Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Sam James <sam@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/
Date: Thu, 22 Apr 2021 22:25:26
Message-Id: 1619130295.becfaac19ad2b782a18eae112d64ffe1b59bd75c.sam@gentoo
1 commit: becfaac19ad2b782a18eae112d64ffe1b59bd75c
2 Author: Sam James <sam <AT> gentoo <DOT> org>
3 AuthorDate: Thu Apr 22 21:54:30 2021 +0000
4 Commit: Sam James <sam <AT> gentoo <DOT> org>
5 CommitDate: Thu Apr 22 22:24:55 2021 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=becfaac1
7
8 net-misc/chrony: add 4.1_pre1 (unkeyworded)
9
10 * Bump to 4.1_pre1
11 * Tidy up IUSE, *DEPEND
12 * Unrestrict tests
13 * Add useful bug references re seccomp and caps.
14 May restore turning on seccomp automatically
15 in a revbump or next pre-release.
16
17 * Dependency changes/fixes:
18 ** Depend on sys-libs/readline when not using libedit
19 ** NTS requires GnuTLS, not Nettle
20 ** Add more cases for virtual/pkgconfig BDEPEND
21 ** Move html? ( asciidoctor ) dependency to BDEPEND
22
23 Bug: https://bugs.gentoo.org/783915
24 Signed-off-by: Sam James <sam <AT> gentoo.org>
25
26 net-misc/chrony/Manifest | 2 +
27 .../{chrony-9999.ebuild => chrony-4.1_pre1.ebuild} | 88 ++++++++++++----------
28 net-misc/chrony/chrony-9999.ebuild | 88 ++++++++++++----------
29 3 files changed, 102 insertions(+), 76 deletions(-)
30
31 diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest
32 index d699aaf1a3e..d898b8aa015 100644
33 --- a/net-misc/chrony/Manifest
34 +++ b/net-misc/chrony/Manifest
35 @@ -1,2 +1,4 @@
36 DIST chrony-4.0.tar.gz 546939 BLAKE2B 1d4035977be3603b34024c5c1c2aa5f2b4aca03fe7dc1eb41be2e9aeefa06e20a5f74776c50bdadaffba10ae25e7980bcbd9cf2b999bd73087728afe7a80253e SHA512 a1c11a386c43f495910f7f2e9b5fbb1652c3631471d182b9b8203dfef98611d11535ad547a879856551263aed0ae2e30e4135b8ed89553684706166bc1c725c9
37 DIST chrony-4.0.tar.gz.asc 195 BLAKE2B 1947a73f35eb5c58f91775d76473210a7b5edff5b808e360eb0c3724351c54ac4f187a2aa4450830130da718c6a0c488baa170ca87e7e6eac781d85c67b3773f SHA512 c3156d91f4fdb6f9e2fdbc83b1399afb0ecdfa9b7bc92648c5bce477c3f0f921d2a13aa21ac6c281f18b008c60f08e3db6d82b642b646f064aea1dbe19295c4c
38 +DIST chrony-4.1-pre1.tar.gz 563277 BLAKE2B 474d27d0e402d83bda52125940b8205119519b93571e6b8df3fea5eeb5f1f3babbcc40bc81db77bc345830d5e9528ad087ff539026a1a585ce220feeb851e978 SHA512 03e28e6651d6aa3c99333b94ee503843c3a69b8c8366bf647c41a3a9e34e987c440e289ec16e5c62c2a7405271bddc533efbd59d6c6ab43712c8908dfb86322e
39 +DIST chrony-4.1-pre1.tar.gz.asc 195 BLAKE2B 4a06b35be3257a52cc824e2acfdff32b6598d1744bc23418e89291d71d6d9a86c35559eab26034ce2e05c4152ffb691b5ec4104dc339821e93523c33c8cbdd72 SHA512 8eb695c3f85f90d02b22b1202c8766347289a6da1d0658a3d89eed90202799bcfc647b96e5f931fb862011e85feed5f4914b39e45a3e20f01827509fe271a2d7
40
41 diff --git a/net-misc/chrony/chrony-9999.ebuild b/net-misc/chrony/chrony-4.1_pre1.ebuild
42 similarity index 75%
43 copy from net-misc/chrony/chrony-9999.ebuild
44 copy to net-misc/chrony/chrony-4.1_pre1.ebuild
45 index bf4786c5977..91a9a012460 100644
46 --- a/net-misc/chrony/chrony-9999.ebuild
47 +++ b/net-misc/chrony/chrony-4.1_pre1.ebuild
48 @@ -8,7 +8,7 @@ inherit systemd tmpfiles toolchain-funcs
49 DESCRIPTION="NTP client and server programs"
50 HOMEPAGE="https://chrony.tuxfamily.org/ https://git.tuxfamily.org/chrony/chrony.git"
51
52 -if [[ ${PV} == "9999" ]]; then
53 +if [[ ${PV} == "9999" ]] ; then
54 EGIT_REPO_URI="https://git.tuxfamily.org/chrony/chrony.git"
55 inherit git-r3
56 else
57 @@ -16,15 +16,18 @@ else
58 inherit verify-sig
59
60 SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
61 - SRC_URI+=" verify-sig? ( https://download.tuxfamily.org/chrony/${P}-tar-gz-asc.txt -> ${P}.tar.gz.asc )"
62 - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
63 + SRC_URI+=" verify-sig? ( https://download.tuxfamily.org/chrony/${P/_/-}-tar-gz-asc.txt -> ${P/_/-}.tar.gz.asc )"
64 +
65 + if [[ ${PV} != *_pre* ]] ; then
66 + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
67 + fi
68 fi
69
70 S="${WORKDIR}/${P/_/-}"
71
72 LICENSE="GPL-2"
73 SLOT="0"
74 -IUSE="+caps +cmdmon debug html ipv6 libedit +nettle nss +ntp +phc +nts pps +refclock +rtc samba +seccomp +sechash selinux libtomcrypt"
75 +IUSE="+caps +cmdmon debug html ipv6 libedit libtomcrypt +nettle nss +ntp +nts +phc pps +refclock +rtc samba +seccomp +sechash selinux"
76 # nettle > nss > libtomcrypt in configure
77 REQUIRED_USE="
78 sechash? ( || ( nettle nss libtomcrypt ) )
79 @@ -33,15 +36,9 @@ REQUIRED_USE="
80 libtomcrypt? ( !nettle !nss )
81 !sechash? ( !nss )
82 !sechash? ( !nts? ( !nettle ) )
83 - nts? ( nettle )
84 -"
85 -RESTRICT="test"
86 -
87 -BDEPEND="
88 - nettle? ( virtual/pkgconfig )
89 "
90
91 -if [[ ${PV} == "9999" ]]; then
92 +if [[ ${PV} == "9999" ]] ; then
93 # Needed for doc generation in 9999
94 REQUIRED_USE+=" html"
95 BDEPEND+=" virtual/w3m"
96 @@ -55,18 +52,26 @@ DEPEND="
97 acct-user/ntp
98 sys-libs/libcap
99 )
100 - nts? ( net-libs/gnutls:= )
101 libedit? ( dev-libs/libedit )
102 + !libedit? ( sys-libs/readline:= )
103 nettle? ( dev-libs/nettle:= )
104 nss? ( dev-libs/nss:= )
105 - seccomp? ( sys-libs/libseccomp )
106 - html? ( dev-ruby/asciidoctor )
107 + nts? ( net-libs/gnutls:= )
108 pps? ( net-misc/pps-tools )
109 + seccomp? ( sys-libs/libseccomp )
110 "
111 RDEPEND="
112 ${DEPEND}
113 selinux? ( sec-policy/selinux-chronyd )
114 "
115 +BDEPEND="
116 + html? ( dev-ruby/asciidoctor )
117 + nts? ( virtual/pkgconfig )
118 + sechash? (
119 + nettle? ( virtual/pkgconfig )
120 + nss? ( virtual/pkgconfig )
121 + )
122 +"
123
124 PATCHES=(
125 "${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
126 @@ -84,13 +89,13 @@ src_prepare() {
127 }
128
129 src_configure() {
130 - if ! use caps; then
131 + if ! use caps ; then
132 sed -i \
133 -e 's/ -u ntp//' \
134 "${T}"/chronyd.conf examples/chronyd.service || die
135 fi
136
137 - if ! use seccomp; then
138 + if ! use seccomp ; then
139 sed -i \
140 -e 's/ -F 0//' \
141 "${T}"/chronyd.conf examples/chronyd.service || die
142 @@ -102,26 +107,28 @@ src_configure() {
143 # on a system that is time-synced.
144 export SOURCE_DATE_EPOCH=1607976314
145
146 - # not an autotools generated script
147 + # Not an autotools generated script
148 local myconf=(
149 $(use_enable seccomp scfilter)
150 - $(usex caps '' --disable-linuxcaps)
151 - $(usex cmdmon '' --disable-cmdmon)
152 +
153 + $(usex caps '' '--disable-linuxcaps')
154 + $(usex cmdmon '' '--disable-cmdmon')
155 $(usex debug '--enable-debug' '')
156 - $(usex ipv6 '' --disable-ipv6)
157 - $(usex libedit '' --without-editline)
158 - $(usex nettle '' --without-nettle)
159 - $(usex nss '' --without-nss)
160 - $(usex ntp '' --disable-ntp)
161 - $(usex nts '' --disable-nts)
162 - $(usex nts '' --without-gnutls)
163 - $(usex phc '' --disable-phc)
164 - $(usex pps '' --disable-pps)
165 - $(usex refclock '' --disable-refclock)
166 - $(usex rtc '' --disable-rtc)
167 - $(usex samba --enable-ntp-signd '')
168 - $(usex sechash '' --disable-sechash)
169 - $(usex libtomcrypt '' --disable-tomcrypt)
170 + $(usex ipv6 '' '--disable-ipv6')
171 + $(usex libedit '' '--without-editline')
172 + $(usex libtomcrypt '' '--without-tomcrypt')
173 + $(usex nettle '' '--without-nettle')
174 + $(usex nss '' '--without-nss')
175 + $(usex ntp '' '--disable-ntp')
176 + $(usex nts '' '--disable-nts')
177 + $(usex nts '' '--without-gnutls')
178 + $(usex phc '' '--disable-phc')
179 + $(usex pps '' '--disable-pps')
180 + $(usex refclock '' '--disable-refclock')
181 + $(usex rtc '' '--disable-rtc')
182 + $(usex samba '--enable-ntp-signd' '')
183 + $(usex sechash '' '--disable-sechash')
184 +
185 --chronysockdir="${EPREFIX}/run/chrony"
186 --docdir="${EPREFIX}/usr/share/doc/${PF}"
187 --mandir="${EPREFIX}/usr/share/man"
188 @@ -129,17 +136,18 @@ src_configure() {
189 --sysconfdir="${EPREFIX}/etc/chrony"
190 --with-hwclockfile="${EPREFIX}/etc/adjtime"
191 --with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
192 +
193 ${EXTRA_ECONF}
194 )
195
196 - # print the ./configure call
197 + # Print the ./configure call
198 echo sh ./configure "${myconf[@]}" >&2
199 sh ./configure "${myconf[@]}" || die
200 }
201
202 src_compile() {
203 - if [[ ${PV} == "9999" ]]; then
204 - # uses w3m
205 + if [[ ${PV} == "9999" ]] ; then
206 + # Uses w3m
207 emake -C doc man txt
208 fi
209
210 @@ -160,16 +168,17 @@ src_install() {
211
212 newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
213
214 - if use html; then
215 + if use html ; then
216 docinto html
217 dodoc doc/*.html
218 fi
219
220 keepdir /var/{lib,log}/chrony
221
222 - if use caps; then
223 + if use caps ; then
224 # Prepare a directory for the chrony.drift file (a la ntpsec)
225 # Ensures the environment is sane on new installs
226 + # bug #711058
227 fowners ntp:ntp /var/{lib,log}/chrony
228 fperms 770 /var/lib/chrony
229 fi
230 @@ -201,6 +210,7 @@ pkg_postinst() {
231
232 if [[ -n "${REPLACING_VERSIONS}" ]] ; then
233 if use caps && ! ${HAD_CAPS} ; then
234 + # bug #719876
235 ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"
236 ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"
237 ewarn "This is necessary for chrony to drop privileges"
238 @@ -209,6 +219,8 @@ pkg_postinst() {
239 fi
240 fi
241
242 + # TODO: Will try to re-enable before final release ideally?
243 + # bug #783915
244 if [[ ! ${HAD_SECCOMP} ]] && use seccomp ; then
245 elog "To enable seccomp in enforcing mode, please modify:"
246 elog "- /etc/conf.d/chronyd for OpenRC"
247
248 diff --git a/net-misc/chrony/chrony-9999.ebuild b/net-misc/chrony/chrony-9999.ebuild
249 index bf4786c5977..91a9a012460 100644
250 --- a/net-misc/chrony/chrony-9999.ebuild
251 +++ b/net-misc/chrony/chrony-9999.ebuild
252 @@ -8,7 +8,7 @@ inherit systemd tmpfiles toolchain-funcs
253 DESCRIPTION="NTP client and server programs"
254 HOMEPAGE="https://chrony.tuxfamily.org/ https://git.tuxfamily.org/chrony/chrony.git"
255
256 -if [[ ${PV} == "9999" ]]; then
257 +if [[ ${PV} == "9999" ]] ; then
258 EGIT_REPO_URI="https://git.tuxfamily.org/chrony/chrony.git"
259 inherit git-r3
260 else
261 @@ -16,15 +16,18 @@ else
262 inherit verify-sig
263
264 SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
265 - SRC_URI+=" verify-sig? ( https://download.tuxfamily.org/chrony/${P}-tar-gz-asc.txt -> ${P}.tar.gz.asc )"
266 - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
267 + SRC_URI+=" verify-sig? ( https://download.tuxfamily.org/chrony/${P/_/-}-tar-gz-asc.txt -> ${P/_/-}.tar.gz.asc )"
268 +
269 + if [[ ${PV} != *_pre* ]] ; then
270 + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
271 + fi
272 fi
273
274 S="${WORKDIR}/${P/_/-}"
275
276 LICENSE="GPL-2"
277 SLOT="0"
278 -IUSE="+caps +cmdmon debug html ipv6 libedit +nettle nss +ntp +phc +nts pps +refclock +rtc samba +seccomp +sechash selinux libtomcrypt"
279 +IUSE="+caps +cmdmon debug html ipv6 libedit libtomcrypt +nettle nss +ntp +nts +phc pps +refclock +rtc samba +seccomp +sechash selinux"
280 # nettle > nss > libtomcrypt in configure
281 REQUIRED_USE="
282 sechash? ( || ( nettle nss libtomcrypt ) )
283 @@ -33,15 +36,9 @@ REQUIRED_USE="
284 libtomcrypt? ( !nettle !nss )
285 !sechash? ( !nss )
286 !sechash? ( !nts? ( !nettle ) )
287 - nts? ( nettle )
288 -"
289 -RESTRICT="test"
290 -
291 -BDEPEND="
292 - nettle? ( virtual/pkgconfig )
293 "
294
295 -if [[ ${PV} == "9999" ]]; then
296 +if [[ ${PV} == "9999" ]] ; then
297 # Needed for doc generation in 9999
298 REQUIRED_USE+=" html"
299 BDEPEND+=" virtual/w3m"
300 @@ -55,18 +52,26 @@ DEPEND="
301 acct-user/ntp
302 sys-libs/libcap
303 )
304 - nts? ( net-libs/gnutls:= )
305 libedit? ( dev-libs/libedit )
306 + !libedit? ( sys-libs/readline:= )
307 nettle? ( dev-libs/nettle:= )
308 nss? ( dev-libs/nss:= )
309 - seccomp? ( sys-libs/libseccomp )
310 - html? ( dev-ruby/asciidoctor )
311 + nts? ( net-libs/gnutls:= )
312 pps? ( net-misc/pps-tools )
313 + seccomp? ( sys-libs/libseccomp )
314 "
315 RDEPEND="
316 ${DEPEND}
317 selinux? ( sec-policy/selinux-chronyd )
318 "
319 +BDEPEND="
320 + html? ( dev-ruby/asciidoctor )
321 + nts? ( virtual/pkgconfig )
322 + sechash? (
323 + nettle? ( virtual/pkgconfig )
324 + nss? ( virtual/pkgconfig )
325 + )
326 +"
327
328 PATCHES=(
329 "${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
330 @@ -84,13 +89,13 @@ src_prepare() {
331 }
332
333 src_configure() {
334 - if ! use caps; then
335 + if ! use caps ; then
336 sed -i \
337 -e 's/ -u ntp//' \
338 "${T}"/chronyd.conf examples/chronyd.service || die
339 fi
340
341 - if ! use seccomp; then
342 + if ! use seccomp ; then
343 sed -i \
344 -e 's/ -F 0//' \
345 "${T}"/chronyd.conf examples/chronyd.service || die
346 @@ -102,26 +107,28 @@ src_configure() {
347 # on a system that is time-synced.
348 export SOURCE_DATE_EPOCH=1607976314
349
350 - # not an autotools generated script
351 + # Not an autotools generated script
352 local myconf=(
353 $(use_enable seccomp scfilter)
354 - $(usex caps '' --disable-linuxcaps)
355 - $(usex cmdmon '' --disable-cmdmon)
356 +
357 + $(usex caps '' '--disable-linuxcaps')
358 + $(usex cmdmon '' '--disable-cmdmon')
359 $(usex debug '--enable-debug' '')
360 - $(usex ipv6 '' --disable-ipv6)
361 - $(usex libedit '' --without-editline)
362 - $(usex nettle '' --without-nettle)
363 - $(usex nss '' --without-nss)
364 - $(usex ntp '' --disable-ntp)
365 - $(usex nts '' --disable-nts)
366 - $(usex nts '' --without-gnutls)
367 - $(usex phc '' --disable-phc)
368 - $(usex pps '' --disable-pps)
369 - $(usex refclock '' --disable-refclock)
370 - $(usex rtc '' --disable-rtc)
371 - $(usex samba --enable-ntp-signd '')
372 - $(usex sechash '' --disable-sechash)
373 - $(usex libtomcrypt '' --disable-tomcrypt)
374 + $(usex ipv6 '' '--disable-ipv6')
375 + $(usex libedit '' '--without-editline')
376 + $(usex libtomcrypt '' '--without-tomcrypt')
377 + $(usex nettle '' '--without-nettle')
378 + $(usex nss '' '--without-nss')
379 + $(usex ntp '' '--disable-ntp')
380 + $(usex nts '' '--disable-nts')
381 + $(usex nts '' '--without-gnutls')
382 + $(usex phc '' '--disable-phc')
383 + $(usex pps '' '--disable-pps')
384 + $(usex refclock '' '--disable-refclock')
385 + $(usex rtc '' '--disable-rtc')
386 + $(usex samba '--enable-ntp-signd' '')
387 + $(usex sechash '' '--disable-sechash')
388 +
389 --chronysockdir="${EPREFIX}/run/chrony"
390 --docdir="${EPREFIX}/usr/share/doc/${PF}"
391 --mandir="${EPREFIX}/usr/share/man"
392 @@ -129,17 +136,18 @@ src_configure() {
393 --sysconfdir="${EPREFIX}/etc/chrony"
394 --with-hwclockfile="${EPREFIX}/etc/adjtime"
395 --with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
396 +
397 ${EXTRA_ECONF}
398 )
399
400 - # print the ./configure call
401 + # Print the ./configure call
402 echo sh ./configure "${myconf[@]}" >&2
403 sh ./configure "${myconf[@]}" || die
404 }
405
406 src_compile() {
407 - if [[ ${PV} == "9999" ]]; then
408 - # uses w3m
409 + if [[ ${PV} == "9999" ]] ; then
410 + # Uses w3m
411 emake -C doc man txt
412 fi
413
414 @@ -160,16 +168,17 @@ src_install() {
415
416 newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
417
418 - if use html; then
419 + if use html ; then
420 docinto html
421 dodoc doc/*.html
422 fi
423
424 keepdir /var/{lib,log}/chrony
425
426 - if use caps; then
427 + if use caps ; then
428 # Prepare a directory for the chrony.drift file (a la ntpsec)
429 # Ensures the environment is sane on new installs
430 + # bug #711058
431 fowners ntp:ntp /var/{lib,log}/chrony
432 fperms 770 /var/lib/chrony
433 fi
434 @@ -201,6 +210,7 @@ pkg_postinst() {
435
436 if [[ -n "${REPLACING_VERSIONS}" ]] ; then
437 if use caps && ! ${HAD_CAPS} ; then
438 + # bug #719876
439 ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"
440 ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"
441 ewarn "This is necessary for chrony to drop privileges"
442 @@ -209,6 +219,8 @@ pkg_postinst() {
443 fi
444 fi
445
446 + # TODO: Will try to re-enable before final release ideally?
447 + # bug #783915
448 if [[ ! ${HAD_SECCOMP} ]] && use seccomp ; then
449 elog "To enable seccomp in enforcing mode, please modify:"
450 elog "- /etc/conf.d/chronyd for OpenRC"
Report Message
Find on MARC Find on Google Groups