1 |
commit: 6d5d02e1341ffa76de4b26a6963d99699afba0c6 |
2 |
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Oct 20 09:05:20 2017 +0000 |
4 |
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Oct 20 09:05:20 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6d5d02e1 |
7 |
|
8 |
net-misc/ntp: Security cleanup (bug #613550). |
9 |
|
10 |
Package-Manager: Portage-2.3.12, Repoman-2.3.3 |
11 |
|
12 |
net-misc/ntp/Manifest | 2 - |
13 |
...ntp-4.2.8_p9-fix-build-wo-ssl-or-libressl.patch | 236 --------------------- |
14 |
net-misc/ntp/ntp-4.2.8_p9.ebuild | 136 ------------ |
15 |
3 files changed, 374 deletions(-) |
16 |
|
17 |
diff --git a/net-misc/ntp/Manifest b/net-misc/ntp/Manifest |
18 |
index 00a743f21e4..f77d8f8a95f 100644 |
19 |
--- a/net-misc/ntp/Manifest |
20 |
+++ b/net-misc/ntp/Manifest |
21 |
@@ -1,4 +1,2 @@ |
22 |
DIST ntp-4.2.8p10-manpages.tar.xz 25004 SHA256 7d968a7e68e0ce26c56635e452468b3583e2cb8bfcf558127c753c62e31d7007 SHA512 5b31a1429484ad30a35c8fa38157190a66b0983b5bf1a802c0817613901b5e0644941a3f4d5b660fcfe4ca04968766a5981331a6f9353316e7de953e55c33a09 WHIRLPOOL 6f5d593be7003fa9212364c0409f7e1ae7adcd6d1134c6db5bfb92fbbeb181495c3d484ff73bdfe55f231bb323e286ef4e1eb2ba588fcf3acd360ac8bf53b259 |
23 |
DIST ntp-4.2.8p10.tar.gz 6998648 SHA256 ddd2366e64219b9efa0f7438e06800d0db394ac5c88e13c17b70d0dcdf99b99f SHA512 67e01ab533c3dfabb0bdd3ced848bdd239980bde28fdb2791d167b7e9690ab3b3759e1bd99e9fddcce03ddef4cd63a47eb85941bb127ceb79b7ecff22cce9c05 WHIRLPOOL 7a72762d349591808c0f3d4686bbb2fbf60a0915769e77140414795892d6929feb0aae30cf2f2ea1febd3c4fecb9d3d62401e1f66033bb2dc57e3245f41708c8 |
24 |
-DIST ntp-4.2.8p9-manpages.tar.xz 24988 SHA256 a7814373e7ceb73a9e426b2e60a9966b6d053f145fd0253bbccf407af9f7ad3f SHA512 23ba80c540d12e78012a448348b94ccb68d0a8078e2e6fe05be58d89aa5e6e31ee8d686920c0f841ad12eade84a081e393885760fdf81bad5c30c76006df0094 WHIRLPOOL 49259ef4bade074bbcb5d87dd21bd93538a3a17405a42e483d10168fd609f908b59c86c73b01d2db2e683ff43fa0fdc0cdf297bfcc452d223dcb78bcef3f46c3 |
25 |
-DIST ntp-4.2.8p9.tar.gz 7231884 SHA256 b724287778e1bac625b447327c9851eedef020517a3545625e9f652a90f30b72 SHA512 ffd9e34060210d1cfb8ca0d89f2577df1c5fbe3ba63c620cdadc3ccc3c9d07f518783c6b91e57bffc77b08f449fdbab12faf226672ebd2dde5a0b4a783322a04 WHIRLPOOL ea96b106fd06f2b536394ad2a3dcc2a973aa0cec96140a292bc13b6ceb4159208a59b9c51936240c8a44fa7b2caa4be60d07d3c53066ce8588b0561bef64c070 |
26 |
|
27 |
diff --git a/net-misc/ntp/files/ntp-4.2.8_p9-fix-build-wo-ssl-or-libressl.patch b/net-misc/ntp/files/ntp-4.2.8_p9-fix-build-wo-ssl-or-libressl.patch |
28 |
deleted file mode 100644 |
29 |
index 5166e5f9a1d..00000000000 |
30 |
--- a/net-misc/ntp/files/ntp-4.2.8_p9-fix-build-wo-ssl-or-libressl.patch |
31 |
+++ /dev/null |
32 |
@@ -1,236 +0,0 @@ |
33 |
-Fix building with libressl or without SSL. |
34 |
- |
35 |
-Origin: http://bugs.ntp.org/attachment.cgi?id=1481 |
36 |
- |
37 |
-LibreSSL fix from Joe Kappus (https://bugs.gentoo.org/show_bug.cgi?id=600668#c2) |
38 |
- |
39 |
-diff -Nru a/include/ntp_md5.h b/include/ntp_md5.h |
40 |
---- a/include/ntp_md5.h 2016-11-23 08:35:18.248130387 +0100 |
41 |
-+++ b/include/ntp_md5.h 2016-11-23 08:35:18.248130387 +0100 |
42 |
-@@ -8,6 +8,7 @@ |
43 |
- |
44 |
- #ifdef OPENSSL |
45 |
- # include "openssl/evp.h" |
46 |
-+# include "libssl_compat.h" |
47 |
- #else /* !OPENSSL follows */ |
48 |
- /* |
49 |
- * Provide OpenSSL-alike MD5 API if we're not using OpenSSL |
50 |
-@@ -23,6 +24,9 @@ |
51 |
- # endif |
52 |
- |
53 |
- typedef MD5_CTX EVP_MD_CTX; |
54 |
-+ |
55 |
-+# define EVP_MD_CTX_free(c) free(c) |
56 |
-+# define EVP_MD_CTX_new() calloc(1, sizeof(MD5_CTX)) |
57 |
- # define EVP_get_digestbynid(t) NULL |
58 |
- # define EVP_md5() NULL |
59 |
- # define EVP_MD_CTX_init(c) |
60 |
-diff -Nru a/libntp/a_md5encrypt.c b/libntp/a_md5encrypt.c |
61 |
---- a/libntp/a_md5encrypt.c 2016-11-23 08:35:18.248130387 +0100 |
62 |
-+++ b/libntp/a_md5encrypt.c 2016-11-23 08:35:18.248130387 +0100 |
63 |
-@@ -11,7 +11,6 @@ |
64 |
- #include "ntp.h" |
65 |
- #include "ntp_md5.h" /* provides OpenSSL digest API */ |
66 |
- #include "isc/string.h" |
67 |
--#include "libssl_compat.h" |
68 |
- /* |
69 |
- * MD5authencrypt - generate message digest |
70 |
- * |
71 |
-diff -Nru a/libntp/libssl_compat.c b/libntp/libssl_compat.c |
72 |
---- a/libntp/libssl_compat.c 2016-11-23 08:35:18.248130387 +0100 |
73 |
-+++ b/libntp/libssl_compat.c 2016-11-23 08:35:18.248130387 +0100 |
74 |
-@@ -15,15 +15,18 @@ |
75 |
- * --------------------------------------------------------------------- |
76 |
- */ |
77 |
- #include "config.h" |
78 |
-- |
79 |
--#include <string.h> |
80 |
--#include <openssl/bn.h> |
81 |
--#include <openssl/evp.h> |
82 |
-- |
83 |
- #include "ntp_types.h" |
84 |
- |
85 |
- /* ----------------------------------------------------------------- */ |
86 |
--#if OPENSSL_VERSION_NUMBER < 0x10100000L |
87 |
-+#ifdef OPENSSL |
88 |
-+# include <string.h> |
89 |
-+# include <openssl/bn.h> |
90 |
-+# include <openssl/evp.h> |
91 |
-+#endif |
92 |
-+/* ----------------------------------------------------------------- */ |
93 |
-+ |
94 |
-+/* ----------------------------------------------------------------- */ |
95 |
-+#if defined(OPENSSL) && (OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER) |
96 |
- /* ----------------------------------------------------------------- */ |
97 |
- |
98 |
- #include "libssl_compat.h" |
99 |
-@@ -325,7 +328,7 @@ |
100 |
- } |
101 |
- |
102 |
- /* ----------------------------------------------------------------- */ |
103 |
--#else /* OPENSSL_VERSION_NUMBER >= v1.1.0 */ |
104 |
-+#else /* OPENSSL && OPENSSL_VERSION_NUMBER >= v1.1.0 */ |
105 |
- /* ----------------------------------------------------------------- */ |
106 |
- |
107 |
- NONEMPTY_TRANSLATION_UNIT |
108 |
-diff -Nru a/ntpd/ntp_control.c b/ntpd/ntp_control.c |
109 |
---- a/ntpd/ntp_control.c 2016-11-23 08:35:18.256130015 +0100 |
110 |
-+++ b/ntpd/ntp_control.c 2016-11-23 08:35:18.260129828 +0100 |
111 |
-@@ -33,8 +33,6 @@ |
112 |
- # include "ntp_syscall.h" |
113 |
- #endif |
114 |
- |
115 |
--#include "libssl_compat.h" |
116 |
-- |
117 |
- /* |
118 |
- * Structure to hold request procedure information |
119 |
- */ |
120 |
-@@ -1653,8 +1651,10 @@ |
121 |
- } |
122 |
- |
123 |
- /* |
124 |
-- * ctl_putcal - write a decoded calendar data into the response |
125 |
-+ * ctl_putcal - write a decoded calendar data into the response. |
126 |
-+ * only used with AUTOKEY currently, so compiled conditional |
127 |
- */ |
128 |
-+#ifdef AUTOKEY |
129 |
- static void |
130 |
- ctl_putcal( |
131 |
- const char *tag, |
132 |
-@@ -1678,6 +1678,7 @@ |
133 |
- |
134 |
- return; |
135 |
- } |
136 |
-+#endif |
137 |
- |
138 |
- /* |
139 |
- * ctl_putfs - write a decoded filestamp into the response |
140 |
-@@ -1838,7 +1839,7 @@ |
141 |
- char * oplim; |
142 |
- char * iptr; |
143 |
- char * iplim; |
144 |
-- char * past_eq; |
145 |
-+ char * past_eq = NULL; |
146 |
- |
147 |
- optr = output; |
148 |
- oplim = output + sizeof(output); |
149 |
-diff -Nru a/ntpd/ntp_io.c b/ntpd/ntp_io.c |
150 |
---- a/ntpd/ntp_io.c 2016-11-23 08:35:18.268129456 +0100 |
151 |
-+++ b/ntpd/ntp_io.c 2016-11-23 08:35:18.272129269 +0100 |
152 |
-@@ -516,13 +516,17 @@ |
153 |
- /* |
154 |
- * function to dump the contents of the interface structure |
155 |
- * for debugging use only. |
156 |
-+ * We face a dilemma here -- sockets are FDs under POSIX and |
157 |
-+ * actually HANDLES under Windows. So we use '%lld' as format |
158 |
-+ * and cast the value to 'long long'; this should not hurt |
159 |
-+ * with UNIX-like systems and does not truncate values on Win64. |
160 |
- */ |
161 |
- void |
162 |
- interface_dump(const endpt *itf) |
163 |
- { |
164 |
- printf("Dumping interface: %p\n", itf); |
165 |
-- printf("fd = %d\n", itf->fd); |
166 |
-- printf("bfd = %d\n", itf->bfd); |
167 |
-+ printf("fd = %lld\n", (long long)itf->fd); |
168 |
-+ printf("bfd = %lld\n", (long long)itf->bfd); |
169 |
- printf("sin = %s,\n", stoa(&itf->sin)); |
170 |
- sockaddr_dump(&itf->sin); |
171 |
- printf("bcast = %s,\n", stoa(&itf->bcast)); |
172 |
-@@ -570,11 +574,11 @@ |
173 |
- static void |
174 |
- print_interface(const endpt *iface, const char *pfx, const char *sfx) |
175 |
- { |
176 |
-- printf("%sinterface #%d: fd=%d, bfd=%d, name=%s, flags=0x%x, ifindex=%u, sin=%s", |
177 |
-+ printf("%sinterface #%d: fd=%lld, bfd=%lld, name=%s, flags=0x%x, ifindex=%u, sin=%s", |
178 |
- pfx, |
179 |
- iface->ifnum, |
180 |
-- iface->fd, |
181 |
-- iface->bfd, |
182 |
-+ (long long)iface->fd, |
183 |
-+ (long long)iface->bfd, |
184 |
- iface->name, |
185 |
- iface->flags, |
186 |
- iface->ifindex, |
187 |
-diff -Nru a/ntpd/ntp_proto.c b/ntpd/ntp_proto.c |
188 |
---- a/ntpd/ntp_proto.c 2016-11-23 08:35:18.280128897 +0100 |
189 |
-+++ b/ntpd/ntp_proto.c 2016-11-23 08:35:18.284128711 +0100 |
190 |
-@@ -4054,7 +4054,7 @@ |
191 |
- ntoa(&peer->srcadr), peer->hmode, xkeyid, sendlen, |
192 |
- peer->keynumber)); |
193 |
- #else /* !AUTOKEY follows */ |
194 |
-- DPRINTF(1, ("peer_xmit: at %ld %s->%s mode %d keyid %08x len %d\n", |
195 |
-+ DPRINTF(1, ("peer_xmit: at %ld %s->%s mode %d keyid %08x len %zu\n", |
196 |
- current_time, peer->dstadr ? |
197 |
- ntoa(&peer->dstadr->sin) : "-", |
198 |
- ntoa(&peer->srcadr), peer->hmode, xkeyid, sendlen)); |
199 |
-diff -Nru a/ports/winnt/ntpd/ntp_iocompletionport.c b/ports/winnt/ntpd/ntp_iocompletionport.c |
200 |
---- a/ports/winnt/ntpd/ntp_iocompletionport.c 2016-11-23 08:35:18.288128524 +0100 |
201 |
-+++ b/ports/winnt/ntpd/ntp_iocompletionport.c 2016-11-23 08:35:18.288128524 +0100 |
202 |
-@@ -1391,8 +1391,7 @@ |
203 |
- goto fail; |
204 |
- } |
205 |
- |
206 |
-- ; |
207 |
-- if ( ! (rio->ioreg_ctx = iopad = iohpCreate(rio))) { |
208 |
-+ if (NULL == (rio->ioreg_ctx = iopad = iohpCreate(rio))) { |
209 |
- msyslog(LOG_ERR, "%s: Failed to create shared lock", |
210 |
- msgh); |
211 |
- goto fail; |
212 |
-@@ -1401,13 +1400,13 @@ |
213 |
- iopad->riofd = rio->fd; |
214 |
- iopad->rsrc.rio = rio; |
215 |
- |
216 |
-- if (!(rio->device_ctx = DevCtxAttach(serial_devctx(h)))) { |
217 |
-+ if (NULL == (rio->device_ctx = DevCtxAttach(serial_devctx(h)))) { |
218 |
- msyslog(LOG_ERR, "%s: Failed to allocate device context", |
219 |
- msgh); |
220 |
- goto fail; |
221 |
- } |
222 |
- |
223 |
-- if ( ! (lpo = IoCtxAlloc(iopad, rio->device_ctx))) { |
224 |
-+ if (NULL == (lpo = IoCtxAlloc(iopad, rio->device_ctx))) { |
225 |
- msyslog(LOG_ERR, "%: Failed to allocate IO context", |
226 |
- msgh); |
227 |
- goto fail; |
228 |
-@@ -1594,7 +1593,6 @@ |
229 |
- static const char * const msg = |
230 |
- "OnSocketSend: send to socket failed"; |
231 |
- |
232 |
-- IoHndPad_T * iopad = NULL; |
233 |
- endpt * ep = NULL; |
234 |
- int rc; |
235 |
- |
236 |
-@@ -1662,7 +1660,7 @@ |
237 |
- |
238 |
- INSIST(hndIOCPLPort && hMainRpcDone); |
239 |
- if (iopad) |
240 |
-- iocpl_notify(iopad, OnInterfaceDetach, -1); |
241 |
-+ iocpl_notify(iopad, OnInterfaceDetach, (UINT_PTR)-1); |
242 |
- } |
243 |
- |
244 |
- /* -------------------------------------------------------------------- |
245 |
-diff -Nru a/sntp/crypto.c b/sntp/crypto.c |
246 |
---- a/sntp/crypto.c 2016-11-23 08:35:18.288128524 +0100 |
247 |
-+++ b/sntp/crypto.c 2016-11-23 08:35:18.288128524 +0100 |
248 |
-@@ -2,7 +2,7 @@ |
249 |
- #include "crypto.h" |
250 |
- #include <ctype.h> |
251 |
- #include "isc/string.h" |
252 |
--#include "libssl_compat.h" |
253 |
-+#include "ntp_md5.h" |
254 |
- |
255 |
- struct key *key_ptr; |
256 |
- size_t key_cnt = 0; |
257 |
-diff -urN ntp-4.2.8p9/include/libssl_compat.h ntp-4.2.8p9_fixed/include/libssl_compat.h |
258 |
---- a/include/libssl_compat.h 2016-11-21 07:28:40.000000000 -0500 |
259 |
-+++ b/include/libssl_compat.h 2016-11-23 12:10:33.014148604 -0500 |
260 |
-@@ -25,7 +25,7 @@ |
261 |
- #include "openssl/rsa.h" |
262 |
- |
263 |
- /* ----------------------------------------------------------------- */ |
264 |
--#if OPENSSL_VERSION_NUMBER < 0x10100000L |
265 |
-+#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER) |
266 |
- /* ----------------------------------------------------------------- */ |
267 |
- |
268 |
- # include <openssl/objects.h> |
269 |
|
270 |
diff --git a/net-misc/ntp/ntp-4.2.8_p9.ebuild b/net-misc/ntp/ntp-4.2.8_p9.ebuild |
271 |
deleted file mode 100644 |
272 |
index 4ff1b7a2eb3..00000000000 |
273 |
--- a/net-misc/ntp/ntp-4.2.8_p9.ebuild |
274 |
+++ /dev/null |
275 |
@@ -1,136 +0,0 @@ |
276 |
-# Copyright 1999-2017 Gentoo Foundation |
277 |
-# Distributed under the terms of the GNU General Public License v2 |
278 |
- |
279 |
-EAPI="5" |
280 |
- |
281 |
-inherit eutils toolchain-funcs flag-o-matic user systemd |
282 |
- |
283 |
-MY_P=${P/_p/p} |
284 |
-DESCRIPTION="Network Time Protocol suite/programs" |
285 |
-HOMEPAGE="http://www.ntp.org/" |
286 |
-SRC_URI="http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-${PV:0:3}/${MY_P}.tar.gz |
287 |
- https://dev.gentoo.org/~polynomial-c/${MY_P}-manpages.tar.xz" |
288 |
- |
289 |
-LICENSE="HPND BSD ISC" |
290 |
-SLOT="0" |
291 |
-KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~m68k-mint" |
292 |
-IUSE="caps debug ipv6 libressl openntpd parse-clocks readline samba selinux snmp ssl +threads vim-syntax zeroconf" |
293 |
- |
294 |
-CDEPEND="readline? ( >=sys-libs/readline-4.1:0= ) |
295 |
- >=dev-libs/libevent-2.0.9:=[threads?] |
296 |
- kernel_linux? ( caps? ( sys-libs/libcap ) ) |
297 |
- zeroconf? ( net-dns/avahi[mdnsresponder-compat] ) |
298 |
- !openntpd? ( !net-misc/openntpd ) |
299 |
- snmp? ( net-analyzer/net-snmp ) |
300 |
- ssl? ( |
301 |
- !libressl? ( dev-libs/openssl:0= ) |
302 |
- libressl? ( dev-libs/libressl ) |
303 |
- ) |
304 |
- parse-clocks? ( net-misc/pps-tools )" |
305 |
-DEPEND="${CDEPEND} |
306 |
- virtual/pkgconfig" |
307 |
-RDEPEND="${CDEPEND} |
308 |
- selinux? ( sec-policy/selinux-ntp ) |
309 |
- vim-syntax? ( app-vim/ntp-syntax )" |
310 |
-PDEPEND="openntpd? ( net-misc/openntpd )" |
311 |
- |
312 |
-S=${WORKDIR}/${MY_P} |
313 |
- |
314 |
-PATCHES=( |
315 |
- "${FILESDIR}"/${PN}-4.2.8-ipc-caps.patch #533966 |
316 |
- "${FILESDIR}"/${PN}-4.2.8-sntp-test-pthreads.patch #563922 |
317 |
- "${FILESDIR}"/${P}-fix-build-wo-ssl-or-libressl.patch |
318 |
-) |
319 |
- |
320 |
-pkg_setup() { |
321 |
- enewgroup ntp 123 |
322 |
- enewuser ntp 123 -1 /dev/null ntp |
323 |
-} |
324 |
- |
325 |
-src_prepare() { |
326 |
- epatch "${PATCHES[@]}" |
327 |
- append-cppflags -D_GNU_SOURCE #264109 |
328 |
- # Make sure every build uses the same install layout. #539092 |
329 |
- find sntp/loc/ -type f '!' -name legacy -delete || die |
330 |
- # Disable pointless checks. |
331 |
- touch .checkChangeLog .gcc-warning FRC.html html/.datecheck |
332 |
-} |
333 |
- |
334 |
-src_configure() { |
335 |
- # avoid libmd5/libelf |
336 |
- export ac_cv_search_MD5Init=no ac_cv_header_md5_h=no |
337 |
- export ac_cv_lib_elf_nlist=no |
338 |
- # blah, no real configure options #176333 |
339 |
- export ac_cv_header_dns_sd_h=$(usex zeroconf) |
340 |
- export ac_cv_lib_dns_sd_DNSServiceRegister=${ac_cv_header_dns_sd_h} |
341 |
- # Increase the default memlimit from 32MiB to 128MiB. #533232 |
342 |
- econf \ |
343 |
- --with-lineeditlibs=readline,edit,editline \ |
344 |
- --with-yielding-select \ |
345 |
- --disable-local-libevent \ |
346 |
- --docdir='$(datarootdir)'/doc/${PF} \ |
347 |
- --htmldir='$(docdir)/html' \ |
348 |
- --with-memlock=256 \ |
349 |
- $(use_enable caps linuxcaps) \ |
350 |
- $(use_enable parse-clocks) \ |
351 |
- $(use_enable ipv6) \ |
352 |
- $(use_enable debug debugging) \ |
353 |
- $(use_with readline lineeditlibs readline) \ |
354 |
- $(use_enable samba ntp-signd) \ |
355 |
- $(use_with snmp ntpsnmpd) \ |
356 |
- $(use_with ssl crypto) \ |
357 |
- $(use_enable threads thread-support) |
358 |
-} |
359 |
- |
360 |
-src_install() { |
361 |
- default |
362 |
- # move ntpd/ntpdate to sbin #66671 |
363 |
- dodir /usr/sbin |
364 |
- mv "${ED}"/usr/bin/{ntpd,ntpdate} "${ED}"/usr/sbin/ || die "move to sbin" |
365 |
- |
366 |
- dodoc INSTALL WHERE-TO-START |
367 |
- doman "${WORKDIR}"/man/*.[58] |
368 |
- |
369 |
- insinto /etc |
370 |
- doins "${FILESDIR}"/ntp.conf |
371 |
- use ipv6 || sed -i '/^restrict .*::1/d' "${ED}"/etc/ntp.conf #524726 |
372 |
- newinitd "${FILESDIR}"/ntpd.rc-r1 ntpd |
373 |
- newconfd "${FILESDIR}"/ntpd.confd ntpd |
374 |
- newinitd "${FILESDIR}"/ntp-client.rc ntp-client |
375 |
- newconfd "${FILESDIR}"/ntp-client.confd ntp-client |
376 |
- newinitd "${FILESDIR}"/sntp.rc sntp |
377 |
- newconfd "${FILESDIR}"/sntp.confd sntp |
378 |
- if ! use caps ; then |
379 |
- sed -i "s|-u ntp:ntp||" "${ED}"/etc/conf.d/ntpd || die |
380 |
- fi |
381 |
- sed -i "s:/usr/bin:/usr/sbin:" "${ED}"/etc/init.d/ntpd || die |
382 |
- |
383 |
- keepdir /var/lib/ntp |
384 |
- use prefix || fowners ntp:ntp /var/lib/ntp |
385 |
- |
386 |
- if use openntpd ; then |
387 |
- cd "${ED}" |
388 |
- rm usr/sbin/ntpd || die |
389 |
- rm -r var/lib |
390 |
- rm etc/{conf,init}.d/ntpd |
391 |
- rm usr/share/man/*/ntpd.8 || die |
392 |
- else |
393 |
- systemd_newunit "${FILESDIR}"/ntpd.service-r2 ntpd.service |
394 |
- use caps && sed -i '/ExecStart/ s|$| -u ntp:ntp|' "${ED}"/usr/lib/systemd/system/ntpd.service |
395 |
- systemd_enable_ntpunit 60-ntpd ntpd.service |
396 |
- fi |
397 |
- |
398 |
- systemd_newunit "${FILESDIR}"/ntpdate.service-r1 ntpdate.service |
399 |
- systemd_install_serviced "${FILESDIR}"/ntpdate.service.conf |
400 |
- systemd_newunit "${FILESDIR}"/sntp.service-r2 sntp.service |
401 |
- systemd_install_serviced "${FILESDIR}"/sntp.service.conf |
402 |
-} |
403 |
- |
404 |
-pkg_postinst() { |
405 |
- if grep -qs '^[^#].*notrust' "${EROOT}"/etc/ntp.conf ; then |
406 |
- eerror "The notrust option was found in your /etc/ntp.conf!" |
407 |
- ewarn "If your ntpd starts sending out weird responses," |
408 |
- ewarn "then make sure you have keys properly setup and see" |
409 |
- ewarn "https://bugs.gentoo.org/41827" |
410 |
- fi |
411 |
-} |