LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
23238 Commits
1 Branch
46 MiB
Tree: 6375f73b29
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6375f73b29'
${ noResults }
openwrt-packages-dist/net/chrony/files/chronyd.init

93 lines
2.4 KiB
Raw Normal View History

chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve hotplug and init scripts - fix the init script to read the right config - rework the init script to allow reusing its code in the hotplug script - find wan interfaces in the hotplug script instead of using hardcoded name and set the online/offline status separately for IPv4/IPv6 - allow NTP access on interfaces that are configured after chronyd start - add NTP servers obtained from DHCP, options are specified in a new dhcp_ntp_server config section - start chronyd before the network service, include a patch to always have IP_FREEBIND defined, which seems to be missing with uclibc Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve hotplug and init scripts - fix the init script to read the right config - rework the init script to allow reusing its code in the hotplug script - find wan interfaces in the hotplug script instead of using hardcoded name and set the online/offline status separately for IPv4/IPv6 - allow NTP access on interfaces that are configured after chronyd start - add NTP servers obtained from DHCP, options are specified in a new dhcp_ntp_server config section - start chronyd before the network service, include a patch to always have IP_FREEBIND defined, which seems to be missing with uclibc Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: rework loading of configuration Instead of loading /etc/chrony/chrony.conf from the file generated from the chrony UCI configuration, use the confdir directive in the main config to load the generated file. This should make it obvious that chrony is configured in UCI and it can also be easily disabled. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
4 years ago
chrony: improve configuration Extend configuration of NTP sources in UCI: - Add nts option to enable NTS - Add disabled option to allow inactive sources Add nts section to UCI with: - rtccheck option to disable certificate time checks on systems that don't have an RTC to avoid the chicken-and-egg problem (it is less secure, but still should be better than no NTS at all) - systemcerts option to disable system certificates - trustedcerts option to specify path to trusted certificates Save NTS keys and cookies by default to avoid unnecessary NTS-KE sessions when restarted or switching back to an already used NTS source. Also, save the drift to stabilize the clock after chronyd restart. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
4 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve configuration Extend configuration of NTP sources in UCI: - Add nts option to enable NTS - Add disabled option to allow inactive sources Add nts section to UCI with: - rtccheck option to disable certificate time checks on systems that don't have an RTC to avoid the chicken-and-egg problem (it is less secure, but still should be better than no NTS at all) - systemcerts option to disable system certificates - trustedcerts option to specify path to trusted certificates Save NTS keys and cookies by default to avoid unnecessary NTS-KE sessions when restarted or switching back to an already used NTS source. Also, save the drift to stabilize the clock after chronyd restart. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
4 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve configuration Extend configuration of NTP sources in UCI: - Add nts option to enable NTS - Add disabled option to allow inactive sources Add nts section to UCI with: - rtccheck option to disable certificate time checks on systems that don't have an RTC to avoid the chicken-and-egg problem (it is less secure, but still should be better than no NTS at all) - systemcerts option to disable system certificates - trustedcerts option to specify path to trusted certificates Save NTS keys and cookies by default to avoid unnecessary NTS-KE sessions when restarted or switching back to an already used NTS source. Also, save the drift to stabilize the clock after chronyd restart. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
4 years ago
chrony: improve hotplug and init scripts - fix the init script to read the right config - rework the init script to allow reusing its code in the hotplug script - find wan interfaces in the hotplug script instead of using hardcoded name and set the online/offline status separately for IPv4/IPv6 - allow NTP access on interfaces that are configured after chronyd start - add NTP servers obtained from DHCP, options are specified in a new dhcp_ntp_server config section - start chronyd before the network service, include a patch to always have IP_FREEBIND defined, which seems to be missing with uclibc Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve configuration Extend configuration of NTP sources in UCI: - Add nts option to enable NTS - Add disabled option to allow inactive sources Add nts section to UCI with: - rtccheck option to disable certificate time checks on systems that don't have an RTC to avoid the chicken-and-egg problem (it is less secure, but still should be better than no NTS at all) - systemcerts option to disable system certificates - trustedcerts option to specify path to trusted certificates Save NTS keys and cookies by default to avoid unnecessary NTS-KE sessions when restarted or switching back to an already used NTS source. Also, save the drift to stabilize the clock after chronyd restart. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
4 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve configuration Extend configuration of NTP sources in UCI: - Add nts option to enable NTS - Add disabled option to allow inactive sources Add nts section to UCI with: - rtccheck option to disable certificate time checks on systems that don't have an RTC to avoid the chicken-and-egg problem (it is less secure, but still should be better than no NTS at all) - systemcerts option to disable system certificates - trustedcerts option to specify path to trusted certificates Save NTS keys and cookies by default to avoid unnecessary NTS-KE sessions when restarted or switching back to an already used NTS source. Also, save the drift to stabilize the clock after chronyd restart. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
4 years ago
chrony: improve hotplug and init scripts - fix the init script to read the right config - rework the init script to allow reusing its code in the hotplug script - find wan interfaces in the hotplug script instead of using hardcoded name and set the online/offline status separately for IPv4/IPv6 - allow NTP access on interfaces that are configured after chronyd start - add NTP servers obtained from DHCP, options are specified in a new dhcp_ntp_server config section - start chronyd before the network service, include a patch to always have IP_FREEBIND defined, which seems to be missing with uclibc Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve hotplug and init scripts - fix the init script to read the right config - rework the init script to allow reusing its code in the hotplug script - find wan interfaces in the hotplug script instead of using hardcoded name and set the online/offline status separately for IPv4/IPv6 - allow NTP access on interfaces that are configured after chronyd start - add NTP servers obtained from DHCP, options are specified in a new dhcp_ntp_server config section - start chronyd before the network service, include a patch to always have IP_FREEBIND defined, which seems to be missing with uclibc Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: fix configuration of IPv6 client access Fix the init script to allow access from IPv6 subnets of the interface specified in allow section in /etc/config/chrony. Fixes issue #7039. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
6 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve hotplug and init scripts - fix the init script to read the right config - rework the init script to allow reusing its code in the hotplug script - find wan interfaces in the hotplug script instead of using hardcoded name and set the online/offline status separately for IPv4/IPv6 - allow NTP access on interfaces that are configured after chronyd start - add NTP servers obtained from DHCP, options are specified in a new dhcp_ntp_server config section - start chronyd before the network service, include a patch to always have IP_FREEBIND defined, which seems to be missing with uclibc Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve hotplug and init scripts - fix the init script to read the right config - rework the init script to allow reusing its code in the hotplug script - find wan interfaces in the hotplug script instead of using hardcoded name and set the online/offline status separately for IPv4/IPv6 - allow NTP access on interfaces that are configured after chronyd start - add NTP servers obtained from DHCP, options are specified in a new dhcp_ntp_server config section - start chronyd before the network service, include a patch to always have IP_FREEBIND defined, which seems to be missing with uclibc Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve configuration Extend configuration of NTP sources in UCI: - Add nts option to enable NTS - Add disabled option to allow inactive sources Add nts section to UCI with: - rtccheck option to disable certificate time checks on systems that don't have an RTC to avoid the chicken-and-egg problem (it is less secure, but still should be better than no NTS at all) - systemcerts option to disable system certificates - trustedcerts option to specify path to trusted certificates Save NTS keys and cookies by default to avoid unnecessary NTS-KE sessions when restarted or switching back to an already used NTS source. Also, save the drift to stabilize the clock after chronyd restart. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
4 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: rework loading of configuration Instead of loading /etc/chrony/chrony.conf from the file generated from the chrony UCI configuration, use the confdir directive in the main config to load the generated file. This should make it obvious that chrony is configured in UCI and it can also be easily disabled. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
4 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve hotplug and init scripts - fix the init script to read the right config - rework the init script to allow reusing its code in the hotplug script - find wan interfaces in the hotplug script instead of using hardcoded name and set the online/offline status separately for IPv4/IPv6 - allow NTP access on interfaces that are configured after chronyd start - add NTP servers obtained from DHCP, options are specified in a new dhcp_ntp_server config section - start chronyd before the network service, include a patch to always have IP_FREEBIND defined, which seems to be missing with uclibc Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve hotplug and init scripts - fix the init script to read the right config - rework the init script to allow reusing its code in the hotplug script - find wan interfaces in the hotplug script instead of using hardcoded name and set the online/offline status separately for IPv4/IPv6 - allow NTP access on interfaces that are configured after chronyd start - add NTP servers obtained from DHCP, options are specified in a new dhcp_ntp_server config section - start chronyd before the network service, include a patch to always have IP_FREEBIND defined, which seems to be missing with uclibc Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: rework loading of configuration Instead of loading /etc/chrony/chrony.conf from the file generated from the chrony UCI configuration, use the confdir directive in the main config to load the generated file. This should make it obvious that chrony is configured in UCI and it can also be easily disabled. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
4 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve hotplug and init scripts - fix the init script to read the right config - rework the init script to allow reusing its code in the hotplug script - find wan interfaces in the hotplug script instead of using hardcoded name and set the online/offline status separately for IPv4/IPv6 - allow NTP access on interfaces that are configured after chronyd start - add NTP servers obtained from DHCP, options are specified in a new dhcp_ntp_server config section - start chronyd before the network service, include a patch to always have IP_FREEBIND defined, which seems to be missing with uclibc Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
chrony: improve configuration Extend configuration of NTP sources in UCI: - Add nts option to enable NTS - Add disabled option to allow inactive sources Add nts section to UCI with: - rtccheck option to disable certificate time checks on systems that don't have an RTC to avoid the chicken-and-egg problem (it is less secure, but still should be better than no NTS at all) - systemcerts option to disable system certificates - trustedcerts option to specify path to trusted certificates Save NTS keys and cookies by default to avoid unnecessary NTS-KE sessions when restarted or switching back to an already used NTS source. Also, save the drift to stabilize the clock after chronyd restart. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
4 years ago
chrony: rework loading of configuration Instead of loading /etc/chrony/chrony.conf from the file generated from the chrony UCI configuration, use the confdir directive in the main config to load the generated file. This should make it obvious that chrony is configured in UCI and it can also be easily disabled. Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
4 years ago
chrony: import from oldpackages Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
9 years ago
 
  1. #!/bin/sh /etc/rc.common
  2. # Copyright (C) 2006-2015 OpenWrt.org
  3. 

  4. START=15
  5. USE_PROCD=1
  6. PROG=/usr/sbin/chronyd
  7. CONFIGFILE=/etc/chrony/chrony.conf
  8. INCLUDEFILE=/var/etc/chrony.d/10-uci.conf
  9. RTCDEVICE=/dev/rtc0
  10. 

  11. handle_source() {
  12. 	local cfg=$1 sourcetype=$2 disabled hostname minpoll maxpoll iburst nts
  13. 

  14. 	config_get_bool disabled "$cfg" disabled 0
  15. 	[ "$disabled" = "1" ] && return
  16. 	hostname=$NTP_SOURCE_HOSTNAME
  17. 	[ -z "$hostname" ] && config_get hostname "$cfg" hostname
  18. 	[ -z "$hostname" ] && return
  19. 	config_get minpoll "$cfg" minpoll
  20. 	config_get maxpoll "$cfg" maxpoll
  21. 	config_get_bool iburst "$cfg" iburst 0
  22. 	config_get_bool nts "$cfg" nts 0
  23. 	echo $(
  24. 		echo $sourcetype $hostname
  25. 		[ -n "$minpoll" ] && echo minpoll $minpoll
  26. 		[ -n "$maxpoll" ] && echo maxpoll $maxpoll
  27. 		[ "$iburst" = "1" ] && echo iburst
  28. 		[ "$nts" = "1" ] && echo nts
  29. 	)
  30. }
  31. 

  32. handle_allow() {
  33. 	local cfg=$1 iface wan_iface wan6_iface subnet subnets subnets6
  34. 

  35. 	network_find_wan wan_iface true
  36. 	network_find_wan6 wan6_iface true
  37. 	config_get iface "$cfg" interface
  38. 

  39. 	if [ "$wan_iface" = "$iface" ]; then
  40. 		echo allow 0/0
  41. 	elif [ "$wan6_iface" = "$iface" ]; then
  42. 		echo allow ::/0
  43. 	else
  44. 		network_get_subnets subnets $iface
  45. 		network_get_subnets6 subnets6 $iface
  46. 		for subnet in $subnets $subnets6; do
  47. 			echo allow $subnet
  48. 		done
  49. 	fi
  50. }
  51. 

  52. handle_makestep() {
  53. 	local cfg=$1 threshold limit
  54. 

  55. 	config_get threshold "$cfg" threshold
  56. 	config_get limit "$cfg" limit
  57. 	[ -z "$threshold" -o -z "$limit" ] && return
  58. 	echo makestep $threshold $limit
  59. }
  60. 

  61. handle_nts() {
  62. 	local cfg=$1 threshold limit
  63. 

  64. 	config_get_bool rtccheck "$cfg" rtccheck 0
  65. 	config_get_bool systemcerts "$cfg" systemcerts 1
  66. 	config_get trustedcerts "$cfg" trustedcerts
  67. 	# Disable certificate time checks if no RTC is present
  68. 	[ "$rtccheck" = "1" ] && ! [ -c $RTCDEVICE ] && echo nocerttimecheck 1
  69. 	[ "$systemcerts" = "0" ] && echo nosystemcert
  70. 	[ -n "$trustedcerts" ] && echo ntstrustedcerts "$trustedcerts"
  71. }
  72. 

  73. start_service() {
  74. 	. /lib/functions/network.sh
  75. 

  76. 	procd_open_instance
  77. 	procd_set_param command $PROG -n
  78. 	procd_set_param file $CONFIGFILE
  79. 	procd_set_param file $INCLUDEFILE
  80. 	procd_close_instance
  81. 

  82. 	config_load chrony
  83. 	mkdir -p $(dirname $INCLUDEFILE)
  84. 

  85. 	(
  86. 		config_foreach handle_source server server
  87. 		config_foreach handle_source pool pool
  88. 		config_foreach handle_source peer peer
  89. 		config_foreach handle_allow allow
  90. 		config_foreach handle_makestep makestep
  91. 		config_foreach handle_nts nts
  92. 	) > $INCLUDEFILE
  93. }