diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 18:43:21 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 18:43:21 +0000 |
commit | deb490e3727e8ab8c24e3fecbd91c8c7882bde3a (patch) | |
tree | 7d1bdaf4c2a0c63730410c2e0649369d3d5843f8 | |
parent | Adding upstream version 3.4. (diff) | |
download | chrony-fc5d1b0d200d23e6a96306e511ef2b557d6faa2e.tar.xz chrony-fc5d1b0d200d23e6a96306e511ef2b557d6faa2e.zip |
Adding debian version 3.4-4+deb10u2.debian/3.4-4+deb10u2debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
45 files changed, 3444 insertions, 0 deletions
diff --git a/debian/.gitlab-ci.yml b/debian/.gitlab-ci.yml new file mode 100644 index 0000000..6eed751 --- /dev/null +++ b/debian/.gitlab-ci.yml @@ -0,0 +1,7 @@ +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml + + +variables: + RELEASE: 'buster' diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 0000000..c25bd51 --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,58 @@ +chrony (3.4-2) unstable; urgency=medium + + To reduce the range of operations available to chronyd, and thereby decrease + the kernel attack surface, a system call filter is now active by default + wherever¹ possible. + Please, take into account that this change prevents the use of the + “mailonchange” directive in chrony.conf as the chronyd process will not be + allowed to fork and execute the sendmail binary. Therefore, it is fundamental + to disable the system call filter to continue using this directive! + + To do so, edit the /etc/default/chrony file and substitute the “-F -1” + parameter with “-F 0”. Restart chrony afterward. + + ¹Are currently excluded alpha, ia64, m68k, riscv64, sh4 and sparc64 + architectures due to lack of support in “libseccomp” and/or the Linux kernel. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 10 Feb 2019 18:44:22 +0100 + +chrony (2.2.1-1) unstable; urgency=medium + + In chrony versions before 2.2, the 'chrony.keys' file contained a command + key used for run-time configuration via the 'chronyc' command-line tool. + Starting from this version, support for this authentication method has been + dropped in favor of a Unix domain socket accessible only *locally* by root or + the _chrony system user. Consequently, if you refuse to use the 'chrony.keys' + file template provided by the maintainers when upgrading, please don’t forget + to manually remove the obsolete command key (ID 1) in the aforementioned file. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 07 Feb 2016 17:02:30 +0100 + +chrony (2.1.1-1) unstable; urgency=medium + + From this version, 'chronyd' will strictly act as an NTP client by default. If + you want it to serve time to other systems, please do so by configuring the + 'allow' directive. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 12 Oct 2015 19:12:39 +0200 + +chrony (1.31.1-1) unstable; urgency=medium + + From now on, we use the "hwclockfile" directive in /etc/chrony/chrony.conf. + Basically, it makes the detection of the standard (Local or UTC time) set + in /etc/adjtime — and used by the hardware clock — clearer compared to the + text processing method we used to use in the post install script to complete + the same task. Note that it overrides the "rtconutc" directive. + + Also, we now create the _chrony system user to which chronyd will drop root + privileges. For users already allowing chronyd to drop root privileges in + favor of the user configured by the "user" directive in + /etc/chrony/chrony.conf, your configuration will remain unchanged and will + still work as intended. + However, some users might use a custom init script to accomplish the same + task by invoking chronyd with the '-u' option. We advise you to drop this + option from your init script before upgrading, otherwise you’ll have to + readjust the owner of the /var/l{ib,og}/chrony directories (recursively) to + the user you configured in your init script. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 6 Sep 2015 22:14:54 +0200 diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 0000000..2ec089a --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,29 @@ +Chrony for Debian +----------------- + + Notes about Debian-specific changes: + + - Default chrony’s configuration files are located in the /etc/chrony directory. + It is filled by two important files: + → chrony.conf (configuration of the chronyd daemon, see man 5 chrony.conf + for further information) + + → chrony.keys (lists keys used for NTP packets authentication, see + § 4.2.24 in /usr/share/doc/chrony/chrony.txt.gz) + + - We also provide /etc/ppp/ip-up.d/chrony and /etc/ppp/ip-down.d/chrony + to put chronyd online/offline depending on the PPP link status. + + - Since version 1.31.1-1, we create the _chrony system user to which chronyd + will drop root privileges on initialisation. For users already allowing + chronyd to drop root privileges in favor of the user configured by the "user" + directive in chrony.conf, your configuration will remain unchanged and will + still work as it did. However, if you don’t want to deviate from Debian’s + default configuration, delete or comment out the "user" directive in + chrony.conf and recursively change the owner of the /var/lib/chrony and + /var/log/chrony directories. For example: + + # sed -i 's/^user/#user/' /etc/chrony/chrony.conf + # chown -R _chrony:_chrony /var/l{ib,og}/chrony + + -- Vincent Blut <vincent.debian@free.fr> Mon, 16 Jan 2017 18:44:32 +0100 diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..84ee4cc --- /dev/null +++ b/debian/changelog @@ -0,0 +1,1868 @@ +chrony (3.4-4+deb10u2) buster; urgency=medium + + * debian/usr.sbin.chronyd: + - Allow reading the chronyd configuration file that timemaster(8) + generates. Thanks to Michael Lestinsky for the report! (Closes: #1004745) + + -- Vincent Blut <vincent.debian@free.fr> Tue, 15 Mar 2022 13:45:14 +0100 + +chrony (3.4-4+deb10u1) buster; urgency=medium + + * debian/patches/: + - Add create-new-file-when-writing-pidfile.patch to prevent symlink race + when writing to PID file (CVE-2020-14367). + + * debian/tests/: + - Fix a regression when running upstream-simulation-test-suite autopkgtest + on Buster. + + [ Matt Corallo ] + * debian/usr.sbin.chronyd: + - Fix temperature reading. (Closes: #970421) + + -- Vincent Blut <vincent.debian@free.fr> Wed, 16 Sep 2020 13:44:04 +0200 + +chrony (3.4-4) unstable; urgency=medium + + * debian/patches/*: + - Add allow-further-syscalls-in-seccomp-filter.patch. Supplementing the + seccomp filter whitelist with those syscalls is a prerequisite, notably for + the arm64 architecture. + + [ Leigh Brown ] + * debian/patches/*: + - Add allow-recv-send-in-seccomp-filter.patch. Necessary on armel and + ppc64el. Other architectures might also be affected. (Closes: #924494) + + -- Vincent Blut <vincent.debian@free.fr> Mon, 18 Mar 2019 19:35:34 +0100 + +chrony (3.4-3) unstable; urgency=medium + + * debian/.gitlab-ci.yml: + - Check for missing hardening flags. + + * debian/patches/*: + - Add allow-_llseek-in-seccomp-filter.patch. Needed on various 32-bit + plateforms to log the {raw}measurements and statistics information when + the seccomp filter is enabled. Thanks a lot to Francesco Poli (wintermute) + <invernomuto@paranoici.org> for the report. (Closes: #923137) + - Add allow-waitpid-in-seccomp-filter.patch. Needed to correctly stop + chronyd on some plateforms when the seccomp filter is enabled. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 04 Mar 2019 23:32:12 +0100 + +chrony (3.4-2) unstable; urgency=medium + + * debian/.gitlab-ci.yml: + - Replace home-made GitLab CI with the standard Salsa pipeline. + - Allow autopkgtest job to fail. The time-sources-from-dhcp-servers test + currently fails due to a testbed issue on salsa CI. + + * debian/chrony.default: + - Enable the system call filter by default. + + * debian/control: + - Bump standard-version to 4.3.0 (no changes required). + - Use the new debhelper-compat (= 12) notation and drop d/compat. + - Add Pre-Depends: ${misc:Pre-Depends}. Debhelper compatibility level 12 + makes use of the “--skip-systemd-native” flag from “invoke-rc.d”. Adding + Pre-Depends: ${misc:Pre-Depends} to d/control ensure that we have a recent + enough version of “init-system-helpers”. + - Suggest networkd-dispatcher. + + * debian/copyright: + - Add myself as a copyright holder for 2019. + + * debian/links: + - Now that “networkd-dispatcher” is in the Debian archive, link + NetworkManager dispatcher script to networkd-dispatcher routable and off + states. Patch cherry-picked from Ubuntu; thanks to Christian Ehrhardt + <christian.ehrhardt@canonical.com> for working on this. + + * debian/NEWS: + - Report that a system call filter is now enabled by default and the way + to disable it if needed. + + * debian/rules: + - Don’t enable the system call filter on some architectures due to missing + support in the “libseccomp” and/or the Linux kernel. + + * debian/upstream/: + - Strip upstream key from extra signatures. Thanks lintian! + - Remove the Miroslav-Lichvar.txt file as it serves no purpose. + + * debian/usr.sbin.chronyd: + - Don’t include “tunables/sys”. The etc/apparmor.d/tunables/sys file has + been deprecated in AppArmor 2.13.1! The @{sys} variable is now defined in + “tunables/kernelvars” which is included in “tunables/global”. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 13 Feb 2019 17:08:17 +0100 + +chrony (3.4-1) unstable; urgency=medium + + * Import upstream version 3.4: + - Please see /usr/share/doc/chrony/NEWS.gz for the release notes. + + * Merge branch “experimental” into “master”. + + * debian/chrony.service: + - Conflict with ntpsec.service. + + * debian/copyright: + - Update copyright years. + + * debian/patches/*: + - Remove fix-samplefilt-unit-test-to-work-with-low-precision-clock.patch, + fixed upstream. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 21 Sep 2018 14:12:03 +0200 + +chrony (3.4~pre1-2) experimental; urgency=medium + + * debian/patches/*: + - Cherry-pick upstream patch to fix samplefilt unit test to work with + low-precision clocks. This should prevent chrony from failing to build + from source on HPPA and Alpha. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 10 Sep 2018 18:39:58 +0200 + +chrony (3.4~pre1-1) experimental; urgency=medium + + * Import upstream version 3.4-pre1: + - Please see /usr/share/doc/chrony/NEWS.gz for the release notes. + + * debian/: + - Add “.gitlab-ci.yml” file to use GitLab Continuous Integration. + + * debian/chrony.if-{post-down,up}: + - Use the new “onoffline” command to tell chronyd to switch all sources to + the online or offline status according to the current network configuration. + + * debian/chrony.ppp.ip-{down,up}: + - As for ifupdown scripts, use the “onoffline” command. + + * debian/control: + - Bump standard-version to 4.2.1 (no changes required). + + * debian/patches/*: + - Remove fall-back-to-urandom.patch. Applied in this prerelease. + + * debian/post{inst,rm}: + - Use “command -v” instead of “which” to enhance portability. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 02 Sep 2018 19:14:08 +0200 + +chrony (3.3-3) unstable; urgency=medium + + * debian/: + - Normalize packaging with “wrap-and-sort -ab”. + + * debian/control: + - Bump standard-version to 4.2.0: + ↳ Install upstream release notes as “/usr/share/doc/chrony/NEWS.gz”. + Installing these as “/usr/share/doc/package/changelog.gz” is now + deprecated. + + * debian/patches/: + - Cherry-pick upstream patch to avoid hangs when starting + chronyd on newer kernels by falling back to urandom. + Thanks to Gustavo Scalet <gustavo.scalet@collabora.com> for the report and + the initial patch. (LP: #1787366, Closes: #906276) + + * debian/upstream/metadata: + - Add DEP12 upstream metadata file. + + -- Vincent Blut <vincent.debian@free.fr> Sat, 18 Aug 2018 16:23:19 +0200 + +chrony (3.3-2) unstable; urgency=medium + + * debian/chrony.service: + - Conflict with ntp.service. + + * debian/control: + - Bump standard-version to 4.1.4 (no changes required). + - Switch to the Nettle cryptographic library for hash functions. + + [ Helmut Grohne ] + * debian/rules: + - Pass CC to make and set “--host-system” to fix FTCBFS. (Closes: #895852) + + [ Christian Ehrhardt ] + * debian/usr.sbin.chronyd: + - Support all paths suggested in the man page. + (LP: #1771028, Closes: #898614) + + -- Vincent Blut <vincent.debian@free.fr> Mon, 14 May 2018 21:37:30 +0200 + +chrony (3.3-1) unstable; urgency=medium + + * Import upstream version 3.3: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * Merge branch “experimental” into “master”. + + * debian/copyright: + - Update copyright year. + + * debian/usr.sbin.chronyd: + - Allow CAP_NET_ADMIN to support HW timestamping. (LP: #1761327) + + -- Vincent Blut <vincent.debian@free.fr> Thu, 05 Apr 2018 02:08:31 +0200 + +chrony (3.3~pre1-1) experimental; urgency=medium + + * Import upstream version 3.3-pre1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/copyright: + - Add “hash_nettle.c” copyright information and update copyright year of + test/unit/* + + -- Vincent Blut <vincent.debian@free.fr> Thu, 15 Mar 2018 13:58:21 +0100 + +chrony (3.2-5) unstable; urgency=medium + + [ Christian Ehrhardt ] + * debian/usr.sbin.chronyd: + - Allow write access to RTC, PPS and PTP devices. + (Closes: #891201, LP: #1751241) + + -- Vincent Blut <vincent.debian@free.fr> Wed, 28 Feb 2018 17:31:08 +0100 + +chrony (3.2-4) unstable; urgency=medium + + * debian/changelog: + - Remove trailing spaces. + + * debian/chrony-dnssrv@.service: + - Use NTP servers obtained from DNS SRV records. + + * debian/chrony-dnssrv@.timer: + - Periodic lookup of DNS SRV records. + + * debian/chrony-helper: + - New helper script to make use of NTP servers obtained from DHCP and + _ntp._udp DNS SRV records. + + * debian/chrony.dhcp: + - Add a dhclient-exit-hook script to add/remove NTP servers depending + on the operations invoked by the DHCP client. (Closes: #889656) + + * debian/chrony.service: + - Run “/usr/lib/chrony/chrony-helper update-daemon” after starting chronyd. + + * debian/control: + - Suggest dnsutils. The dig utility is used to update files with NTP + servers from DNS SRV records. + + * debian/init: + - Run “/usr/lib/chrony/chrony-helper update-daemon” after starting chronyd. + + * debian/install: + - Install the chrony-helper script in /usr/lib/chrony. + - Install chrony-dnssrv@.* files in /lib/systemd/system. + + * debian/postinst: + - Don’t use recursive chown as this is vulnerable to hardlink attacks on + mainline, non-Debian kernels that do not have fs.protected_hardlinks=1. + Thanks Lintian! + + * debian/postrm: + - Remove “/run/chrony” on purge. + + * debian/rules: + - Install the dhclient-exit-hook script in /etc/dhcp/dhclient-enter-hooks. + + * debian/tests/: + - Use autopkgtest to ensure that chronyd can use NTP servers obtained from + DHCP servers. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 20 Feb 2018 18:27:10 +0100 + +chrony (3.2-3) unstable; urgency=medium + + [ Christian Ehrhardt ] + * debian/chrony.default: + - Mention systemd service file in the comment. + + * debian/chrony.service: + - Support the DAEMON_OPTS variable from “/etc/default/chrony” in systemd + environment. (LP: #1746081, Closes: #889012) + + * debian/usr.sbin.chronyd: + - Allow the creation of /run/chrony on demand. + (LP: #1746444, Closes: #889011) + + -- Vincent Blut <vincent.debian@free.fr> Wed, 07 Feb 2018 21:27:09 +0100 + +chrony (3.2-2) unstable; urgency=medium + + * Initial AppArmor profile for chronyd. Thanks to Jamie + Strandboge <jamie@ubuntu.com>. (Closes: #888038) + + * debian/compat: + - Bump to debhelper compat 11. + + * debian/control: + - Bump standard-version to 4.1.3 (no changes required). + - Build depend on debhelper ≥ 11. + - Set “Rules-Requires-Root: no”. + - Move Vcs-* to salsa.debian.org. + + * debian/copyright: + - Add myself as a copyright holder for 2018. + + * debian/postinst: + - Don’t force removal of cron file since it doesn’t exist anymore. + + * debian/preinst: + - Update the chrony version on which to act. + - Add the debhelper token. + + * debian/usr.sbin.chronyd: + - Improve AppArmor profile to support more chronyd features and ease + portability with other distros. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 28 Jan 2018 19:33:46 +0100 + +chrony (3.2-1) unstable; urgency=medium + + * Import upstream version 3.2: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 15 Sep 2017 11:37:10 +0200 + +chrony (3.2~pre2-1) experimental; urgency=medium + + * Import upstream version 3.2-pre2: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/control: + - Bump standard-version to 4.1.0 (no changes required). + + * debian/copyright: + - Update copyright years. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 30 Aug 2017 15:48:37 +0200 + +chrony (3.2~pre1-1) experimental; urgency=medium + + * Import upstream version 3.2-pre1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/patches/*: + - Remove allow_getpid_in_seccomp_filter.patch and update the series file + accordingly. + + * debian/tests/upstream-simulation-test-suite: + - Run tests in multiple iterations. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 25 Jul 2017 21:13:22 +0200 + +chrony (3.1-5) unstable; urgency=medium + + * debian/chrony.if-up: + - Do not pass the “burst” command to chronyc as the script could return an + error in certain situations. As a consequence, that would prevent ifupdown + from writing the current state of the interfaces in /run/network/ifstate. + Thanks to John Eikenberry <jae@zhar.net> for reporting that issue. + (Closes: #868491) + + * debian/chrony.ppp.ip-up: + - Take the same action as for the “chrony.if-up” script as a precautionary + measure. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 17 Jul 2017 16:47:56 +0200 + +chrony (3.1-4) unstable; urgency=medium + + * Now that Stretch has been released (\o/), let’s upload chrony 3.1 to + unstable. + + * debian/: + - Remove the menu file used to launch “chronyc”. It is a CLI only tool, + thus it probably does not make a lot of sense to keep it in the Debian + menu. + + * debian/control: + - Drop dependency on pre-jessie util-linux version. + - Bump standard-version to 4.0.0 (no changes required). + + * debian/tests/upstream-simulation-test-suite: + - Fix the leading comment which mentioned “vm” despite the fact that the + test runs in a container. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 19 Jun 2017 02:30:10 +0200 + +chrony (3.1-3) experimental; urgency=medium + + * debian/chrony.if-{post-down,up}: + - Remove unnecessary “else” statements. + + * debian/chrony.ppp.ip-down: + - Don’t check and delete “/var/run/chrony-ppp-up”, that file doesn’t exist + anymore. + - Check for pid file existence instead of calling “pidof”. + + * debian/chrony.ppp.ip-up: + - Don’t create “/var/run/chrony-ppp-up” file after the ppp link came up. + - Check for pid file existence instead of calling “pidof”. + - Don’t call “chronyc” using its absolute path. + - Check for the presence of a default route before advising “chronyd” that + the network connectivity to the sources is ready. + + * debian/init: + - Check if “$PIDFILE” exists before taking action. + - Do not print informational messages. + - Remove the “chronyd” pid file when stopping as it doesn’t do it on + its own. + - Rework the “restart|force-reload” pattern. + - Make use of some init-functions. + - Print a message if “chronyd” is already running while attempting to start + it. + - Do not delete “/var/run/chrony-ppp-up”, that file doesn’t exist anymore. + + * d/rules: + - Move the default pid file from “/var/run” to “/run”. + + * d/tests/*: + - Use autopkgtest facility to run the upstream simulation test suite. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 14 May 2017 17:26:15 +0200 + +chrony (3.1-2) experimental; urgency=medium + + * Merge branch 'master' into experimental. (Closes: #861258) + + * debian/patches/*: + - Remove the “fix_time_smoothing_in_interleaved_mode.patch” patch. Not + needed anymore. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 26 Apr 2017 21:17:43 +0200 + +chrony (3.1-1) experimental; urgency=medium + + * Import upstream version 3.1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/chrony.conf: + - Remove the “hwclockfile” directive. Unneeded now that the configure + script allows us to set the default path to the adjtime file via the + “--with-hwclockfile” option. + + * debian/copyright: + - Update copyright years. + + * debian/rules: + - Specify default path to hwclock adjtime file. + + -- Vincent Blut <vincent.debian@free.fr> Thu, 02 Feb 2017 19:24:30 +0100 + +chrony (3.0-4) unstable; urgency=medium + + * debian/patches/*: + - Backport commit 768bce799bfe to make chrony operable with the syscall + filtering feature enabled in level 1. (Closes: #861258) + + -- Vincent Blut <vincent.debian@free.fr> Wed, 26 Apr 2017 17:39:44 +0200 + +chrony (3.0-3) unstable; urgency=medium + + * debian/patches/*: + - Backport an upstream patch to fix time smoothing in interleaved mode. + (Closes: #854424) + + -- Vincent Blut <vincent.debian@free.fr> Tue, 07 Feb 2017 00:37:24 +0100 + +chrony (3.0-2) unstable; urgency=medium + + * debian/chrony.conf: + - Disable logging by default, it waste some disk space and users are + probably better served by “chronyc sources” and “chronyc sourcestats” + commands anyway. + + * debian/chrony.service: + - Remove the “Restart=on-failure” option. There are possible security + implications for NTP clients. + + * debian/dirs: + - Add etc/logrotate.d to avoid build failure. + + * Remove our logrotate configuration file in favour of the upstream’s one. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 18 Jan 2017 15:26:31 +0100 + +chrony (3.0-1) unstable; urgency=medium + + * Import upstream version 3.0: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * Merge branch “experimental”: + - Enable support for MS-SNTP authentication in Samba. + - Rename --chronysockdir to --chronyrundir. + - Enable seccomp facility on powerpcspe. + + * debian/chrony.conf: + - Make use of the “makestep” directive to step the system clock instead of + slewing it when necessary. + - Drop the “offline” option as per upstream’s advice to render chrony’s + start-up sequence safer. + + * debian/chrony.service: + - Reflect init-helper script deletion. + + * debian/copyright: + - Add myself as a copyright holder for 2017. + - Adjust copyright holders and update some copyright years. Kudos to Paul + Gevers <elbrus@debian.org> for spotting the necessary updates. + + * debian/init: + - Reflect init-helper script deletion. + + * debian/install: + - Don’t install the init-helper script, it has been deleted. + + * debian/README.Debian: + - Remove obsolete information. + + * Remove the init-helper script as it no longer needed. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 17 Jan 2017 22:05:31 +0100 + +chrony (3.0~pre3-1) experimental; urgency=low + + * Import upstream version 3.0-pre3: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 06 Jan 2017 14:20:13 +0100 + +chrony (3.0~pre2-2) experimental; urgency=low + + * Merge branch “master”. + + * Enable seccomp facility on powerpcspe. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 03 Jan 2017 18:17:13 +0100 + +chrony (3.0~pre2-1) experimental; urgency=low + + * Import upstream version 3.0-pre2: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + -- Vincent Blut <vincent.debian@free.fr> Thu, 15 Dec 2016 15:23:44 +0100 + +chrony (3.0~pre1-1) experimental; urgency=low + + * Import upstream version 3.0-pre1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/copyright: + - Mention new files. + + * debian/rules: + - Enable support for MS-SNTP authentication in Samba. + - Rename --chronysockdir to --chronyrundir. + + -- Vincent Blut <vincent.debian@free.fr> Sat, 10 Dec 2016 16:30:19 +0100 + +chrony (2.4.1-3) unstable; urgency=medium + + * debian/apm: + - Removing that script as APM as been replaced by ACPI long time ago, thus + it’s highly probable that it isn’t useful anymore. + + * debian/chrony.maintscript: + - Remove the apm script’s conffile. + + * debian/chrony.service: + - Supply a systemd service file. + - Update unit section’s description. Add chronyc and chrony.conf man pages + information and remove reference to “/usr/share/doc/chrony.txt.gz” which + is not generated anymore. + - Update unit section’s documentation. + + * debian/dirs: + - Don’t create etc/apm/event.d as the apm script isn’t provided anymore. + + * debian/init: + - Convert to use the init-helper script. + + * debian/init-helper: + - Add a helper script that will be used to maintain feature parity between + the SysV script and the systemd service file. + + * debian/install: + - Install the init-helper script in “/usr/lib/chrony”. + + * debian/rules: + - Don’t install the now removed apm script. + + -- Vincent Blut <vincent.debian@free.fr> Thu, 22 Dec 2016 02:16:54 +0100 + +chrony (2.4.1-2) unstable; urgency=medium + + * debian/chrony.conf: + - Don’t create sample histories by default. Using that feature does not + make a lot of sense when using a pool of rapidely rotating time servers. + - Remove unused directives. + - Improve (well, I hope! ;-) ) the configuration file readability. + - Reword the driftfile directive commentary. + - Shorten the lead-in comment. + + * debian/control: + - Build-depend on pps-tools only on linux. + - Remove libnss3-dev from Build-Depends until #846012 is fixed. + + * debian/init: + - Don’t pass the “-r” option when restarting chronyd as we have disabled + the creation of sample histories by default. + + * debian/rules: + - Drop dh_auto_build override. Nowadays, the documentation is built by + default. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 9 Dec 2016 16:58:32 +0100 + +chrony (2.4.1-1) unstable; urgency=medium + + * Import upstream version 2.4.1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/chrony.default: + - New file used to pass options to chronyd. Thanks to nutzteil + <nutzteil@web.de> for the suggestion and the initial patch. + (Closes: #834240) + + * debian/compat: + - Bump to debhelper compat 10. + + * debian/control: + - Build depend on debhelper ≥ 10. + + * debian/copyright: + - Use HTTPS for all URI. + + * debian/init: + - Read and execute options assigned to the “DAEMON_OPTS” variable. + + * debian/rules: + - Drop dh “--parallel” option. Enabled by default in debhelper 10. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 21 Nov 2016 12:58:05 +0100 + +chrony (2.4-1) unstable; urgency=medium + + The “Fix decade-old bug reports” release. + + * Import upstream version 2.4: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/chrony.if-{up,post-down}: + - New scripts used to put chronyd online/offline depending on the + state of the connection. (Closes: #240528,#312092,#389961) + + * debian/chrony.keys: + - Highlight “chronyc keygen” command to generate keys. + + * debian/chrony.ppp.ip-down: + - Be sure that there is no default route before going offline. + (Closes: #252131) + + * debian/control: + - Remove install-info dependency. + - Remove texinfo build dependency since documentation in Texinfo format + has been dropped upstream. + - Build depend on asciidoctor ≥ 1.5.3-1~. The version constraint is + important since chrony’s man pages are generated from “adoc” files, a + functionality that has been added in asciidoctor 1.5.3. + + * debian/dirs: + - Add “etc/NetworkManager/dispatcher.d”. + + * debian/doc-base: + - Remove the file since we do not generate chrony.{html,txt} anymore. + + * debian/docs: + - Remove references to chrony.{html,txt}. + + * debian/patches/*: + - Drop fix-ftbfs-on-powerpc-ppc64-ppc64el.diff; applied upstream. + - Update the “series” file accordingly. + + * debian/postinst: + - Use ucfr to associate chrony with its configuration files. Suggested by + Paul Gevers <elbrus@debian.org> + + * debian/postrm: + - Remove all vestiges of the association between chrony and its + configuration files. Also suggested by Paul Gevers <elbrus@debian.org> + + * debian/rules: + - Provide upstream NetworkManager dispatcher script. + + * debian/watch: + - Use HTTPS to fetch new upstream releases. + - Switch to version 4 format. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 17 Jun 2016 17:20:08 +0200 + +chrony (2.3-2) unstable; urgency=low + + * Cherry pick upstream patch to fix FTBFS on PowerPC, ppc64 and ppc64el + architectures. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 20 May 2016 14:21:14 +0200 + +chrony (2.3-1) unstable; urgency=low + + * Import upstream version 2.3: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + (Closes: #818235) + + * debian/chrony.conf: + - Drop the “logchange” directive. Upstream has enabled “logchange” by + default with a threshold of 1 second. We now use that instead of our custom + threshold of 0,5 second which tended to spam syslog. + - Remove obsolete comment. + + * debian/chrony.lintian-overrides: + - Update “chrony.keys” path + + * debian/control: + - Bump standard-version to 3.9.8 (no changes required). + - Use HTTPS transport protocol for the homepage URL. + + * debian/copyright: + - Add some entries about new or untracked files. + + * debian/postinst: + - Move /usr/share/chrony/chrony.keys template to /etc/chrony using ucf. + - Avoid displaying needless prompt when upgrading to chrony ≥ 2.2.1-1. + (Closes: #820087) + + * debian/postrm: + - Remove chrony.keys on purge. + - Remove all vestiges of chrony.keys from the state hashfile. + + * debian/rules: + - Re-enable test suite. + - Remove dh_installinit override. The init script is LSB-compliant so + passing the “default” option or the two-digit sequence number is unneeded. + - Explicitly set the NTP era. With this change, the NTP time will be + mapped from 1970-01-01T00:00:00Z to 2106-02-07T06:28:16Z. Thanks to this + fixed value, chrony build should be reproducible. + - Move the key file template (chrony.keys) in /usr/share/chrony. + - Force /usr/share/chrony/chrony.keys to use 0640 modes. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 18 May 2016 23:13:05 +0200 + +chrony (2.2.1-1) unstable; urgency=medium + + * Import upstream versions 2.2 and 2.2.1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + - The 2.2.1 release version fixes CVE-2016-1567. (Closes: #812923) + + * debian/chrony.conf: + - Drop the commandkey directive. It is obsolete since the introduction of a + Unix domain command socket in chrony 2.2. + - Fix keyfile directive commentary. + + * debian/chrony.keys: + - New file template. + + * debian/chrony.lintian-overrides: + - New file used to force lintian to stop complaining about the “chrony.keys” + file modes (0640). + + * debian/chrony.ppp.ip-down: + - Drop obsolete authentication method to the chronyd daemon. This is now + handled by the usage of a Unix domain command socket. + + * debian/chrony.ppp.ip-up: + - Drop obsolete authentication method to the chronyd daemon. This is now + handled by the usage of a Unix domain command socket. + - Reinstate the “burst” chronyc command. + + * debian/control: + - Build depend on libseccomp-dev ≥ 2.2.3-3~. We need it to provide syscall + filtering. + - Fix a typo relative to the name of an architecture. + - Build depend on pkg-config. + - Restrict libcap-dev build dependency on Linux only. + - Depend on iproute2 instead of net-tools. + - Drop timelimit dependency. + - Update Vcs-Git to use HTTPS. + - Bump standard-version to 3.9.7 (no changes required). + + * debian/copyright: + - Update copyright year for debian/*. + + * debian/init: + - Make use of “ip r” instead of “netstat -rn”. (Closes: #818234) + - Delete unused “FLAGS” variable. + - Do not execute ip and chronyc through timelimit. + - Don’t call chronyc using its absolute path. + - Check if the value of the DAEMON variable is executable. + - Drop the two seconds delay as it should be unnecessary. + - Drop obsolete authentication method from the putonline() function. + - Fix indentation issue in the putonline() function. + + * debian/logrotate: + - Do not pass the “-a” option to chronyc, it’s no longer necessary. + + * debian/NEWS: + - Add a comment about the command key suppression from the “chrony.keys” + file. + + * debian/patches/: + - Drop 01_do-not-install-copying-file.patch, not needed anymore. + ↳ Remove reference to that patch from the series file. + + * debian/postinst: + - Do not create an ID/key pair for command authentication. Configuration + and monitoring via chronyc is now done using Unix domain socket accessible + by root or by the system user to which chronyd will drop root privileges, + i.e. _chrony. + + * debian/postrm: + - Remove /var/lib/chrony content only on purge. (Closes: #568492) + + * debian/README.Debian: + - Drop obsolete statement. + + * debian/rules: + - Build with --enable-scfilter. + - Install the “chrony.keys” file in /etc/chrony/ with 0640 modes. + - Override dh_fixperms to prevent it from modifying modes of the + “chrony.keys” file. By default, dh_fixperms tries to set the default modes + (0644). + - Move the “chronyd.sock” file from /var/run/chrony to /run/chrony. + + -- Vincent Blut <vincent.debian@free.fr> Sat, 19 Mar 2016 14:42:23 +0100 + +chrony (2.1.1-1) unstable; urgency=medium + + * Import upstream version 2.0 and 2.1.1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/: + - Rename ppp scripts from ip-{up,down} to chrony.ppp.ip-{up,down}. + Necessary to let dh_installppp do its magic. + + * debian/chrony.conf: + - Use the new 'pool' directive to specify the pool of NTP servers. + - Use the iburst option to speed up the initial synchronization. + - Drop the minpoll option. There is no point to deviate from upstream here. + Consequently, the default minimum polling interval is now 64 seconds + instead of 256 seconds. + - Enable kernel synchronization of the RTC via the 'rtcsync' directive. + - Drop the commented out 'rtcfile' directive in the configuration file. + - Stricly act as an NTP client by default. Serving time to other systems + should be the decision of the administrator(s). (Closes: #778770) + - Clarify some comments. + - Improve comment about the 'commandkey' directive. + + * debian/control: + - Drop 'Recommends: udev (>= 0.124-1)' since it predates Debian squeeze. + + * debian/copyright: + - Update copyright years. + - Various cleanups. + - Update relative to sys_macosx.{c,h} files. + - The test/simulation/test.common file is under the GPL-2+ license. + Thanks to Paul Gevers <elbrus@debian.org> for catching it. + + * debian/NEWS: + - Comment the deactivation of the NTP server capability by default. + + * debian/patches/: + - Refresh 01_do-not-install-copying-file.patch. + + * debian/README.Debian: + - Fix misleading information. + + * debian/rules: + - No need to install ppp scripts from the 'rules' script. Let dh_installppp + handle that. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 18 Nov 2015 00:11:23 +0100 + +chrony (1.31.1-2) unstable; urgency=medium + + * Rename the NEWS.Debian file to NEWS. dh_installchangelogs doesn’t seems + to be able to deal with the former name. + + -- Vincent Blut <vincent.debian@free.fr> Thu, 17 Sep 2015 21:50:30 +0200 + +chrony (1.31.1-1) unstable; urgency=medium + + * Import upstream version 1.31 and 1.31.1: + - Please see /usr/share/doc/chrony/changelog.gz for release notes. + + * debian/chrony.conf: + - Use the 'hwclockfile' directive. Avoid using text processing methods in + the post install script to find out if the RTC keeps local time or UTC. + (Closes: #778710) + + * debian/clean: + - Add getdate.c + + * debian/control: + - Move chrony from admin to net section. + - Change priority from extra to optional. + - Build depends on libcap-dev. (Closes: #768803) + - Bump standards-version to 3.9.6 (no changes required). + - Set myself as maintainer and Joachim as uploader. + - Update Vcs-Browser URL to use cgit and https. + - Build depends on pps-tools. Provides PPSAPI (RFC-2783) support. + - Improve the synopsis. + - Depend on util-linux (>= 2.20.1-5). Ensure that the 'UTC=' setting + from the '/etc/default/rcS' file have been migrated to UTC/LOCAL in + '/etc/adjtime'. + - Depends on adduser. Needed to create "_chrony" system user/group. + + * debian/copyright: + - Add myself to copyright holders. + - Remove spaces from short name license (fix Lintian warning) + - Filled short license field (RSA-MD) (fix Lintian warning) + - Move comment to the "Comment:" field + + * debian/logrotate: + - Simplify postrotate script. Thanks to Frédéric Brière + <fbriere@fbriere.net> for reporting and diagnosing the issue. + (Closes: #763542) + + * debian/patches: + - Drop patches for issues fixed upstream. + - Rename and update patch. Update the series file accordingly. + + * debian/postinst: + - Pass the '--three-way' option to ucf. + - Remove useless text processing methods as we now use the 'hwclockfile' + directive. (Closes: #778711) + - Create "_chrony" system user/group. + - Update the "new_file" path in the ucf invocation. + - Remove the MAILPASSWORD shell variable as we don’t use it. + + * debian/postrm: + - Drop removal instruction of /etc/cron.weekly/chrony. + - Remove "_chrony" system user/group on purge. + - Don’t pass the --group option to deluser. + + * debian/NEWS.Debian: + - New file incorporating worthwhile changes in this release. + + * debian/README.Debian: + - Fix typo, thanks to Paul Gevers <elbrus@debian.org> for catching it. + - Missing word added. + + * debian/rules: + - Build with all hardening flags. + - Ease the reading of configure options. + - Specify "_chrony" as default chronyd user. This is the system user to + which chronyd will drop root privileges. You'll find further information + in /usr/share/doc/chrony/README.Debian. + (Closes: #688971) + + -- Vincent Blut <vincent.debian@free.fr> Sun, 6 Sep 2015 22:39:22 +0200 + +chrony (1.30-2) unstable; urgency=medium + + * With the following security bugfixes (Closes: #782160): + - Fix CVE-2015-1853: Protect authenticated symmetric NTP + associations against DoS attacks. + - Fix CVE-2015-1821: Fix access configuration with subnet + size indivisible by 4. + - Fix CVE-2015-1822: Fix initialization of reply slots for + authenticated commands. + * debian/control: + - Update e-mail address of myself. + - Add Vincent Blut as co-maintainer. + + -- Joachim Wiedorn <joodebian@joonet.de> Fri, 10 Apr 2015 11:41:31 +0200 + +chrony (1.30-1) unstable; urgency=medium + + * New upstream release with following bugfixes: + - Fix crash when selecting with multiple preferred sources. + - Fix frequency calculation with large frequency offsets. + - Fix code writing drift and RTC files to compile correctly. + - Fix -4/-6 options in chronyc to not reset hostname set by -h. + - Fix refclock sample validation with sub-second polling interval. + - Set stratum correctly with non-PPS SOCK refclock and local stratum. + - Modify dispersion accounting in refclocks to prevent PPS getting + stuck with large dispersion and not accepting new samples. + - Move faq.txt (PHP style) to a plain text file FAQ. Closes: #415729 + + * Add gpg signature of upstream developer for use with uscan. + * Update debian/watch, add check of upstream gpg signature. + * Update all patches. + + * Bugfix: Use /etc/adjtime in postinst script to recognize + UTC hardware clock. Closes: #680498 + * Use logrotate instead of cron script. Closes: #323966 + * debian/rules: disable test simulation. + + * debian/control: remove obsolete build dependency to dpkg-dev. + * debian/install, debian/dirs, debian/clean: Update. + * debian/copyright: Update and add entries. + + -- Joachim Wiedorn <ad_debian@joonet.de> Sun, 10 Aug 2014 19:10:35 +0200 + +chrony (1.29.1-1) unstable; urgency=high + + * New upstream release with bugfix: + - Closes: #737644: Fixing vulnerability: + CVE-2014-0021 - traffic amplification in cmdmon protocol + (incompatible with previous protocol version, but chronyc + supports both). + + -- Joachim Wiedorn <ad_debian@joonet.de> Thu, 06 Feb 2014 15:51:47 +0100 + +chrony (1.29-1) unstable; urgency=medium + + * New upstream release with some bugfixes: + - Closes: #719132: new upstream version, fixes security bugs. + - Closes: #719203: Fixing vulnerabilities: + CVE-2012-4502 - Buffer overflow, + CVE-2012-4503 - Uninitialized data. + + * debian/control: + - Set myself as new maintainer. Closes: #705768 + - Bump to Standards-Version 3.9.5. + - Move to debhelper >= 9 and compat level 9. + - Update package descriptions. + - Add Vcs fields to new git repository. + - Add dependency to lsb-base (for init script). + - Add build dependency to libtomcrypt-dev. + * Move to source format 3.0 (quilt). + * Add the following patch files: (Closes: #637514) + - 01_fix-small-typo-in-manpages + - 03_recreate-always-getdate-c + - 04_do-not-look-for-ncurses (Closes: #646732) + - 05_disable-installation-of-license + * debian/rules: + - Move to dh-based rules file. + - Enable parallel builds. + + * Add debian/watch file. + * Full update of debian/copyright file. + * Add debian/doc-base file. + * Full update of debian/README.Debian file. + * Update debian/postinst, debian/postrm, debian/prerm. + * Remove obsolete debian/preinst. Reduce mailing within postinst. + * Do not use old md5sum file anymore for ucf in postinst script. + * Add status action in init script (debian/init). Closes: #652207 + * Add debian/install file for installing example of chrony.conf. + * Reduce debian/dirs file for use with debhelper 9. + + -- Joachim Wiedorn <ad_debian@joonet.de> Fri, 20 Dec 2013 23:35:25 +0100 + +chrony (1.26-4) unstable; urgency=low + + * QA upload. + * Depend on net-tools, for netstat (closes: #707260). + + -- Colin Watson <cjwatson@debian.org> Mon, 08 Jul 2013 18:00:45 +0100 + +chrony (1.26-3) unstable; urgency=low + + * Orphaned. + + -- John G. Hasler <jhasler@debian.org> Fri, 19 Apr 2013 13:08:31 -0500 + +chrony (1.26-2) unstable; urgency=low + + * Fixed Makefile.in so that getdate.c gets made (and removed + in "clean"). This will go upstream. Moved faq stuff in rules + from binary-indep to binary-arch. + * Restored accidently deleted nmu changelog entry. + + * Applied patch from Moritz Muehlenhoff <jmm@debian.org> + Closes: #655123 Please enabled hardened build flags + + * Fixed upstream. + Closes: #518385 Chrony segfaults on startup (narrowed down to + chronyc and "burst") + + * Added DEB_BUILD_OPTIONS=noopt to rules. + Added build-arch and build-indep to rules. + Prefix is now 'usr'. + Changed to dh_installman. + Fixed "clean:" target. + Closes: #479389 Improvements for debian/rules + + * Fixed upstream. + Closes: #195620 Strange "System time : xxx seconds slow of NTP time" + output + + * Upstream changes should have fixed this. + Closes:#294030 chronyd makes the whole system briefly (< 1 second) + freeze + + * Fixed by upstream changes and new LSB headers. + Closes: #407466 Chrony won't access hardware clock but prevents + hwclock from doing so either + + -- John G. Hasler <jhasler@debian.org> Sun, 01 Jul 2012 22:05:56 -0500 + +chrony (1.26-1) unstable; urgency=low + + * New upstream release + Closes: #348554: chrony and hwclock packages not coordinated. + Closes: #572964: RTC support is missing. + Closes: #642209: add RTC support for linux 3.0. + Closes: #644241: new upstream version 1.26 available. + + * Applied patches from Joachim Wiedorn <ad_debian@joonet.de>: + Fixed several typos in man pages and README. + Added version.h. + Moved default chrony.conf to debian/ . + Renamed cron and init files. + Removed debian/NEWS.Debian, debian/info. + Added debian/clean. + Updated debian/copyright. COPYING stays. Upstream requires it. + Fixed debian/menu, debian/control, updated debian/compat. + Added "--without-readline" to debian/rules: rewrite later. + Minor fixes to initscript: rewrite later. + + Closes: #646732 Move from readline support to editline support. + Closes: #598253 Fix typo in LSB init headers ($hwclock to $time). + Closes: #600403 Fix init check with PPP connection. + + -- John G. Hasler <jhasler@debian.org> Sun, 17 Jun 2012 21:55:47 -0500 + +chrony (1.24-3.1) unstable; urgency=low + + * Non-maintainer upload. + * Add patch (directly over the source...), to work with kernels > 3.0.0, + by Paul Martin at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628919#15. + (Closes: #628919) + * Fix readline build-depends from "libreadline5-dev | libreadline-dev" to + libreadline-gplv2-dev because chrony is GPLv2 only. (Closes: #634447) + * Update copyright file to say that chrony is GPLv2 only. (Closes: #637526) + + -- Ana Beatriz Guerrero Lopez <ana@debian.org> Fri, 12 Aug 2011 12:32:26 +0200 + +chrony (1.24-3) unstable; urgency=high + + * Applied (modifed) patch from Gregor Herrmann. + + Closes: #593145: fails to configure on installation + Closes: #552162: chrony incorrectly thinks that it has failed to + (re)start + Closes: #592930: invoke-rc.d: initscript chrony, action "start" failed. + + -- John G. Hasler <jhasler@debian.org> Tue, 14 Sep 2010 10:06:47 -0500 + +chrony (1.24-2) unstable; urgency=low + + * Fixed regression that caused default CHRONY_IOC_ lines to + vanish from io_linux.h thereby breaking hppa and ia64. + + Closes: #588930: FTBFS [ia64,hppa]: "I don't know the values of the + _IOC_* constants on your architecture" + + * $remote_fs was added in 1.24-1. Depending on networking is neither + necessary nor desireable. + + Closes: #590888: Dependencies on init.d script insuficcient + + * Still need to rewrite scripts. + + -- John G. Hasler <jhasler@newsguy.com> Fri, 30 Jul 2010 20:32:55 -0500 + +chrony (1.24-1) unstable; urgency=low + + * New upstream release. The scripts will be rewritten and many more bugs + taken care of in -2. Right now I want to get 1.24 out there. + + * Applied patch from Petter Reinholdtsen to init.d + + Closes: #541806: misses syslog dependency in LSB headers + + * Chrony cannot be linked to libreadline6 because it is GPLv2 only. + + Closes: #553739 replacing libreadline5-dev build dependency with + libreadline-dev + + * "configure" rewritten upstream, eliminating "+=". + + Closes: #573036: RTC support disabled (due to Bashism in configure line 293) + + * Removed "install-info" from scripts. + + Closes: #568703: dpkg warnings + + * client.c has been rewritten upstream. + + Closes: #573032 + + * Fixed typos. + + Closes: #434629: 'man chrony', 'cronyc', 'cronyd' typos: "parateters" x 2, + "priviliges" + + * Added debian/source/format containing "1.0". + + -- John G. Hasler <jhasler@newsguy.com> Tue, 22 Jun 2010 16:01:29 -0500 + +chrony (1.23-7) unstable; urgency=high + + * Applied patches from upstream to fix remote DOS: + + CVE-2010-0292 Don't reply to invalid cmdmon packets + + CVE-2010-0293 Limit client log memory size + + CVE-2010-0294 Limit rate of syslog messages + + -- John G. Hasler <jhasler@newsguy.com> Tue, 02 Feb 2010 19:37:50 -0600 + +chrony (1.23-6) unstable; urgency=low + + * Commented out rtcfile directive in chrony.conf because it can cause + lockups with certain combinations of motherboard and kernel (this is + a known kernel bug). + + Closes: #508298: chronyd unreachable and does not work (clock drifts) + + * Chrony no longer uses the ppp/ip-up.d and ppp/ip-up.d files and the new + init.d file won't hang if chronyc hangs. + + Closes: #448481: /etc/ppp/ip-up.d/chrony doesn't work when bindaddress is set. + + * Cannot reproduce on current version on amd64. + + Closes: #412961: error in tracking report (on amd64?) + + -- John Hasler <jhasler@debian.org> Wed, 10 Dec 2008 14:16:37 -0600 + +chrony (1.23-5) unstable; urgency=low + + * Replaced background kill with 'timelimit' in initscript. + + Closes: #505094: chrony: kills random netstat processes + + * Added 'Recommends: udev (>= 0.124-1)' + + Closes: #497113: /dev/rtc renamed to /dev/rtc0 with linux-image-2.6-*/2.6.26+15 + + * Had previously applied patch from Nathanael Nerode to fix configure + bug but forgot to close the bug. + + Closes: #392273: Recursive dependency disease: chrony shouldn't depend on ncurses + + -- John Hasler <jhasler@debian.org> Sun, 09 Nov 2008 20:19:22 -0600 + +chrony (1.23-4) unstable; urgency=low + + * Fixed dependency of init script on Pppconfig ip-up.d script by moving + those lines into the init script. + + * Added checks to try to make sure that Chronyd is really, really running. + Changed Netstat call to use -n, added code to kill it if it hangs. + Added code to kill Chronyc if it can't contact Chronyd. + Discussed the HPET/rtc problem in NEWS.Debian. + + Closes: #504000: init script hangs for a while might break upgrade + + * Added missing initialization to create_instance() in ntp_core.c. + This was why UTI_NormaliseTimeval() was being called with huge + values at times. + + * See comment on #195620 in 1.21z-6 below. If you know of more LP64 + bugs reopen #348412 with a patch. + + Closes: #348412: chronyc not LP64 compliant + + * Added comment about sources being discarded to chrony.conf as suggested + by Andreas Hübner in #268289. + + * This is normal behavior. + + Closes: #287060: trimrtc takes 40 seconds to take effect + + -- John Hasler <jhasler@debian.org> Thu, 06 Nov 2008 10:38:58 -0600 + +chrony (1.23-3) unstable; urgency=high + + * Rewrote UTI_NormaliseTimeval()in util.c to use divide/remainder + instead of loops at the suggestion of Gabor Gombas. This prevents the + problem of the loop running until the sun goes out when the function + is called with a very large value for tv_usec on 64-bit architectures. + Also fixed some other spots where the same loop was being used. + + Closes: #474294 Goes into endless loop + Closes: #447011 chronyd stalls with 100% CPU usage + + I still don't know why the function is being called with such a + large value, however. + + * Changed default servers in chrony,conf to Debian servers. + + Closes: #434483: chrony: Should use NTP servers in Debian pool + + -- John Hasler <jhasler@debian.org> Sat, 26 Apr 2008 11:47:44 -0500 + +chrony (1.23-2) experimental; urgency=low + + * Added default IOC's to io_linux.h. + Closes: #477043: chrony_1.23-1(ia64/experimental): FTBFS: IOC + constants unknown on ia64 + Closes: #476963: chrony_1.23-1(hppa/experimental): FTBFS: "I don't + know the values of the _IOC_* constants for your architecture" + + -- John Hasler <jhasler@debian.org> Sun, 20 Apr 2008 13:29:29 -0500 + +chrony (1.23-1) experimental; urgency=low + + * New upstream release + This is 1.23 with Debian patches applied (including some for LP64). + I'm uploading this to Experimental to get it tested on x86_64 to see + if #474294 is fixed. + + -- John Hasler <jhasler@debian.org> Sat, 19 Apr 2008 14:49:15 -0500 + +chrony (1.21z-6) unstable; urgency=low + + * Applied patches from Eric Lammerts <eric@lammerts.org> and Goswin von + Brederlow <brederlo@informatik.uni-tuebingen.de> to cast the value + returned by ntohl to int32_t and so cause correct sign-extension near + line 1655 in client.c. Also fixed similar bugs in the same area. I'm + not sure this entirely fixes the chronyc number display problem, + though. I've not closed #348412 here because chrony is still not + fully LP64 compliant. + Closes: #195620: Strange "System time : xxx seconds slow of + NTP time" output + + * Replaced addrfilt.c with addrfilt.c from upstream git repository. + This fixes the recursive structure definition problems. + + * Replaced 'route' with 'netstat -r' in the initscript. + + * Applied patch for configure script from Nathanael Nerode + <neroden@gcc.gnu.org> to delete the superfluous "lncurses" at line + 327. + Closes: #392273: Recursive dependency disease: chrony shouldn't depend + on ncurses + + * Added test to reject servers claiming stratum less than 1 in + ntp_core.c "Test 7". Bill Unruh <unruh@physics.ubc.ca> has run across + a server that sometimes claims to be stratum 0, which causes + considerable confusion. + + -- John Hasler <jhasler@debian.org> Fri, 16 Feb 2007 17:47:40 -0600 + +chrony (1.21z-5) unstable; urgency=high + + * Applied postinst patch from Lionel Elie Mamane to test for the + existence of old .keys and .conf files before renaming them. + Closes: #397759: fails to configure: mv: cannot stat `/etc/chrony/chrony.keys.1.21-2': + No such file or directory + + * Added burst command to /etc/ppp/ip-up.d/chrony to give chronyd a kick in the butt. + Shouldn't need that, though. + Initscript now calls /etc/ppp/ip-up.d/chrony if a default route exists. + Closes: #397739: Not connecting to sources after reboot - dialup + + -- John Hasler <jhasler@debian.org> Sun, 26 Nov 2006 08:07:20 -0600 + +chrony (1.21z-4) unstable; urgency=low + + * Added test for /usr/bin/mail to postinst. + Closes: #386651: chrony: Requires /usr/bin/mail but doesn't depend on it + Closes: #390280: chrony: missing dependency on mail + + * Added LSB headers to initscript + + * Corrected erroneous use of 'dpkg --compare-version' in preinst and postinst. + Closes: #386733: fails to configure (bad upgrade check) + + * Added rm to postinst to remove keyfile possibly left by a failed install. + Closes: #390278: usage of tempfile /etc/chrony/chrony.keys is doubtful + + -- John Hasler <jhasler@debian.org> Sat, 7 Oct 2006 13:39:49 -0500 + +chrony (1.21z-3) unstable; urgency=low + + * Changed upstream version number from 1.21 to 1.21z to satisfy Debian + archive software. + + * Replaced impure chrony_1.21.orig.tar.gz. + Closes: #340030: chrony: Tarball is impure + + * Now Provides, Conflicts, Replaces time-daemon + Closes: #330839: time-daemon pseudopackage + + * Corrected typos. + Closes: #321121: chrony: typo in 'Conflicts:' field: s/ntpsimple/ntp-simple/ and s/ntprefclock/ntp-refclock/ + + * Rewrote postinst and postrm to use ucf. Wrote preinst to protect chrony.conf from dpkg. + Closes: #351332: chrony: conffile change prompt prevents smooth upgrade from sarge to etch + + * Deleted last few lines of chrony.conf as they no longer apply. + + * Deleted .arch-ids from contrib and examples. + + * Fixed typo in chronyc.1 + Closes: #349871: chrony: typo in chrnoyc.1 results in missing word + + * Corrected references in man pages. + Closes: #345034: chrony: man pages refer to wrong sections + + * Added "allow 172.16/12" to chrony.conf. + Closes: #252952: chrony: default allow should also have 172.16/12 + + * Channged server lines in chrony.conf to follow ntp.org current recommendation. + Closes: #243534: chrony: new pool.ntp.org setup doesn't work well + + * Fixed FSF address in debian/copyright. + + -- John Hasler <jhasler@debian.org> Fri, 1 Sep 2006 10:52:52 -0500 + +chrony (1.21-2) unstable; urgency=high + + * Patched io_linux.h to add missing architectures. + Closes: #339764: chrony - FTBFS: #error "I don't know the values of the + _IOC_* constants for your architecture" + + * Fixed brown-bag error in rules. + Closes: #339853: /usr/sbin/chronyd is missing + + -- John Hasler <jhasler@debian.org> Sat, 19 Nov 2005 10:12:49 -0600 + +chrony (1.21-1) unstable; urgency=low + + * New upstream release + Closes: #328292: New version of chrony avalaible + Closes: #301592: Fails to read RTC and floods logfiles + + * Enabled RTC as upstream has installed a work-around for the HPET bug. + + * Switched to libreadline5. + Closes: #326379: please rebuild with libreadline5-dev as build dependency + + * Patched addrfilt.c to fix gcc 4.0 build problem. + Closes: #298709: chrony: FTBFS (amd64/gcc-4.0): array type has incomplete element type + + * There are lots more minor things to fix but I'm uploading now to close + the serious bugs. I'll upload another version with some improvements + in a few weeks. + + -- John Hasler <jhasler@debian.org> Tue, 15 Nov 2005 18:39:49 -0600 + +chrony (1.20-8) unstable; urgency=high + + * Added test for /usr/bin/mail in postinst. + Closes: #307061: Install failure: Cannot configure on system without mailx + I consider this bug serious because it can cause installation to fail + and so I want to get the fix into Sarge. + + * Fixed typo in chrony.conf, replaced '/etc/init.d/chrony restart' + with 'invoke-rc.d chrony restart'. + Closes: #305090: Typo in chrony.conf, should mention invoke-rc.d + + * Added README.Debian explaining that rtc is off by default. + + -- John Hasler <jhasler@debian.org> Sat, 30 Apr 2005 18:47:30 -0500 + +chrony (1.20-7) unstable; urgency=low + + * Added info-4 to debian/rules. + Closes: #287142: chrony: Can't find chrony.info-4 + + * Corrected "See Also" section in chrony man page. Now mentions + chronyc(1), chronyd(8), and chrony.conf(5). + Closes: #287444: chrony.1.gz: SEE ALSO on man page has wrong section. + + * Edited chrony.conf to disable rtc by default and explain why: + on some systems that use genrtc or the HPET real-time clock it + fails and causes chronyd to fill up the log. The failure is + probably due to a kernel bug, bug the logging should be + throttled. + + * Added more explanatory comments at the servers directive in + chrony.conf. + + * The postinst script now sends a message to root saying where the + password is, whether Chrony is assuming UTC or local time, + that rtc updating is disabled, why, and how to change it. + + * Added missing '#' to + "Can't tell how your clock is set: assuming local time." + in postinst. + + -- John Hasler <jhasler@debian.org> Tue, 12 Apr 2005 17:59:13 -0500 + +chrony (1.20-6) unstable; urgency=low + + * Fixed error in chrony.conf where the non-existent 'online' directive + was mentioned. + Closes: #257235 misleading instructions in chrony.conf + + * Patched Makefile.in to generate faq.html. + Closes: #265936 /usr/share/doc/chrony/faq.txt.gz: how to read? + + -- John Hasler <jhasler@debian.org> Sat, 4 Dec 2004 17:47:31 -0600 + +chrony (1.20-5) unstable; urgency=low + + * Put pool.ntp.org servers in chrony.conf as defaults. + + * Fixed erroneous references to chronyd(1) in some man pages. + Closes: #241746 SEE ALSO chronyd(1) should be (8) + + * I got a new motherboard and can no longer reproduce this. + If you can please reopen the bug. + Closes: #223518 Rtc stuff is broken + + * Edited chrony.conf(5). + Closes: #241745 many more features have been added + + * Edited chrony.conf to add logchange and mailonchange and to + enable rtc by default. + Closes: #226644 /etc/chrony/chrony.conf: rtc; not all options are noted in conf file + + * Fixed upstream: see NEWS. + Closes: #124089 mistake in the chrony manual + Closes: #177366: trailing blank on log lines + Closes: #195618 failure to use /dev/misc/rtc floods logfiles + Closes: #53066 "acquisitionport" directive and doc fixes [patch] + Closes: #100880 RFE: don't use /proc when uname(2) will do + Closes: #163470: different bindaddresses for ntp port and control port + Closes: #200174: Chrony breaks under Kernel 2.5 (two bugs) + + -- John Hasler <jhasler@debian.org> Sat, 10 Apr 2004 22:00:00 -0500 + +chrony (1.20-4) unstable; urgency=low + + * Added '#include <asm/types>' to rtc_linux.c to fix Alpha build problem. + Also removed spinlock stuff from configure. + + -- John Hasler <jhasler@debian.org> Fri, 26 Dec 2003 21:00:00 -0600 + +chrony (1.20-3) unstable; urgency=low + + * Removed all inclusions of kernel headers. + Hopefully Chrony will now build on m68k. + + -- John Hasler <jhasler@debian.org> Tue, 23 Dec 2003 19:00:00 -0600 + +chrony (1.20-2) unstable; urgency=low + + * Removed spinlock.h and mc146818.h from rtc_linux.c. linux/rtc.h and + RTC_UIE=0x10 provide everything needed now. + Closes: #223134 FTBFS: Errors in kernel headers + + * However, rtc is now broken (and appears to have been broken for some time) + on 440BX chipsets with 2.4 kernels. + + -- John Hasler <jhasler@debian.org> Fri, 12 Dec 2003 13:00:00 -0600 + +chrony (1.20-1) unstable; urgency=low + + * New upstream release. + + * Frank Otto's patch to sys_linux.c, function guess_hz_and_shift_hz now + incorporated upstream. + Closes: #198557 Fatal error: chronyd can't determine hz for kernel with HZ=200 + + * Security and 64 bit patches are now incorporated upstream + along with most non-i386 architecture patches. + + * Put correct links in /usr/share/doc/chrony/timeservers. + Closes: #189686 /usr/share/doc/timeservers links are broken + + * Put correct links in chrony.conf. + Closes: #210886 bad link in chrony.conf + + * Put missing newlines in apm and chrony.keys. + Closes: #211604 Build-warning: some files misses final newline + + * Removed conflict with ntpdate. + + -- John Hasler <jhasler@debian.org> Tue, 7 Oct 2003 22:00:00 -0500 + +chrony (1.19-10) unstable; urgency=low + + * Put linux/linkage.h ahead of linux/spinlock.h as I meant to in + the first place. + + -- John Hasler <john@dhh.gt.org> Sun, 13 Jul 2003 7:00:00 -0500 + +chrony (1.19-9) unstable; urgency=low + + * Added "#include <linux/linkage.h>" to rtc_linux.c to fix mips + build failure. + Closes: #200165 chrony doesn't build on mips and mipsel + + -- John Hasler <john@dhh.gt.org> Sat, 12 Jul 2003 10:00:00 -0500 + +chrony (1.19-8) unstable; urgency=low + + * Added bison to build-depends because of addition of getdate.y + + -- John Hasler <john@dhh.gt.org> Tue, 3 Jun 2003 10:00:00 -0500 + +chrony (1.19-7) unstable; urgency=high + + * Closes: #186498 chronyc hangs if no chronyd is running + Added test for running daemon to ip-{up|down} scripts. + Disabled trimrtc for ALPHA + Closes: #195615 GPL violation - generated file without source + * Added a copy of getdate.y to source. + + -- John Hasler <john@dhh.gt.org> Sun, 1 Jun 2003 7:00:00 -0500 + +chrony (1.19-6) unstable; urgency=low + + * Closes: #179842 "CROAK" redefined + Added '#undef CROAK' before CROAK redefiniton in pktlength.h, + added '-DALPHA' to 'alpha' condition in configure, added + 'ifdef ALPHA' around CROAK redefinition. + * Replaced many signed and unsigned longs as well as some ints, + shorts, and chars with stdint.h types in candm.h, md5.h, ntp.h, + clientlog.h, and ntp_io.c. This should fix all 64-bit problems. + + -- John Hasler <john@dhh.gt.org> Fri, 14 Mar 2003 19:00:00 -0600 + +chrony (1.19-5) unstable; urgency=high + + * Closes: #184065 Assertion `sizeof(NTP_int32) == 4' failed on alpha + Fixed several spots where the author assumed that a long is 32 bits. + There are many more misuses of long as well as several of short and + char but I think I got the only ones likely to cause trouble. + + -- John Hasler <john@dhh.gt.org> Fri, 14 Mar 2003 11:00:00 -0600 + +chrony (1.19-4) unstable; urgency=low + + * Closes: #179538 FTBFS: missing build-depends on makeinfo + Added texinfo to build-depends. + * CLoses: #179508: chrony(c|d) show wrong version numbers + Removed spurious version.h. + + -- John Hasler <john@dhh.gt.org> Sun, 2 Feb 2003 19:00:00 -0600 + +chrony (1.19-3) unstable; urgency=low + + * Updated author's address in copyright file. + * Closes: #163446 patch, that scripts can handle all commandkeys + Applied debugged patch. + * Closes: #107863 doesn't know about APM + Put apm script in debian/ and added rules to copy it to + etc/apm/event.d as instructed by the apmd maintainer. + + -- John Hasler <john@dhh.gt.org> Fri, 31 Jan 2003 18:00:00 -0600 + +chrony (1.19-2) unstable; urgency=low + + * Closes: #100879 unnecessary dependency on libm + Applied patch from Zack Weinberg <zack@codesourcery.com> + * Closes: #124091 the force-reload command of /etc/init.d/chrony should + use the -r option. + Added -r option. + + -- John Hasler <john@dhh.gt.org> Wed, 29 Jan 2003 10:00:00 -0600 + +chrony (1.19-1) unstable; urgency=low + + * New upstream release. + * Closes: #178338 New upstream version fixes crashes caused by adjtimex + failure + * Closes: #178101 /etc/ppp/ip-{up,down}.d/chrony installed with + incorrect permissions + This bug was previously reported and fixed in 18-1 + * Closes: #176130 got an error when I use ppp_on_boot + Changed 'update-rc.d chrony defaults 83' to + 'update-rc.d chrony defaults 14' in init.d so that chrony + will come up before ppp. + * Added code to postinst to read /etc/default/rcS and + set rtconutc appropriately in chrony.conf. + * Rewrote password generator in postinst. + * Closes: #100879 unnecessary dependency on libm + I don't know why this wasn't closed months ago. + * Closes: #103447 typo in "/etc/init.d/chrony" + * Closes: #124087 problems with /etc/init.d/chrony + Fixed script. + * Closes: #161350 /etc/ppp/ip-down.d/chrony cat unnecessary + Fixed scripts. + * Closes: #113840 ntp has been split - add conflicts? + Added ntp-simple and ntp-refclock to conflicts. + + -- John Hasler <john@dhh.gt.org> Sun, 26 Jan 2003 15:00:00 -0600 + +chrony (1.18-2) unstable; urgency=low + + * Corrects error in changelog which resulted + in uploads being erroneously classified as NMUs. + * Closes: #138142, #104774, #142670, #105344, #101039 + * Closes: #162427, #56756, #98951, #99799, #139633 + * Closes: #163469, #163408, #167416 + + -- John Hasler <john@dhh.gt.org> Sun, 3 Nov 2002 20:00:00 -0600 + +chrony (1.18-1) unstable; urgency=low + + * New upstream release. + * Closes: #138142 new upstream release + * Added Mark Brown's Alpha and PowerPC patch. + * Closes: #104774 hppa build failure + Applied patch. + * Closes: #142670 compilation errors on sparc + Applied patch. + * Closes: #105344 ip-{up, down}.d/chrony not executable + Fixed debian/rules. + * Closes: #101039 does not run on Alpha + Fixed by above mentioned Mark Brown patch. + * Closes: #162427 description should mention NTP + Fixed description. + * Closes: #56756 README.debian should caution about hwclock + Fixed README.debian. + * Closes: #98951 no chrony.keys file installed + Not reproducible, probable user error. + * Closes: #99799 logs world readable + Added umask 022 to log script. + * Closes: #139633 documentation error + Added rtconutc to chrony.conf. + * Closes: #163469 no default case in init.d script + Corrected typo. + * Closes: #163408 PIDFILE wrongly defined in ip-{up,down} + No chrony script uses any such variable. + * Closes: #167416 needs Build-Depends: libreadline4-dev + + -- <john@dhh.gt.org> Sun, 3 Nov 2002 10:00:00 -0600 + +chrony (1.14-7) unstable; urgency=medium + + * Changed rtc_linux.c to not include linux/mc146818rtc.h + when building for sparc, because Moshe Zadka says this + will allow chrony to build there. + * Closes: #142670 + + -- <jhasler@debian.org> Wed, 17 Apr 2002 17:00:00 -0500 + +chrony (1.14-6) unstable; urgency=low + + * Changed architecture back to 'any'. + * Applied portability patch from LaMont Jones. + * Closes: #104774 + + -- <jhasler@debian.org> Mon, 1 Apr 2002 21:00:00 -0600 + +chrony (1.14-5) unstable; urgency=low + + * Changed architecture from 'any' to 'i386 sparc'. + Neither I nor the author can test on anything but i386. If + you want chrony on anything else send me a tested patch. + * Closes: #101039 + * Closes: #104774 + + -- <john@dhh.gt.org> Fri, 28 Dec 2001 20:10:00 -0600 + +chrony (1.14-4) unstable; urgency=low + + * Fixed bug in man pages. + * Closes: #95134 + + -- <john@dhh.gt.org> Tue, 24 Apr 2001 20:10:00 -0500 + +chrony (1.14-3) unstable; urgency=low + + * Replaced <linux/spinlock.h> in rtc_linux.c with + typedef int spinlock_t as suggested by Paul Slootman. + * Put #define CROAK(message) assert(0) in pktlength.h + to fix Alpha build problem. + * Closes: #86991 + + -- <john@dhh.gt.org> Sat, 24 Feb 2001 22:45:00 -0600 + +chrony (1.14-2) unstable; urgency=low + + * Closes: #84597 + + -- <john@dhh.gt.org> Sat, 3 Feb 2001 21:25:00 -0600 + +chrony (1.14-1) unstable; urgency=low + + * New upstream release. + * Fixed more sprintfs. + * Closes: #50793, #52570, #48216, #65209, #62924, #70377, #61485, #76661 + + -- <john@dhh.gt.org> Mon, 20 Nov 2000 20:25:00 -0600 + +chrony (1.10-3) unstable; urgency=low + + * Patched cron,weekly script with (corrected) patch + from Rene H. Larsen <renehl@post1.tele.dk>. + * Updated author address in copyright file. + * Compiled with egcs. + * Closes: #41885, #41551 + + -- <john@dhh.gt.org> Sun, 25 July 1999 12:14:00 -0500 + +chrony (1.10-2) unstable; urgency=low + + * Patched rtc_linux.c with patch for SPARC from + bmc@visi.net. + + -- <john@dhh.gt.org> Mon, 17 May 1999 22:30:00 -0500 + +chrony (1.10-1) unstable; urgency=low + + * New upstream release. + * Upstream version number is 1.1. Debian version + number is 1.10 because previous upstream number + was 1.02. + + -- <john@dhh.gt.org> Wed, 12 May 1999 20:30:00 -0500 + +chrony (1.02-7) unstable; urgency=low + + * Changed configure to permit building on non-Intel. + + -- <john@dhh.gt.org> Wed, 5 May 1999 18:00:00 -0500 + +chrony (1.02-6) unstable; urgency=low + + * Fixed postrm bug. + + -- <john@dhh.gt.org> Thur, 29 Apr 1999 18:00:00 -0500 + +chrony (1.02-5) unstable; urgency=low + + * Fixed bugs 34954 and 36921. + * Moved to priority extra. + * Added README.debian text about rtc. + + -- <john@dhh.gt.org> Thur, 15 Apr 1999 21:30:00 -0500 + +chrony (1.02-4) unstable; urgency=low + + * Replaced sprintf's with snprintf's. + + -- <john@dhh.gt.org> Sun, 28 Feb 1999 16:53:00 -0600 + +chrony (1.02-3) unstable; urgency=low + + * Fixed bugs in cron.weekly, ip-up.d, and ip-down.d. + * Bug 29981 is also fixed. + + -- <john@dhh.gt.org> Sun, 6 Dec 1998 9:53:00 -0600 + +chrony (1.02-2) unstable; urgency=low + + * Added cron.weekly. + * Changed ip-up.d, ip-down.d, and cron.weekly to read the + password from chrony.keys. + * Added code to postinst to generate a random password and + put it in chrony.keys. + + -- <john@dhh.gt.org> Thur, 3 Dec 1998 19:00:08 -0600 + +chrony (1.02-1) unstable; urgency=low + + * Initial Release. + + -- <john@dhh.gt.org> Fri, 6 Nov 1998 23:00:08 -0600 diff --git a/debian/chrony-dnssrv@.service b/debian/chrony-dnssrv@.service new file mode 100644 index 0000000..a565fa2 --- /dev/null +++ b/debian/chrony-dnssrv@.service @@ -0,0 +1,17 @@ +[Unit] +Description=DNS SRV lookup of %I for chrony +After=chrony.service network-online.target +Wants=network-online.target + +[Service] +Type=oneshot +ExecStart=/usr/lib/chrony/chrony-helper update-dnssrv-servers %I +ProtectSystem=strict +PrivateDevices=yes +ProtectHome=yes +ReadWritePaths=/run +PrivateTmp=yes +PrivateDevices=yes +ProtectKernelTunables=yes +ProtectKernelModules=yes +ProtectControlGroups=yes diff --git a/debian/chrony-dnssrv@.timer b/debian/chrony-dnssrv@.timer new file mode 100644 index 0000000..8495e01 --- /dev/null +++ b/debian/chrony-dnssrv@.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Periodic DNS SRV lookup of %I for chrony + +[Timer] +OnActiveSec=0 +OnUnitInactiveSec=1h + +[Install] +WantedBy=timers.target diff --git a/debian/chrony-helper b/debian/chrony-helper new file mode 100755 index 0000000..0f95bd8 --- /dev/null +++ b/debian/chrony-helper @@ -0,0 +1,251 @@ +#!/bin/bash +# This script configures running chronyd to use NTP servers obtained from +# DHCP and _ntp._udp DNS SRV records. Files with servers from DHCP are managed +# externally (e.g. by a dhclient script). Files with servers from DNS SRV +# records are updated here using the dig utility. The script can also list +# and set static sources in the chronyd configuration file. +# +# Modified for Debian by Vincent Blut <vincent.debian@free.fr>. + +chronyc=/usr/bin/chronyc +chrony_conf=/etc/chrony/chrony.conf +chrony_service=chrony.service +helper_dir=/run/chrony-helper +added_servers_file=$helper_dir/added_servers + +dhclient_servers_files=/var/lib/dhcp/chrony.servers.* +dnssrv_servers_files=$helper_dir/dnssrv@* +dnssrv_timer_prefix=chrony-dnssrv@ + +chrony_command() { + $chronyc -n -m "$1" +} + +is_running() { + chrony_command "tracking" &> /dev/null +} + +get_servers_files() { + echo "$dhclient_servers_files" + echo "$dnssrv_servers_files" +} + +is_update_needed() { + for file in $(get_servers_files) $added_servers_file; do + [ -e "$file" ] && return 0 + done + return 1 +} + +update_daemon() { + local all_servers_with_args all_servers added_servers + + if ! is_running; then + rm -f $added_servers_file + return 0 + fi + + all_servers_with_args=$(cat $(get_servers_files) 2> /dev/null) + + all_servers=$( + echo "$all_servers_with_args" | + while read server serverargs; do + echo "$server" + done | sort -u) + added_servers=$( ( + cat $added_servers_file 2> /dev/null + echo "$all_servers_with_args" | + while read server serverargs; do + [ -z "$server" ] && continue + chrony_command "add server $server $serverargs" &> /dev/null && + echo "$server" + done) | sort -u) + + comm -23 <(echo -n "$added_servers") <(echo -n "$all_servers") | + while read server; do + chrony_command "delete $server" &> /dev/null + done + + added_servers=$(comm -12 <(echo -n "$added_servers") <(echo -n "$all_servers")) + + [ -n "$added_servers" ] && echo "$added_servers" > $added_servers_file || + rm -f $added_servers_file +} + +get_dnssrv_servers() { + local name=$1 output + + if ! command -v dig &> /dev/null; then + echo "Missing dig (DNS lookup utility)" >&2 + return 1 + fi + + output=$(dig "$name" srv +short +ndots=2 +search 2> /dev/null) + [ $? -ne 0 ] && return 0 + + echo "$output" | while read prio weight port target; do + server=${target%.} + [ -z "$server" ] && continue + echo "$server port $port iburst" + done +} + +check_dnssrv_name() { + local name=$1 + + if [ -z "$name" ]; then + echo "No DNS SRV name specified" >&2 + return 1 + fi + + if [ "${name:0:9}" != _ntp._udp ]; then + echo "DNS SRV name $name doesn't start with _ntp._udp" >&2 + return 1 + fi +} + +update_dnssrv_servers() { + local name=$1 + local srv_file=$helper_dir/dnssrv@$name servers + + check_dnssrv_name "$name" || return 1 + + servers=$(get_dnssrv_servers "$name") + [ -n "$servers" ] && echo "$servers" > "$srv_file" || rm -f "$srv_file" +} + +set_dnssrv_timer() { + local state=$1 name=$2 + local srv_file=$helper_dir/dnssrv@$name servers + local timer=$dnssrv_timer_prefix$(systemd-escape "$name").timer + + check_dnssrv_name "$name" || return 1 + + if [ "$state" = enable ]; then + systemctl enable "$timer" + systemctl start "$timer" + elif [ "$state" = disable ]; then + systemctl stop "$timer" + systemctl disable "$timer" + rm -f "$srv_file" + fi +} + +list_dnssrv_timers() { + systemctl --all --full -t timer list-units | grep "^$dnssrv_timer_prefix" | \ + sed "s|^$dnssrv_timer_prefix\(.*\)\.timer.*|\1|" | + while read -r name; do + systemd-escape --unescape "$name" + done +} + +prepare_helper_dir() { + mkdir -p $helper_dir + exec 100> $helper_dir/lock + if ! flock -w 20 100; then + echo "Failed to lock $helper_dir" >&2 + return 1 + fi +} + +is_source_line() { + local pattern="^[ \t]*(server|pool|peer|refclock)[ \t]+[^ \t]+" + [[ "$1" =~ $pattern ]] +} + +list_static_sources() { + while read line; do + is_source_line "$line" && echo "$line" || : + done < $chrony_conf +} + +set_static_sources() { + local new_config tmp_conf + + new_config=$( + sources=$( + while read line; do + is_source_line "$line" && echo "$line" + done) + + while read line; do + if ! is_source_line "$line"; then + echo "$line" + continue + fi + + tmp_sources=$( + local removed=0 + + echo "$sources" | while read line2; do + [ "$removed" -ne 0 -o "$line" != "$line2" ] && \ + echo "$line2" || removed=1 + done) + + [ "$sources" == "$tmp_sources" ] && continue + sources=$tmp_sources + echo "$line" + done < $chrony_conf + + echo "$sources" + ) + + tmp_conf=${chrony_conf}.tmp + + cp -a $chrony_conf $tmp_conf && + echo "$new_config" > $tmp_conf && + mv $tmp_conf $chrony_conf || return 1 + + systemctl try-restart $chrony_service +} + +print_help() { + echo "Usage: $0 COMMAND" + echo + echo "Commands:" + echo " update-daemon" + echo " update-dnssrv-servers NAME" + echo " enable-dnssrv NAME" + echo " disable-dnssrv NAME" + echo " list-dnssrv" + echo " list-static-sources" + echo " set-static-sources < sources.list" + echo " is-running" + echo " command CHRONYC-COMMAND" +} + +case "$1" in + update-daemon|add-dhclient-servers|remove-dhclient-servers) + is_update_needed || exit 0 + prepare_helper_dir && update_daemon + ;; + update-dnssrv-servers) + prepare_helper_dir && update_dnssrv_servers "$2" && update_daemon + ;; + enable-dnssrv) + set_dnssrv_timer enable "$2" + ;; + disable-dnssrv) + set_dnssrv_timer disable "$2" && prepare_helper_dir && update_daemon + ;; + list-dnssrv) + list_dnssrv_timers + ;; + list-static-sources) + list_static_sources + ;; + set-static-sources) + set_static_sources + ;; + is-running) + is_running + ;; + command|forced-command) + chrony_command "$2" + ;; + *) + print_help + exit 2 +esac + +exit $? diff --git a/debian/chrony.conf b/debian/chrony.conf new file mode 100644 index 0000000..6c19767 --- /dev/null +++ b/debian/chrony.conf @@ -0,0 +1,28 @@ +# Welcome to the chrony configuration file. See chrony.conf(5) for more +# information about usuable directives. +pool 2.debian.pool.ntp.org iburst + +# This directive specify the location of the file containing ID/key pairs for +# NTP authentication. +keyfile /etc/chrony/chrony.keys + +# This directive specify the file into which chronyd will store the rate +# information. +driftfile /var/lib/chrony/chrony.drift + +# Uncomment the following line to turn logging on. +#log tracking measurements statistics + +# Log files location. +logdir /var/log/chrony + +# Stop bad estimates upsetting machine clock. +maxupdateskew 100.0 + +# This directive enables kernel synchronisation (every 11 minutes) of the +# real-time clock. Note that it can’t be used along with the 'rtcfile' directive. +rtcsync + +# Step the system clock instead of slewing it if the adjustment is larger than +# one second, but only in the first three clock updates. +makestep 1 3 diff --git a/debian/chrony.default b/debian/chrony.default new file mode 100644 index 0000000..eead3e6 --- /dev/null +++ b/debian/chrony.default @@ -0,0 +1,6 @@ +# This is a configuration file for /etc/init.d/chrony and +# /lib/systemd/system/chrony.service; it allows you to pass various options to +# the chrony daemon without editing the init script or service file. + +# Options to pass to chrony. +DAEMON_OPTS="-F -1" diff --git a/debian/chrony.dhcp b/debian/chrony.dhcp new file mode 100644 index 0000000..690f3ab --- /dev/null +++ b/debian/chrony.dhcp @@ -0,0 +1,25 @@ +SERVERFILE=/var/lib/dhcp/chrony.servers.$interface + +chrony_config() { + rm -f $SERVERFILE + for server in $new_ntp_servers; do + echo "$server iburst" >> $SERVERFILE + done + /usr/lib/chrony/chrony-helper update-daemon || : +} + +chrony_restore() { + if [ -f $SERVERFILE ]; then + rm -f $SERVERFILE + /usr/lib/chrony/chrony-helper update-daemon || : + fi +} + +case $reason in + BOUND|RENEW|REBIND|REBOOT) + chrony_config + ;; + EXPIRE|FAIL|RELEASE|STOP) + chrony_restore + ;; +esac diff --git a/debian/chrony.if-post-down b/debian/chrony.if-post-down new file mode 100644 index 0000000..2505e5a --- /dev/null +++ b/debian/chrony.if-post-down @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +[ -x /usr/sbin/chronyd ] || exit 0 + +if [ -e /run/chronyd.pid ]; then + chronyc onoffline > /dev/null 2>&1 +fi + +exit 0 diff --git a/debian/chrony.if-up b/debian/chrony.if-up new file mode 100644 index 0000000..2505e5a --- /dev/null +++ b/debian/chrony.if-up @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +[ -x /usr/sbin/chronyd ] || exit 0 + +if [ -e /run/chronyd.pid ]; then + chronyc onoffline > /dev/null 2>&1 +fi + +exit 0 diff --git a/debian/chrony.keys b/debian/chrony.keys new file mode 100644 index 0000000..cee70b3 --- /dev/null +++ b/debian/chrony.keys @@ -0,0 +1,10 @@ +# This file is solely used for NTP authentication with symmetric keys +# as defined by RFC 1305 and RFC 5905. +# +# It can contain ID/key pairs which can be generated using the “keygen” option +# from “chronyc”; for example: +# chronyc keygen 1 SHA256 256 >> /etc/chrony/chrony.keys +# would generate a 256-bit SHA-256 key using ID 1. +# +# A list of supported hash functions and output encoding can be found in +# the "keyfile" section from the "/usr/share/doc/chrony/chrony.txt.gz" file. diff --git a/debian/chrony.lintian-overrides b/debian/chrony.lintian-overrides new file mode 100644 index 0000000..d2577ef --- /dev/null +++ b/debian/chrony.lintian-overrides @@ -0,0 +1,3 @@ +# The “chrony.keys” file must not be world readable as it could contain +# symmetric keys used for NTP authentication. +chrony: non-standard-file-perm usr/share/chrony/chrony.keys 0640 != 0644 diff --git a/debian/chrony.maintscript b/debian/chrony.maintscript new file mode 100644 index 0000000..6ec1068 --- /dev/null +++ b/debian/chrony.maintscript @@ -0,0 +1 @@ +rm_conffile /etc/apm/event.d/01chrony 2.4.1-3~ chrony diff --git a/debian/chrony.ppp.ip-down b/debian/chrony.ppp.ip-down new file mode 100644 index 0000000..da15be4 --- /dev/null +++ b/debian/chrony.ppp.ip-down @@ -0,0 +1,13 @@ +#!/bin/sh +# This script tells chronyd that the connection is down +# so that it won't try to contact the server. +# John Hasler <jhasler@debian.org> 1998-2003 +# Any possessor of a copy of this program may treat it as if it +# were in the public domain. I waive all rights. +# Modified by Vincent Blut <vincent.debian@free.fr> + +if [ -e /run/chronyd.pid ]; then + chronyc onoffline > /dev/null 2>&1 +fi + +exit 0 diff --git a/debian/chrony.ppp.ip-up b/debian/chrony.ppp.ip-up new file mode 100644 index 0000000..7bc92de --- /dev/null +++ b/debian/chrony.ppp.ip-up @@ -0,0 +1,12 @@ +#!/bin/sh +# This script tells chronyd that the connection is up so that it can +# contact the server. John Hasler <jhasler@debian.org> 1998-2003 +# Any possessor of a copy of this program may treat it as if it +# were in the public domain. I waive all rights. +# Modified by Vincent Blut <vincent.debian@free.fr> + +if [ -e /run/chronyd.pid ]; then + chronyc onoffline > /dev/null 2>&1 +fi + +exit 0 diff --git a/debian/chrony.service b/debian/chrony.service new file mode 100644 index 0000000..3e4451a --- /dev/null +++ b/debian/chrony.service @@ -0,0 +1,20 @@ +[Unit] +Description=chrony, an NTP client/server +Documentation=man:chronyd(8) man:chronyc(1) man:chrony.conf(5) +Conflicts=systemd-timesyncd.service openntpd.service ntp.service ntpsec.service +After=network.target +ConditionCapability=CAP_SYS_TIME + +[Service] +Type=forking +PIDFile=/run/chronyd.pid +EnvironmentFile=-/etc/default/chrony +ExecStart=/usr/sbin/chronyd $DAEMON_OPTS +ExecStartPost=-/usr/lib/chrony/chrony-helper update-daemon +PrivateTmp=yes +ProtectHome=yes +ProtectSystem=full + +[Install] +Alias=chronyd.service +WantedBy=multi-user.target diff --git a/debian/clean b/debian/clean new file mode 100644 index 0000000..e97d7de --- /dev/null +++ b/debian/clean @@ -0,0 +1,3 @@ +config.h +config.log +getdate.c diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..54c4ccc --- /dev/null +++ b/debian/control @@ -0,0 +1,51 @@ +Source: chrony +Section: net +Priority: optional +Maintainer: Vincent Blut <vincent.debian@free.fr> +Uploaders: Joachim Wiedorn <joodebian@joonet.de> +Standards-Version: 4.3.0 +Build-Depends: asciidoctor (>= 1.5.3-1~), + bison, + debhelper-compat (= 12), + dh-apparmor, + libcap-dev [linux-any], + libedit-dev, + libseccomp-dev (>= 2.2.3-3~) [amd64 arm64 armel armhf hppa i386 mips mipsel mips64el powerpc powerpcspe ppc64 ppc64el s390x x32], + nettle-dev, + pkg-config, + pps-tools (>= 0.20120406+g0deb9c7e-2) [linux-any] +Homepage: https://chrony.tuxfamily.org +Vcs-Git: https://salsa.debian.org/debian/chrony.git +Vcs-Browser: https://salsa.debian.org/debian/chrony +Rules-Requires-Root: no + +Package: chrony +Architecture: linux-any +Pre-Depends: ${misc:Pre-Depends} +Depends: adduser, + iproute2 [linux-any], + lsb-base, + ucf, + ${misc:Depends}, + ${shlibs:Depends} +Suggests: dnsutils, + networkd-dispatcher +Conflicts: ntp, + time-daemon +Provides: time-daemon +Replaces: time-daemon +Description: Versatile implementation of the Network Time Protocol + It consists of a pair of programs: + . + chronyd: This is a daemon which runs in background on the system. + It obtains measurements (e.g. via the network) of the system's offset + relative to other systems and adjusts the system time accordingly. For + isolated systems, the user can periodically enter the correct time by + hand (using 'chronyc'). In either case 'chronyd' determines the rate + at which the computer gains or loses time, and compensates for this. + Chronyd implements the NTP protocol and can act as either a client or + a server. + . + chronyc: This is a command-line driven control and monitoring program. + An administrator can use this to fine-tune various parameters within + the daemon, add or delete servers etc whilst the daemon is running. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..0898fdf --- /dev/null +++ b/debian/copyright @@ -0,0 +1,182 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: chrony +Upstream-Contact: Miroslav Lichvar <mlichvar@redhat.com> +Source: https://download.tuxfamily.org/chrony/ + +Files: * +Copyright: 2009-2018, Miroslav Lichvar + 1997-2007, Richard P. Curnow +License: GPL-2 + +Files: main.c + sys_linux.c +Copyright: 2009-2018, Miroslav Lichvar + 2009, John G. Hasler + 1997-2003, Richard P. Curnow +License: GPL-2 + +Files: ntp_io.c +Copyright: 2009, 2013-2016, 2018, Miroslav Lichvar + 2009, Timo Teras + 1997-2003, Richard P. Curnow +License: GPL-2 + +Files: sys_macosx.? +Copyright: 2015, 2017, Bryan Christianson + 2001, J. Hannken-Illjes + 1997-2001, Richard P. Curnow +License: GPL-2 + +Files: sys_netbsd.? +Copyright: 2001, J. Hannken-Illjes + 1997-2001, Richard P. Curnow +License: GPL-2 + +Files: debian/* +Copyright: 2015-2019, Vincent Blut + 2012-2014, Joachim Wiedorn + 2000-2012, John Hasler +License: GPL-2 + +Files: test/simulation/test.common +Copyright: 2013-2014, Miroslav Lichvar +License: GPL-2+ + +Files: privops.c +Copyright: 2015, Bryan Christianson + 2017, Miroslav Lichvar +License: GPL-2 + +Files: privops.h +Copyright: 2015, Bryan Christianson +License: GPL-2 + +Files: contrib/bryan_christianson_1/chronylogrotate.sh +Copyright: 2015, Bryan Christianson +License: GPL-2 + +Files: test/unit/* +Copyright: 2016-2018, Miroslav Lichvar +License: GPL-2 + +Files: hwclock.? +Copyright: 2016-2018, Miroslav Lichvar +License: GPL-2 + +Files: ntp_io_linux.? +Copyright: 2016-2018, Miroslav Lichvar +License: GPL-2 + +Files: ntp_signd.? +Copyright: 2016, Miroslav Lichvar +License: GPL-2 + +Files: client.c +Copyright: 1997-2003, Richard P. Curnow + 2016, Lonnie Abelbeck + 2009-2018, Miroslav Lichvar +License: GPL-2 + +Files: configure +Copyright: 1997-2003, Richard P. Curnow + 2016, Bryan Christianson + 2009, 2012-2018, Miroslav Lichvar +License: GPL-2 + +Files: doc/chrony.conf.adoc +Copyright: 1997-2003, Richard P. Curnow + 2016, Stephen Wadeley + 2009-2017, Miroslav Lichvar + 2017, Bryan Christianson +License: GPL-2 + +Files: doc/chronyc.adoc +Copyright: 1997-2003, Richard P. Curnow + 2016, Stephen Wadeley + 2009-2017, Miroslav Lichvar +License: GPL-2 + +Files: refclock.c +Copyright: 2009-2011, 2013-2014, 2016-2018, Miroslav Lichvar +License: GPL-2 + +Files: refclock_phc.c +Copyright: 2013, 2017, Miroslav Lichvar +License: GPL-2 + +Files: regress.c +Copyright: 1997-2003, Richard P. Curnow + 2011, 2016-2017, Miroslav Lichvar +License: GPL-2 + +Files: sched.c +Copyright: 1997-2003, Richard P. Curnow + 2011, 2013-2016, Miroslav Lichvar +License: GPL-2 + +Files: sourcestats.c +Copyright: 1997-2003, Richard P. Curnow + 2011-2014, 2016-2018, Miroslav Lichvar +License: GPL-2 + +Files: stubs.c +Copyright: 2014-2016, Miroslav Lichvar +License: GPL-2 + +Files: hash_nettle.c +Copyright: 2018, Miroslav Lichvar +License: GPL-2 + +Files: md5.* +Copyright: 1990, RSA Data Security, Inc. All rights reserved. +License: RSA-MD + License to copy and use this software is granted provided that + it is identified as the "RSA Data Security, Inc. MD5 Message- + Digest Algorithm" in all material mentioning or referencing this + software or this function. + . + License is also granted to make and use derivative works + provided that such works are identified as "derived from the RSA + Data Security, Inc. MD5 Message-Digest Algorithm" in all + material mentioning or referencing the derived work. + . + RSA Data Security, Inc. makes no representations concerning + either the merchantability of this software or the suitability + of this software for any particular purpose. It is provided "as + is" without express or implied warranty of any kind. + . + These notices must be retained in any copies of any part of this + documentation and/or software. + +License: GPL-2 + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License version 2 as + published by the Free Software Foundation. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. + . + On Debian systems, the complete text of the GNU General Public License + version 2 can be found in the file `/usr/share/common-licenses/GPL-2'. + +License: GPL-2+ + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see <https://www.gnu.org/licenses/> + . + On Debian systems, the complete text of the GNU General Public License + version 2 can be found in `/usr/share/common-licenses/GPL-2'. diff --git a/debian/dirs b/debian/dirs new file mode 100644 index 0000000..477f42d --- /dev/null +++ b/debian/dirs @@ -0,0 +1,8 @@ +etc/NetworkManager/dispatcher.d +etc/apparmor.d/force-complain +etc/chrony +etc/logrotate.d +etc/ppp/ip-down.d +etc/ppp/ip-up.d +var/lib/chrony +var/log/chrony diff --git a/debian/docs b/debian/docs new file mode 100644 index 0000000..e12f653 --- /dev/null +++ b/debian/docs @@ -0,0 +1,3 @@ +FAQ +NEWS +README diff --git a/debian/init b/debian/init new file mode 100644 index 0000000..bc376b5 --- /dev/null +++ b/debian/init @@ -0,0 +1,73 @@ +#! /bin/sh +# +# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>. +# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>. +# Modified for Debian by Christoph Lameter <clameter@debian.org> +# Modified for chrony by John Hasler <jhasler@debian.org> 1998-2012 +# Modified for Debian by Vincent Blut <vincent.debian@free.fr> + +### BEGIN INIT INFO +# Provides: chrony +# Required-Start: $remote_fs +# Required-Stop: $remote_fs +# Should-Start: $syslog $network $named $time +# Should-Stop: $syslog $network $named $time +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Controls chronyd NTP time daemon +# Description: Chronyd is the NTP time daemon in the Chrony package +### END INIT INFO + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +DAEMON=/usr/sbin/chronyd +NAME="chronyd" +DESC="time daemon" +PIDFILE=/run/chronyd.pid +CHRONY_HELPER=/usr/lib/chrony/chrony-helper + +[ -x "$DAEMON" ] || exit 0 + +. /lib/lsb/init-functions + +# Override this variable by editing /etc/default/chrony. +DAEMON_OPTS="" +if [ -f /etc/default/chrony ]; then + . /etc/default/chrony +fi + +case "$1" in + start) + if $0 status > /dev/null ; then + log_success_msg "$NAME is already running" + else + log_daemon_msg "Starting $DESC" "$NAME" + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS + if [ -x $CHRONY_HELPER ]; then + $CHRONY_HELPER update-daemon + fi + log_end_msg $? + fi + ;; + + stop) + log_daemon_msg "Stopping $DESC" "$NAME" + start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE --remove-pidfile --exec $DAEMON + log_end_msg $? + ;; + + restart|force-reload) + $0 stop + $0 start + ;; + + status) + status_of_proc -p $PIDFILE "$DAEMON" "$NAME" && exit 0 || exit $? + ;; + + *) + log_action_msg "Usage: /etc/init.d/chrony {start|stop|restart|force-reload|status}" + exit 1 + ;; +esac + +exit 0 diff --git a/debian/install b/debian/install new file mode 100644 index 0000000..db2e305 --- /dev/null +++ b/debian/install @@ -0,0 +1,4 @@ +debian/chrony-dnssrv@.* lib/systemd/system +debian/chrony-helper usr/lib/chrony +debian/chrony.conf usr/share/chrony +debian/usr.sbin.chronyd etc/apparmor.d diff --git a/debian/links b/debian/links new file mode 100644 index 0000000..71e2c52 --- /dev/null +++ b/debian/links @@ -0,0 +1,5 @@ +# Update sources in response to systemd-networkd events (LP: #1718227). +# This is reusing the NetworkManager dispatch script which has no hard +# dependency to NetworkManager (not using any of its arguments) +etc/NetworkManager/dispatcher.d/20-chrony usr/lib/networkd-dispatcher/routable.d/chrony +etc/NetworkManager/dispatcher.d/20-chrony usr/lib/networkd-dispatcher/off.d/chrony diff --git a/debian/patches/allow-_llseek-in-seccomp-filter.patch b/debian/patches/allow-_llseek-in-seccomp-filter.patch new file mode 100644 index 0000000..c0745ea --- /dev/null +++ b/debian/patches/allow-_llseek-in-seccomp-filter.patch @@ -0,0 +1,31 @@ +From: Vincent Blut <vincent.debian@free.fr> +Date: Thu, 28 Feb 2019 14:39:13 +0100 +Subject: sys_linux: allow _llseek in seccomp filter + +This is needed on various 32-bit platforms to reposition read/write file +offset on {raw}measurements and statistics log files. + +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923137 +Forwarded: https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-dev/2019/02/msg00003.html +Applied-Upstream: https://git.tuxfamily.org/chrony/chrony.git/commit/?id=e392d1fde94db26b88a0a017850415f1d34266d7 +--- + sys_linux.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +--- a/sys_linux.c ++++ b/sys_linux.c +@@ -498,10 +498,10 @@ SYS_Linux_EnableSystemCallFilter(int lev + SCMP_SYS(brk), SCMP_SYS(madvise), SCMP_SYS(mmap), SCMP_SYS(mmap2), + SCMP_SYS(mprotect), SCMP_SYS(mremap), SCMP_SYS(munmap), SCMP_SYS(shmdt), + /* Filesystem */ +- SCMP_SYS(access), SCMP_SYS(chmod), SCMP_SYS(chown), SCMP_SYS(chown32), +- SCMP_SYS(fstat), SCMP_SYS(fstat64), SCMP_SYS(getdents), SCMP_SYS(getdents64), +- SCMP_SYS(lseek), SCMP_SYS(rename), SCMP_SYS(stat), SCMP_SYS(stat64), +- SCMP_SYS(statfs), SCMP_SYS(statfs64), SCMP_SYS(unlink), ++ SCMP_SYS(_llseek), SCMP_SYS(access), SCMP_SYS(chmod), SCMP_SYS(chown), ++ SCMP_SYS(chown32), SCMP_SYS(fstat), SCMP_SYS(fstat64), SCMP_SYS(getdents), ++ SCMP_SYS(getdents64), SCMP_SYS(lseek), SCMP_SYS(rename), SCMP_SYS(stat), ++ SCMP_SYS(stat64), SCMP_SYS(statfs), SCMP_SYS(statfs64), SCMP_SYS(unlink), + /* Socket */ + SCMP_SYS(bind), SCMP_SYS(connect), SCMP_SYS(getsockname), SCMP_SYS(getsockopt), + SCMP_SYS(recvfrom), SCMP_SYS(recvmmsg), SCMP_SYS(recvmsg), diff --git a/debian/patches/allow-further-syscalls-in-seccomp-filter.patch b/debian/patches/allow-further-syscalls-in-seccomp-filter.patch new file mode 100644 index 0000000..4cea484 --- /dev/null +++ b/debian/patches/allow-further-syscalls-in-seccomp-filter.patch @@ -0,0 +1,41 @@ +From: Vincent Blut <vincent.debian@free.fr> +Date: Fri, 15 Mar 2019 00:03:24 +0100 +Subject: sys_linux: allow further syscalls in seccomp filter + +Adding these syscalls in the seccomp filter whitelist is a prerequisite for +the arm64 architecture. + +Forwarded: https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-dev/2019/03/msg00001.html +Applied-Upstream: https://git.tuxfamily.org/chrony/chrony.git/commit/?id=2ddd0ae23181f529bf0e8abaecfc9c726d672568 +--- + sys_linux.c | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +--- a/sys_linux.c ++++ b/sys_linux.c +@@ -499,9 +499,11 @@ SYS_Linux_EnableSystemCallFilter(int lev + SCMP_SYS(mprotect), SCMP_SYS(mremap), SCMP_SYS(munmap), SCMP_SYS(shmdt), + /* Filesystem */ + SCMP_SYS(_llseek), SCMP_SYS(access), SCMP_SYS(chmod), SCMP_SYS(chown), +- SCMP_SYS(chown32), SCMP_SYS(fstat), SCMP_SYS(fstat64), SCMP_SYS(getdents), +- SCMP_SYS(getdents64), SCMP_SYS(lseek), SCMP_SYS(rename), SCMP_SYS(stat), +- SCMP_SYS(stat64), SCMP_SYS(statfs), SCMP_SYS(statfs64), SCMP_SYS(unlink), ++ SCMP_SYS(chown32), SCMP_SYS(faccessat), SCMP_SYS(fchmodat), SCMP_SYS(fchownat), ++ SCMP_SYS(fstat), SCMP_SYS(fstat64), SCMP_SYS(getdents), SCMP_SYS(getdents64), ++ SCMP_SYS(lseek), SCMP_SYS(newfstatat), SCMP_SYS(rename), SCMP_SYS(renameat), ++ SCMP_SYS(stat), SCMP_SYS(stat64), SCMP_SYS(statfs), SCMP_SYS(statfs64), ++ SCMP_SYS(unlink), SCMP_SYS(unlinkat), + /* Socket */ + SCMP_SYS(bind), SCMP_SYS(connect), SCMP_SYS(getsockname), SCMP_SYS(getsockopt), + SCMP_SYS(recv), SCMP_SYS(recvfrom), SCMP_SYS(recvmmsg), SCMP_SYS(recvmsg), +@@ -510,8 +512,8 @@ SYS_Linux_EnableSystemCallFilter(int lev + SCMP_SYS(socketcall), + /* General I/O */ + SCMP_SYS(_newselect), SCMP_SYS(close), SCMP_SYS(open), SCMP_SYS(openat), SCMP_SYS(pipe), +- SCMP_SYS(poll), SCMP_SYS(read), SCMP_SYS(futex), SCMP_SYS(select), +- SCMP_SYS(set_robust_list), SCMP_SYS(write), ++ SCMP_SYS(pipe2), SCMP_SYS(poll), SCMP_SYS(ppoll), SCMP_SYS(pselect6), SCMP_SYS(read), ++ SCMP_SYS(futex), SCMP_SYS(select), SCMP_SYS(set_robust_list), SCMP_SYS(write), + /* Miscellaneous */ + SCMP_SYS(getrandom), SCMP_SYS(sysinfo), SCMP_SYS(uname), + }; diff --git a/debian/patches/allow-recv-send-in-seccomp-filter.patch b/debian/patches/allow-recv-send-in-seccomp-filter.patch new file mode 100644 index 0000000..67b8696 --- /dev/null +++ b/debian/patches/allow-recv-send-in-seccomp-filter.patch @@ -0,0 +1,24 @@ +From: Leigh Brown <leigh@solinno.co.uk> +Date: Wed, 13 Mar 2019 17:56:08 +0100 +Subject: [PATCH] sys_linux: allow recv and send in seccomp filter + +The lack of these two system calls has been problematic for the armv5tel +architecture. Other architectures might also be affected. + +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924494 +Forwarded: https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-dev/2019/03/msg00000.html +Applied-Upstream: https://git.tuxfamily.org/chrony/chrony.git/commit/?id=79db0b7eca3ffff1b6c6a86cf1a342a40cc76d2f +--- +--- a/sys_linux.c ++++ b/sys_linux.c +@@ -504,8 +504,8 @@ SYS_Linux_EnableSystemCallFilter(int lev + SCMP_SYS(stat64), SCMP_SYS(statfs), SCMP_SYS(statfs64), SCMP_SYS(unlink), + /* Socket */ + SCMP_SYS(bind), SCMP_SYS(connect), SCMP_SYS(getsockname), SCMP_SYS(getsockopt), +- SCMP_SYS(recvfrom), SCMP_SYS(recvmmsg), SCMP_SYS(recvmsg), +- SCMP_SYS(sendmmsg), SCMP_SYS(sendmsg), SCMP_SYS(sendto), ++ SCMP_SYS(recv), SCMP_SYS(recvfrom), SCMP_SYS(recvmmsg), SCMP_SYS(recvmsg), ++ SCMP_SYS(send), SCMP_SYS(sendmmsg), SCMP_SYS(sendmsg), SCMP_SYS(sendto), + /* TODO: check socketcall arguments */ + SCMP_SYS(socketcall), + /* General I/O */ diff --git a/debian/patches/allow-waitpid-in-seccomp-filter.patch b/debian/patches/allow-waitpid-in-seccomp-filter.patch new file mode 100644 index 0000000..a4a01b6 --- /dev/null +++ b/debian/patches/allow-waitpid-in-seccomp-filter.patch @@ -0,0 +1,22 @@ +From 2ebba7fbaaf7c86d1840cacb7aa78b62d0166d5a Mon Sep 17 00:00:00 2001 +From: Vincent Blut <vincent.debian@free.fr> +Date: Thu, 28 Feb 2019 16:43:56 +0100 +Subject: sys_linux: allow waitpid in seccomp filter + +Forwarded: https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-dev/2019/02/msg00001.html +Applied-Upstream: https://git.tuxfamily.org/chrony/chrony.git/commit/?id=2ebba7fbaaf7c86d1840cacb7aa78b62d0166d5a +--- + sys_linux.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/sys_linux.c ++++ b/sys_linux.c +@@ -493,7 +493,7 @@ SYS_Linux_EnableSystemCallFilter(int lev + SCMP_SYS(clone), SCMP_SYS(exit), SCMP_SYS(exit_group), SCMP_SYS(getpid), + SCMP_SYS(getrlimit), SCMP_SYS(rt_sigaction), SCMP_SYS(rt_sigreturn), + SCMP_SYS(rt_sigprocmask), SCMP_SYS(set_tid_address), SCMP_SYS(sigreturn), +- SCMP_SYS(wait4), ++ SCMP_SYS(wait4), SCMP_SYS(waitpid), + /* Memory */ + SCMP_SYS(brk), SCMP_SYS(madvise), SCMP_SYS(mmap), SCMP_SYS(mmap2), + SCMP_SYS(mprotect), SCMP_SYS(mremap), SCMP_SYS(munmap), SCMP_SYS(shmdt), diff --git a/debian/patches/create-new-file-when-writing-pidfile.patch b/debian/patches/create-new-file-when-writing-pidfile.patch new file mode 100644 index 0000000..96defbf --- /dev/null +++ b/debian/patches/create-new-file-when-writing-pidfile.patch @@ -0,0 +1,187 @@ +From f00fed20092b6a42283f29c6ee1f58244d74b545 Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar <mlichvar@redhat.com> +Date: Thu, 6 Aug 2020 09:31:11 +0200 +Subject: main: create new file when writing pidfile + +When writing the pidfile, open the file with the O_CREAT|O_EXCL flags +to avoid following a symlink and writing the PID to an unexpected file, +when chronyd still has the root privileges. + +The Linux open(2) man page warns about O_EXCL not working as expected on +NFS versions before 3 and Linux versions before 2.6. Saving pidfiles on +a distributed filesystem like NFS is not generally expected, but if +there is a reason to do that, these old kernel and NFS versions are not +considered to be supported for saving files by chronyd. + +This is a minimal backport specific to this issue of the following +commits: +- commit 2fc8edacb810 ("use PATH_MAX") +- commit f4c6a00b2a11 ("logging: call exit() in LOG_Message()") +- commit 7a4c396bba8f ("util: add functions for common file operations") +- commit e18903a6b563 ("switch to new util file functions") + +Reported-by: Matthias Gerstner <mgerstner@suse.de> + +--- a/logging.c ++++ b/logging.c +@@ -171,6 +171,7 @@ void LOG_Message(LOG_Severity severity, + system_log = 0; + log_message(1, severity, buf); + } ++ exit(1); + break; + default: + assert(0); +--- a/main.c ++++ b/main.c +@@ -281,13 +281,9 @@ write_pidfile(void) + if (!pidfile[0]) + return; + +- out = fopen(pidfile, "w"); +- if (!out) { +- LOG_FATAL("Could not open %s : %s", pidfile, strerror(errno)); +- } else { +- fprintf(out, "%d\n", (int)getpid()); +- fclose(out); +- } ++ out = UTI_OpenFile(NULL, pidfile, NULL, 'W', 0644); ++ fprintf(out, "%d\n", (int)getpid()); ++ fclose(out); + } + + /* ================================================== */ +--- a/sysincl.h ++++ b/sysincl.h +@@ -37,6 +37,7 @@ + #include <glob.h> + #include <grp.h> + #include <inttypes.h> ++#include <limits.h> + #include <math.h> + #include <netdb.h> + #include <netinet/in.h> +--- a/util.c ++++ b/util.c +@@ -1179,6 +1179,101 @@ UTI_CheckDirPermissions(const char *path + + /* ================================================== */ + ++static int ++join_path(const char *basedir, const char *name, const char *suffix, ++ char *buffer, size_t length, LOG_Severity severity) ++{ ++ const char *sep; ++ ++ if (!basedir) { ++ basedir = ""; ++ sep = ""; ++ } else { ++ sep = "/"; ++ } ++ ++ if (!suffix) ++ suffix = ""; ++ ++ if (snprintf(buffer, length, "%s%s%s%s", basedir, sep, name, suffix) >= length) { ++ LOG(severity, "File path %s%s%s%s too long", basedir, sep, name, suffix); ++ return 0; ++ } ++ ++ return 1; ++} ++ ++/* ================================================== */ ++ ++FILE * ++UTI_OpenFile(const char *basedir, const char *name, const char *suffix, ++ char mode, mode_t perm) ++{ ++ const char *file_mode; ++ char path[PATH_MAX]; ++ LOG_Severity severity; ++ int fd, flags; ++ FILE *file; ++ ++ severity = mode >= 'A' && mode <= 'Z' ? LOGS_FATAL : LOGS_ERR; ++ ++ if (!join_path(basedir, name, suffix, path, sizeof (path), severity)) ++ return NULL; ++ ++ switch (mode) { ++ case 'r': ++ case 'R': ++ flags = O_RDONLY; ++ file_mode = "r"; ++ if (severity != LOGS_FATAL) ++ severity = LOGS_DEBUG; ++ break; ++ case 'w': ++ case 'W': ++ flags = O_WRONLY | O_CREAT | O_EXCL; ++ file_mode = "w"; ++ break; ++ case 'a': ++ case 'A': ++ flags = O_WRONLY | O_CREAT | O_APPEND; ++ file_mode = "a"; ++ break; ++ default: ++ assert(0); ++ return NULL; ++ } ++ ++try_again: ++ fd = open(path, flags, perm); ++ if (fd < 0) { ++ if (errno == EEXIST) { ++ if (unlink(path) < 0) { ++ LOG(severity, "Could not remove %s : %s", path, strerror(errno)); ++ return NULL; ++ } ++ DEBUG_LOG("Removed %s", path); ++ goto try_again; ++ } ++ LOG(severity, "Could not open %s : %s", path, strerror(errno)); ++ return NULL; ++ } ++ ++ UTI_FdSetCloexec(fd); ++ ++ file = fdopen(fd, file_mode); ++ if (!file) { ++ LOG(severity, "Could not open %s : %s", path, strerror(errno)); ++ close(fd); ++ return NULL; ++ } ++ ++ DEBUG_LOG("Opened %s fd=%d mode=%c", path, fd, mode); ++ ++ return file; ++} ++ ++/* ================================================== */ ++ + void + UTI_DropRoot(uid_t uid, gid_t gid) + { +--- a/util.h ++++ b/util.h +@@ -176,6 +176,17 @@ extern int UTI_CreateDirAndParents(const + permissions and its uid/gid must match the specified values. */ + extern int UTI_CheckDirPermissions(const char *path, mode_t perm, uid_t uid, gid_t gid); + ++/* Open a file. The full path of the file is constructed from the basedir ++ (may be NULL), '/' (if basedir is not NULL), name, and suffix (may be NULL). ++ Created files have specified permissions (umasked). Returns NULL on error. ++ The following modes are supported (if the mode is an uppercase character, ++ errors are fatal): ++ r/R - open an existing file for reading ++ w/W - open a new file for writing (remove existing file) ++ a/A - open an existing file for appending (create if does not exist) */ ++extern FILE *UTI_OpenFile(const char *basedir, const char *name, const char *suffix, ++ char mode, mode_t perm); ++ + /* Set process user/group IDs and drop supplementary groups */ + extern void UTI_DropRoot(uid_t uid, gid_t gid); + diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..ada08f7 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,5 @@ +allow-_llseek-in-seccomp-filter.patch +allow-waitpid-in-seccomp-filter.patch +allow-recv-send-in-seccomp-filter.patch +allow-further-syscalls-in-seccomp-filter.patch +create-new-file-when-writing-pidfile.patch diff --git a/debian/postinst b/debian/postinst new file mode 100644 index 0000000..adc86b8 --- /dev/null +++ b/debian/postinst @@ -0,0 +1,86 @@ +#!/bin/sh +# postinst script for chrony +# +# see: dh_installdeb(1) + +set -e + + +# targets: configure|abort-upgrade|abort-remove|abort-deconfigure + +case "$1" in + configure) + + if ! getent passwd _chrony > /dev/null 2>&1 + then + echo "Creating '_chrony' system user/group for the chronyd daemon…" + adduser --force-badname \ + --system \ + --group \ + --quiet \ + --gecos "Chrony daemon" \ + --home /var/lib/chrony \ + --no-create-home _chrony + fi + + # Change the owner of "/var/l{ib,og}/chrony" directories and their + # subfiles to "_chrony" only if the user has not set the "user" + # directive in chrony.conf + if ! grep "^user" /etc/chrony/chrony.conf > /dev/null 2>&1; then + chown _chrony:_chrony /var/lib/chrony + if [ -d /var/log/chrony ]; then + chown _chrony:_chrony /var/log/chrony + fi + fi + + # Before version 2.2.1-1, we used to create the chrony.keys file from + # the post-installation script and fed it with a random command password. + # Since that command password isn’t needed anymore, a simple key file + # template has been created which is then copied to its destination by ucf. + # The consequence of this move was a prompt presented to the user on + # upgrade even if the key file has been unmodified; this is a violation + # of Debian policy § 10.7.3! The script below workaround that issue by + # deleting the key file when upgrading from chrony < 2.2.1-1 iff a single + # key if found in the file and that the key ID correspond to the ID + # specified by the commandkey ID found in “chrony.conf” and that the + # original key file has the same modes and owners than the new template + # key file. + # Reference: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820087 + if [ -n "$2" ] && dpkg --compare-versions "$2" lt "2.2.1-1"; then + commandkey_id=$(awk '$1 ~ /^commandkey$/ { print $2; exit }' /etc/chrony/chrony.conf) + key_id=$(awk '{ print $1; exit }' /etc/chrony/chrony.keys) + orig_keyfile_perm=$(stat -c "%a%u%g" /etc/chrony/chrony.keys 2> /dev/null) + keyfile_tml_perm=$(stat -c "%a%u%g" /usr/share/chrony/chrony.keys 2> /dev/null) + if [ "$(grep -c "^[0-9]" /etc/chrony/chrony.keys)" -eq 1 ] && + [ "$commandkey_id" -eq "$key_id" ] 2>/dev/null && + [ "$orig_keyfile_perm" = "$keyfile_tml_perm" ]; then + rm -f /etc/chrony/chrony.keys + fi + fi + + if command -v ucf >/dev/null + then + ucf --three-way /usr/share/chrony/chrony.conf /etc/chrony/chrony.conf + ucf --three-way /usr/share/chrony/chrony.keys /etc/chrony/chrony.keys + if [ -x "$(command -v ucfr)" ]; then + ucfr chrony /etc/chrony/chrony.conf + ucfr chrony /etc/chrony/chrony.keys + fi + fi + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/postrm b/debian/postrm new file mode 100644 index 0000000..ed3bac1 --- /dev/null +++ b/debian/postrm @@ -0,0 +1,50 @@ +#!/bin/sh +# postrm script for chrony +# +# see: dh_installdeb(1) + +set -e + +# targets: purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear + +case "$1" in + purge) + rm -f /var/lib/chrony/* + rm -f /etc/chrony/chrony.conf + rm -f /etc/chrony/chrony.keys + if command -v ucf >/dev/null + then + ucf --purge /etc/chrony/chrony.conf + ucf --purge /etc/chrony/chrony.keys + if [ -x "$(command -v ucfr)" ]; then + ucfr --purge chrony /etc/chrony/chrony.conf + ucfr --purge chrony /etc/chrony/chrony.keys + fi + fi + rm -rf /etc/chrony + rm -rf /run/chrony || true + rm -rf /var/lib/chrony + rm -rf /var/log/chrony + # Remove "_chrony" system user/group + if [ -x "$(command -v deluser)" ] + then + deluser --quiet --system _chrony > /dev/null 2>&1 || true + fi + ;; + + remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/preinst b/debian/preinst new file mode 100644 index 0000000..7536816 --- /dev/null +++ b/debian/preinst @@ -0,0 +1,36 @@ +#!/bin/sh +# preinst script for chrony +# +# see: dh_installdeb(1) + +set -e + +# targets: install|upgrade|abort-upgrade + +case "$1" in + upgrade) + APP_PROFILE="usr.sbin.chronyd" + APP_CONFFILE="/etc/apparmor.d/$APP_PROFILE" + APP_COMPLAIN="/etc/apparmor.d/force-complain/$APP_PROFILE" + # force-complain on upgrade from pre-shipped profile + if dpkg --compare-versions "$2" lt "3.2-2" ; then + mkdir -p `dirname "$APP_COMPLAIN"` 2>/dev/null || true + ln -sf "$APP_CONFFILE" "$APP_COMPLAIN" + fi + ;; + + install|abort-upgrade) + ;; + + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/prerm b/debian/prerm new file mode 100644 index 0000000..ec12057 --- /dev/null +++ b/debian/prerm @@ -0,0 +1,28 @@ +#!/bin/sh +# prerm script for chrony +# +# see: dh_installdeb(1) + +set -e + +# targets: remove|upgrade|deconfigure|failed-upgrade + +case "$1" in + remove|upgrade|deconfigure) + ;; + + failed-upgrade) + ;; + + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..64aa275 --- /dev/null +++ b/debian/rules @@ -0,0 +1,45 @@ +#!/usr/bin/make -f + +-include /usr/share/dpkg/buildtools.mk +export CC + +include /usr/share/dpkg/architecture.mk + +export DEB_BUILD_MAINT_OPTIONS=hardening=+all + +BASE=debian/chrony + +%: + dh $@ + +override_dh_auto_configure: + dh_auto_configure -- --mandir=/usr/share/man \ + --sysconfdir=/etc/chrony \ + --without-readline \ + --with-user=_chrony \ + --enable-scfilter \ + --chronyrundir=/run/chrony \ + --with-ntp-era=$(shell date -d '1970-01-01 00:00:00+00:00' +'%s') \ + --enable-ntp-signd \ + --with-hwclockfile=/etc/adjtime \ + --with-pidfile=/run/chronyd.pid \ + --host-system=Linux + +override_dh_install: + dh_install + install -m 0640 -t $(BASE)/usr/share/chrony/ debian/chrony.keys + install -m 0755 -T examples/chrony.nm-dispatcher $(BASE)/etc/NetworkManager/dispatcher.d/20-chrony + install -m 0644 -T examples/chrony.logrotate $(BASE)/etc/logrotate.d/chrony + dh_apparmor --profile-name=usr.sbin.chronyd -pchrony + install -D -p -m 0644 debian/chrony.dhcp $(BASE)/etc/dhcp/dhclient-exit-hooks.d/chrony + +override_dh_fixperms: + dh_fixperms -X usr/share/chrony/chrony.keys + +override_dh_installinit: + dh_installinit +# Disable the system call filter on architectures mentioned below +# due to missing support in libseccomp and/or in the Linux kernel. +ifneq (,$(filter $(DEB_HOST_ARCH), alpha ia64 m68k riscv64 sh4 sparc64)) + sed -i '/DAEMON_OPTS=/s/"-F -1"/""/' $(BASE)/etc/default/chrony +endif diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 0000000..fb124dc --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,7 @@ +Tests: upstream-simulation-test-suite +Depends: @, git, build-essential, ca-certificates +Restrictions: isolation-container, needs-root, allow-stderr, rw-build-tree, build-needed + +Tests: time-sources-from-dhcp-servers +Depends: @, isc-dhcp-server, isc-dhcp-client, iproute2, kmod +Restrictions: isolation-machine, needs-root diff --git a/debian/tests/time-sources-from-dhcp-servers b/debian/tests/time-sources-from-dhcp-servers new file mode 100644 index 0000000..d5d21c2 --- /dev/null +++ b/debian/tests/time-sources-from-dhcp-servers @@ -0,0 +1,42 @@ +#!/bin/sh +# Ensure that NTP servers obtained from DHCP are made available to chronyd and +# that they are removed when releasing the DHCP lease. + +set -e + +added_servers="/run/chrony-helper/added_servers" + +prepare_iface() { + modprobe dummy + ip link add name dummy0 type dummy + ip address add 192.168.1.1/24 dev dummy0 + ip link set dev dummy0 up +} + +dhcpd_config() { +cat <<EOF > /etc/dhcp/dhcpd.conf +default-lease-time 600; +max-lease-time 7200; +authorative; + +subnet 192.168.1.0 netmask 255.255.255.0 { + option subnet-mask 255.255.255.0; + option broadcast-address 192.168.1.255; + option ntp-servers 192.168.1.50; + range 192.168.1.42 192.168.1.100; +} +EOF + +sed -i 's/INTERFACESv4=""/INTERFACESv4="dummy0"/' /etc/default/isc-dhcp-server +} + +printf "Preparing the dummy network interface and dhcpd configuration…\n" +if prepare_iface && dhcpd_config; then + systemctl restart isc-dhcp-server && dhclient dummy0 && printf "Done!\n\n" +fi + +printf "Check if the NTP server is made available to chronyd…\n" +grep -q 192.168.1.50 $added_servers && printf "SUCCESS!\n\n" + +printf "Release the current lease and check if the NTP server has been correctly removed…\n" +dhclient -r dummy0 > /dev/null 2>&1 && [ ! -d "$added_servers" ] && printf "SUCCESS!\n\n" diff --git a/debian/tests/upstream-simulation-test-suite b/debian/tests/upstream-simulation-test-suite new file mode 100644 index 0000000..037ca36 --- /dev/null +++ b/debian/tests/upstream-simulation-test-suite @@ -0,0 +1,26 @@ +#!/bin/sh +#Upstream makes use of “clknetsim” to test how well “chronyd” controls the +#system clocks in various conditions. Due to “clknetsim” not being available +#in Debian, let’s use autopkgtest facility to build it in a container and +#test “chronyd” from there. + +set -e + +if ! dpkg-architecture -ilinux-any; then + echo "Simulation tests supported only on Linux…" + exit 0 +fi + +cd test/simulation + +if [ ! -d clknetsim ]; then + if git clone https://github.com/mlichvar/clknetsim; then + cd clknetsim && git checkout 58c5e8b + fi +fi + +if [ ! -x "clknetsim" ] && [ ! -e "clknetsim.so" ]; then + make +fi + +cd - && ./run -i 20 -m 2 diff --git a/debian/upstream/metadata b/debian/upstream/metadata new file mode 100644 index 0000000..1f6799e --- /dev/null +++ b/debian/upstream/metadata @@ -0,0 +1,9 @@ +Name: chrony +Documentation: https://chrony.tuxfamily.org/documentation.html +Changelog: https://chrony.tuxfamily.org/news.html +FAQ: https://chrony.tuxfamily.org/faq.html +Contact: chrony-users@chrony.tuxfamily.org +Security-Contact: Miroslav Lichvar <mlichvar@redhat.com> +Bug-Submit: chrony-users@chrony.tuxfamily.org +Repository: https://git.tuxfamily.org/chrony/chrony.git +Repository-Browse: https://git.tuxfamily.org/chrony/chrony.git/ diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc new file mode 100644 index 0000000..ce59e23 --- /dev/null +++ b/debian/upstream/signing-key.asc @@ -0,0 +1,29 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGiBEYLz1cRBADYNM9gn8g1Bw8t2Zj+HT9hbSHVs9ofSdxqdLEVAbNySeLftOlZ +ba+4CU+lIfC/6XHZ0r+UvTBVK+r/KLjFxWz5cWGGFVUrXOSjo2PDXDqWrs9VALtT +zH8sr0/7qJCByF9fnryPO1fmMKlh9R0+X5cF7vZjlWbM+BV/yxARi4lb4wCgpf9M +7uo9hJUcMyy2zJSdzjUPkcMEAMVyDpw7kwTjnWzwaOHnPlT/x31OkGAO2sZgzRGu +VE1zGN4Ruv36GS7hNPndtpTGZuPtmLrE2wJS2exer4kTYANfiGj/JDTiuGQYF2jp +9cN3zJL7e7Bik004TZVUGg3HzpuWWc/uiTXgrZxIDz4uPxjy5kdDfbhUziNsy9Uj +igOZBADQ9T6XYQBTfRmGUkl7hEeAeu+WfEGDVlHP+EpMtk/uANUqYef5xUG4RomE +EyjRlrEXwG7Ly2HhH3UADBuPjkP68AGN8WslbCNx5Na+nZr6r1sT1+Z3OdUDprpY +PQxCu5WWYsYgzroO/JEA2d3pYgaaHEAhyZxau1UtW4hpAn8svbQmTWlyb3NsYXYg +TGljaHZhciA8bWxpY2h2YXJAcmVkaGF0LmNvbT6IZgQTEQIAJgIbAwYLCQgHAwIE +FQIIAwQWAgMBAh4BAheABQJbt20rBQkb2aQNAAoJEF/wbym6HgE7MOkAnjdG94MF +4XAVLnzCVbrJb/Ishao4AJ9o1EL9U/at8KzvfZdpPyNrmoeq+bkCDQRGC89XEAgA +medsNk8FIYdzJYyP2eaIYKMTpSCFgTKE1EHdiRaX5n3oo9o26+vfA1NfIwKM8G54 +3Ddr1yl2PRmQermHMQahMMsXcehQXjsJoZXTglJq6kw5Xb1V1K6SyXQv/sLmWGxw +T91T+0I+9g+UqMeqR8B2hj950BbfWn6Pu5CRk2voTsYEU2ecejKOWOOrbUnD/5wy +mkSD/1g+T7bgGOHMrSgYWH3Fk7dWNKpGBtQn3cL7fKy+cn4koDW1L3ebxg4zWpFo +l51m3u8DXc9lqUjg9AoqJH1bc9eQPQvJKxd5syU2pkgtHhT2rlSqpRtsKsgRNfBC +qBbK9gtEM3DRUD+EbbEZgwADBQf8CTSksVEUs5svpQlldZERwViUwwVb4TMszKKq +nEti6zu6oMkIDreGzSISDsrWq1WxzUv9IYumwanzkgTpVVfFPxK7samtol8Lol5V +r3Zbil3Q0IGJ9thhitMHRSU3ClhVRZF5QF/MhSzD1j0cXK4Ls0np5DePT3H4tItZ ++OcEhZcDb8k2DMcJW/REuiisWOElwIDM0o0kZyQiy+5QRfE2xancu3n8+wGtwc0N +2Yp/elmIigreu0xuK7HaFOiScUYv00BJa/ZEO2aOkRuiKkdp3oxtz3MIdDYyGbI6 +mL4h+X8079i95yu+L2tUJGHeN5u+X0Hsg9sE6TpVEggQEI30YYhPBBgRAgAPAhsM +BQJbt22dBQkb2aZBAAoJEF/wbym6HgE7rJYAn1gpOMPrFyjezpaYsloAwjSZhu8t +AKCTJlsZByvaTTXjUMyQy2z7tjnVpw== +=4XBU +-----END PGP PUBLIC KEY BLOCK----- diff --git a/debian/usr.sbin.chronyd b/debian/usr.sbin.chronyd new file mode 100644 index 0000000..dac4e76 --- /dev/null +++ b/debian/usr.sbin.chronyd @@ -0,0 +1,64 @@ +# Last Modified: Sat Jan 20 10:45:05 2018 +#include <tunables/global> + +/usr/sbin/chronyd (attach_disconnected) { + #include <abstractions/base> + #include <abstractions/nameservice> + + capability sys_time, + capability net_bind_service, + capability setuid, + capability setgid, + capability sys_nice, + capability sys_resource, + # for /run/chrony to be created + capability chown, + # Needed to support HW timestamping + capability net_admin, + + /usr/sbin/chronyd mr, + + /etc/chrony/{,**} r, + /{,var/}run/chronyd.pid w, + /{,var/}run/chrony/{,*} rw, + /var/lib/chrony/{,*} r, + /var/lib/chrony/* w, + /var/log/chrony/{,*} r, + /var/log/chrony/* w, + + # Using the “tempcomp” directive gives chronyd the ability to improve + # the stability and accuracy of the clock by compensating the temperature + # changes measured by a sensor close to the oscillator. + @{sys}/class/hwmon/hwmon[0-9]*/temp[0-9]*_input r, + @{sys}/devices/virtual/thermal/thermal_zone[0-9]*/hwmon[0-9]*/temp[0-9]*_input r, + + # Support all paths suggested in the man page (LP: #1771028). Assume these + # are common use cases; others should be set as local include (see below). + # Configs using a 'chrony.' prefix like the tempcomp config file example + /etc/chrony.* r, + # Example gpsd socket is outside /{,var/}run/chrony/ + /{,var/}run/chrony.tty{,*}.sock rw, + # To sign replies to MS-SNTP clients by the smbd daemon + /var/lib/samba/ntp_signd r, + /var/lib/samba/ntp_signd/{,*} rw, + + # rtc + /etc/adjtime r, + /dev/rtc{,[0-9]*} rw, + + # gps devices + /dev/pps[0-9]* rw, + /dev/ptp[0-9]* rw, + + # Allow reading the chronyd configuration file that timemaster(8) generates + /{,var/}run/timemaster/chrony.conf r, + + # For use with clocks that report via shared memory (e.g. gpsd), + # you may need to give ntpd access to all of shared memory, though + # this can be considered dangerous. See https://launchpad.net/bugs/722815 + # for details. To enable, add this to local/usr.sbin.chronyd: + # capability ipc_owner, + + # Site-specific additions and overrides. See local/README for details. + #include <local/usr.sbin.chronyd> +} diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..a13ee59 --- /dev/null +++ b/debian/watch @@ -0,0 +1,3 @@ +version=4 +opts=pgpsigurlmangle=s/\.tar\.gz$/-tar-gz-asc.txt/ \ +https://download.tuxfamily.org/chrony/chrony-([\d\.]*)\.tar\.gz |