diff options
54 files changed, 4116 insertions, 0 deletions
diff --git a/debian/.gitlab-ci.yml b/debian/.gitlab-ci.yml new file mode 100644 index 0000000..9de3969 --- /dev/null +++ b/debian/.gitlab-ci.yml @@ -0,0 +1,14 @@ +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml + +# Skip the reprotest job as long as it is run as root due to problems with +# chrony system tests. +reprotest: + extends: .test-reprotest + only: + variables: + - $SEE_YOU_SOON_REPROTEST + +variables: + RELEASE: 'bullseye' diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 0000000..c25bd51 --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,58 @@ +chrony (3.4-2) unstable; urgency=medium + + To reduce the range of operations available to chronyd, and thereby decrease + the kernel attack surface, a system call filter is now active by default + wherever¹ possible. + Please, take into account that this change prevents the use of the + “mailonchange” directive in chrony.conf as the chronyd process will not be + allowed to fork and execute the sendmail binary. Therefore, it is fundamental + to disable the system call filter to continue using this directive! + + To do so, edit the /etc/default/chrony file and substitute the “-F -1” + parameter with “-F 0”. Restart chrony afterward. + + ¹Are currently excluded alpha, ia64, m68k, riscv64, sh4 and sparc64 + architectures due to lack of support in “libseccomp” and/or the Linux kernel. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 10 Feb 2019 18:44:22 +0100 + +chrony (2.2.1-1) unstable; urgency=medium + + In chrony versions before 2.2, the 'chrony.keys' file contained a command + key used for run-time configuration via the 'chronyc' command-line tool. + Starting from this version, support for this authentication method has been + dropped in favor of a Unix domain socket accessible only *locally* by root or + the _chrony system user. Consequently, if you refuse to use the 'chrony.keys' + file template provided by the maintainers when upgrading, please don’t forget + to manually remove the obsolete command key (ID 1) in the aforementioned file. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 07 Feb 2016 17:02:30 +0100 + +chrony (2.1.1-1) unstable; urgency=medium + + From this version, 'chronyd' will strictly act as an NTP client by default. If + you want it to serve time to other systems, please do so by configuring the + 'allow' directive. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 12 Oct 2015 19:12:39 +0200 + +chrony (1.31.1-1) unstable; urgency=medium + + From now on, we use the "hwclockfile" directive in /etc/chrony/chrony.conf. + Basically, it makes the detection of the standard (Local or UTC time) set + in /etc/adjtime — and used by the hardware clock — clearer compared to the + text processing method we used to use in the post install script to complete + the same task. Note that it overrides the "rtconutc" directive. + + Also, we now create the _chrony system user to which chronyd will drop root + privileges. For users already allowing chronyd to drop root privileges in + favor of the user configured by the "user" directive in + /etc/chrony/chrony.conf, your configuration will remain unchanged and will + still work as intended. + However, some users might use a custom init script to accomplish the same + task by invoking chronyd with the '-u' option. We advise you to drop this + option from your init script before upgrading, otherwise you’ll have to + readjust the owner of the /var/l{ib,og}/chrony directories (recursively) to + the user you configured in your init script. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 6 Sep 2015 22:14:54 +0200 diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 0000000..2188ed9 --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,29 @@ +Chrony for Debian +----------------- + + Notes about Debian-specific changes: + + - Default chrony’s configuration files are located in the /etc/chrony directory. + It is filled by two important files: + → chrony.conf (configuration of the chronyd daemon, see man 5 chrony.conf + for further information) + + → chrony.keys (lists keys used for NTP packets authentication, see + the “keyfile” directive in the chrony.conf(5) man page) + + - We also provide /etc/ppp/ip-up.d/chrony and /etc/ppp/ip-down.d/chrony + to put chronyd online/offline depending on the PPP link status. + + - Since version 1.31.1-1, we create the _chrony system user to which chronyd + will drop root privileges on initialisation. For users already allowing + chronyd to drop root privileges in favor of the user configured by the "user" + directive in chrony.conf, your configuration will remain unchanged and will + still work as it did. However, if you don’t want to deviate from Debian’s + default configuration, delete or comment out the "user" directive in + chrony.conf and recursively change the owner of the /var/lib/chrony and + /var/log/chrony directories. For example: + + # sed -i 's/^user/#user/' /etc/chrony/chrony.conf + # chown -R _chrony:_chrony /var/l{ib,og}/chrony + + -- Vincent Blut <vincent.debian@free.fr> Fri, 01 Mar 2019 19:02:12 +0100 diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..6b9c518 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,2418 @@ +chrony (4.0-8+deb11u2) bullseye; urgency=medium + + * debian/usr.sbin.chronyd: + - Allow reading the chronyd configuration file that timemaster(8) + generates. Thanks to Michael Lestinsky for the report! (Closes: #1004745) + + -- Vincent Blut <vincent.debian@free.fr> Mon, 14 Mar 2022 22:17:25 +0100 + +chrony (4.0-8+deb11u1) bullseye; urgency=medium + + * debian/patches/: + - Add fix-seccomp-filter-for-BINDTODEVICE-socket-option.patch to be able + to bind a socket to a network device with a name longer than 3 characters + when the system call filter is enabled. (Closes: #995207) + + -- Vincent Blut <vincent.debian@free.fr> Tue, 19 Oct 2021 22:02:40 +0200 + +chrony (4.0-8) unstable; urgency=medium + + * debian/patches/: + - Add allow-BINDTODEVICE-option-in-seccomp-filter.patch to enable support + for binding sockets to a device without having to disable the seccomp + filter. + - Add allow-getuid32-in-seccomp-filter.patch. Upstream found out that + getuid32() needed to be allowed in the seccomp filter to enable some NTS + operations on i686. This may affect other 32-bits architectures. + + -- Vincent Blut <vincent.debian@free.fr> Thu, 13 May 2021 16:51:41 +0200 + +chrony (4.0-7) unstable; urgency=medium + + * debian/patches/: + - Add allow-IP_TOS-socket-option-in-seccomp-filter.patch to enable the use + of the 'dscp' directive. + + -- Vincent Blut <vincent.debian@free.fr> Thu, 08 Apr 2021 16:21:16 +0200 + +chrony (4.0-6) unstable; urgency=medium + + * debian/tests/helper-functions: + - Instead of running 'systemctl restart chrony.service', use + __restart_chronyd() in the __no_system_clock_control() function. + - Run 'sleep 3' only if chronyd has successfully restarted. + + [ Christian Ehrhardt ] + * debian/tests/{dynamically-add-source,ntp-server-and-nts-auth}: + - Reduce default Ubuntu config to make space for testcase config. + + * debian/tests/helper-functions: + - Add more common functions and update some tests to use them. + - Wait after restarting chronyd. Without this, some tests break on Ubuntu by + checking state too early. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 21 Feb 2021 21:59:22 +0100 + +chrony (4.0-5) unstable; urgency=medium + + * Follow DEP-14 branch naming conventions: + master -> debian/latest + upstream -> upstream/latest + + * debian/chrony.service: + - Enable some hardening settings. + + * debian/control: + - Remove Joachim Wiedorn from the Uploaders field. This decision was taken + in agreement with him. Thanks a lot, Joachim, for your work on chrony and + for your benevolence when you handed me its maintenance. + - Point Vcs-Git to the debian/latest branch. + + * debian/dirs: + - Do not create the /etc/apparmor.d/force-complain directory. Not needed + anymore. + + * debian/postrm: + - Remove /run/chrony-dhcp on purge. + + * debian/preinst: + - Drop old migration code snippet. It was used to put the newly provided + AppArmor profile in complain mode when upgrading chrony to prevent + regressions this profile could have caused. (Closes: #905485) + + -- Vincent Blut <vincent.debian@free.fr> Thu, 04 Feb 2021 19:49:22 +0100 + +chrony (4.0-4) unstable; urgency=medium + + * debian/chrony.examples: + - Provide example configuration files. + + * debian/postinst: + - Run adduser unconditionally. + - Use 'chronyd -p' to check the whole configuration. + + * debian/tests/: + - Prevent dynamically-add-source and ntp-server-and-nts-auth tests from + failing on chronyd's preparation step. + - Don't pass 'set -u' to dynamically-add-source and + ntp-server-and-nts-auth scripts. + + * debian/tests/control: + - Mark dynamically-add-source as skippable. + + -- Vincent Blut <vincent.debian@free.fr> Thu, 21 Jan 2021 20:02:39 +0100 + +chrony (4.0-3) unstable; urgency=medium + + * debian/: + - chronyd's configuration can now be fragmented. Please see + /etc/chrony/conf.d/README for more information. + - NTP sources can be specified in /etc/chrony/sources.d. Please see + /etc/chrony/sources.d/README for more information. + + * debian/chrony.conf: + - Include configuration files found in /etc/chrony/conf.d. + - Use NTP sources found in /etc/chrony/sources.d. + - Get TAI-UTC offset and leap seconds from the system tz database by using + the "leapsectz right/UTC" directive. This directive must be commented out + when using time sources serving leap-smeared time. (Closes: #974845) + - Add missing comment. + + * debian/chrony.default: + - Switch the seccomp filter to level 1. + + * debian/chrony.lintian-overrides: + - Override breakout-link. + + * debian/control: + - Add tzdata to the dependencies. + - Bump Standards-Version to 4.5.1 (no changes required). + + * debian/copyright: + - Update copyright year for debian/*. + + * debian/postinst: + - Use dpkg-statoverride to manage mode bits and ownership of + /var/l{ib,og}/chrony. + + * debian/postrm: + - Remove overrides for /var/l{ib,og}/chrony on purge. + + * debian/rules: + - Drop '--without-readline' option. GNU readline support has been dropped + upstream due to license incompatibility. + - Replace -F -1 by -F 1 in the sed invocation. + + * debian/tests/: + - Add fragmented-configuration autopkgtest. + - Add dynamically-add-source autopkgtest. + - Add ntp-server-and-nts-auth autopkgtest. + + * debian/tests/control: + - Mark ntp-server-and-nts-auth as skippable. + + * debian/tests/fragmented-configuration: + - Use another directive for the test since "leapsectz right/UTC" is now + used by default. + + * debian/tests/helper-functions: + - Add __no_system_clock_control() function. + + * debian/tests/upstream-simulation-test-suite: + - Always use the same seed to get deterministic results. + + * debian/upstream/metadata: + - Remove obsolete field Name. Thanks to Debian Janitor <janitor@jelmer.uk>. + + * debian/usr.sbin.chronyd: + - Make use of the @{run} variable. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 18 Jan 2021 21:58:52 +0100 + +chrony (4.0-2) unstable; urgency=medium + + * Merge branch 'experimental' into 'master'. + + * Upload to unstable. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 13 Oct 2020 15:59:33 +0200 + +chrony (4.0-1) experimental; urgency=medium + + * Import upstream version 4.0: + - This release adds support for the Network Time Security (NTS) + authentication mechanism (RFC 8915). + - Please see /usr/share/doc/chrony/NEWS.gz for the release notes. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 07 Oct 2020 19:14:51 +0200 + +chrony (4.0~pre4-2) experimental; urgency=medium + + * debian/postinst: + - Fix user and group ownership of "/var/lib/chrony" to allow chronyd + to write in it. This will also fix a regression in the 104-systemdirs + test. + + -- Vincent Blut <vincent.debian@free.fr> Sat, 03 Oct 2020 11:20:02 +0200 + +chrony (4.0~pre4-1) experimental; urgency=medium + + * Import upstream version 4.0-pre4: + - Please see /usr/share/doc/chrony/NEWS.gz for the release notes. + + * Merge branch 'master' into experimental. (Closes: #970421) + + * debian/chrony.conf: + - Use NTP sources from /run/chrony-dhcp. + - Save NTS keys and cookies in /var/lib/chrony/. + + * debian/chrony-dnssrv@.service: + - Update "chrony-helper" path. + + * debian/chrony.dhcp: + - Save NTP servers from DHCP to /run/chrony-dhcp/$interface.sources. + + * debian/chrony.lintian-overrides: + - Override executable-in-usr-lib for NetworkManager dispatcher scripts. + - Update NetworkManager dispatcher script name. + + * debian/chrony.ppp.ip-{down,up}: + - Update PID file path. + + * debian/chrony.service: + - Update PID file path. + - Do not run 'chrony-helper update-daemon' after starting chronyd. Not + needed anymore. + + * debian/control: + - Build-depend on libgnutls28-dev to support NTS. + - Build-depend on gnutls-bin for the test suite. + - Bump debhelper-compat to 13. + + * debian/copyright: + - Update copyright years. + + * debian/dirs: + - Remove var/log/chrony as it will be created automatically if it doesn’t + exist. + + * debian/if-{post-down,up}: + - Update PID file path. + + * debian/init: + - Update PID file path. + - Drop the unnecessary '--remove pidfile' option from the stop target. + - Do not run 'chrony-helper update-daemon' after starting chronyd. Not + needed anymore. + + * debian/install: + - Move "chrony-helper" to "/usr/libexec/chrony". + + * debian/links: + - Update source and destination filenames. + + * debian/patches/: + - Drop patches applied upstream. + - Add nm-dispatcher-dhcp_Move-server_dir-to-run.patch. + + * debian/postinst: + - Drop migration code from pre-Stretch. + - Migrate NTP sources obtained from DHCP to /run/chrony-dhcp on upgrade + from chrony < 4.0~pre4-1. + - Remove staled PID file when upgrading from chrony < 4.0~pre4-1. + + * debian/rules: + - Change the default PID file location from /run to /run/chrony. + - Drop dh_missing --fail-missing. This is the default in debhelper 13. + - Enable seccomp support by default on riscv64. + - Update NetworkManager dispatcher script name from 20-chrony to + 20-chrony-onoffline. + - Add DHCP NetworkManager dispatcher script to allow chronyd to use + NTP sources obtained from NM's internal DHCP client. + + * debian/tests/: + - Add some helper functions. Some tests will be updated thereafter + to use them. + + * debian/tests/time-sources-from-dhcp-servers: + - Adapt to the new way of using time sources from DHCP. + - Improve sed invocation. + + * debian/tests/upstream-simulation-test-suite: + - Update clknetsim version. + - Cosmetic changes. + + * debian/tests/upstream-system-tests: + - No need to stop systemd-timesyncd anymore since it is no more + co-installable with chrony anymore. + + * debian/usr.sbin.chronyd: + - Update PID file path. + - Add dac_override and dac_read_search capabilities to give "root" the + ability to write the PID file in /run/chrony/. + - Prefix flag definition by "flags=". + - Sort the capabilities. + - Grant CAP_NET_RAW capability to allow an NTP socket to be bound to a + device using the SO_BINDTODEVICE socket option on kernels before 5.7. + - Add comments regarding capabilities. + - Let chronyd create /var/l{ib,og}/chrony. + - Remove a superfluous rule. + - Allow reading of NTP sources in /run/chrony-dhcp/. + + * debian/watch: + - Make use of special strings. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 02 Oct 2020 21:21:08 +0200 + +chrony (3.5.1-1) unstable; urgency=medium + + * Import upstream version 3.5.1: + - Please see /usr/share/doc/chrony/NEWS.gz for the release notes. + - CVE-2020-14367: create new file when writing pidfile. + + * debian/chrony.lintian-overrides: + - Remove unused override. + + [ Ville Skyttä ] + * debian/chrony.conf: + - Comment spelling fix. (MR: !5) + + -- Vincent Blut <vincent.debian@free.fr> Thu, 20 Aug 2020 14:07:22 +0200 + +chrony (3.5-9) unstable; urgency=medium + + * debian/patches/: + - Add allow-some-*time64-syscalls-in-seccomp-filter.patch. Needed for + 32-bit architectures with new system calls using 64-bit time_t. + (LP: #1878005) + + * debian/tests/control: + - Add needs-internet restriction to the upstream-simulation-test-suite + test. + + [ Christian Ehrhardt ] + * debian/tests/upstream-simulation-test-suite: + - Skip if preparation steps fail. + - Make preparation steps more verbose. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 19 May 2020 16:42:18 +0200 + +chrony (3.5-8) unstable; urgency=medium + + * debian/postrm: + - Stop starting systemd-timesyncd in postrm. This is no longer relevant + since systemd-timesyncd is a standalone package declaring + Conflicts/Replaces/Provides: time-daemon. (Closes: #955773) + + [ Christian Ehrhardt ] + * debian/tests/upstream-system-tests: + - Stop chrony/systemd-timesynd before running these tests. (LP: #1870144) + + -- Vincent Blut <vincent.debian@free.fr> Sun, 05 Apr 2020 17:44:31 +0200 + +chrony (3.5-7) unstable; urgency=medium + + * debian/chrony.maintscript: + - Remove the /etc/NetworkManager/dispatcher.d/20-chrony conffile. + + * debian/control: + - Support seccomp facility on riscv64. It should be noted that the system + call filter will stay disabled by default on this architecture until + Linux >= 5.5 hits unstable. + - Bump libseccomp-dev build-dep to 2.4.3-1~ to provide seccomp facility on + riscv64. + - Break network-manager (<< 1.20.0-1~). Prior to this version, + NetworkManager would not look for dispatcher scripts into + /usr/lib/NetworkManager/dispatcher.d/. + + * debian/dirs: + - Create the usr/lib/NetworkManager/dispatcher.d subdirectories. + + * debian/links: + - Change the location of the NetworkManager dispatcher script. + + * debian/patches/: + - Add allow-renameat2-in-seccomp-filter.patch. Required as the riscv64 + architecture does not support the rename() and renameat() system calls. + + * debian/rules: + - Move the NetworkManager dispatcher script in + /usr/lib/NetworkManager/dispatcher.d/. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 17 Mar 2020 15:21:53 +0100 + +chrony (3.5-6) unstable; urgency=medium + + * debian/chrony.service: + - Don’t conflict with systemd-timesyncd.service. + A few users complain that chronyd does not start at boot. The way the + Conflict= directive works internally might cause both systemd-timesyncd + and chronyd to be inactive at boot. So by relying solely on the + disable-with-time-daemon.conf drop-in file provided by systemd, we should + get rid of this malfunction while still preventing these two time daemons + from being active at the same time. Kudos notably go to Santiago Vila for + the report and providing SSH access to a GCE instance where the issue was + reproducible and Michael Biebl for debugging. (Closes: #947936) + + * debian/control: + - Bump Standards-Version to 4.5.0 (no changes required). + - No need to explicitly conflict with ntp as it now provides time-daemon. + + * debian/copyright: + - Update copyright year for debian/*. + + * debian/patches/: + - Add allow-clock_adjtime-in-seccomp-filter.patch. + glibc 2.31 switched the adjtimex() function to the clock_adjtime + system call. + + * debian/tests/upstream-simulation-test-suite: + - Update clknetsim version. This new version supports glibc >= 2.31 headers. + (LP: #1866753) + + * debian/tests/control: + - Run the upstream-simulation-test-suite as root. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 10 Mar 2020 19:17:16 +0100 + +chrony (3.5-5) unstable; urgency=medium + + * debian/control: + - Bump standard-version to 4.4.1 (no change required). + + * debian/install: + - Install 50-chrony.list in /usr/lib/systemd/ntp-units.d. + + * debian/ntp-units.d/50-chrony.list: + - Allow timedated to interact with chronyd. + + * debian/patches/*: + - Cherry-pick upstream commits to better manage RTCs that don't support + interrupts. This fixes an issue exhibited when a specific upstream system + test is run on the Ubuntu CI. Thank to Christian Ehrhardt for working + with Miroslav Lichvar to address this problem. + + * debian/tests/control: + - Use @builddeps@ as a test dependency for upstream_system_tests. + + [ Christian Ehrhardt ] + * debian/tests/upstream-simulation-test-suite: + - Redirect stderr on make call to stdout. On some architectures (e.g. armhf) + the clksim tests compile but throw some warnings. (MR: !2) + + -- Vincent Blut <vincent.debian@free.fr> Sun, 22 Dec 2019 17:30:40 +0100 + +chrony (3.5-4) unstable; urgency=medium + + * debian/tests/control: + - Add @builddeps@ to the list of dependencies needed by the + upstream-simulation-test-suite test. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 30 Aug 2019 00:49:20 +0200 + +chrony (3.5-3) unstable; urgency=medium + + * debian/chrony.lintian-overrides: + - Override package-supports-alternative-init-but-no-init.d-script. This + is a false positive. chrony-dnssrv@.service isn’t a daemon but a oneshot + service, not started at boot, whose role is to lookup for _ntp._udp DNS SRV + records. + + * debian/chrony.service: + - Pull in time-sync.target and order chrony before it as recommended in + systemd.special(7). + + * debian/control: + - Bump standard-version to 4.4.0 (no changes required). + + * debian/.gitlab-ci.yml: + - Switch to standard Salsa Pipeline. + - Skip the reprotest job for as long as it is run as root due to problems + with chrony system tests. + + * debian/tests/*: + - Revamp the upstream-simulation-test-suite test. + - Adjust dpkg dependencies for upstream-simulation-test-suite. + - Adjust restrictions for upstream-simulation-test-suite. + - Introduce upstream-system-tests. Add a new set of tests for testing + basic chronyd functionality. Destructive tests are run in a virtual + machine. + - Add ethtool to the list of dependencies needed by + run_destructive_system_tests. + - exit 77 if upstream-simulation-test-suite is run on non-Linux and mark + the test as skippable. Thanks to Paul Gevers <elbrus@debian.org> for the + suggestion. + - Make artifacts() exit 1. Again, thanks to Paul Gevers. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 13 Aug 2019 17:57:47 +0200 + +chrony (3.5-2) unstable; urgency=medium + + * Merge branch “experimental” into “master”. + + * debian/chrony.dhcp: + - Fix shellcheck warnings. Patch imported from Fedora. + + * debian/chrony-helper: + - Fix shellcheck warnings. Patch imported from Fedora. + + * debian/clean: + - Drop obsolete entries. + + * debian/copyright: + - Update copyright years. + - Update copyright holder for the configure script. + + * debian/patches/*: + - Add update_processing_of_packet_log.patch. This fixes a regression in + the simulation tests exhibited by the recent clknetsim changes. + (Closes: #931181) + + * debian/rules: + - Use dh_missing --fail-missing. + + * debian/tests/upstream-simulation-test-suite: + - Use a known good clknetsim commit. This should prevent regressions from + on-going “clknetsim” development. + + * debian/usr.sbin.chronyd: + - Grant access rights only to the ntp_signd socket. (Closes: #928170) + + [ Christian Ehrhardt ] + * debian/postrm: + - Re-establish systemd-timesyncd on removal. (MR: !1) + + -- Vincent Blut <vincent.debian@free.fr> Sat, 06 Jul 2019 20:33:41 +0200 + +chrony (3.5-1) experimental; urgency=medium + + * Import upstream version 3.5: + - Please see /usr/share/doc/chrony/NEWS.gz for the release notes. + + * debian/control: + - Ignore net-tools and procps build-dependencies if the profile nocheck is + active. + + * debian/rules: + - No test suite should be run if nocheck is passed to DEB_BUILD_OPTIONS. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 15 May 2019 18:44:12 +0200 + +chrony (3.5~pre1-1) experimental; urgency=medium + + * Import upstream version 3.5-pre1: + - Please see /usr/share/doc/chrony/NEWS.gz for the release notes. + + * debian/.gitlab-ci.yml: + - Use .build-package template job instead of .build-unstable. The latter + is deprecated. + + * debian/chrony.keys: + - Fix the comment about the location of the list of supported hash + functions and output encoding. These information are now available by + consulting the “keyfile” directive in the chrony.conf(5) man page. + + * debian/control: + - Drop dependency on lsb-base. Is is required when booting with sysvinit + and initscripts, however initscripts already Depends on lsb-base. + - Build-depend on net-tools and procps. kill, netstat and ps are needed + for the new system tests executed at build time (iff building as root). + + * debian/copyright: + - Add an entry for test/system/* files. + + * debian/patches/*: + - Drop all patches, they have been applied upstream. + + * debian/postinst: + - Drop migration code from pre-stretch. + + * debian/README.Debian: + - Fix information related to the chrony.keys file. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 12 May 2019 22:16:14 +0200 + +chrony (3.4-4) unstable; urgency=medium + + * debian/patches/*: + - Add allow-further-syscalls-in-seccomp-filter.patch. Supplementing the + seccomp filter whitelist with those syscalls is a prerequisite, notably for + the arm64 architecture. + + [ Leigh Brown ] + * debian/patches/*: + - Add allow-recv-send-in-seccomp-filter.patch. Necessary on armel and + ppc64el. Other architectures might also be affected. (Closes: #924494) + + -- Vincent Blut <vincent.debian@free.fr> Mon, 18 Mar 2019 19:35:34 +0100 + +chrony (3.4-3) unstable; urgency=medium + + * debian/.gitlab-ci.yml: + - Check for missing hardening flags. + + * debian/patches/*: + - Add allow-_llseek-in-seccomp-filter.patch. Needed on various 32-bit + plateforms to log the {raw}measurements and statistics information when + the seccomp filter is enabled. Thanks a lot to Francesco Poli (wintermute) + <invernomuto@paranoici.org> for the report. (Closes: #923137) + - Add allow-waitpid-in-seccomp-filter.patch. Needed to correctly stop + chronyd on some plateforms when the seccomp filter is enabled. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 04 Mar 2019 23:32:12 +0100 + +chrony (3.4-2) unstable; urgency=medium + + * debian/.gitlab-ci.yml: + - Replace home-made GitLab CI with the standard Salsa pipeline. + - Allow autopkgtest job to fail. The time-sources-from-dhcp-servers test + currently fails due to a testbed issue on salsa CI. + + * debian/chrony.default: + - Enable the system call filter by default. + + * debian/control: + - Bump standard-version to 4.3.0 (no changes required). + - Use the new debhelper-compat (= 12) notation and drop d/compat. + - Add Pre-Depends: ${misc:Pre-Depends}. Debhelper compatibility level 12 + makes use of the “--skip-systemd-native” flag from “invoke-rc.d”. Adding + Pre-Depends: ${misc:Pre-Depends} to d/control ensure that we have a recent + enough version of “init-system-helpers”. + - Suggest networkd-dispatcher. + + * debian/copyright: + - Add myself as a copyright holder for 2019. + + * debian/links: + - Now that “networkd-dispatcher” is in the Debian archive, link + NetworkManager dispatcher script to networkd-dispatcher routable and off + states. Patch cherry-picked from Ubuntu; thanks to Christian Ehrhardt + <christian.ehrhardt@canonical.com> for working on this. + + * debian/NEWS: + - Report that a system call filter is now enabled by default and the way + to disable it if needed. + + * debian/rules: + - Don’t enable the system call filter on some architectures due to missing + support in the “libseccomp” and/or the Linux kernel. + + * debian/upstream/: + - Strip upstream key from extra signatures. Thanks lintian! + - Remove the Miroslav-Lichvar.txt file as it serves no purpose. + + * debian/usr.sbin.chronyd: + - Don’t include “tunables/sys”. The etc/apparmor.d/tunables/sys file has + been deprecated in AppArmor 2.13.1! The @{sys} variable is now defined in + “tunables/kernelvars” which is included in “tunables/global”. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 13 Feb 2019 17:08:17 +0100 + +chrony (3.4-1) unstable; urgency=medium + + * Import upstream version 3.4: + - Please see /usr/share/doc/chrony/NEWS.gz for the release notes. + + * Merge branch “experimental” into “master”. + + * debian/chrony.service: + - Conflict with ntpsec.service. + + * debian/copyright: + - Update copyright years. + + * debian/patches/*: + - Remove fix-samplefilt-unit-test-to-work-with-low-precision-clock.patch, + fixed upstream. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 21 Sep 2018 14:12:03 +0200 + +chrony (3.4~pre1-2) experimental; urgency=medium + + * debian/patches/*: + - Cherry-pick upstream patch to fix samplefilt unit test to work with + low-precision clocks. This should prevent chrony from failing to build + from source on HPPA and Alpha. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 10 Sep 2018 18:39:58 +0200 + +chrony (3.4~pre1-1) experimental; urgency=medium + + * Import upstream version 3.4-pre1: + - Please see /usr/share/doc/chrony/NEWS.gz for the release notes. + + * debian/: + - Add “.gitlab-ci.yml” file to use GitLab Continuous Integration. + + * debian/chrony.if-{post-down,up}: + - Use the new “onoffline” command to tell chronyd to switch all sources to + the online or offline status according to the current network configuration. + + * debian/chrony.ppp.ip-{down,up}: + - As for ifupdown scripts, use the “onoffline” command. + + * debian/control: + - Bump standard-version to 4.2.1 (no changes required). + + * debian/patches/*: + - Remove fall-back-to-urandom.patch. Applied in this prerelease. + + * debian/post{inst,rm}: + - Use “command -v” instead of “which” to enhance portability. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 02 Sep 2018 19:14:08 +0200 + +chrony (3.3-3) unstable; urgency=medium + + * debian/: + - Normalize packaging with “wrap-and-sort -ab”. + + * debian/control: + - Bump standard-version to 4.2.0: + ↳ Install upstream release notes as “/usr/share/doc/chrony/NEWS.gz”. + Installing these as “/usr/share/doc/package/changelog.gz” is now + deprecated. + + * debian/patches/: + - Cherry-pick upstream patch to avoid hangs when starting + chronyd on newer kernels by falling back to urandom. + Thanks to Gustavo Scalet <gustavo.scalet@collabora.com> for the report and + the initial patch. (LP: #1787366, Closes: #906276) + + * debian/upstream/metadata: + - Add DEP12 upstream metadata file. + + -- Vincent Blut <vincent.debian@free.fr> Sat, 18 Aug 2018 16:23:19 +0200 + +chrony (3.3-2) unstable; urgency=medium + + * debian/chrony.service: + - Conflict with ntp.service. + + * debian/control: + - Bump standard-version to 4.1.4 (no changes required). + - Switch to the Nettle cryptographic library for hash functions. + + [ Helmut Grohne ] + * debian/rules: + - Pass CC to make and set “--host-system” to fix FTCBFS. (Closes: #895852) + + [ Christian Ehrhardt ] + * debian/usr.sbin.chronyd: + - Support all paths suggested in the man page. + (LP: #1771028, Closes: #898614) + + -- Vincent Blut <vincent.debian@free.fr> Mon, 14 May 2018 21:37:30 +0200 + +chrony (3.3-1) unstable; urgency=medium + + * Import upstream version 3.3: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * Merge branch “experimental” into “master”. + + * debian/copyright: + - Update copyright year. + + * debian/usr.sbin.chronyd: + - Allow CAP_NET_ADMIN to support HW timestamping. (LP: #1761327) + + -- Vincent Blut <vincent.debian@free.fr> Thu, 05 Apr 2018 02:08:31 +0200 + +chrony (3.3~pre1-1) experimental; urgency=medium + + * Import upstream version 3.3-pre1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/copyright: + - Add “hash_nettle.c” copyright information and update copyright year of + test/unit/* + + -- Vincent Blut <vincent.debian@free.fr> Thu, 15 Mar 2018 13:58:21 +0100 + +chrony (3.2-5) unstable; urgency=medium + + [ Christian Ehrhardt ] + * debian/usr.sbin.chronyd: + - Allow write access to RTC, PPS and PTP devices. + (Closes: #891201, LP: #1751241) + + -- Vincent Blut <vincent.debian@free.fr> Wed, 28 Feb 2018 17:31:08 +0100 + +chrony (3.2-4) unstable; urgency=medium + + * debian/changelog: + - Remove trailing spaces. + + * debian/chrony-dnssrv@.service: + - Use NTP servers obtained from DNS SRV records. + + * debian/chrony-dnssrv@.timer: + - Periodic lookup of DNS SRV records. + + * debian/chrony-helper: + - New helper script to make use of NTP servers obtained from DHCP and + _ntp._udp DNS SRV records. + + * debian/chrony.dhcp: + - Add a dhclient-exit-hook script to add/remove NTP servers depending + on the operations invoked by the DHCP client. (Closes: #889656) + + * debian/chrony.service: + - Run “/usr/lib/chrony/chrony-helper update-daemon” after starting chronyd. + + * debian/control: + - Suggest dnsutils. The dig utility is used to update files with NTP + servers from DNS SRV records. + + * debian/init: + - Run “/usr/lib/chrony/chrony-helper update-daemon” after starting chronyd. + + * debian/install: + - Install the chrony-helper script in /usr/lib/chrony. + - Install chrony-dnssrv@.* files in /lib/systemd/system. + + * debian/postinst: + - Don’t use recursive chown as this is vulnerable to hardlink attacks on + mainline, non-Debian kernels that do not have fs.protected_hardlinks=1. + Thanks Lintian! + + * debian/postrm: + - Remove “/run/chrony” on purge. + + * debian/rules: + - Install the dhclient-exit-hook script in /etc/dhcp/dhclient-enter-hooks. + + * debian/tests/: + - Use autopkgtest to ensure that chronyd can use NTP servers obtained from + DHCP servers. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 20 Feb 2018 18:27:10 +0100 + +chrony (3.2-3) unstable; urgency=medium + + [ Christian Ehrhardt ] + * debian/chrony.default: + - Mention systemd service file in the comment. + + * debian/chrony.service: + - Support the DAEMON_OPTS variable from “/etc/default/chrony” in systemd + environment. (LP: #1746081, Closes: #889012) + + * debian/usr.sbin.chronyd: + - Allow the creation of /run/chrony on demand. + (LP: #1746444, Closes: #889011) + + -- Vincent Blut <vincent.debian@free.fr> Wed, 07 Feb 2018 21:27:09 +0100 + +chrony (3.2-2) unstable; urgency=medium + + * Initial AppArmor profile for chronyd. Thanks to Jamie + Strandboge <jamie@ubuntu.com>. (Closes: #888038) + + * debian/compat: + - Bump to debhelper compat 11. + + * debian/control: + - Bump standard-version to 4.1.3 (no changes required). + - Build depend on debhelper ≥ 11. + - Set “Rules-Requires-Root: no”. + - Move Vcs-* to salsa.debian.org. + + * debian/copyright: + - Add myself as a copyright holder for 2018. + + * debian/postinst: + - Don’t force removal of cron file since it doesn’t exist anymore. + + * debian/preinst: + - Update the chrony version on which to act. + - Add the debhelper token. + + * debian/usr.sbin.chronyd: + - Improve AppArmor profile to support more chronyd features and ease + portability with other distros. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 28 Jan 2018 19:33:46 +0100 + +chrony (3.2-1) unstable; urgency=medium + + * Import upstream version 3.2: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 15 Sep 2017 11:37:10 +0200 + +chrony (3.2~pre2-1) experimental; urgency=medium + + * Import upstream version 3.2-pre2: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/control: + - Bump standard-version to 4.1.0 (no changes required). + + * debian/copyright: + - Update copyright years. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 30 Aug 2017 15:48:37 +0200 + +chrony (3.2~pre1-1) experimental; urgency=medium + + * Import upstream version 3.2-pre1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/patches/*: + - Remove allow_getpid_in_seccomp_filter.patch and update the series file + accordingly. + + * debian/tests/upstream-simulation-test-suite: + - Run tests in multiple iterations. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 25 Jul 2017 21:13:22 +0200 + +chrony (3.1-5) unstable; urgency=medium + + * debian/chrony.if-up: + - Do not pass the “burst” command to chronyc as the script could return an + error in certain situations. As a consequence, that would prevent ifupdown + from writing the current state of the interfaces in /run/network/ifstate. + Thanks to John Eikenberry <jae@zhar.net> for reporting that issue. + (Closes: #868491) + + * debian/chrony.ppp.ip-up: + - Take the same action as for the “chrony.if-up” script as a precautionary + measure. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 17 Jul 2017 16:47:56 +0200 + +chrony (3.1-4) unstable; urgency=medium + + * Now that Stretch has been released (\o/), let’s upload chrony 3.1 to + unstable. + + * debian/: + - Remove the menu file used to launch “chronyc”. It is a CLI only tool, + thus it probably does not make a lot of sense to keep it in the Debian + menu. + + * debian/control: + - Drop dependency on pre-jessie util-linux version. + - Bump standard-version to 4.0.0 (no changes required). + + * debian/tests/upstream-simulation-test-suite: + - Fix the leading comment which mentioned “vm” despite the fact that the + test runs in a container. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 19 Jun 2017 02:30:10 +0200 + +chrony (3.1-3) experimental; urgency=medium + + * debian/chrony.if-{post-down,up}: + - Remove unnecessary “else” statements. + + * debian/chrony.ppp.ip-down: + - Don’t check and delete “/var/run/chrony-ppp-up”, that file doesn’t exist + anymore. + - Check for pid file existence instead of calling “pidof”. + + * debian/chrony.ppp.ip-up: + - Don’t create “/var/run/chrony-ppp-up” file after the ppp link came up. + - Check for pid file existence instead of calling “pidof”. + - Don’t call “chronyc” using its absolute path. + - Check for the presence of a default route before advising “chronyd” that + the network connectivity to the sources is ready. + + * debian/init: + - Check if “$PIDFILE” exists before taking action. + - Do not print informational messages. + - Remove the “chronyd” pid file when stopping as it doesn’t do it on + its own. + - Rework the “restart|force-reload” pattern. + - Make use of some init-functions. + - Print a message if “chronyd” is already running while attempting to start + it. + - Do not delete “/var/run/chrony-ppp-up”, that file doesn’t exist anymore. + + * d/rules: + - Move the default pid file from “/var/run” to “/run”. + + * d/tests/*: + - Use autopkgtest facility to run the upstream simulation test suite. + + -- Vincent Blut <vincent.debian@free.fr> Sun, 14 May 2017 17:26:15 +0200 + +chrony (3.1-2) experimental; urgency=medium + + * Merge branch 'master' into experimental. (Closes: #861258) + + * debian/patches/*: + - Remove the “fix_time_smoothing_in_interleaved_mode.patch” patch. Not + needed anymore. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 26 Apr 2017 21:17:43 +0200 + +chrony (3.1-1) experimental; urgency=medium + + * Import upstream version 3.1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/chrony.conf: + - Remove the “hwclockfile” directive. Unneeded now that the configure + script allows us to set the default path to the adjtime file via the + “--with-hwclockfile” option. + + * debian/copyright: + - Update copyright years. + + * debian/rules: + - Specify default path to hwclock adjtime file. + + -- Vincent Blut <vincent.debian@free.fr> Thu, 02 Feb 2017 19:24:30 +0100 + +chrony (3.0-4) unstable; urgency=medium + + * debian/patches/*: + - Backport commit 768bce799bfe to make chrony operable with the syscall + filtering feature enabled in level 1. (Closes: #861258) + + -- Vincent Blut <vincent.debian@free.fr> Wed, 26 Apr 2017 17:39:44 +0200 + +chrony (3.0-3) unstable; urgency=medium + + * debian/patches/*: + - Backport an upstream patch to fix time smoothing in interleaved mode. + (Closes: #854424) + + -- Vincent Blut <vincent.debian@free.fr> Tue, 07 Feb 2017 00:37:24 +0100 + +chrony (3.0-2) unstable; urgency=medium + + * debian/chrony.conf: + - Disable logging by default, it waste some disk space and users are + probably better served by “chronyc sources” and “chronyc sourcestats” + commands anyway. + + * debian/chrony.service: + - Remove the “Restart=on-failure” option. There are possible security + implications for NTP clients. + + * debian/dirs: + - Add etc/logrotate.d to avoid build failure. + + * Remove our logrotate configuration file in favour of the upstream’s one. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 18 Jan 2017 15:26:31 +0100 + +chrony (3.0-1) unstable; urgency=medium + + * Import upstream version 3.0: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * Merge branch “experimental”: + - Enable support for MS-SNTP authentication in Samba. + - Rename --chronysockdir to --chronyrundir. + - Enable seccomp facility on powerpcspe. + + * debian/chrony.conf: + - Make use of the “makestep” directive to step the system clock instead of + slewing it when necessary. + - Drop the “offline” option as per upstream’s advice to render chrony’s + start-up sequence safer. + + * debian/chrony.service: + - Reflect init-helper script deletion. + + * debian/copyright: + - Add myself as a copyright holder for 2017. + - Adjust copyright holders and update some copyright years. Kudos to Paul + Gevers <elbrus@debian.org> for spotting the necessary updates. + + * debian/init: + - Reflect init-helper script deletion. + + * debian/install: + - Don’t install the init-helper script, it has been deleted. + + * debian/README.Debian: + - Remove obsolete information. + + * Remove the init-helper script as it no longer needed. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 17 Jan 2017 22:05:31 +0100 + +chrony (3.0~pre3-1) experimental; urgency=low + + * Import upstream version 3.0-pre3: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 06 Jan 2017 14:20:13 +0100 + +chrony (3.0~pre2-2) experimental; urgency=low + + * Merge branch “master”. + + * Enable seccomp facility on powerpcspe. + + -- Vincent Blut <vincent.debian@free.fr> Tue, 03 Jan 2017 18:17:13 +0100 + +chrony (3.0~pre2-1) experimental; urgency=low + + * Import upstream version 3.0-pre2: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + -- Vincent Blut <vincent.debian@free.fr> Thu, 15 Dec 2016 15:23:44 +0100 + +chrony (3.0~pre1-1) experimental; urgency=low + + * Import upstream version 3.0-pre1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/copyright: + - Mention new files. + + * debian/rules: + - Enable support for MS-SNTP authentication in Samba. + - Rename --chronysockdir to --chronyrundir. + + -- Vincent Blut <vincent.debian@free.fr> Sat, 10 Dec 2016 16:30:19 +0100 + +chrony (2.4.1-3) unstable; urgency=medium + + * debian/apm: + - Removing that script as APM as been replaced by ACPI long time ago, thus + it’s highly probable that it isn’t useful anymore. + + * debian/chrony.maintscript: + - Remove the apm script’s conffile. + + * debian/chrony.service: + - Supply a systemd service file. + - Update unit section’s description. Add chronyc and chrony.conf man pages + information and remove reference to “/usr/share/doc/chrony.txt.gz” which + is not generated anymore. + - Update unit section’s documentation. + + * debian/dirs: + - Don’t create etc/apm/event.d as the apm script isn’t provided anymore. + + * debian/init: + - Convert to use the init-helper script. + + * debian/init-helper: + - Add a helper script that will be used to maintain feature parity between + the SysV script and the systemd service file. + + * debian/install: + - Install the init-helper script in “/usr/lib/chrony”. + + * debian/rules: + - Don’t install the now removed apm script. + + -- Vincent Blut <vincent.debian@free.fr> Thu, 22 Dec 2016 02:16:54 +0100 + +chrony (2.4.1-2) unstable; urgency=medium + + * debian/chrony.conf: + - Don’t create sample histories by default. Using that feature does not + make a lot of sense when using a pool of rapidely rotating time servers. + - Remove unused directives. + - Improve (well, I hope! ;-) ) the configuration file readability. + - Reword the driftfile directive commentary. + - Shorten the lead-in comment. + + * debian/control: + - Build-depend on pps-tools only on linux. + - Remove libnss3-dev from Build-Depends until #846012 is fixed. + + * debian/init: + - Don’t pass the “-r” option when restarting chronyd as we have disabled + the creation of sample histories by default. + + * debian/rules: + - Drop dh_auto_build override. Nowadays, the documentation is built by + default. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 9 Dec 2016 16:58:32 +0100 + +chrony (2.4.1-1) unstable; urgency=medium + + * Import upstream version 2.4.1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/chrony.default: + - New file used to pass options to chronyd. Thanks to nutzteil + <nutzteil@web.de> for the suggestion and the initial patch. + (Closes: #834240) + + * debian/compat: + - Bump to debhelper compat 10. + + * debian/control: + - Build depend on debhelper ≥ 10. + + * debian/copyright: + - Use HTTPS for all URI. + + * debian/init: + - Read and execute options assigned to the “DAEMON_OPTS” variable. + + * debian/rules: + - Drop dh “--parallel” option. Enabled by default in debhelper 10. + + -- Vincent Blut <vincent.debian@free.fr> Mon, 21 Nov 2016 12:58:05 +0100 + +chrony (2.4-1) unstable; urgency=medium + + The “Fix decade-old bug reports” release. + + * Import upstream version 2.4: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/chrony.if-{up,post-down}: + - New scripts used to put chronyd online/offline depending on the + state of the connection. (Closes: #240528,#312092,#389961) + + * debian/chrony.keys: + - Highlight “chronyc keygen” command to generate keys. + + * debian/chrony.ppp.ip-down: + - Be sure that there is no default route before going offline. + (Closes: #252131) + + * debian/control: + - Remove install-info dependency. + - Remove texinfo build dependency since documentation in Texinfo format + has been dropped upstream. + - Build depend on asciidoctor ≥ 1.5.3-1~. The version constraint is + important since chrony’s man pages are generated from “adoc” files, a + functionality that has been added in asciidoctor 1.5.3. + + * debian/dirs: + - Add “etc/NetworkManager/dispatcher.d”. + + * debian/doc-base: + - Remove the file since we do not generate chrony.{html,txt} anymore. + + * debian/docs: + - Remove references to chrony.{html,txt}. + + * debian/patches/*: + - Drop fix-ftbfs-on-powerpc-ppc64-ppc64el.diff; applied upstream. + - Update the “series” file accordingly. + + * debian/postinst: + - Use ucfr to associate chrony with its configuration files. Suggested by + Paul Gevers <elbrus@debian.org> + + * debian/postrm: + - Remove all vestiges of the association between chrony and its + configuration files. Also suggested by Paul Gevers <elbrus@debian.org> + + * debian/rules: + - Provide upstream NetworkManager dispatcher script. + + * debian/watch: + - Use HTTPS to fetch new upstream releases. + - Switch to version 4 format. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 17 Jun 2016 17:20:08 +0200 + +chrony (2.3-2) unstable; urgency=low + + * Cherry pick upstream patch to fix FTBFS on PowerPC, ppc64 and ppc64el + architectures. + + -- Vincent Blut <vincent.debian@free.fr> Fri, 20 May 2016 14:21:14 +0200 + +chrony (2.3-1) unstable; urgency=low + + * Import upstream version 2.3: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + (Closes: #818235) + + * debian/chrony.conf: + - Drop the “logchange” directive. Upstream has enabled “logchange” by + default with a threshold of 1 second. We now use that instead of our custom + threshold of 0,5 second which tended to spam syslog. + - Remove obsolete comment. + + * debian/chrony.lintian-overrides: + - Update “chrony.keys” path + + * debian/control: + - Bump standard-version to 3.9.8 (no changes required). + - Use HTTPS transport protocol for the homepage URL. + + * debian/copyright: + - Add some entries about new or untracked files. + + * debian/postinst: + - Move /usr/share/chrony/chrony.keys template to /etc/chrony using ucf. + - Avoid displaying needless prompt when upgrading to chrony ≥ 2.2.1-1. + (Closes: #820087) + + * debian/postrm: + - Remove chrony.keys on purge. + - Remove all vestiges of chrony.keys from the state hashfile. + + * debian/rules: + - Re-enable test suite. + - Remove dh_installinit override. The init script is LSB-compliant so + passing the “default” option or the two-digit sequence number is unneeded. + - Explicitly set the NTP era. With this change, the NTP time will be + mapped from 1970-01-01T00:00:00Z to 2106-02-07T06:28:16Z. Thanks to this + fixed value, chrony build should be reproducible. + - Move the key file template (chrony.keys) in /usr/share/chrony. + - Force /usr/share/chrony/chrony.keys to use 0640 modes. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 18 May 2016 23:13:05 +0200 + +chrony (2.2.1-1) unstable; urgency=medium + + * Import upstream versions 2.2 and 2.2.1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + - The 2.2.1 release version fixes CVE-2016-1567. (Closes: #812923) + + * debian/chrony.conf: + - Drop the commandkey directive. It is obsolete since the introduction of a + Unix domain command socket in chrony 2.2. + - Fix keyfile directive commentary. + + * debian/chrony.keys: + - New file template. + + * debian/chrony.lintian-overrides: + - New file used to force lintian to stop complaining about the “chrony.keys” + file modes (0640). + + * debian/chrony.ppp.ip-down: + - Drop obsolete authentication method to the chronyd daemon. This is now + handled by the usage of a Unix domain command socket. + + * debian/chrony.ppp.ip-up: + - Drop obsolete authentication method to the chronyd daemon. This is now + handled by the usage of a Unix domain command socket. + - Reinstate the “burst” chronyc command. + + * debian/control: + - Build depend on libseccomp-dev ≥ 2.2.3-3~. We need it to provide syscall + filtering. + - Fix a typo relative to the name of an architecture. + - Build depend on pkg-config. + - Restrict libcap-dev build dependency on Linux only. + - Depend on iproute2 instead of net-tools. + - Drop timelimit dependency. + - Update Vcs-Git to use HTTPS. + - Bump standard-version to 3.9.7 (no changes required). + + * debian/copyright: + - Update copyright year for debian/*. + + * debian/init: + - Make use of “ip r” instead of “netstat -rn”. (Closes: #818234) + - Delete unused “FLAGS” variable. + - Do not execute ip and chronyc through timelimit. + - Don’t call chronyc using its absolute path. + - Check if the value of the DAEMON variable is executable. + - Drop the two seconds delay as it should be unnecessary. + - Drop obsolete authentication method from the putonline() function. + - Fix indentation issue in the putonline() function. + + * debian/logrotate: + - Do not pass the “-a” option to chronyc, it’s no longer necessary. + + * debian/NEWS: + - Add a comment about the command key suppression from the “chrony.keys” + file. + + * debian/patches/: + - Drop 01_do-not-install-copying-file.patch, not needed anymore. + ↳ Remove reference to that patch from the series file. + + * debian/postinst: + - Do not create an ID/key pair for command authentication. Configuration + and monitoring via chronyc is now done using Unix domain socket accessible + by root or by the system user to which chronyd will drop root privileges, + i.e. _chrony. + + * debian/postrm: + - Remove /var/lib/chrony content only on purge. (Closes: #568492) + + * debian/README.Debian: + - Drop obsolete statement. + + * debian/rules: + - Build with --enable-scfilter. + - Install the “chrony.keys” file in /etc/chrony/ with 0640 modes. + - Override dh_fixperms to prevent it from modifying modes of the + “chrony.keys” file. By default, dh_fixperms tries to set the default modes + (0644). + - Move the “chronyd.sock” file from /var/run/chrony to /run/chrony. + + -- Vincent Blut <vincent.debian@free.fr> Sat, 19 Mar 2016 14:42:23 +0100 + +chrony (2.1.1-1) unstable; urgency=medium + + * Import upstream version 2.0 and 2.1.1: + - Please see /usr/share/doc/chrony/changelog.gz for the release notes. + + * debian/: + - Rename ppp scripts from ip-{up,down} to chrony.ppp.ip-{up,down}. + Necessary to let dh_installppp do its magic. + + * debian/chrony.conf: + - Use the new 'pool' directive to specify the pool of NTP servers. + - Use the iburst option to speed up the initial synchronization. + - Drop the minpoll option. There is no point to deviate from upstream here. + Consequently, the default minimum polling interval is now 64 seconds + instead of 256 seconds. + - Enable kernel synchronization of the RTC via the 'rtcsync' directive. + - Drop the commented out 'rtcfile' directive in the configuration file. + - Stricly act as an NTP client by default. Serving time to other systems + should be the decision of the administrator(s). (Closes: #778770) + - Clarify some comments. + - Improve comment about the 'commandkey' directive. + + * debian/control: + - Drop 'Recommends: udev (>= 0.124-1)' since it predates Debian squeeze. + + * debian/copyright: + - Update copyright years. + - Various cleanups. + - Update relative to sys_macosx.{c,h} files. + - The test/simulation/test.common file is under the GPL-2+ license. + Thanks to Paul Gevers <elbrus@debian.org> for catching it. + + * debian/NEWS: + - Comment the deactivation of the NTP server capability by default. + + * debian/patches/: + - Refresh 01_do-not-install-copying-file.patch. + + * debian/README.Debian: + - Fix misleading information. + + * debian/rules: + - No need to install ppp scripts from the 'rules' script. Let dh_installppp + handle that. + + -- Vincent Blut <vincent.debian@free.fr> Wed, 18 Nov 2015 00:11:23 +0100 + +chrony (1.31.1-2) unstable; urgency=medium + + * Rename the NEWS.Debian file to NEWS. dh_installchangelogs doesn’t seems + to be able to deal with the former name. + + -- Vincent Blut <vincent.debian@free.fr> Thu, 17 Sep 2015 21:50:30 +0200 + +chrony (1.31.1-1) unstable; urgency=medium + + * Import upstream version 1.31 and 1.31.1: + - Please see /usr/share/doc/chrony/changelog.gz for release notes. + + * debian/chrony.conf: + - Use the 'hwclockfile' directive. Avoid using text processing methods in + the post install script to find out if the RTC keeps local time or UTC. + (Closes: #778710) + + * debian/clean: + - Add getdate.c + + * debian/control: + - Move chrony from admin to net section. + - Change priority from extra to optional. + - Build depends on libcap-dev. (Closes: #768803) + - Bump standards-version to 3.9.6 (no changes required). + - Set myself as maintainer and Joachim as uploader. + - Update Vcs-Browser URL to use cgit and https. + - Build depends on pps-tools. Provides PPSAPI (RFC-2783) support. + - Improve the synopsis. + - Depend on util-linux (>= 2.20.1-5). Ensure that the 'UTC=' setting + from the '/etc/default/rcS' file have been migrated to UTC/LOCAL in + '/etc/adjtime'. + - Depends on adduser. Needed to create "_chrony" system user/group. + + * debian/copyright: + - Add myself to copyright holders. + - Remove spaces from short name license (fix Lintian warning) + - Filled short license field (RSA-MD) (fix Lintian warning) + - Move comment to the "Comment:" field + + * debian/logrotate: + - Simplify postrotate script. Thanks to Frédéric Brière + <fbriere@fbriere.net> for reporting and diagnosing the issue. + (Closes: #763542) + + * debian/patches: + - Drop patches for issues fixed upstream. + - Rename and update patch. Update the series file accordingly. + + * debian/postinst: + - Pass the '--three-way' option to ucf. + - Remove useless text processing methods as we now use the 'hwclockfile' + directive. (Closes: #778711) + - Create "_chrony" system user/group. + - Update the "new_file" path in the ucf invocation. + - Remove the MAILPASSWORD shell variable as we don’t use it. + + * debian/postrm: + - Drop removal instruction of /etc/cron.weekly/chrony. + - Remove "_chrony" system user/group on purge. + - Don’t pass the --group option to deluser. + + * debian/NEWS.Debian: + - New file incorporating worthwhile changes in this release. + + * debian/README.Debian: + - Fix typo, thanks to Paul Gevers <elbrus@debian.org> for catching it. + - Missing word added. + + * debian/rules: + - Build with all hardening flags. + - Ease the reading of configure options. + - Specify "_chrony" as default chronyd user. This is the system user to + which chronyd will drop root privileges. You'll find further information + in /usr/share/doc/chrony/README.Debian. + (Closes: #688971) + + -- Vincent Blut <vincent.debian@free.fr> Sun, 6 Sep 2015 22:39:22 +0200 + +chrony (1.30-2) unstable; urgency=medium + + * With the following security bugfixes (Closes: #782160): + - Fix CVE-2015-1853: Protect authenticated symmetric NTP + associations against DoS attacks. + - Fix CVE-2015-1821: Fix access configuration with subnet + size indivisible by 4. + - Fix CVE-2015-1822: Fix initialization of reply slots for + authenticated commands. + * debian/control: + - Update e-mail address of myself. + - Add Vincent Blut as co-maintainer. + + -- Joachim Wiedorn <joodebian@joonet.de> Fri, 10 Apr 2015 11:41:31 +0200 + +chrony (1.30-1) unstable; urgency=medium + + * New upstream release with following bugfixes: + - Fix crash when selecting with multiple preferred sources. + - Fix frequency calculation with large frequency offsets. + - Fix code writing drift and RTC files to compile correctly. + - Fix -4/-6 options in chronyc to not reset hostname set by -h. + - Fix refclock sample validation with sub-second polling interval. + - Set stratum correctly with non-PPS SOCK refclock and local stratum. + - Modify dispersion accounting in refclocks to prevent PPS getting + stuck with large dispersion and not accepting new samples. + - Move faq.txt (PHP style) to a plain text file FAQ. Closes: #415729 + + * Add gpg signature of upstream developer for use with uscan. + * Update debian/watch, add check of upstream gpg signature. + * Update all patches. + + * Bugfix: Use /etc/adjtime in postinst script to recognize + UTC hardware clock. Closes: #680498 + * Use logrotate instead of cron script. Closes: #323966 + * debian/rules: disable test simulation. + + * debian/control: remove obsolete build dependency to dpkg-dev. + * debian/install, debian/dirs, debian/clean: Update. + * debian/copyright: Update and add entries. + + -- Joachim Wiedorn <ad_debian@joonet.de> Sun, 10 Aug 2014 19:10:35 +0200 + +chrony (1.29.1-1) unstable; urgency=high + + * New upstream release with bugfix: + - Closes: #737644: Fixing vulnerability: + CVE-2014-0021 - traffic amplification in cmdmon protocol + (incompatible with previous protocol version, but chronyc + supports both). + + -- Joachim Wiedorn <ad_debian@joonet.de> Thu, 06 Feb 2014 15:51:47 +0100 + +chrony (1.29-1) unstable; urgency=medium + + * New upstream release with some bugfixes: + - Closes: #719132: new upstream version, fixes security bugs. + - Closes: #719203: Fixing vulnerabilities: + CVE-2012-4502 - Buffer overflow, + CVE-2012-4503 - Uninitialized data. + + * debian/control: + - Set myself as new maintainer. Closes: #705768 + - Bump to Standards-Version 3.9.5. + - Move to debhelper >= 9 and compat level 9. + - Update package descriptions. + - Add Vcs fields to new git repository. + - Add dependency to lsb-base (for init script). + - Add build dependency to libtomcrypt-dev. + * Move to source format 3.0 (quilt). + * Add the following patch files: (Closes: #637514) + - 01_fix-small-typo-in-manpages + - 03_recreate-always-getdate-c + - 04_do-not-look-for-ncurses (Closes: #646732) + - 05_disable-installation-of-license + * debian/rules: + - Move to dh-based rules file. + - Enable parallel builds. + + * Add debian/watch file. + * Full update of debian/copyright file. + * Add debian/doc-base file. + * Full update of debian/README.Debian file. + * Update debian/postinst, debian/postrm, debian/prerm. + * Remove obsolete debian/preinst. Reduce mailing within postinst. + * Do not use old md5sum file anymore for ucf in postinst script. + * Add status action in init script (debian/init). Closes: #652207 + * Add debian/install file for installing example of chrony.conf. + * Reduce debian/dirs file for use with debhelper 9. + + -- Joachim Wiedorn <ad_debian@joonet.de> Fri, 20 Dec 2013 23:35:25 +0100 + +chrony (1.26-4) unstable; urgency=low + + * QA upload. + * Depend on net-tools, for netstat (closes: #707260). + + -- Colin Watson <cjwatson@debian.org> Mon, 08 Jul 2013 18:00:45 +0100 + +chrony (1.26-3) unstable; urgency=low + + * Orphaned. + + -- John G. Hasler <jhasler@debian.org> Fri, 19 Apr 2013 13:08:31 -0500 + +chrony (1.26-2) unstable; urgency=low + + * Fixed Makefile.in so that getdate.c gets made (and removed + in "clean"). This will go upstream. Moved faq stuff in rules + from binary-indep to binary-arch. + * Restored accidently deleted nmu changelog entry. + + * Applied patch from Moritz Muehlenhoff <jmm@debian.org> + Closes: #655123 Please enabled hardened build flags + + * Fixed upstream. + Closes: #518385 Chrony segfaults on startup (narrowed down to + chronyc and "burst") + + * Added DEB_BUILD_OPTIONS=noopt to rules. + Added build-arch and build-indep to rules. + Prefix is now 'usr'. + Changed to dh_installman. + Fixed "clean:" target. + Closes: #479389 Improvements for debian/rules + + * Fixed upstream. + Closes: #195620 Strange "System time : xxx seconds slow of NTP time" + output + + * Upstream changes should have fixed this. + Closes:#294030 chronyd makes the whole system briefly (< 1 second) + freeze + + * Fixed by upstream changes and new LSB headers. + Closes: #407466 Chrony won't access hardware clock but prevents + hwclock from doing so either + + -- John G. Hasler <jhasler@debian.org> Sun, 01 Jul 2012 22:05:56 -0500 + +chrony (1.26-1) unstable; urgency=low + + * New upstream release + Closes: #348554: chrony and hwclock packages not coordinated. + Closes: #572964: RTC support is missing. + Closes: #642209: add RTC support for linux 3.0. + Closes: #644241: new upstream version 1.26 available. + + * Applied patches from Joachim Wiedorn <ad_debian@joonet.de>: + Fixed several typos in man pages and README. + Added version.h. + Moved default chrony.conf to debian/ . + Renamed cron and init files. + Removed debian/NEWS.Debian, debian/info. + Added debian/clean. + Updated debian/copyright. COPYING stays. Upstream requires it. + Fixed debian/menu, debian/control, updated debian/compat. + Added "--without-readline" to debian/rules: rewrite later. + Minor fixes to initscript: rewrite later. + + Closes: #646732 Move from readline support to editline support. + Closes: #598253 Fix typo in LSB init headers ($hwclock to $time). + Closes: #600403 Fix init check with PPP connection. + + -- John G. Hasler <jhasler@debian.org> Sun, 17 Jun 2012 21:55:47 -0500 + +chrony (1.24-3.1) unstable; urgency=low + + * Non-maintainer upload. + * Add patch (directly over the source...), to work with kernels > 3.0.0, + by Paul Martin at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628919#15. + (Closes: #628919) + * Fix readline build-depends from "libreadline5-dev | libreadline-dev" to + libreadline-gplv2-dev because chrony is GPLv2 only. (Closes: #634447) + * Update copyright file to say that chrony is GPLv2 only. (Closes: #637526) + + -- Ana Beatriz Guerrero Lopez <ana@debian.org> Fri, 12 Aug 2011 12:32:26 +0200 + +chrony (1.24-3) unstable; urgency=high + + * Applied (modifed) patch from Gregor Herrmann. + + Closes: #593145: fails to configure on installation + Closes: #552162: chrony incorrectly thinks that it has failed to + (re)start + Closes: #592930: invoke-rc.d: initscript chrony, action "start" failed. + + -- John G. Hasler <jhasler@debian.org> Tue, 14 Sep 2010 10:06:47 -0500 + +chrony (1.24-2) unstable; urgency=low + + * Fixed regression that caused default CHRONY_IOC_ lines to + vanish from io_linux.h thereby breaking hppa and ia64. + + Closes: #588930: FTBFS [ia64,hppa]: "I don't know the values of the + _IOC_* constants on your architecture" + + * $remote_fs was added in 1.24-1. Depending on networking is neither + necessary nor desireable. + + Closes: #590888: Dependencies on init.d script insuficcient + + * Still need to rewrite scripts. + + -- John G. Hasler <jhasler@newsguy.com> Fri, 30 Jul 2010 20:32:55 -0500 + +chrony (1.24-1) unstable; urgency=low + + * New upstream release. The scripts will be rewritten and many more bugs + taken care of in -2. Right now I want to get 1.24 out there. + + * Applied patch from Petter Reinholdtsen to init.d + + Closes: #541806: misses syslog dependency in LSB headers + + * Chrony cannot be linked to libreadline6 because it is GPLv2 only. + + Closes: #553739 replacing libreadline5-dev build dependency with + libreadline-dev + + * "configure" rewritten upstream, eliminating "+=". + + Closes: #573036: RTC support disabled (due to Bashism in configure line 293) + + * Removed "install-info" from scripts. + + Closes: #568703: dpkg warnings + + * client.c has been rewritten upstream. + + Closes: #573032 + + * Fixed typos. + + Closes: #434629: 'man chrony', 'cronyc', 'cronyd' typos: "parateters" x 2, + "priviliges" + + * Added debian/source/format containing "1.0". + + -- John G. Hasler <jhasler@newsguy.com> Tue, 22 Jun 2010 16:01:29 -0500 + +chrony (1.23-7) unstable; urgency=high + + * Applied patches from upstream to fix remote DOS: + + CVE-2010-0292 Don't reply to invalid cmdmon packets + + CVE-2010-0293 Limit client log memory size + + CVE-2010-0294 Limit rate of syslog messages + + -- John G. Hasler <jhasler@newsguy.com> Tue, 02 Feb 2010 19:37:50 -0600 + +chrony (1.23-6) unstable; urgency=low + + * Commented out rtcfile directive in chrony.conf because it can cause + lockups with certain combinations of motherboard and kernel (this is + a known kernel bug). + + Closes: #508298: chronyd unreachable and does not work (clock drifts) + + * Chrony no longer uses the ppp/ip-up.d and ppp/ip-up.d files and the new + init.d file won't hang if chronyc hangs. + + Closes: #448481: /etc/ppp/ip-up.d/chrony doesn't work when bindaddress is set. + + * Cannot reproduce on current version on amd64. + + Closes: #412961: error in tracking report (on amd64?) + + -- John Hasler <jhasler@debian.org> Wed, 10 Dec 2008 14:16:37 -0600 + +chrony (1.23-5) unstable; urgency=low + + * Replaced background kill with 'timelimit' in initscript. + + Closes: #505094: chrony: kills random netstat processes + + * Added 'Recommends: udev (>= 0.124-1)' + + Closes: #497113: /dev/rtc renamed to /dev/rtc0 with linux-image-2.6-*/2.6.26+15 + + * Had previously applied patch from Nathanael Nerode to fix configure + bug but forgot to close the bug. + + Closes: #392273: Recursive dependency disease: chrony shouldn't depend on ncurses + + -- John Hasler <jhasler@debian.org> Sun, 09 Nov 2008 20:19:22 -0600 + +chrony (1.23-4) unstable; urgency=low + + * Fixed dependency of init script on Pppconfig ip-up.d script by moving + those lines into the init script. + + * Added checks to try to make sure that Chronyd is really, really running. + Changed Netstat call to use -n, added code to kill it if it hangs. + Added code to kill Chronyc if it can't contact Chronyd. + Discussed the HPET/rtc problem in NEWS.Debian. + + Closes: #504000: init script hangs for a while might break upgrade + + * Added missing initialization to create_instance() in ntp_core.c. + This was why UTI_NormaliseTimeval() was being called with huge + values at times. + + * See comment on #195620 in 1.21z-6 below. If you know of more LP64 + bugs reopen #348412 with a patch. + + Closes: #348412: chronyc not LP64 compliant + + * Added comment about sources being discarded to chrony.conf as suggested + by Andreas Hübner in #268289. + + * This is normal behavior. + + Closes: #287060: trimrtc takes 40 seconds to take effect + + -- John Hasler <jhasler@debian.org> Thu, 06 Nov 2008 10:38:58 -0600 + +chrony (1.23-3) unstable; urgency=high + + * Rewrote UTI_NormaliseTimeval()in util.c to use divide/remainder + instead of loops at the suggestion of Gabor Gombas. This prevents the + problem of the loop running until the sun goes out when the function + is called with a very large value for tv_usec on 64-bit architectures. + Also fixed some other spots where the same loop was being used. + + Closes: #474294 Goes into endless loop + Closes: #447011 chronyd stalls with 100% CPU usage + + I still don't know why the function is being called with such a + large value, however. + + * Changed default servers in chrony,conf to Debian servers. + + Closes: #434483: chrony: Should use NTP servers in Debian pool + + -- John Hasler <jhasler@debian.org> Sat, 26 Apr 2008 11:47:44 -0500 + +chrony (1.23-2) experimental; urgency=low + + * Added default IOC's to io_linux.h. + Closes: #477043: chrony_1.23-1(ia64/experimental): FTBFS: IOC + constants unknown on ia64 + Closes: #476963: chrony_1.23-1(hppa/experimental): FTBFS: "I don't + know the values of the _IOC_* constants for your architecture" + + -- John Hasler <jhasler@debian.org> Sun, 20 Apr 2008 13:29:29 -0500 + +chrony (1.23-1) experimental; urgency=low + + * New upstream release + This is 1.23 with Debian patches applied (including some for LP64). + I'm uploading this to Experimental to get it tested on x86_64 to see + if #474294 is fixed. + + -- John Hasler <jhasler@debian.org> Sat, 19 Apr 2008 14:49:15 -0500 + +chrony (1.21z-6) unstable; urgency=low + + * Applied patches from Eric Lammerts <eric@lammerts.org> and Goswin von + Brederlow <brederlo@informatik.uni-tuebingen.de> to cast the value + returned by ntohl to int32_t and so cause correct sign-extension near + line 1655 in client.c. Also fixed similar bugs in the same area. I'm + not sure this entirely fixes the chronyc number display problem, + though. I've not closed #348412 here because chrony is still not + fully LP64 compliant. + Closes: #195620: Strange "System time : xxx seconds slow of + NTP time" output + + * Replaced addrfilt.c with addrfilt.c from upstream git repository. + This fixes the recursive structure definition problems. + + * Replaced 'route' with 'netstat -r' in the initscript. + + * Applied patch for configure script from Nathanael Nerode + <neroden@gcc.gnu.org> to delete the superfluous "lncurses" at line + 327. + Closes: #392273: Recursive dependency disease: chrony shouldn't depend + on ncurses + + * Added test to reject servers claiming stratum less than 1 in + ntp_core.c "Test 7". Bill Unruh <unruh@physics.ubc.ca> has run across + a server that sometimes claims to be stratum 0, which causes + considerable confusion. + + -- John Hasler <jhasler@debian.org> Fri, 16 Feb 2007 17:47:40 -0600 + +chrony (1.21z-5) unstable; urgency=high + + * Applied postinst patch from Lionel Elie Mamane to test for the + existence of old .keys and .conf files before renaming them. + Closes: #397759: fails to configure: mv: cannot stat `/etc/chrony/chrony.keys.1.21-2': + No such file or directory + + * Added burst command to /etc/ppp/ip-up.d/chrony to give chronyd a kick in the butt. + Shouldn't need that, though. + Initscript now calls /etc/ppp/ip-up.d/chrony if a default route exists. + Closes: #397739: Not connecting to sources after reboot - dialup + + -- John Hasler <jhasler@debian.org> Sun, 26 Nov 2006 08:07:20 -0600 + +chrony (1.21z-4) unstable; urgency=low + + * Added test for /usr/bin/mail to postinst. + Closes: #386651: chrony: Requires /usr/bin/mail but doesn't depend on it + Closes: #390280: chrony: missing dependency on mail + + * Added LSB headers to initscript + + * Corrected erroneous use of 'dpkg --compare-version' in preinst and postinst. + Closes: #386733: fails to configure (bad upgrade check) + + * Added rm to postinst to remove keyfile possibly left by a failed install. + Closes: #390278: usage of tempfile /etc/chrony/chrony.keys is doubtful + + -- John Hasler <jhasler@debian.org> Sat, 7 Oct 2006 13:39:49 -0500 + +chrony (1.21z-3) unstable; urgency=low + + * Changed upstream version number from 1.21 to 1.21z to satisfy Debian + archive software. + + * Replaced impure chrony_1.21.orig.tar.gz. + Closes: #340030: chrony: Tarball is impure + + * Now Provides, Conflicts, Replaces time-daemon + Closes: #330839: time-daemon pseudopackage + + * Corrected typos. + Closes: #321121: chrony: typo in 'Conflicts:' field: s/ntpsimple/ntp-simple/ and s/ntprefclock/ntp-refclock/ + + * Rewrote postinst and postrm to use ucf. Wrote preinst to protect chrony.conf from dpkg. + Closes: #351332: chrony: conffile change prompt prevents smooth upgrade from sarge to etch + + * Deleted last few lines of chrony.conf as they no longer apply. + + * Deleted .arch-ids from contrib and examples. + + * Fixed typo in chronyc.1 + Closes: #349871: chrony: typo in chrnoyc.1 results in missing word + + * Corrected references in man pages. + Closes: #345034: chrony: man pages refer to wrong sections + + * Added "allow 172.16/12" to chrony.conf. + Closes: #252952: chrony: default allow should also have 172.16/12 + + * Channged server lines in chrony.conf to follow ntp.org current recommendation. + Closes: #243534: chrony: new pool.ntp.org setup doesn't work well + + * Fixed FSF address in debian/copyright. + + -- John Hasler <jhasler@debian.org> Fri, 1 Sep 2006 10:52:52 -0500 + +chrony (1.21-2) unstable; urgency=high + + * Patched io_linux.h to add missing architectures. + Closes: #339764: chrony - FTBFS: #error "I don't know the values of the + _IOC_* constants for your architecture" + + * Fixed brown-bag error in rules. + Closes: #339853: /usr/sbin/chronyd is missing + + -- John Hasler <jhasler@debian.org> Sat, 19 Nov 2005 10:12:49 -0600 + +chrony (1.21-1) unstable; urgency=low + + * New upstream release + Closes: #328292: New version of chrony avalaible + Closes: #301592: Fails to read RTC and floods logfiles + + * Enabled RTC as upstream has installed a work-around for the HPET bug. + + * Switched to libreadline5. + Closes: #326379: please rebuild with libreadline5-dev as build dependency + + * Patched addrfilt.c to fix gcc 4.0 build problem. + Closes: #298709: chrony: FTBFS (amd64/gcc-4.0): array type has incomplete element type + + * There are lots more minor things to fix but I'm uploading now to close + the serious bugs. I'll upload another version with some improvements + in a few weeks. + + -- John Hasler <jhasler@debian.org> Tue, 15 Nov 2005 18:39:49 -0600 + +chrony (1.20-8) unstable; urgency=high + + * Added test for /usr/bin/mail in postinst. + Closes: #307061: Install failure: Cannot configure on system without mailx + I consider this bug serious because it can cause installation to fail + and so I want to get the fix into Sarge. + + * Fixed typo in chrony.conf, replaced '/etc/init.d/chrony restart' + with 'invoke-rc.d chrony restart'. + Closes: #305090: Typo in chrony.conf, should mention invoke-rc.d + + * Added README.Debian explaining that rtc is off by default. + + -- John Hasler <jhasler@debian.org> Sat, 30 Apr 2005 18:47:30 -0500 + +chrony (1.20-7) unstable; urgency=low + + * Added info-4 to debian/rules. + Closes: #287142: chrony: Can't find chrony.info-4 + + * Corrected "See Also" section in chrony man page. Now mentions + chronyc(1), chronyd(8), and chrony.conf(5). + Closes: #287444: chrony.1.gz: SEE ALSO on man page has wrong section. + + * Edited chrony.conf to disable rtc by default and explain why: + on some systems that use genrtc or the HPET real-time clock it + fails and causes chronyd to fill up the log. The failure is + probably due to a kernel bug, bug the logging should be + throttled. + + * Added more explanatory comments at the servers directive in + chrony.conf. + + * The postinst script now sends a message to root saying where the + password is, whether Chrony is assuming UTC or local time, + that rtc updating is disabled, why, and how to change it. + + * Added missing '#' to + "Can't tell how your clock is set: assuming local time." + in postinst. + + -- John Hasler <jhasler@debian.org> Tue, 12 Apr 2005 17:59:13 -0500 + +chrony (1.20-6) unstable; urgency=low + + * Fixed error in chrony.conf where the non-existent 'online' directive + was mentioned. + Closes: #257235 misleading instructions in chrony.conf + + * Patched Makefile.in to generate faq.html. + Closes: #265936 /usr/share/doc/chrony/faq.txt.gz: how to read? + + -- John Hasler <jhasler@debian.org> Sat, 4 Dec 2004 17:47:31 -0600 + +chrony (1.20-5) unstable; urgency=low + + * Put pool.ntp.org servers in chrony.conf as defaults. + + * Fixed erroneous references to chronyd(1) in some man pages. + Closes: #241746 SEE ALSO chronyd(1) should be (8) + + * I got a new motherboard and can no longer reproduce this. + If you can please reopen the bug. + Closes: #223518 Rtc stuff is broken + + * Edited chrony.conf(5). + Closes: #241745 many more features have been added + + * Edited chrony.conf to add logchange and mailonchange and to + enable rtc by default. + Closes: #226644 /etc/chrony/chrony.conf: rtc; not all options are noted in conf file + + * Fixed upstream: see NEWS. + Closes: #124089 mistake in the chrony manual + Closes: #177366: trailing blank on log lines + Closes: #195618 failure to use /dev/misc/rtc floods logfiles + Closes: #53066 "acquisitionport" directive and doc fixes [patch] + Closes: #100880 RFE: don't use /proc when uname(2) will do + Closes: #163470: different bindaddresses for ntp port and control port + Closes: #200174: Chrony breaks under Kernel 2.5 (two bugs) + + -- John Hasler <jhasler@debian.org> Sat, 10 Apr 2004 22:00:00 -0500 + +chrony (1.20-4) unstable; urgency=low + + * Added '#include <asm/types>' to rtc_linux.c to fix Alpha build problem. + Also removed spinlock stuff from configure. + + -- John Hasler <jhasler@debian.org> Fri, 26 Dec 2003 21:00:00 -0600 + +chrony (1.20-3) unstable; urgency=low + + * Removed all inclusions of kernel headers. + Hopefully Chrony will now build on m68k. + + -- John Hasler <jhasler@debian.org> Tue, 23 Dec 2003 19:00:00 -0600 + +chrony (1.20-2) unstable; urgency=low + + * Removed spinlock.h and mc146818.h from rtc_linux.c. linux/rtc.h and + RTC_UIE=0x10 provide everything needed now. + Closes: #223134 FTBFS: Errors in kernel headers + + * However, rtc is now broken (and appears to have been broken for some time) + on 440BX chipsets with 2.4 kernels. + + -- John Hasler <jhasler@debian.org> Fri, 12 Dec 2003 13:00:00 -0600 + +chrony (1.20-1) unstable; urgency=low + + * New upstream release. + + * Frank Otto's patch to sys_linux.c, function guess_hz_and_shift_hz now + incorporated upstream. + Closes: #198557 Fatal error: chronyd can't determine hz for kernel with HZ=200 + + * Security and 64 bit patches are now incorporated upstream + along with most non-i386 architecture patches. + + * Put correct links in /usr/share/doc/chrony/timeservers. + Closes: #189686 /usr/share/doc/timeservers links are broken + + * Put correct links in chrony.conf. + Closes: #210886 bad link in chrony.conf + + * Put missing newlines in apm and chrony.keys. + Closes: #211604 Build-warning: some files misses final newline + + * Removed conflict with ntpdate. + + -- John Hasler <jhasler@debian.org> Tue, 7 Oct 2003 22:00:00 -0500 + +chrony (1.19-10) unstable; urgency=low + + * Put linux/linkage.h ahead of linux/spinlock.h as I meant to in + the first place. + + -- John Hasler <john@dhh.gt.org> Sun, 13 Jul 2003 7:00:00 -0500 + +chrony (1.19-9) unstable; urgency=low + + * Added "#include <linux/linkage.h>" to rtc_linux.c to fix mips + build failure. + Closes: #200165 chrony doesn't build on mips and mipsel + + -- John Hasler <john@dhh.gt.org> Sat, 12 Jul 2003 10:00:00 -0500 + +chrony (1.19-8) unstable; urgency=low + + * Added bison to build-depends because of addition of getdate.y + + -- John Hasler <john@dhh.gt.org> Tue, 3 Jun 2003 10:00:00 -0500 + +chrony (1.19-7) unstable; urgency=high + + * Closes: #186498 chronyc hangs if no chronyd is running + Added test for running daemon to ip-{up|down} scripts. + Disabled trimrtc for ALPHA + Closes: #195615 GPL violation - generated file without source + * Added a copy of getdate.y to source. + + -- John Hasler <john@dhh.gt.org> Sun, 1 Jun 2003 7:00:00 -0500 + +chrony (1.19-6) unstable; urgency=low + + * Closes: #179842 "CROAK" redefined + Added '#undef CROAK' before CROAK redefiniton in pktlength.h, + added '-DALPHA' to 'alpha' condition in configure, added + 'ifdef ALPHA' around CROAK redefinition. + * Replaced many signed and unsigned longs as well as some ints, + shorts, and chars with stdint.h types in candm.h, md5.h, ntp.h, + clientlog.h, and ntp_io.c. This should fix all 64-bit problems. + + -- John Hasler <john@dhh.gt.org> Fri, 14 Mar 2003 19:00:00 -0600 + +chrony (1.19-5) unstable; urgency=high + + * Closes: #184065 Assertion `sizeof(NTP_int32) == 4' failed on alpha + Fixed several spots where the author assumed that a long is 32 bits. + There are many more misuses of long as well as several of short and + char but I think I got the only ones likely to cause trouble. + + -- John Hasler <john@dhh.gt.org> Fri, 14 Mar 2003 11:00:00 -0600 + +chrony (1.19-4) unstable; urgency=low + + * Closes: #179538 FTBFS: missing build-depends on makeinfo + Added texinfo to build-depends. + * CLoses: #179508: chrony(c|d) show wrong version numbers + Removed spurious version.h. + + -- John Hasler <john@dhh.gt.org> Sun, 2 Feb 2003 19:00:00 -0600 + +chrony (1.19-3) unstable; urgency=low + + * Updated author's address in copyright file. + * Closes: #163446 patch, that scripts can handle all commandkeys + Applied debugged patch. + * Closes: #107863 doesn't know about APM + Put apm script in debian/ and added rules to copy it to + etc/apm/event.d as instructed by the apmd maintainer. + + -- John Hasler <john@dhh.gt.org> Fri, 31 Jan 2003 18:00:00 -0600 + +chrony (1.19-2) unstable; urgency=low + + * Closes: #100879 unnecessary dependency on libm + Applied patch from Zack Weinberg <zack@codesourcery.com> + * Closes: #124091 the force-reload command of /etc/init.d/chrony should + use the -r option. + Added -r option. + + -- John Hasler <john@dhh.gt.org> Wed, 29 Jan 2003 10:00:00 -0600 + +chrony (1.19-1) unstable; urgency=low + + * New upstream release. + * Closes: #178338 New upstream version fixes crashes caused by adjtimex + failure + * Closes: #178101 /etc/ppp/ip-{up,down}.d/chrony installed with + incorrect permissions + This bug was previously reported and fixed in 18-1 + * Closes: #176130 got an error when I use ppp_on_boot + Changed 'update-rc.d chrony defaults 83' to + 'update-rc.d chrony defaults 14' in init.d so that chrony + will come up before ppp. + * Added code to postinst to read /etc/default/rcS and + set rtconutc appropriately in chrony.conf. + * Rewrote password generator in postinst. + * Closes: #100879 unnecessary dependency on libm + I don't know why this wasn't closed months ago. + * Closes: #103447 typo in "/etc/init.d/chrony" + * Closes: #124087 problems with /etc/init.d/chrony + Fixed script. + * Closes: #161350 /etc/ppp/ip-down.d/chrony cat unnecessary + Fixed scripts. + * Closes: #113840 ntp has been split - add conflicts? + Added ntp-simple and ntp-refclock to conflicts. + + -- John Hasler <john@dhh.gt.org> Sun, 26 Jan 2003 15:00:00 -0600 + +chrony (1.18-2) unstable; urgency=low + + * Corrects error in changelog which resulted + in uploads being erroneously classified as NMUs. + * Closes: #138142, #104774, #142670, #105344, #101039 + * Closes: #162427, #56756, #98951, #99799, #139633 + * Closes: #163469, #163408, #167416 + + -- John Hasler <john@dhh.gt.org> Sun, 3 Nov 2002 20:00:00 -0600 + +chrony (1.18-1) unstable; urgency=low + + * New upstream release. + * Closes: #138142 new upstream release + * Added Mark Brown's Alpha and PowerPC patch. + * Closes: #104774 hppa build failure + Applied patch. + * Closes: #142670 compilation errors on sparc + Applied patch. + * Closes: #105344 ip-{up, down}.d/chrony not executable + Fixed debian/rules. + * Closes: #101039 does not run on Alpha + Fixed by above mentioned Mark Brown patch. + * Closes: #162427 description should mention NTP + Fixed description. + * Closes: #56756 README.debian should caution about hwclock + Fixed README.debian. + * Closes: #98951 no chrony.keys file installed + Not reproducible, probable user error. + * Closes: #99799 logs world readable + Added umask 022 to log script. + * Closes: #139633 documentation error + Added rtconutc to chrony.conf. + * Closes: #163469 no default case in init.d script + Corrected typo. + * Closes: #163408 PIDFILE wrongly defined in ip-{up,down} + No chrony script uses any such variable. + * Closes: #167416 needs Build-Depends: libreadline4-dev + + -- <john@dhh.gt.org> Sun, 3 Nov 2002 10:00:00 -0600 + +chrony (1.14-7) unstable; urgency=medium + + * Changed rtc_linux.c to not include linux/mc146818rtc.h + when building for sparc, because Moshe Zadka says this + will allow chrony to build there. + * Closes: #142670 + + -- <jhasler@debian.org> Wed, 17 Apr 2002 17:00:00 -0500 + +chrony (1.14-6) unstable; urgency=low + + * Changed architecture back to 'any'. + * Applied portability patch from LaMont Jones. + * Closes: #104774 + + -- <jhasler@debian.org> Mon, 1 Apr 2002 21:00:00 -0600 + +chrony (1.14-5) unstable; urgency=low + + * Changed architecture from 'any' to 'i386 sparc'. + Neither I nor the author can test on anything but i386. If + you want chrony on anything else send me a tested patch. + * Closes: #101039 + * Closes: #104774 + + -- <john@dhh.gt.org> Fri, 28 Dec 2001 20:10:00 -0600 + +chrony (1.14-4) unstable; urgency=low + + * Fixed bug in man pages. + * Closes: #95134 + + -- <john@dhh.gt.org> Tue, 24 Apr 2001 20:10:00 -0500 + +chrony (1.14-3) unstable; urgency=low + + * Replaced <linux/spinlock.h> in rtc_linux.c with + typedef int spinlock_t as suggested by Paul Slootman. + * Put #define CROAK(message) assert(0) in pktlength.h + to fix Alpha build problem. + * Closes: #86991 + + -- <john@dhh.gt.org> Sat, 24 Feb 2001 22:45:00 -0600 + +chrony (1.14-2) unstable; urgency=low + + * Closes: #84597 + + -- <john@dhh.gt.org> Sat, 3 Feb 2001 21:25:00 -0600 + +chrony (1.14-1) unstable; urgency=low + + * New upstream release. + * Fixed more sprintfs. + * Closes: #50793, #52570, #48216, #65209, #62924, #70377, #61485, #76661 + + -- <john@dhh.gt.org> Mon, 20 Nov 2000 20:25:00 -0600 + +chrony (1.10-3) unstable; urgency=low + + * Patched cron,weekly script with (corrected) patch + from Rene H. Larsen <renehl@post1.tele.dk>. + * Updated author address in copyright file. + * Compiled with egcs. + * Closes: #41885, #41551 + + -- <john@dhh.gt.org> Sun, 25 July 1999 12:14:00 -0500 + +chrony (1.10-2) unstable; urgency=low + + * Patched rtc_linux.c with patch for SPARC from + bmc@visi.net. + + -- <john@dhh.gt.org> Mon, 17 May 1999 22:30:00 -0500 + +chrony (1.10-1) unstable; urgency=low + + * New upstream release. + * Upstream version number is 1.1. Debian version + number is 1.10 because previous upstream number + was 1.02. + + -- <john@dhh.gt.org> Wed, 12 May 1999 20:30:00 -0500 + +chrony (1.02-7) unstable; urgency=low + + * Changed configure to permit building on non-Intel. + + -- <john@dhh.gt.org> Wed, 5 May 1999 18:00:00 -0500 + +chrony (1.02-6) unstable; urgency=low + + * Fixed postrm bug. + + -- <john@dhh.gt.org> Thur, 29 Apr 1999 18:00:00 -0500 + +chrony (1.02-5) unstable; urgency=low + + * Fixed bugs 34954 and 36921. + * Moved to priority extra. + * Added README.debian text about rtc. + + -- <john@dhh.gt.org> Thur, 15 Apr 1999 21:30:00 -0500 + +chrony (1.02-4) unstable; urgency=low + + * Replaced sprintf's with snprintf's. + + -- <john@dhh.gt.org> Sun, 28 Feb 1999 16:53:00 -0600 + +chrony (1.02-3) unstable; urgency=low + + * Fixed bugs in cron.weekly, ip-up.d, and ip-down.d. + * Bug 29981 is also fixed. + + -- <john@dhh.gt.org> Sun, 6 Dec 1998 9:53:00 -0600 + +chrony (1.02-2) unstable; urgency=low + + * Added cron.weekly. + * Changed ip-up.d, ip-down.d, and cron.weekly to read the + password from chrony.keys. + * Added code to postinst to generate a random password and + put it in chrony.keys. + + -- <john@dhh.gt.org> Thur, 3 Dec 1998 19:00:08 -0600 + +chrony (1.02-1) unstable; urgency=low + + * Initial Release. + + -- <john@dhh.gt.org> Fri, 6 Nov 1998 23:00:08 -0600 diff --git a/debian/chrony-dnssrv@.service b/debian/chrony-dnssrv@.service new file mode 100644 index 0000000..86d374f --- /dev/null +++ b/debian/chrony-dnssrv@.service @@ -0,0 +1,17 @@ +[Unit] +Description=DNS SRV lookup of %I for chrony +After=chrony.service network-online.target +Wants=network-online.target + +[Service] +Type=oneshot +ExecStart=/usr/libexec/chrony/chrony-helper update-dnssrv-servers %I +ProtectSystem=strict +PrivateDevices=yes +ProtectHome=yes +ReadWritePaths=/run +PrivateTmp=yes +PrivateDevices=yes +ProtectKernelTunables=yes +ProtectKernelModules=yes +ProtectControlGroups=yes diff --git a/debian/chrony-dnssrv@.timer b/debian/chrony-dnssrv@.timer new file mode 100644 index 0000000..8495e01 --- /dev/null +++ b/debian/chrony-dnssrv@.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Periodic DNS SRV lookup of %I for chrony + +[Timer] +OnActiveSec=0 +OnUnitInactiveSec=1h + +[Install] +WantedBy=timers.target diff --git a/debian/chrony-helper b/debian/chrony-helper new file mode 100755 index 0000000..5099161 --- /dev/null +++ b/debian/chrony-helper @@ -0,0 +1,264 @@ +#!/bin/bash +# This script configures running chronyd to use NTP servers obtained from +# DHCP and _ntp._udp DNS SRV records. Files with servers from DHCP are managed +# externally (e.g. by a dhclient script). Files with servers from DNS SRV +# records are updated here using the dig utility. The script can also list +# and set static sources in the chronyd configuration file. +# +# Modified for Debian by Vincent Blut <vincent.debian@free.fr>. + +chronyc=/usr/bin/chronyc +chrony_conf=/etc/chrony/chrony.conf +chrony_service=chrony.service +helper_dir=/run/chrony-helper +added_servers_file=$helper_dir/added_servers + +dhclient_servers_files="/var/lib/dhcp/chrony.servers.*" +dnssrv_servers_files="$helper_dir/dnssrv@*" +dnssrv_timer_prefix=chrony-dnssrv@ + +chrony_command() { + $chronyc -n -m "$1" +} + +is_running() { + chrony_command "tracking" &> /dev/null +} + +get_servers_files() { + echo "$dhclient_servers_files" + echo "$dnssrv_servers_files" +} + +is_update_needed() { + for file in $(get_servers_files) $added_servers_file; do + [ -e "$file" ] && return 0 + done + return 1 +} + +update_daemon() { + local all_servers_with_args all_servers added_servers + + if ! is_running; then + rm -f $added_servers_file + return 0 + fi + + all_servers_with_args=$(cat $(get_servers_files) 2> /dev/null) + + all_servers=$( + echo "$all_servers_with_args" | + while read -r server serverargs; do + echo "$server" + done | sort -u) + added_servers=$( ( + cat $added_servers_file 2> /dev/null + echo "$all_servers_with_args" | + while read -r server serverargs; do + [ -z "$server" ] && continue + chrony_command "add server $server $serverargs" &> /dev/null && + echo "$server" + done) | sort -u) + + comm -23 <(echo -n "$added_servers") <(echo -n "$all_servers") | + while read -r server; do + chrony_command "delete $server" &> /dev/null + done + + added_servers=$(comm -12 <(echo -n "$added_servers") <(echo -n "$all_servers")) + + if [ -n "$added_servers" ]; then + echo "$added_servers" > $added_servers_file + else + rm -f $added_servers_file + fi +} + +get_dnssrv_servers() { + local name=$1 output + + if ! command -v dig &> /dev/null; then + echo "Missing dig (DNS lookup utility)" >&2 + return 1 + fi + + output=$(dig "$name" srv +short +ndots=2 +search 2> /dev/null) || return 0 + + echo "$output" | while read -r _ _ port target; do + server=${target%.} + [ -z "$server" ] && continue + echo "$server port $port iburst" + done +} + +check_dnssrv_name() { + local name=$1 + + if [ -z "$name" ]; then + echo "No DNS SRV name specified" >&2 + return 1 + fi + + if [ "${name:0:9}" != _ntp._udp ]; then + echo "DNS SRV name $name doesn't start with _ntp._udp" >&2 + return 1 + fi +} + +update_dnssrv_servers() { + local name=$1 + local srv_file=$helper_dir/dnssrv@$name servers + + check_dnssrv_name "$name" || return 1 + + servers=$(get_dnssrv_servers "$name") + if [ -n "$servers" ]; then + echo "$servers" > "$srv_file" + else + rm -f "$srv_file" + fi +} + +set_dnssrv_timer() { + local state=$1 name=$2 + local srv_file=$helper_dir/dnssrv@$name servers + local timer + + timer=$dnssrv_timer_prefix$(systemd-escape "$name").timer || return 1 + + check_dnssrv_name "$name" || return 1 + + if [ "$state" = enable ]; then + systemctl enable "$timer" + systemctl start "$timer" + elif [ "$state" = disable ]; then + systemctl stop "$timer" + systemctl disable "$timer" + rm -f "$srv_file" + fi +} + +list_dnssrv_timers() { + systemctl --all --full -t timer list-units | grep "^$dnssrv_timer_prefix" | \ + sed "s|^$dnssrv_timer_prefix\(.*\)\.timer.*|\1|" | + while read -r name; do + systemd-escape --unescape "$name" + done +} + +prepare_helper_dir() { + mkdir -p $helper_dir + exec 100> $helper_dir/lock + if ! flock -w 20 100; then + echo "Failed to lock $helper_dir" >&2 + return 1 + fi +} + +is_source_line() { + local pattern="^[ \t]*(server|pool|peer|refclock)[ \t]+[^ \t]+" + [[ "$1" =~ $pattern ]] +} + +list_static_sources() { + while read -r line; do + if is_source_line "$line"; then + echo "$line" + fi + done < $chrony_conf +} + +set_static_sources() { + local new_config tmp_conf + + new_config=$( + sources=$( + while read -r line; do + is_source_line "$line" && echo "$line" + done) + + while read -r line; do + if ! is_source_line "$line"; then + echo "$line" + continue + fi + + tmp_sources=$( + local removed=0 + + echo "$sources" | while read -r line2; do + if [ "$removed" -ne 0 ] || [ "$line" != "$line2" ]; then + echo "$line2" + else + removed=1 + fi + done) + + [ "$sources" == "$tmp_sources" ] && continue + sources=$tmp_sources + echo "$line" + done < $chrony_conf + + echo "$sources" + ) + + tmp_conf=${chrony_conf}.tmp + + cp -a $chrony_conf $tmp_conf && + echo "$new_config" > $tmp_conf && + mv $tmp_conf $chrony_conf || return 1 + + systemctl try-restart $chrony_service +} + +print_help() { + echo "Usage: $0 COMMAND" + echo + echo "Commands:" + echo " update-daemon" + echo " update-dnssrv-servers NAME" + echo " enable-dnssrv NAME" + echo " disable-dnssrv NAME" + echo " list-dnssrv" + echo " list-static-sources" + echo " set-static-sources < sources.list" + echo " is-running" + echo " command CHRONYC-COMMAND" +} + +case "$1" in + update-daemon|add-dhclient-servers|remove-dhclient-servers) + is_update_needed || exit 0 + prepare_helper_dir && update_daemon + ;; + update-dnssrv-servers) + prepare_helper_dir && update_dnssrv_servers "$2" && update_daemon + ;; + enable-dnssrv) + set_dnssrv_timer enable "$2" + ;; + disable-dnssrv) + set_dnssrv_timer disable "$2" && prepare_helper_dir && update_daemon + ;; + list-dnssrv) + list_dnssrv_timers + ;; + list-static-sources) + list_static_sources + ;; + set-static-sources) + set_static_sources + ;; + is-running) + is_running + ;; + command|forced-command) + chrony_command "$2" + ;; + *) + print_help + exit 2 +esac + +exit $? diff --git a/debian/chrony.conf b/debian/chrony.conf new file mode 100644 index 0000000..b3a9510 --- /dev/null +++ b/debian/chrony.conf @@ -0,0 +1,47 @@ +# Welcome to the chrony configuration file. See chrony.conf(5) for more +# information about usable directives. + +# Include configuration files found in /etc/chrony/conf.d. +confdir /etc/chrony/conf.d + +# Use Debian vendor zone. +pool 2.debian.pool.ntp.org iburst + +# Use time sources from DHCP. +sourcedir /run/chrony-dhcp + +# Use NTP sources found in /etc/chrony/sources.d. +sourcedir /etc/chrony/sources.d + +# This directive specify the location of the file containing ID/key pairs for +# NTP authentication. +keyfile /etc/chrony/chrony.keys + +# This directive specify the file into which chronyd will store the rate +# information. +driftfile /var/lib/chrony/chrony.drift + +# Save NTS keys and cookies. +ntsdumpdir /var/lib/chrony + +# Uncomment the following line to turn logging on. +#log tracking measurements statistics + +# Log files location. +logdir /var/log/chrony + +# Stop bad estimates upsetting machine clock. +maxupdateskew 100.0 + +# This directive enables kernel synchronisation (every 11 minutes) of the +# real-time clock. Note that it can’t be used along with the 'rtcfile' directive. +rtcsync + +# Step the system clock instead of slewing it if the adjustment is larger than +# one second, but only in the first three clock updates. +makestep 1 3 + +# Get TAI-UTC offset and leap seconds from the system tz database. +# This directive must be commented out when using time sources serving +# leap-smeared time. +leapsectz right/UTC diff --git a/debian/chrony.default b/debian/chrony.default new file mode 100644 index 0000000..028f63d --- /dev/null +++ b/debian/chrony.default @@ -0,0 +1,6 @@ +# This is a configuration file for /etc/init.d/chrony and +# /lib/systemd/system/chrony.service; it allows you to pass various options to +# the chrony daemon without editing the init script or service file. + +# Options to pass to chrony. +DAEMON_OPTS="-F 1" diff --git a/debian/chrony.dhcp b/debian/chrony.dhcp new file mode 100644 index 0000000..f3dacd7 --- /dev/null +++ b/debian/chrony.dhcp @@ -0,0 +1,27 @@ +CHRONY_SOURCEDIR=/run/chrony-dhcp +SERVERFILE=$CHRONY_SOURCEDIR/$interface.sources + +chrony_config() { + rm -f "$SERVERFILE" + mkdir -p "$CHRONY_SOURCEDIR" + for server in $new_ntp_servers; do + echo "server $server iburst" >> "$SERVERFILE" + done + /usr/bin/chronyc reload sources > /dev/null 2>&1 || : +} + +chrony_restore() { + if [ -f "$SERVERFILE" ]; then + rm -f "$SERVERFILE" + /usr/bin/chronyc reload sources > /dev/null 2>&1 || : + fi +} + +case $reason in + BOUND|RENEW|REBIND|REBOOT) + chrony_config + ;; + EXPIRE|FAIL|RELEASE|STOP) + chrony_restore + ;; +esac diff --git a/debian/chrony.examples b/debian/chrony.examples new file mode 100644 index 0000000..1a0e8e2 --- /dev/null +++ b/debian/chrony.examples @@ -0,0 +1 @@ +examples/chrony.conf* diff --git a/debian/chrony.if-post-down b/debian/chrony.if-post-down new file mode 100644 index 0000000..4cc0796 --- /dev/null +++ b/debian/chrony.if-post-down @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +[ -x /usr/sbin/chronyd ] || exit 0 + +if [ -e /run/chrony/chronyd.pid ]; then + chronyc onoffline > /dev/null 2>&1 +fi + +exit 0 diff --git a/debian/chrony.if-up b/debian/chrony.if-up new file mode 100644 index 0000000..4cc0796 --- /dev/null +++ b/debian/chrony.if-up @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +[ -x /usr/sbin/chronyd ] || exit 0 + +if [ -e /run/chrony/chronyd.pid ]; then + chronyc onoffline > /dev/null 2>&1 +fi + +exit 0 diff --git a/debian/chrony.keys b/debian/chrony.keys new file mode 100644 index 0000000..a2d655d --- /dev/null +++ b/debian/chrony.keys @@ -0,0 +1,10 @@ +# This file is solely used for NTP authentication with symmetric keys +# as defined by RFC 1305 and RFC 5905. +# +# It can contain ID/key pairs which can be generated using the “keygen” option +# from “chronyc”; for example: +# chronyc keygen 1 SHA256 256 >> /etc/chrony/chrony.keys +# would generate a 256-bit SHA-256 key using ID 1. +# +# A list of supported hash functions and output encoding is available by +# consulting the "keyfile" directive in the chrony.conf(5) man page. diff --git a/debian/chrony.lintian-overrides b/debian/chrony.lintian-overrides new file mode 100644 index 0000000..a8c3d27 --- /dev/null +++ b/debian/chrony.lintian-overrides @@ -0,0 +1,11 @@ +# The “chrony.keys” file must not be world readable as it could contain +# symmetric keys used for NTP authentication. +chrony: non-standard-file-perm usr/share/chrony/chrony.keys 0640 != 0644 + +# NetworkManager does not execute dispatcher scripts in /usr/libexec. +chrony: executable-in-usr-lib usr/lib/NetworkManager/dispatcher.d/20-chrony-dhcp +chrony: executable-in-usr-lib usr/lib/NetworkManager/dispatcher.d/20-chrony-onoffline + +# Being architecture-independent, these symlinks should be harmless. +chrony: breakout-link usr/lib/networkd-dispatcher/off.d/chrony-onoffline -> usr/lib/NetworkManager/dispatcher.d/20-chrony-onoffline +chrony: breakout-link usr/lib/networkd-dispatcher/routable.d/chrony-onoffline -> usr/lib/NetworkManager/dispatcher.d/20-chrony-onoffline diff --git a/debian/chrony.maintscript b/debian/chrony.maintscript new file mode 100644 index 0000000..bb74681 --- /dev/null +++ b/debian/chrony.maintscript @@ -0,0 +1,2 @@ +rm_conffile /etc/apm/event.d/01chrony 2.4.1-3~ chrony +rm_conffile /etc/NetworkManager/dispatcher.d/20-chrony 3.5-7~ chrony diff --git a/debian/chrony.ppp.ip-down b/debian/chrony.ppp.ip-down new file mode 100644 index 0000000..c077551 --- /dev/null +++ b/debian/chrony.ppp.ip-down @@ -0,0 +1,13 @@ +#!/bin/sh +# This script tells chronyd that the connection is down +# so that it won't try to contact the server. +# John Hasler <jhasler@debian.org> 1998-2003 +# Any possessor of a copy of this program may treat it as if it +# were in the public domain. I waive all rights. +# Modified by Vincent Blut <vincent.debian@free.fr> + +if [ -e /run/chrony/chronyd.pid ]; then + chronyc onoffline > /dev/null 2>&1 +fi + +exit 0 diff --git a/debian/chrony.ppp.ip-up b/debian/chrony.ppp.ip-up new file mode 100644 index 0000000..9c8d089 --- /dev/null +++ b/debian/chrony.ppp.ip-up @@ -0,0 +1,12 @@ +#!/bin/sh +# This script tells chronyd that the connection is up so that it can +# contact the server. John Hasler <jhasler@debian.org> 1998-2003 +# Any possessor of a copy of this program may treat it as if it +# were in the public domain. I waive all rights. +# Modified by Vincent Blut <vincent.debian@free.fr> + +if [ -e /run/chrony/chronyd.pid ]; then + chronyc onoffline > /dev/null 2>&1 +fi + +exit 0 diff --git a/debian/chrony.service b/debian/chrony.service new file mode 100644 index 0000000..29e6382 --- /dev/null +++ b/debian/chrony.service @@ -0,0 +1,24 @@ +[Unit] +Description=chrony, an NTP client/server +Documentation=man:chronyd(8) man:chronyc(1) man:chrony.conf(5) +Conflicts=openntpd.service ntp.service ntpsec.service +Wants=time-sync.target +Before=time-sync.target +After=network.target +ConditionCapability=CAP_SYS_TIME + +[Service] +Type=forking +PIDFile=/run/chrony/chronyd.pid +EnvironmentFile=-/etc/default/chrony +ExecStart=/usr/sbin/chronyd $DAEMON_OPTS +PrivateTmp=yes +ProtectHome=yes +ProtectSystem=full +ProtectControlGroups=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes + +[Install] +Alias=chronyd.service +WantedBy=multi-user.target diff --git a/debian/clean b/debian/clean new file mode 100644 index 0000000..70f5857 --- /dev/null +++ b/debian/clean @@ -0,0 +1 @@ +getdate.c diff --git a/debian/conf.d/README b/debian/conf.d/README new file mode 100644 index 0000000..de1fa8e --- /dev/null +++ b/debian/conf.d/README @@ -0,0 +1,7 @@ +Files found under the /etc/chrony/conf.d directory with the .conf suffix are +parsed in the lexicographical order of the file names when chronyd starts up. +This enables a fragmented configuration of chronyd. + +Although those files can contain any directives listed in chrony.conf(5), +it would be wiser to add NTP sources in the /etc/chrony/sources.d +directory. Please read /etc/chrony/sources.d/README for more information. diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..ca53b93 --- /dev/null +++ b/debian/control @@ -0,0 +1,54 @@ +Source: chrony +Section: net +Priority: optional +Maintainer: Vincent Blut <vincent.debian@free.fr> +Standards-Version: 4.5.1 +Build-Depends: asciidoctor (>= 1.5.3-1~), + bison, + debhelper-compat (= 13), + dh-apparmor, + gnutls-bin <!nocheck>, + libcap-dev [linux-any], + libedit-dev, + libgnutls28-dev, + libseccomp-dev (>= 2.4.3-1~) [amd64 arm64 armel armhf hppa i386 mips mipsel mips64el powerpc powerpcspe ppc64 ppc64el riscv64 s390x x32], + net-tools <!nocheck>, + nettle-dev, + pkg-config, + pps-tools (>= 0.20120406+g0deb9c7e-2) [linux-any], + procps <!nocheck> +Homepage: https://chrony.tuxfamily.org +Vcs-Git: https://salsa.debian.org/debian/chrony.git -b debian/bullseye +Vcs-Browser: https://salsa.debian.org/debian/chrony +Rules-Requires-Root: no + +Package: chrony +Architecture: linux-any +Pre-Depends: ${misc:Pre-Depends} +Depends: adduser, + iproute2 [linux-any], + tzdata, + ucf, + ${misc:Depends}, + ${shlibs:Depends} +Suggests: dnsutils, + networkd-dispatcher +Breaks: network-manager (<< 1.20.0-1~) +Conflicts: time-daemon +Provides: time-daemon +Replaces: time-daemon +Description: Versatile implementation of the Network Time Protocol + It consists of a pair of programs: + . + chronyd: This is a daemon which runs in background on the system. + It obtains measurements (e.g. via the network) of the system's offset + relative to other systems and adjusts the system time accordingly. For + isolated systems, the user can periodically enter the correct time by + hand (using 'chronyc'). In either case 'chronyd' determines the rate + at which the computer gains or loses time, and compensates for this. + Chronyd implements the NTP protocol and can act as either a client or + a server. + . + chronyc: This is a command-line driven control and monitoring program. + An administrator can use this to fine-tune various parameters within + the daemon, add or delete servers etc whilst the daemon is running. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..a9e0040 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,187 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: chrony +Upstream-Contact: Miroslav Lichvar <mlichvar@redhat.com> +Source: https://download.tuxfamily.org/chrony/ + +Files: * +Copyright: 2009-2020, Miroslav Lichvar + 1997-2007, Richard P. Curnow +License: GPL-2 + +Files: main.c + sys_linux.c +Copyright: 2012-2020, Miroslav Lichvar + 2009, John G. Hasler + 1997-2003, Richard P. Curnow +License: GPL-2 + +Files: ntp_io.c +Copyright: 2009, 2013-2016, 2018-2020, Miroslav Lichvar + 2009, Timo Teras + 1997-2003, Richard P. Curnow +License: GPL-2 + +Files: sys_macosx.? +Copyright: 2015, 2017, 2020, Bryan Christianson + 2001, J. Hannken-Illjes + 1997-2001, Richard P. Curnow +License: GPL-2 + +Files: sys_netbsd.? +Copyright: 2001, J. Hannken-Illjes + 1997-2001, Richard P. Curnow +License: GPL-2 + +Files: debian/* +Copyright: 2015-2021, Vincent Blut + 2012-2014, Joachim Wiedorn + 2000-2012, John Hasler +License: GPL-2 + +Files: test/simulation/test.common +Copyright: 2013-2014, Miroslav Lichvar +License: GPL-2+ + +Files: privops.c +Copyright: 2015, Bryan Christianson + 2017, Miroslav Lichvar +License: GPL-2 + +Files: privops.h +Copyright: 2015, Bryan Christianson +License: GPL-2 + +Files: contrib/bryan_christianson_1/chronylogrotate.sh +Copyright: 2015, Bryan Christianson +License: GPL-2 + +Files: test/unit/* +Copyright: 2016-2018, Miroslav Lichvar +License: GPL-2 + +Files: hwclock.? +Copyright: 2016-2018, Miroslav Lichvar +License: GPL-2 + +Files: ntp_io_linux.? +Copyright: 2016-2019, Miroslav Lichvar +License: GPL-2 + +Files: ntp_signd.? +Copyright: 2016, Miroslav Lichvar +License: GPL-2 + +Files: client.c +Copyright: 1997-2003, Richard P. Curnow + 2016, Lonnie Abelbeck + 2009-2020, Miroslav Lichvar +License: GPL-2 + +Files: configure +Copyright: 1997-2003, Richard P. Curnow + 2016, Bryan Christianson + 2009, 2012-2020, Miroslav Lichvar + 2019, Stefan R. Filipek +License: GPL-2 + +Files: doc/chrony.conf.adoc +Copyright: 1997-2003, Richard P. Curnow + 2016, Stephen Wadeley + 2009-2020, Miroslav Lichvar + 2017, Bryan Christianson +License: GPL-2 + +Files: doc/chronyc.adoc +Copyright: 1997-2003, Richard P. Curnow + 2016, Stephen Wadeley + 2009-2020, Miroslav Lichvar +License: GPL-2 + +Files: refclock.c +Copyright: 2009-2011, 2013-2014, 2016-2019, Miroslav Lichvar +License: GPL-2 + +Files: refclock_phc.c +Copyright: 2013, 2017, Miroslav Lichvar +License: GPL-2 + +Files: regress.c +Copyright: 1997-2003, Richard P. Curnow + 2011, 2016-2017, Miroslav Lichvar +License: GPL-2 + +Files: sched.c +Copyright: 1997-2003, Richard P. Curnow + 2011, 2013-2016, Miroslav Lichvar +License: GPL-2 + +Files: sourcestats.c +Copyright: 1997-2003, Richard P. Curnow + 2011-2014, 2016-2018, Miroslav Lichvar +License: GPL-2 + +Files: stubs.c +Copyright: 2014-2016, Miroslav Lichvar +License: GPL-2 + +Files: hash_nettle.c +Copyright: 2018, Miroslav Lichvar +License: GPL-2 + +Files: test/system/* +Copyright: 2019, Miroslav Lichvar +License: GPL-2 + +Files: md5.* +Copyright: 1990, RSA Data Security, Inc. All rights reserved. +License: RSA-MD + License to copy and use this software is granted provided that + it is identified as the "RSA Data Security, Inc. MD5 Message- + Digest Algorithm" in all material mentioning or referencing this + software or this function. + . + License is also granted to make and use derivative works + provided that such works are identified as "derived from the RSA + Data Security, Inc. MD5 Message-Digest Algorithm" in all + material mentioning or referencing the derived work. + . + RSA Data Security, Inc. makes no representations concerning + either the merchantability of this software or the suitability + of this software for any particular purpose. It is provided "as + is" without express or implied warranty of any kind. + . + These notices must be retained in any copies of any part of this + documentation and/or software. + +License: GPL-2 + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License version 2 as + published by the Free Software Foundation. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. + . + On Debian systems, the complete text of the GNU General Public License + version 2 can be found in the file `/usr/share/common-licenses/GPL-2'. + +License: GPL-2+ + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see <https://www.gnu.org/licenses/> + . + On Debian systems, the complete text of the GNU General Public License + version 2 can be found in `/usr/share/common-licenses/GPL-2'. diff --git a/debian/dirs b/debian/dirs new file mode 100644 index 0000000..152a039 --- /dev/null +++ b/debian/dirs @@ -0,0 +1,6 @@ +etc/chrony +etc/logrotate.d +etc/ppp/ip-down.d +etc/ppp/ip-up.d +usr/lib/NetworkManager/dispatcher.d +var/lib/chrony diff --git a/debian/docs b/debian/docs new file mode 100644 index 0000000..e12f653 --- /dev/null +++ b/debian/docs @@ -0,0 +1,3 @@ +FAQ +NEWS +README diff --git a/debian/init b/debian/init new file mode 100644 index 0000000..ce121d7 --- /dev/null +++ b/debian/init @@ -0,0 +1,69 @@ +#! /bin/sh +# +# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>. +# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>. +# Modified for Debian by Christoph Lameter <clameter@debian.org> +# Modified for chrony by John Hasler <jhasler@debian.org> 1998-2012 +# Modified for Debian by Vincent Blut <vincent.debian@free.fr> + +### BEGIN INIT INFO +# Provides: chrony +# Required-Start: $remote_fs +# Required-Stop: $remote_fs +# Should-Start: $syslog $network $named $time +# Should-Stop: $syslog $network $named $time +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Controls chronyd NTP time daemon +# Description: Chronyd is the NTP time daemon in the Chrony package +### END INIT INFO + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +DAEMON=/usr/sbin/chronyd +NAME="chronyd" +DESC="time daemon" +PIDFILE=/run/chrony/chronyd.pid + +[ -x "$DAEMON" ] || exit 0 + +. /lib/lsb/init-functions + +# Override this variable by editing /etc/default/chrony. +DAEMON_OPTS="" +if [ -f /etc/default/chrony ]; then + . /etc/default/chrony +fi + +case "$1" in + start) + if $0 status > /dev/null ; then + log_success_msg "$NAME is already running" + else + log_daemon_msg "Starting $DESC" "$NAME" + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS + log_end_msg $? + fi + ;; + + stop) + log_daemon_msg "Stopping $DESC" "$NAME" + start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON + log_end_msg $? + ;; + + restart|force-reload) + $0 stop + $0 start + ;; + + status) + status_of_proc -p $PIDFILE "$DAEMON" "$NAME" && exit 0 || exit $? + ;; + + *) + log_action_msg "Usage: /etc/init.d/chrony {start|stop|restart|force-reload|status}" + exit 1 + ;; +esac + +exit 0 diff --git a/debian/install b/debian/install new file mode 100644 index 0000000..e7dc12a --- /dev/null +++ b/debian/install @@ -0,0 +1,7 @@ +debian/chrony-dnssrv@.* lib/systemd/system +debian/chrony-helper usr/libexec/chrony +debian/chrony.conf usr/share/chrony +debian/conf.d etc/chrony +debian/ntp-units.d/50-chrony.list usr/lib/systemd/ntp-units.d +debian/sources.d etc/chrony +debian/usr.sbin.chronyd etc/apparmor.d diff --git a/debian/links b/debian/links new file mode 100644 index 0000000..31cfb4a --- /dev/null +++ b/debian/links @@ -0,0 +1,5 @@ +# Update sources in response to systemd-networkd events (LP: #1718227). +# This is reusing the NetworkManager dispatch script which has no hard +# dependency to NetworkManager (not using any of its arguments) +usr/lib/NetworkManager/dispatcher.d/20-chrony-onoffline usr/lib/networkd-dispatcher/routable.d/chrony-onoffline +usr/lib/NetworkManager/dispatcher.d/20-chrony-onoffline usr/lib/networkd-dispatcher/off.d/chrony-onoffline diff --git a/debian/ntp-units.d/50-chrony.list b/debian/ntp-units.d/50-chrony.list new file mode 100644 index 0000000..6b9cca0 --- /dev/null +++ b/debian/ntp-units.d/50-chrony.list @@ -0,0 +1 @@ +chrony.service diff --git a/debian/patches/allow-BINDTODEVICE-option-in-seccomp-filter.patch b/debian/patches/allow-BINDTODEVICE-option-in-seccomp-filter.patch new file mode 100644 index 0000000..6841494 --- /dev/null +++ b/debian/patches/allow-BINDTODEVICE-option-in-seccomp-filter.patch @@ -0,0 +1,23 @@ +From b9f5ce83b02e765ad5a65a264e88352528d6b2b3 Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar <mlichvar@redhat.com> +Date: Thu, 29 Apr 2021 12:35:49 +0200 +Subject: sys_linux: allow BINDTODEVICE option in seccomp filter + +Fixes: 4ef944b73436 ("socket: add support for binding sockets to device") + +Applied-Upstream: https://git.tuxfamily.org/chrony/chrony.git/commit/?id=b9f5ce83b02e765ad5a65a264e88352528d6b2b3 +Last-Update: 2021-05-13 +Index: chrony/sys_linux.c +=================================================================== +--- chrony.orig/sys_linux.c ++++ chrony/sys_linux.c +@@ -619,6 +619,9 @@ SYS_Linux_EnableSystemCallFilter(int lev + #ifdef FEAT_IPV6 + { SOL_IPV6, IPV6_V6ONLY }, { SOL_IPV6, IPV6_RECVPKTINFO }, + #endif ++#ifdef SO_BINDTODEVICE ++ { SOL_SOCKET, SO_BINDTODEVICE }, ++#endif + { SOL_SOCKET, SO_BROADCAST }, { SOL_SOCKET, SO_REUSEADDR }, + #ifdef SO_REUSEPORT + { SOL_SOCKET, SO_REUSEPORT }, diff --git a/debian/patches/allow-IP_TOS-socket-option-in-seccomp-filter.patch b/debian/patches/allow-IP_TOS-socket-option-in-seccomp-filter.patch new file mode 100644 index 0000000..3793048 --- /dev/null +++ b/debian/patches/allow-IP_TOS-socket-option-in-seccomp-filter.patch @@ -0,0 +1,33 @@ +From 966e6fd939df724235a93e7a89dd7cf67178f99d Mon Sep 17 00:00:00 2001 +From: Foster Snowhill <forst@forstwoof.ru> +Date: Sun, 4 Apr 2021 15:12:17 +0200 +Subject: sys_linux: allow setsockopt(SOL_IP, IP_TOS) in seccomp + +This system call is required by the DSCP marking feature introduced in commit +6a5665ca5877 ("conf: add dscp directive"). + +Before this change, enabling seccomp filtering (chronyd -F 1) and specifying a +custom DSCP value in the configuration (for example "dscp 46") caused the +process to be killed by seccomp due to IP_TOS not being allowed by the filter. + +Tested before and after the change on Ubuntu 21.04, kernel 5.11.0-13-generic. +IP_TOS is available since Linux 1.0, so I didn't add any ifdefs for it. + +Signed-off-by: Foster Snowhill <forst@forstwoof.ru> + +Bug: https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-dev/2021/04/msg00000.html +Applied-Upstream: https://git.tuxfamily.org/chrony/chrony.git/commit/?id=966e6fd939df724235a93e7a89dd7cf67178f99d +Last-Update: 2021-04-08 +Index: chrony/sys_linux.c +=================================================================== +--- chrony.orig/sys_linux.c ++++ chrony/sys_linux.c +@@ -615,7 +615,7 @@ SYS_Linux_EnableSystemCallFilter(int lev + }; + + const static int socket_options[][2] = { +- { SOL_IP, IP_PKTINFO }, { SOL_IP, IP_FREEBIND }, ++ { SOL_IP, IP_PKTINFO }, { SOL_IP, IP_FREEBIND }, { SOL_IP, IP_TOS }, + #ifdef FEAT_IPV6 + { SOL_IPV6, IPV6_V6ONLY }, { SOL_IPV6, IPV6_RECVPKTINFO }, + #endif diff --git a/debian/patches/allow-getuid32-in-seccomp-filter.patch b/debian/patches/allow-getuid32-in-seccomp-filter.patch new file mode 100644 index 0000000..626713e --- /dev/null +++ b/debian/patches/allow-getuid32-in-seccomp-filter.patch @@ -0,0 +1,24 @@ +From 9cdfc15e310887d86c74beb0d6b748572624201c Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar <mlichvar@redhat.com> +Date: Thu, 29 Apr 2021 16:53:40 +0200 +Subject: sys_linux: allow getuid32 in seccomp filter + +This was triggered on x86 in an NTS test. + +Applied-Upstream: https://git.tuxfamily.org/chrony/chrony.git/commit/?id=9cdfc15e310887d86c74beb0d6b748572624201c +Last-Update: 2021-05-13 +diff --git a/sys_linux.c b/sys_linux.c +index be5d44d..57b4e0f 100644 +--- a/sys_linux.c ++++ b/sys_linux.c +@@ -508,6 +508,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) + SCMP_SYS(getpid), + SCMP_SYS(getrlimit), + SCMP_SYS(getuid), ++ SCMP_SYS(getuid32), + SCMP_SYS(rt_sigaction), + SCMP_SYS(rt_sigreturn), + SCMP_SYS(rt_sigprocmask), +-- +cgit v0.10.2 + diff --git a/debian/patches/fix-seccomp-filter-for-BINDTODEVICE-socket-option.patch b/debian/patches/fix-seccomp-filter-for-BINDTODEVICE-socket-option.patch new file mode 100644 index 0000000..3bd9acd --- /dev/null +++ b/debian/patches/fix-seccomp-filter-for-BINDTODEVICE-socket-option.patch @@ -0,0 +1,33 @@ +From 29d7d3176d9d1b208039a9d2ca3f26bc3cc5a387 Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar <mlichvar@redhat.com> +Date: Wed, 6 Oct 2021 10:02:34 +0200 +Subject: sys_linux: fix seccomp filter for BINDTODEVICE option + +The BINDTODEVICE socket option is the first option in the seccomp filter +setting a string instead of int. Remove the length check from the +setsockopt rules to allow a device name longer than 3 characters. + +This was reported in Debian bug #995207. + +Fixes: b9f5ce83b02e ("sys_linux: allow BINDTODEVICE option in seccomp filter") + +Origin: upstream, https://git.tuxfamily.org/chrony/chrony.git/commit/?id=29d7d3176d9d1b208039a9d2ca3f26bc3cc5a387 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995207 + +Index: chrony/sys_linux.c +=================================================================== +--- chrony.orig/sys_linux.c ++++ chrony/sys_linux.c +@@ -694,10 +694,9 @@ SYS_Linux_EnableSystemCallFilter(int lev + + /* Allow selected socket options */ + for (i = 0; i < sizeof (socket_options) / sizeof (*socket_options); i++) { +- if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(setsockopt), 3, ++ if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(setsockopt), 2, + SCMP_A1(SCMP_CMP_EQ, socket_options[i][0]), +- SCMP_A2(SCMP_CMP_EQ, socket_options[i][1]), +- SCMP_A4(SCMP_CMP_LE, sizeof (int))) < 0) ++ SCMP_A2(SCMP_CMP_EQ, socket_options[i][1]))) + goto add_failed; + } + diff --git a/debian/patches/nm-dispatcher-dhcp_Move-server_dir-to-run.patch b/debian/patches/nm-dispatcher-dhcp_Move-server_dir-to-run.patch new file mode 100644 index 0000000..29b37c5 --- /dev/null +++ b/debian/patches/nm-dispatcher-dhcp_Move-server_dir-to-run.patch @@ -0,0 +1,17 @@ +Description: Move server_dir path to /run +Author: Vincent Blut <vincent.debian@free.fr> +Forwarded: no +Last-Update: 2020-09-16 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/examples/chrony.nm-dispatcher.dhcp ++++ b/examples/chrony.nm-dispatcher.dhcp +@@ -11,7 +11,7 @@ action=$2 + + chronyc=/usr/bin/chronyc + default_server_options=iburst +-server_dir=/var/run/chrony-dhcp ++server_dir=/run/chrony-dhcp + + dhcp_server_file=$server_dir/$interface.sources + # DHCP4_NTP_SERVERS is passed from DHCP options by NetworkManager. diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..4037174 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,5 @@ +allow-IP_TOS-socket-option-in-seccomp-filter.patch +nm-dispatcher-dhcp_Move-server_dir-to-run.patch +allow-BINDTODEVICE-option-in-seccomp-filter.patch +allow-getuid32-in-seccomp-filter.patch +fix-seccomp-filter-for-BINDTODEVICE-socket-option.patch diff --git a/debian/postinst b/debian/postinst new file mode 100644 index 0000000..903add9 --- /dev/null +++ b/debian/postinst @@ -0,0 +1,73 @@ +#!/bin/sh +# postinst script for chrony +# +# see: dh_installdeb(1) + +set -e + + +# targets: configure|abort-upgrade|abort-remove|abort-deconfigure + +case "$1" in + configure) + + adduser --force-badname \ + --system \ + --group \ + --quiet \ + --gecos "Chrony daemon" \ + --home /var/lib/chrony \ + --no-create-home _chrony + + if command -v ucf >/dev/null + then + ucf --three-way /usr/share/chrony/chrony.conf /etc/chrony/chrony.conf + ucf --three-way /usr/share/chrony/chrony.keys /etc/chrony/chrony.keys + if [ -x "$(command -v ucfr)" ]; then + ucfr chrony /etc/chrony/chrony.conf + ucfr chrony /etc/chrony/chrony.keys + fi + fi + + # Change the user and group ownership of "/var/l{ib,og}/chrony" iif + # the chronyd's configuration does not contain the "user" directive. + # Also, update these directories' mode bits to 0750 to follow upstream. + if ! chronyd -p 2>/dev/null | grep -q "^user"; then + for d in /var/lib/chrony /var/log/chrony; do + if ! dpkg-statoverride --list "$d" >/dev/null; then + dpkg-statoverride --update --add _chrony _chrony 0750 "$d" + fi + done + fi + + if [ -n "$2" ] && dpkg --compare-versions "$2" lt 4.0~pre4-1; then + # Migrate NTP sources obtained from DHCP to /run/chrony-dhcp + mkdir -p /run/chrony-dhcp + for file in $(find /var/lib/dhcp/ -type f -name "chrony.servers.*"); do + sed 's/.*/server &/' < "$file" > /run/chrony-dhcp/"${file##*servers.}.sources" + done + + # Remove the staled PID file resulting from migrating its path from + # /run to /run/chrony/. Overriding dh_installinit and + # dh_systemd_start to use the --no-restart-after-upgrade option + # was a possibility but chronyd would have been down even longer + # during the upgrade. + rm -f /run/chronyd.pid + fi + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/postrm b/debian/postrm new file mode 100644 index 0000000..b864a94 --- /dev/null +++ b/debian/postrm @@ -0,0 +1,56 @@ +#!/bin/sh +# postrm script for chrony +# +# see: dh_installdeb(1) + +set -e + +# targets: purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear + +case "$1" in + purge) + rm -f /var/lib/chrony/* + rm -f /etc/chrony/chrony.conf + rm -f /etc/chrony/chrony.keys + if command -v ucf >/dev/null + then + ucf --purge /etc/chrony/chrony.conf + ucf --purge /etc/chrony/chrony.keys + if [ -x "$(command -v ucfr)" ]; then + ucfr --purge chrony /etc/chrony/chrony.conf + ucfr --purge chrony /etc/chrony/chrony.keys + fi + fi + rm -rf /etc/chrony + rm -rf /run/chrony || true + rm -rf /run/chrony-dhcp || true + rm -rf /var/lib/chrony + rm -rf /var/log/chrony + # Remove "_chrony" system user/group + if [ -x "$(command -v deluser)" ] + then + deluser --quiet --system _chrony > /dev/null 2>&1 || true + fi + + for d in /var/lib/chrony /var/log/chrony; do + if dpkg-statoverride --list "$d" >/dev/null; then + dpkg-statoverride --remove "$d" + fi + done + ;; + + remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/preinst b/debian/preinst new file mode 100644 index 0000000..08be098 --- /dev/null +++ b/debian/preinst @@ -0,0 +1,28 @@ +#!/bin/sh +# preinst script for chrony +# +# see: dh_installdeb(1) + +set -e + +# targets: install|upgrade|abort-upgrade + +case "$1" in + upgrade) + ;; + + install|abort-upgrade) + ;; + + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/prerm b/debian/prerm new file mode 100644 index 0000000..ec12057 --- /dev/null +++ b/debian/prerm @@ -0,0 +1,28 @@ +#!/bin/sh +# prerm script for chrony +# +# see: dh_installdeb(1) + +set -e + +# targets: remove|upgrade|deconfigure|failed-upgrade + +case "$1" in + remove|upgrade|deconfigure) + ;; + + failed-upgrade) + ;; + + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..33a2809 --- /dev/null +++ b/debian/rules @@ -0,0 +1,50 @@ +#!/usr/bin/make -f + +-include /usr/share/dpkg/buildtools.mk +export CC + +include /usr/share/dpkg/architecture.mk + +export DEB_BUILD_MAINT_OPTIONS=hardening=+all + +BASE=debian/chrony + +%: + dh $@ + +override_dh_auto_configure: + dh_auto_configure -- --mandir=/usr/share/man \ + --sysconfdir=/etc/chrony \ + --with-user=_chrony \ + --enable-scfilter \ + --chronyrundir=/run/chrony \ + --with-ntp-era=$(shell date -d '1970-01-01 00:00:00+00:00' +'%s') \ + --enable-ntp-signd \ + --with-hwclockfile=/etc/adjtime \ + --with-pidfile=/run/chrony/chronyd.pid \ + --host-system=Linux + +override_dh_install: + dh_install + install -m 0640 -t $(BASE)/usr/share/chrony/ debian/chrony.keys + install -m 0755 -T examples/chrony.nm-dispatcher.dhcp ${BASE}/usr/lib/NetworkManager/dispatcher.d/20-chrony-dhcp + install -m 0755 -T examples/chrony.nm-dispatcher.onoffline $(BASE)/usr/lib/NetworkManager/dispatcher.d/20-chrony-onoffline + install -m 0644 -T examples/chrony.logrotate $(BASE)/etc/logrotate.d/chrony + dh_apparmor --profile-name=usr.sbin.chronyd -pchrony + install -D -p -m 0644 debian/chrony.dhcp $(BASE)/etc/dhcp/dhclient-exit-hooks.d/chrony + +override_dh_fixperms: + dh_fixperms -X usr/share/chrony/chrony.keys + +override_dh_installinit: + dh_installinit +# Disable the system call filter on architectures mentioned below +# due to missing support in libseccomp and/or in the Linux kernel. +ifneq (,$(filter $(DEB_HOST_ARCH), alpha ia64 m68k sh4 sparc64)) + sed -i '/DAEMON_OPTS=/s/"-F 1"/""/' $(BASE)/etc/default/chrony +endif + +override_dh_auto_test: +ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) + dh_auto_test +endif diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/sources.d/README b/debian/sources.d/README new file mode 100644 index 0000000..268544d --- /dev/null +++ b/debian/sources.d/README @@ -0,0 +1,11 @@ +Only NTP sources can be specified in the /etc/chrony/sources.d directory. +Files in this directory must end with the ".sources" suffix, and can only +contain the "peer", "pool" and "server" directives. + +There is no need to restart chronyd for these time sources to be usable, +running 'chronyc reload sources' is sufficient. + +Example: + +# echo 'server 192.0.2.1 iburst' > /etc/chrony/sources.d/local-ntp-server.sources +# chronyc reload sources diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 0000000..5586711 --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,28 @@ +Tests: upstream-simulation-test-suite +Depends: @builddeps@, build-essential, ca-certificates, wget +Restrictions: isolation-container, build-needed, skippable, needs-root, needs-internet + +Tests: time-sources-from-dhcp-servers +Depends: @, isc-dhcp-server, isc-dhcp-client, iproute2, kmod +Restrictions: isolation-machine, needs-root + +Features: test-name=run_system_tests +Test-Command: debian/tests/upstream-system-tests +Depends: @builddeps@ +Restrictions: build-needed, isolation-container, needs-root + +Features: test-name=run_destructive_system_tests +Test-Command: debian/tests/upstream-system-tests -d 1[0-9][0-9]-* +Depends: @, @builddeps@, ethtool +Restrictions: build-needed, isolation-machine, needs-root + +Tests: fragmented-configuration +Restrictions: isolation-container, needs-root + +Tests: dynamically-add-source +Depends: @, dpkg-dev +Restrictions: isolation-container, needs-root, skippable + +Tests: ntp-server-and-nts-auth +Depends: @, dpkg-dev, gnutls-bin +Restrictions: isolation-container, needs-root, skippable diff --git a/debian/tests/dynamically-add-source b/debian/tests/dynamically-add-source new file mode 100644 index 0000000..62eac75 --- /dev/null +++ b/debian/tests/dynamically-add-source @@ -0,0 +1,27 @@ +#!/bin/sh +# Make sure that NTP sources from /etc/chrony/sources.d are usable. + +set -e + +. debian/tests/helper-functions + +server_addr="192.0.2.1" + +printf "Preparing chronyd configuration: " +__no_system_clock_control && __test_ok || __test_skip + +printf "Adding a dummy server to the list of NTP sources: " +printf "server $server_addr" > /etc/chrony/sources.d/dummy-server.sources && __test_ok || __test_fail + +printf "Reloading NTP sources: " +__reload_sources + +printf "Checking for dummy server availability: " +__check_sources "$server_addr" + +printf "Checking for dummy server availability after restarting chronyd: " +__restart_chronyd +sleep 2 +__check_sources "$server_addr" + +exit 0 diff --git a/debian/tests/fragmented-configuration b/debian/tests/fragmented-configuration new file mode 100644 index 0000000..cda1c41 --- /dev/null +++ b/debian/tests/fragmented-configuration @@ -0,0 +1,17 @@ +#!/bin/sh +# Make sure that fragmented configuration works as expected. + +set -e + +. debian/tests/helper-functions + +printf 'Setting "authselectmode prefer" as authentication policy: ' +echo "authselectmode prefer" > /etc/chrony/conf.d/authentication-policy.conf && __test_ok || __test_fail + +printf "Restart chronyd: " +systemctl --quiet restart chrony.service && __test_ok || __test_fail + +printf "Checking that chronyd uses the defined authentication policy: " +chronyd -p 2> /dev/null | grep -q "authselectmode prefer" && __test_ok || __test_fail + +exit 0 diff --git a/debian/tests/helper-functions b/debian/tests/helper-functions new file mode 100644 index 0000000..6c340d0 --- /dev/null +++ b/debian/tests/helper-functions @@ -0,0 +1,50 @@ +__no_system_clock_control() { + if ! dpkg-vendor --derives-from Ubuntu; then + sed -i '/^DAEMON_OPTS=/s/"\(.*\)"/"\1 -x"/' /etc/default/chrony + mkdir -p /etc/systemd/system/chrony.service.d + cat <<EOF > /etc/systemd/system/chrony.service.d/override.conf +[Unit] +ConditionCapability= +EOF + systemctl daemon-reload && __restart_chronyd && sleep 3 + fi +} + +__test_fail() { + printf 'FAIL\n' >&2 + return 1 +} + +__test_ok() { + printf 'OK\n' + return 0 +} + +__test_skip() { + [ -n "$1" ] && printf 'SKIP: (%s)\n' "$1" || printf 'SKIP\n' + exit 77 +} + +__reload_sources() { + chronyc reload sources > /dev/null 2>&1 && __test_ok || __test_fail +} + +__restart_chronyd() { + systemctl --quiet restart chrony.service +} + +__check_sources() { + chronyc sources | grep -q "$1" && __test_ok || __test_fail +} + +__check_auth() { + chronyc -c authdata | grep -q "$1" && __test_ok || __test_fail +} + +# Ubuntu's default config is fully populated causing issues with the test +# If any of those tests run on Ubuntu, clear some and restart the daemon +# to pick this up before entering the tests. +if grep -q "^pool.*ubuntu.pool.ntp.org" /etc/chrony/chrony.conf; then + sudo sed -i -e '/^pool.*ubuntu.pool.ntp.org/d' /etc/chrony/chrony.conf + __restart_chronyd +fi diff --git a/debian/tests/ntp-server-and-nts-auth b/debian/tests/ntp-server-and-nts-auth new file mode 100644 index 0000000..93c44f8 --- /dev/null +++ b/debian/tests/ntp-server-and-nts-auth @@ -0,0 +1,58 @@ +#!/bin/sh +# Check that chronyd is able to authenticate NTP packets when NTS is enabled +# on the server. + +set -e + +. debian/tests/helper-functions + +cert_dir="/var/lib/chrony" +cert_template="$cert_dir/cert.cfg" +cert_file="$cert_dir/server.crt" +priv_key="$cert_dir/server.key" +server_addr="127.0.1.1" +server_name="chrony-nts-test" + +create_cert_template() { + printf "Creating certificate template: " + cat <<EOF > "$cert_template" +cn = "$server_name" +serial = 001 +activation_date = "$(date -d '1 year ago' +'%Y-%m-%d') 00:00:00 UTC" +expiration_date = "$(date -d '1 year' +'%Y-%m-%d') 00:00:00 UTC" +signing_key +encryption_key +EOF +} + +generate_cert() { + printf "Generating self-signed certificate: " + certtool --generate-privkey --key-type=ed25519 --outfile "$priv_key" > /dev/null 2>&1 + certtool --generate-self-signed --load-privkey "$priv_key" --template "$cert_template" \ + --outfile "$cert_file" > /dev/null 2>&1 +} + +server_config() { + printf "Preparing chronyd configuration: " + cat <<EOF > /etc/chrony/conf.d/local-server-config.conf +server $server_name nts minpoll -6 maxpoll -6 +ntsserverkey $priv_key +ntsservercert $cert_file +ntstrustedcerts $cert_file +EOF + + __no_system_clock_control +} + +echo "$server_addr $server_name" >> /etc/hosts + +create_cert_template && __test_ok || __test_skip "unable to create certificate template" + +generate_cert && __test_ok || __test_skip "unable to generate self-signed certificate" + +server_config && __test_ok || __test_skip + +printf "Checking if server authenticates NTP packets: " +__check_auth "$server_addr,NTS" + +exit 0 diff --git a/debian/tests/time-sources-from-dhcp-servers b/debian/tests/time-sources-from-dhcp-servers new file mode 100644 index 0000000..f5e7899 --- /dev/null +++ b/debian/tests/time-sources-from-dhcp-servers @@ -0,0 +1,44 @@ +#!/bin/sh +# Ensure that NTP servers obtained from DHCP are made available to chronyd and +# that they are removed when releasing the DHCP lease. + +set -e + +prepare_iface() { + modprobe dummy + ip link add name dummy0 type dummy + ip address add 192.168.1.1/24 dev dummy0 + ip link set dev dummy0 up +} + +dhcpd_config() { +cat <<EOF > /etc/dhcp/dhcpd.conf +default-lease-time 600; +max-lease-time 7200; +authorative; + +subnet 192.168.1.0 netmask 255.255.255.0 { + option subnet-mask 255.255.255.0; + option broadcast-address 192.168.1.255; + option ntp-servers 192.168.1.50; + range 192.168.1.42 192.168.1.100; +} +EOF + +sed -i '/INTERFACESv4=/s/".*"/"dummy0"/' /etc/default/isc-dhcp-server +} + +chk_time_src() { + chronyc -n sources | grep -q -F '192.168.1.50' +} + +printf "Preparing the dummy network interface and dhcpd configuration…\n" +if prepare_iface && dhcpd_config; then + systemctl restart isc-dhcp-server && dhclient dummy0 && printf "Done!\n\n" +fi + +printf "Check if the NTP server is made available to chronyd…\n" +chk_time_src && printf "SUCCESS!\n\n" + +printf "Release the current lease and check if the NTP server has been correctly removed…\n" +dhclient -r dummy0 > /dev/null 2>&1 && ! chk_time_src && printf "SUCCESS!\n\n" diff --git a/debian/tests/upstream-simulation-test-suite b/debian/tests/upstream-simulation-test-suite new file mode 100644 index 0000000..cee406d --- /dev/null +++ b/debian/tests/upstream-simulation-test-suite @@ -0,0 +1,41 @@ +#!/bin/sh +# Upstream makes use of “clknetsim” to test how well “chronyd” controls the +# system clocks in various conditions. Due to “clknetsim” not being available +# in Debian, let’s use autopkgtest facility to build it in a container and +# test “chronyd” from there. + +set -e + +testdir="$PWD/test/simulation" +clknetsim_ver=c4ccc2d +clknetsim_src=https://github.com/mlichvar/clknetsim/archive/"$clknetsim_ver"/clknetsim-"$clknetsim_ver".tar.gz +clknetsim_archive=$(basename "$clknetsim_src") + +export CLKNETSIM_PATH="$AUTOPKGTEST_TMP" + +# Always use the same seed to get deterministic results +export CLKNETSIM_RANDOM_SEED=24505 + +DEB_HOST_MULTIARCH=$(dpkg-architecture -qDEB_HOST_MULTIARCH) + +# The simulation tests are only supported on Linux. +dpkg-architecture -ilinux-any || exit 77 + +prepare_clknetsim() { + # This symbolic link is necessary to prevent clknetsim from FTBFS. + ln -s /usr/include/"$DEB_HOST_MULTIARCH"/sys/time.h /usr/include/sys/ + + wget -P "$CLKNETSIM_PATH" "$clknetsim_src" 2>&1 || exit 77 + tar -xvzf "$CLKNETSIM_PATH"/"$clknetsim_archive" \ + -C "$CLKNETSIM_PATH" --strip-components=1 2>&1 || exit 77 + + if [ ! -x "$CLKNETSIM_PATH/clknetsim" ] && [ ! -e "$CLKNETSIM_PATH/clknetsim.so" ]; then + make -C "$CLKNETSIM_PATH" 2>&1 + fi +} + +run_test() { + cd "$testdir" && ./run -i 20 -m 2 +} + +prepare_clknetsim && run_test diff --git a/debian/tests/upstream-system-tests b/debian/tests/upstream-system-tests new file mode 100755 index 0000000..bd28a0c --- /dev/null +++ b/debian/tests/upstream-system-tests @@ -0,0 +1,24 @@ +#!/bin/sh +# Run the upstream system tests in a container. Destructive tests will be run in +# a VM as they may adjust/step the system clock, block the RTC, etc. +# In case of failure, test’s logs will be put into the directory specified by +# the $AUTOPKGTEST_ARTIFACTS environment variable. + +set -e + +testdir=$PWD/test/system +logdir="$testdir/tmp/*" + +# some tests need chrony installed, but make sure to avoid the test daemon is +# fighting with the systems chrony service over the clock +systemctl stop chrony.service 2>/dev/null || true + +run_test() { + cd "$testdir" && ./run "$@" +} + +artifacts() { + cp $logdir "$AUTOPKGTEST_ARTIFACTS" && exit 1 +} + +run_test "$@" || artifacts diff --git a/debian/upstream/metadata b/debian/upstream/metadata new file mode 100644 index 0000000..937fa97 --- /dev/null +++ b/debian/upstream/metadata @@ -0,0 +1,8 @@ +Documentation: https://chrony.tuxfamily.org/documentation.html +Changelog: https://chrony.tuxfamily.org/news.html +FAQ: https://chrony.tuxfamily.org/faq.html +Contact: chrony-users@chrony.tuxfamily.org +Security-Contact: Miroslav Lichvar <mlichvar@redhat.com> +Bug-Submit: chrony-users@chrony.tuxfamily.org +Repository: https://git.tuxfamily.org/chrony/chrony.git +Repository-Browse: https://git.tuxfamily.org/chrony/chrony.git/ diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc new file mode 100644 index 0000000..ce59e23 --- /dev/null +++ b/debian/upstream/signing-key.asc @@ -0,0 +1,29 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGiBEYLz1cRBADYNM9gn8g1Bw8t2Zj+HT9hbSHVs9ofSdxqdLEVAbNySeLftOlZ +ba+4CU+lIfC/6XHZ0r+UvTBVK+r/KLjFxWz5cWGGFVUrXOSjo2PDXDqWrs9VALtT +zH8sr0/7qJCByF9fnryPO1fmMKlh9R0+X5cF7vZjlWbM+BV/yxARi4lb4wCgpf9M +7uo9hJUcMyy2zJSdzjUPkcMEAMVyDpw7kwTjnWzwaOHnPlT/x31OkGAO2sZgzRGu +VE1zGN4Ruv36GS7hNPndtpTGZuPtmLrE2wJS2exer4kTYANfiGj/JDTiuGQYF2jp +9cN3zJL7e7Bik004TZVUGg3HzpuWWc/uiTXgrZxIDz4uPxjy5kdDfbhUziNsy9Uj +igOZBADQ9T6XYQBTfRmGUkl7hEeAeu+WfEGDVlHP+EpMtk/uANUqYef5xUG4RomE +EyjRlrEXwG7Ly2HhH3UADBuPjkP68AGN8WslbCNx5Na+nZr6r1sT1+Z3OdUDprpY +PQxCu5WWYsYgzroO/JEA2d3pYgaaHEAhyZxau1UtW4hpAn8svbQmTWlyb3NsYXYg +TGljaHZhciA8bWxpY2h2YXJAcmVkaGF0LmNvbT6IZgQTEQIAJgIbAwYLCQgHAwIE +FQIIAwQWAgMBAh4BAheABQJbt20rBQkb2aQNAAoJEF/wbym6HgE7MOkAnjdG94MF +4XAVLnzCVbrJb/Ishao4AJ9o1EL9U/at8KzvfZdpPyNrmoeq+bkCDQRGC89XEAgA +medsNk8FIYdzJYyP2eaIYKMTpSCFgTKE1EHdiRaX5n3oo9o26+vfA1NfIwKM8G54 +3Ddr1yl2PRmQermHMQahMMsXcehQXjsJoZXTglJq6kw5Xb1V1K6SyXQv/sLmWGxw +T91T+0I+9g+UqMeqR8B2hj950BbfWn6Pu5CRk2voTsYEU2ecejKOWOOrbUnD/5wy +mkSD/1g+T7bgGOHMrSgYWH3Fk7dWNKpGBtQn3cL7fKy+cn4koDW1L3ebxg4zWpFo +l51m3u8DXc9lqUjg9AoqJH1bc9eQPQvJKxd5syU2pkgtHhT2rlSqpRtsKsgRNfBC +qBbK9gtEM3DRUD+EbbEZgwADBQf8CTSksVEUs5svpQlldZERwViUwwVb4TMszKKq +nEti6zu6oMkIDreGzSISDsrWq1WxzUv9IYumwanzkgTpVVfFPxK7samtol8Lol5V +r3Zbil3Q0IGJ9thhitMHRSU3ClhVRZF5QF/MhSzD1j0cXK4Ls0np5DePT3H4tItZ ++OcEhZcDb8k2DMcJW/REuiisWOElwIDM0o0kZyQiy+5QRfE2xancu3n8+wGtwc0N +2Yp/elmIigreu0xuK7HaFOiScUYv00BJa/ZEO2aOkRuiKkdp3oxtz3MIdDYyGbI6 +mL4h+X8079i95yu+L2tUJGHeN5u+X0Hsg9sE6TpVEggQEI30YYhPBBgRAgAPAhsM +BQJbt22dBQkb2aZBAAoJEF/wbym6HgE7rJYAn1gpOMPrFyjezpaYsloAwjSZhu8t +AKCTJlsZByvaTTXjUMyQy2z7tjnVpw== +=4XBU +-----END PGP PUBLIC KEY BLOCK----- diff --git a/debian/usr.sbin.chronyd b/debian/usr.sbin.chronyd new file mode 100644 index 0000000..fc23892 --- /dev/null +++ b/debian/usr.sbin.chronyd @@ -0,0 +1,81 @@ +# Last Modified: Sat Jan 20 10:45:05 2018 +#include <tunables/global> + +/usr/sbin/chronyd flags=(attach_disconnected) { + #include <abstractions/base> + #include <abstractions/nameservice> + + # For /run/chrony to be created + capability chown, + + # Give “root” the ability to read and write the PID file + capability dac_override, + capability dac_read_search, + + # Needed to support HW timestamping + capability net_admin, + + # Needed to allow NTP server sockets to be bound to a privileged port + capability net_bind_service, + + # Needed to allow an NTP socket to be bound to a device using the + # SO_BINDTODEVICE socket option on kernels before 5.7 + capability net_raw, + + # Needed to drop privileges + capability setgid, + capability setuid, + + # Needed to set the SCHED_FIFO real-time scheduler at the specified priority + # using the '-P' option + capability sys_nice, + + # Needed to lock chronyd into RAM + capability sys_resource, + + # Needed to set the system/real-time clock + capability sys_time, + + /usr/sbin/chronyd mr, + + /etc/chrony/{,**} r, + /var/lib/chrony/{,*} rw, + /var/log/chrony/{,*} rw, + @{run}/chrony/{,*} rw, + @{run}/chrony-dhcp/{,*} r, + + # Using the “tempcomp” directive gives chronyd the ability to improve + # the stability and accuracy of the clock by compensating the temperature + # changes measured by a sensor close to the oscillator. + @{sys}/class/hwmon/hwmon[0-9]*/temp[0-9]*_input r, + @{sys}/devices/virtual/thermal/thermal_zone[0-9]*/hwmon[0-9]*/temp[0-9]*_input r, + + # Support all paths suggested in the man page (LP: #1771028). Assume these + # are common use cases; others should be set as local include (see below). + # Configs using a 'chrony.' prefix like the tempcomp config file example + /etc/chrony.* r, + # Example gpsd socket is outside @{run}/chrony/ + @{run}/chrony.tty{,*}.sock rw, + # To sign replies to MS-SNTP clients by the smbd daemon + /var/lib/samba/ntp_signd/socket rw, + + # rtc + /etc/adjtime r, + /dev/rtc{,[0-9]*} rw, + + # gps devices + /dev/pps[0-9]* rw, + /dev/ptp[0-9]* rw, + + # Allow reading the chronyd configuration file that timemaster(8) generates + @{run}/timemaster/chrony.conf r, + + # For use with clocks that report via shared memory (e.g. gpsd), + # you may need to give ntpd access to all of shared memory, though + # this can be considered dangerous. See https://launchpad.net/bugs/722815 + # for details. To enable, add this to local/usr.sbin.chronyd: + # capability ipc_owner, + + # Site-specific additions and overrides. See local/README for details. + #include <local/usr.sbin.chronyd> +} diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..09e7386 --- /dev/null +++ b/debian/watch @@ -0,0 +1,3 @@ +version=4 +opts=pgpsigurlmangle=s/\.tar\.gz$/-tar-gz-asc.txt/ \ +https://download.tuxfamily.org/@PACKAGE@/@PACKAGE@@ANY_VERSION@@ARCHIVE_EXT@ |