

+	# exact name for the key file.

282

+	if [ ! -f "${CFGFILE}" ] ; then

283

+		eerror "Please create ${CFGFILE} and the"

284

+		eerror "chrony key file (usually /etc/chrony/chrony.keys)"

285

+		eerror "by using the"

286

+		eerror ""

287

+		eerror "        chrony.conf.example"

288

+		eerror "        chrony.keys.example"

289

+		eerror ""

290

+		eerror "files (from the documentation directory)"

291

+		eerror "as templates."

292

+		return 1

293

+	else

294

+		# Actually, I tried it, and chrony seems to ignore the pidfile

295

+		# option. I'm going to leave it here anyway, since you never

296

+		# know if it might be handy

297

+		PIDFILE=`awk '/^ *pidfile/{print $2}' "${CFGFILE}"`

298

+		[ -z "${PIDFILE}" ] && PIDFILE=/run/chrony/chronyd.pid

299

+	fi

300

+	return 0

301

+}

302

+

303

+setxtrarg() {

304

+	if [ -c /dev/rtc ]; then

305

+		grep -q '^rtcfile' "${CFGFILE}" && ARGS="${ARGS} -s"

306

+	fi

307

+	grep -q '^dumponexit$' "${CFGFILE}" && ARGS="${ARGS} -r"

308

+	return 0

309

+}

310

+

311

+start() {

312

+	checkconfig || return $?

313

+	setxtrarg

314

+

315

+	[ -n "${PIDFILE}" ] || PIDFILE=/run/chronyd.pid

316

+

317

+	ebegin "Starting chronyd"

318

+	start-stop-daemon \

319

+		--start \

320

+		--quiet \

321

+		--exec /usr/sbin/chronyd \

322

+		--pidfile "${PIDFILE}" \

323

+		-- -f "${CFGFILE}" ${ARGS}

324

+	eend $? "Failed to start chronyd"

325

+}

326

+

327

+stop() {

328

+	checkconfig || return $?

329

+

330

+	[ -n "${PIDFILE}" ] || PIDFILE=/run/chronyd.pid

331

+

332

+	ebegin "Stopping chronyd"

333

+	start-stop-daemon \

334

+		--stop \

335

+		--quiet \

336

+		--pidfile "${PIDFILE}"

337

+	eend $? "Failed to stop chronyd"

338

+}

1	commit: 8378a79d9aa538e3df9df159d45b4e80a4d19f5d
2	Author: layman <layman <AT> localhost>
3	AuthorDate: Sat May 23 21:22:06 2020 +0000
4	Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5	CommitDate: Thu May 28 12:43:05 2020 +0000
6	URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=8378a79d
7
8	Adding ebuild for a current stable version of chrony (based on ebuild from gentoo/main repository). Successfully tested at a couple of different arm64-musl-hardened installations.
9
10	Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>
11
12	net-misc/chrony/Manifest \| 1 +
13	net-misc/chrony/chrony-3.5-r4.ebuild \| 167 +++++++++++++++++++++
14	.../files/chrony-3.5-pool-vendor-gentoo.patch \| 16 ++
15	.../files/chrony-3.5-r3-systemd-gentoo.patch \| 12 ++
16	net-misc/chrony/files/chronyd.conf-r1 \| 12 ++
17	net-misc/chrony/files/chronyd.init-r2 \| 70 +++++++++
18	6 files changed, 278 insertions(+)
19
20	diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest
21	index f4828b8..32e4543 100644
22	--- a/net-misc/chrony/Manifest
23	+++ b/net-misc/chrony/Manifest
24	@@ -1 +1,2 @@
25	DIST chrony-3.2.tar.gz 433882 SHA256 329f6718dd8c3ece3eee78be1f4821cbbeb62608e7d23f25da293cfa433c4116 SHA512 496af5bed91600f268c1a0fa577bb8c7785e485f78598b666829c674e94770c16548cec4289a2ae9d0a51191d2705eda00886cb6cccae3828aa201a49d4783a4 WHIRLPOOL b8a9045c81970653393c2afadece1e3a5e093c893b7ac3bae061bbd40bc043439e426df8da6598e36ef9589b4dd402419199307a9bfa48df526206952814667e
26	+DIST chrony-3.5.tar.gz 458226 BLAKE2B 611f21e36c6e745208e00eba988519fcd912c6c0c3518c953591f43224dc3da79f627027a6cd4bf9c4227e9f8659a69adbdb634252ff3920d2ef677e32012456 SHA512 c4f6376a44d71b6ac2b6d86e3d6fb4348642faeef7f3f3a4d6431627b5645efcc868b005cc398c8292bc3b63a1161fbd1a042c6ac2a0595843f908fe32eed90c
27
28	diff --git a/net-misc/chrony/chrony-3.5-r4.ebuild b/net-misc/chrony/chrony-3.5-r4.ebuild
29	new file mode 100644
30	index 0000000..0ee9240
31	--- /dev/null
32	+++ b/net-misc/chrony/chrony-3.5-r4.ebuild
33	@@ -0,0 +1,167 @@
34	+# Copyright 1999-2020 Gentoo Authors
35	+# Distributed under the terms of the GNU General Public License v2
36	+
37	+EAPI=7
38	+inherit systemd tmpfiles toolchain-funcs
39	+
40	+DESCRIPTION="NTP client and server programs"
41	+HOMEPAGE="https://chrony.tuxfamily.org/"
42	+SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
43	+LICENSE="GPL-2"
44	+SLOT="0"
45	+
46	+KEYWORDS="~alpha ~amd64 ~arm arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
47	+IUSE="
48	+ +adns +caps +cmdmon html ipv6 libedit +ntp +phc pps readline +refclock +rtc
49	+ +seccomp selinux
50	+"
51	+REQUIRED_USE="
52	+ ?? ( libedit readline )
53	+"
54	+
55	+CDEPEND="
56	+ caps? ( acct-group/ntp acct-user/ntp sys-libs/libcap )
57	+ libedit? ( dev-libs/libedit )
58	+ readline? ( >=sys-libs/readline-4.1-r4:= )
59	+ seccomp? ( sys-libs/libseccomp )
60	+"
61	+DEPEND="
62	+ ${CDEPEND}
63	+ html? ( dev-ruby/asciidoctor )
64	+ pps? ( net-misc/pps-tools )
65	+"
66	+RDEPEND="
67	+ ${CDEPEND}
68	+ selinux? ( sec-policy/selinux-chronyd )
69	+"
70	+
71	+RESTRICT=test
72	+
73	+S="${WORKDIR}/${P/_/-}"
74	+
75	+PATCHES=(
76	+ "${FILESDIR}"/${PN}-3.2-no-glob_magic.patch
77	+ "${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
78	+ "${FILESDIR}"/${PN}-3.5-r3-systemd-gentoo.patch
79	+)
80	+
81	+src_prepare() {
82	+ default
83	+ sed -i \
84	+ -e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
85	+ doc/* examples/* \|\| die
86	+
87	+ # Copy for potential user fixup
88	+ cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf
89	+ cp examples/chronyd.service "${T}"/chronyd.service
90	+
91	+ # Set config for privdrop
92	+ if ! use caps; then
93	+ sed -i \
94	+ -e 's/-u ntp//' \
95	+ "${T}"/chronyd.conf "${T}"/chronyd.service \|\| die
96	+ fi
97	+}
98	+
99	+src_configure() {
100	+ tc-export CC
101	+
102	+ local CHRONY_EDITLINE
103	+ # ./configure legend:
104	+ # --disable-readline : disable line editing entirely
105	+ # --without-readline : do not use sys-libs/readline (enabled by default)
106	+ # --without-editline : do not use dev-libs/libedit (enabled by default)
107	+ if ! use readline && ! use libedit; then
108	+ CHRONY_EDITLINE='--disable-readline'
109	+ else
110	+ CHRONY_EDITLINE+=" $(usex readline '' --without-readline)"
111	+ CHRONY_EDITLINE+=" $(usex libedit '' --without-editline)"
112	+ fi
113	+
114	+ # not an autotools generated script
115	+ local myconf=(
116	+ $(use_enable seccomp scfilter)
117	+ $(usex adns '' --disable-asyncdns)
118	+ $(usex caps '' --disable-linuxcaps)
119	+ $(usex cmdmon '' --disable-cmdmon)
120	+ $(usex ipv6 '' --disable-ipv6)
121	+ $(usex ntp '' --disable-ntp)
122	+ $(usex phc '' --disable-phc)
123	+ $(usex pps '' --disable-pps)
124	+ $(usex refclock '' --disable-refclock)
125	+ $(usex rtc '' --disable-rtc)
126	+ ${CHRONY_EDITLINE}
127	+ ${EXTRA_ECONF}
128	+ --chronysockdir="${EPREFIX}/run/chrony"
129	+ --disable-sechash
130	+ --docdir="${EPREFIX}/usr/share/doc/${PF}"
131	+ --mandir="${EPREFIX}/usr/share/man"
132	+ --prefix="${EPREFIX}/usr"
133	+ --sysconfdir="${EPREFIX}/etc/chrony"
134	+ --with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
135	+ --without-nss
136	+ --without-tomcrypt
137	+ )
138	+
139	+ # print the ./configure call to aid in future debugging
140	+ echo bash ./configure "${myconf[@]}" >&2
141	+ bash ./configure "${myconf[@]}" \|\| die
142	+}
143	+
144	+src_compile() {
145	+ emake all docs $(usex html '' 'ADOC=true')
146	+}
147	+
148	+src_install() {
149	+ default
150	+
151	+ newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
152	+ newconfd "${T}"/chronyd.conf chronyd
153	+
154	+ insinto /etc/${PN}
155	+ newins examples/chrony.conf.example1 chrony.conf
156	+
157	+ docinto examples
158	+ dodoc examples/.example
159	+
160	+ newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
161	+
162	+ if use html; then
163	+ docinto html
164	+ dodoc doc/*.html
165	+ fi
166	+
167	+ keepdir /var/{lib,log}/chrony
168	+
169	+ if use caps; then
170	+ # Prepare a directory for the chrony.drift file (a la ntpsec)
171	+ # Ensures the environment is sane on new installs
172	+ fowners ntp:ntp /var/{lib,log}/chrony
173	+ fperms 770 /var/lib/chrony
174	+ fi
175	+
176	+ insinto /etc/logrotate.d
177	+ newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
178	+
179	+ systemd_dounit "${T}"/chronyd.service
180	+ systemd_dounit examples/chrony-wait.service
181	+ systemd_enable_ntpunit 50-chrony chronyd.service
182	+}
183	+
184	+pkg_preinst() {
185	+ HAD_CAPS=false
186	+
187	+ if has_version 'net-misc/chrony[caps]'; then
188	+ HAD_CAPS=true
189	+ fi
190	+}
191	+
192	+pkg_postinst() {
193	+ tmpfiles_process chronyd.conf
194	+
195	+ if [[ -n ${REPLACING_VERSIONS} ]] && use caps && ! ${HAD_CAPS}; then
196	+ ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"
197	+ ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"
198	+ ewarn "This is necessary for chrony to drop privileges"
199	+ fi
200	+}
201
202	diff --git a/net-misc/chrony/files/chrony-3.5-pool-vendor-gentoo.patch b/net-misc/chrony/files/chrony-3.5-pool-vendor-gentoo.patch
203	new file mode 100644
204	index 0000000..817a410
205	--- /dev/null
206	+++ b/net-misc/chrony/files/chrony-3.5-pool-vendor-gentoo.patch
207	@@ -0,0 +1,16 @@
208	+- Use the Gentoo pool
209	+- Use the server directive instead of the pool directive so we get four time
210	+ sources and not twelve.
211	+
212	+--- a/examples/chrony.conf.example1
213	++++ b/examples/chrony.conf.example1
214	+@@ -1,5 +1,8 @@
215	+ # Use public NTP servers from the pool.ntp.org project.
216	+-pool pool.ntp.org iburst
217	++server 0.gentoo.pool.ntp.org iburst
218	++server 1.gentoo.pool.ntp.org iburst
219	++server 2.gentoo.pool.ntp.org iburst
220	++server 3.gentoo.pool.ntp.org iburst
221	+
222	+ # Record the rate at which the system clock gains/losses time.
223	+ driftfile /var/lib/chrony/drift
224
225	diff --git a/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch b/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch
226	new file mode 100644
227	index 0000000..7c46b6d
228	--- /dev/null
229	+++ b/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch
230	@@ -0,0 +1,12 @@
231	+--- a/examples/chronyd.service
232	++++ b/examples/chronyd.service
233	+@@ -8,8 +8,7 @@
234	+ [Service]
235	+ Type=forking
236	+ PIDFile=/run/chrony/chronyd.pid
237	+-EnvironmentFile=-/etc/sysconfig/chronyd
238	+-ExecStart=/usr/sbin/chronyd $OPTIONS
239	++ExecStart=/usr/sbin/chronyd -u ntp
240	+ PrivateTmp=yes
241	+ ProtectHome=yes
242	+ ProtectSystem=full
243
244	diff --git a/net-misc/chrony/files/chronyd.conf-r1 b/net-misc/chrony/files/chronyd.conf-r1
245	new file mode 100644
246	index 0000000..c641d98
247	--- /dev/null
248	+++ b/net-misc/chrony/files/chronyd.conf-r1
249	@@ -0,0 +1,12 @@
250	+# /etc/conf.d/chronyd
251	+
252	+CFGFILE="/etc/chrony/chrony.conf"
253	+
254	+# Configuration dependant options :
255	+# -s - Set system time from RTC if rtcfile directive present
256	+# -r - Reload sample histories if dumponexit directive present
257	+#
258	+# The combination of "-s -r" allows chronyd to perform long term averaging of
259	+# the gain or loss rate across system reboots and shutdowns.
260	+
261	+ARGS="-u ntp"
262
263	diff --git a/net-misc/chrony/files/chronyd.init-r2 b/net-misc/chrony/files/chronyd.init-r2
264	new file mode 100644
265	index 0000000..4892a57
266	--- /dev/null
267	+++ b/net-misc/chrony/files/chronyd.init-r2
268	@@ -0,0 +1,70 @@
269	+#!/sbin/openrc-run
270	+# Copyright 1999-2018 Gentoo Foundation
271	+# Distributed under the terms of the GNU General Public License v2
272	+
273	+depend() {
274	+ use dns
275	+}
276	+
277	+checkconfig() {
278	+ # Note that /etc/chrony/chrony.keys is NOT checked. This
279	+ # is because the user may have specified another key
280	+ # file, and we don't want to force the user to use that
281	+ # exact name for the key file.
282	+ if [ ! -f "${CFGFILE}" ] ; then
283	+ eerror "Please create ${CFGFILE} and the"
284	+ eerror "chrony key file (usually /etc/chrony/chrony.keys)"
285	+ eerror "by using the"
286	+ eerror ""
287	+ eerror " chrony.conf.example"
288	+ eerror " chrony.keys.example"
289	+ eerror ""
290	+ eerror "files (from the documentation directory)"
291	+ eerror "as templates."
292	+ return 1
293	+ else
294	+ # Actually, I tried it, and chrony seems to ignore the pidfile
295	+ # option. I'm going to leave it here anyway, since you never
296	+ # know if it might be handy
297	+ PIDFILE=`awk '/^ *pidfile/{print $2}' "${CFGFILE}"`
298	+ [ -z "${PIDFILE}" ] && PIDFILE=/run/chrony/chronyd.pid
299	+ fi
300	+ return 0
301	+}
302	+
303	+setxtrarg() {
304	+ if [ -c /dev/rtc ]; then
305	+ grep -q '^rtcfile' "${CFGFILE}" && ARGS="${ARGS} -s"
306	+ fi
307	+ grep -q '^dumponexit$' "${CFGFILE}" && ARGS="${ARGS} -r"
308	+ return 0
309	+}
310	+
311	+start() {
312	+ checkconfig \|\| return $?
313	+ setxtrarg
314	+
315	+ [ -n "${PIDFILE}" ] \|\| PIDFILE=/run/chronyd.pid
316	+
317	+ ebegin "Starting chronyd"
318	+ start-stop-daemon \
319	+ --start \
320	+ --quiet \
321	+ --exec /usr/sbin/chronyd \
322	+ --pidfile "${PIDFILE}" \
323	+ -- -f "${CFGFILE}" ${ARGS}
324	+ eend $? "Failed to start chronyd"
325	+}
326	+
327	+stop() {
328	+ checkconfig \|\| return $?
329	+
330	+ [ -n "${PIDFILE}" ] \|\| PIDFILE=/run/chronyd.pid
331	+
332	+ ebegin "Stopping chronyd"
333	+ start-stop-daemon \
334	+ --stop \
335	+ --quiet \
336	+ --pidfile "${PIDFILE}"
337	+ eend $? "Failed to stop chronyd"
338	+}

Gentoo Archives: gentoo-commits