[Astlinux-commits] SF.net SVN: astlinux:[7991] branches/1.0/package/ntp

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 7991
          http://sourceforge.net/p/astlinux/code/7991
Author:   abelbeck
Date:     2016-11-26 23:45:28 +0000 (Sat, 26 Nov 2016)
Log Message:
-----------
ntp, now require libcap support so ntpd can be run as user 'ntp' as a security measure.  The standard drift file is now /var/lib/ntp/ntpd.drift

Modified Paths:
--------------
    branches/1.0/package/ntp/Config.in
    branches/1.0/package/ntp/ntp.mk
    branches/1.0/package/ntp/ntpd.init

Modified: branches/1.0/package/ntp/Config.in
===================================================================

--- branches/1.0/package/ntp/Config.in	2016-11-26 22:50:11 UTC (rev 7990)
+++ branches/1.0/package/ntp/Config.in	2016-11-26 23:45:28 UTC (rev 7991)
@@ -1,5 +1,6 @@
 config BR2_PACKAGE_NTP
 	bool "ntp"
+	select BR2_PACKAGE_LIBCAP
 	help
 	  Network Time Protocol suite/programs.
 	  Provides things like ntpd, ntpdate, ntpq, etc...

Modified: branches/1.0/package/ntp/ntp.mk
===================================================================
--- branches/1.0/package/ntp/ntp.mk	2016-11-26 22:50:11 UTC (rev 7990)
+++ branches/1.0/package/ntp/ntp.mk	2016-11-26 23:45:28 UTC (rev 7991)
@@ -6,12 +6,13 @@
 NTP_VERSION = 4.2.8p9
 NTP_SOURCE = ntp-$(NTP_VERSION).tar.gz
 NTP_SITE = https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2
-NTP_DEPENDENCIES = host-bison host-flex host-pkg-config
+NTP_DEPENDENCIES = host-bison host-flex host-pkg-config libcap
 
 NTP_CONF_OPT = \
 	--with-shared \
 	--program-transform-name=s,,, \
 	--with-yielding-select=yes \
+	--enable-linuxcaps \
 	--disable-debugging \
 	--disable-ipv6 \
 	--without-ntpsnmpd
@@ -29,11 +30,6 @@
 NTP_CONF_OPT += --without-crypto
 endif
 
-ifeq ($(BR2_PACKAGE_LIBCAP),y)
-NTP_CONF_OPT += --enable-linuxcaps
-NTP_DEPENDENCIES += libcap
-endif
-
 NTP_INSTALL_FILES_$(BR2_PACKAGE_NTP_NTP_KEYGEN) += util/ntp-keygen
 NTP_INSTALL_FILES_$(BR2_PACKAGE_NTP_NTP_WAIT) += scripts/ntp-wait/ntp-wait
 NTP_INSTALL_FILES_$(BR2_PACKAGE_NTP_NTPDATE) += ntpdate/ntpdate

Modified: branches/1.0/package/ntp/ntpd.init
===================================================================
--- branches/1.0/package/ntp/ntpd.init	2016-11-26 22:50:11 UTC (rev 7990)
+++ branches/1.0/package/ntp/ntpd.init	2016-11-26 23:45:28 UTC (rev 7991)
@@ -7,6 +7,11 @@
   # So sntp doesn't complain
   touch /var/db/ntp-kod
 
+  if [ ! -d /var/lib/ntp ]; then
+    mkdir -m 0700 -p /var/lib/ntp
+    chown ntp:ntp /var/lib/ntp
+  fi
+
   if [ -f /mnt/kd/ntpd.conf ]; then
     ln -sf /mnt/kd/ntpd.conf /tmp/etc/ntpd.conf
   else
@@ -16,7 +21,7 @@
     echo "# Autogenerated.  Do not edit.
 
 pidfile /var/run/ntpd.pid
-driftfile /var/db/ntpd.drift
+driftfile /var/lib/ntp/ntpd.drift
 
 restrict default noquery nopeer notrap nomodify
 restrict 127.0.0.1" > /tmp/etc/ntpd.conf
@@ -69,7 +74,7 @@
         fi
         sleep 1
         # Maintain the clock (small changes)
-        ntpd $NTPAF -g -c /etc/ntpd.conf
+        ntpd $NTPAF -u ntp:ntp -g -c /etc/ntpd.conf
       elif ( set -o noclobber; echo "$$" > /var/lock/ntpd-delayed.lock ) 2>/dev/null; then
         echo "ntpd: server unreachable, will automatically retry in 2 minutes"
         (

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



