| %global _hardened_build 1 |
| %global prerelease -pre1 |
| %global clknetsim_ver ce89a1 |
| %bcond_without debug |
| |
| Name: chrony |
| Version: 3.1 |
| Release: 0.1.pre1%{?dist} |
| Summary: An NTP client/server |
| |
| Group: System Environment/Daemons |
| License: GPLv2 |
| URL: https://chrony.tuxfamily.org |
| Source0: https://download.tuxfamily.org/chrony/chrony-%{version}%{?prerelease}.tar.gz |
| Source1: chrony.dhclient |
| Source2: chrony.helper |
| Source3: chrony-dnssrv@.service |
| Source4: chrony-dnssrv@.timer |
| |
| Source10: https://github.com/mlichvar/clknetsim/archive/%{clknetsim_ver}/clknetsim-%{clknetsim_ver}.tar.gz |
| %{?gitpatch:Patch0: chrony-%{version}%{?prerelease}-%{gitpatch}.patch.gz} |
| |
| |
| Patch1: chrony-service-helper.patch |
| |
| BuildRequires: libcap-devel libedit-devel nss-devel pps-tools-devel |
| %ifarch %{ix86} x86_64 %{arm} aarch64 mipsel mips64el ppc64 ppc64le s390 s390x |
| BuildRequires: libseccomp-devel |
| %endif |
| BuildRequires: bison systemd-units |
| |
| Requires(pre): shadow-utils |
| Requires(post): systemd |
| Requires(preun): systemd |
| Requires(postun): systemd |
| |
| |
| %if 0%{?fedora} >= 24 || 0%{?rhel} >= 8 |
| Recommends: timedatex |
| %else |
| %if 0%{?fedora} >= 22 |
| Requires: timedatex |
| %endif |
| %endif |
| |
| %description |
| A client/server for the Network Time Protocol, this program keeps your |
| computer's clock accurate. It was specially designed to support |
| systems with intermittent internet connections, but it also works well |
| in permanently connected environments. It can use also hardware reference |
| clocks, system real-time clock or manual input as time references. |
| |
| %if 0%{!?vendorzone:1} |
| %{?fedora: %global vendorzone fedora.} |
| %{?rhel: %global vendorzone rhel.} |
| %endif |
| |
| %prep |
| %setup -q -n %{name}-%{version}%{?prerelease} -a 10 |
| %{?gitpatch:%patch0 -p1} |
| %patch1 -p1 -b .service-helper |
| |
| %{?gitpatch: echo %{version}-%{gitpatch} > version.txt} |
| |
| |
| md5sum -c <<-EOF | (! grep -v 'OK$') |
| befa1539d00fd6f2ac52a08f098c9b77 examples/chrony-wait.service |
| 5d29f7cefeffe28aafdf017fa8fb51dc examples/chrony.conf.example2 |
| ba6bb05c50e03f6b5ab54a2b7914800d examples/chrony.keys.example |
| 6a3178c4670de7de393d9365e2793740 examples/chrony.logrotate |
| 298b7f611078aa0176aad58e936c7b0d examples/chrony.nm-dispatcher |
| b347cbf0b4ba3ba9995f2f8930667e8f examples/chronyd.service |
| EOF |
| |
| |
| sed -e 's|^\(pool \)\(pool.ntp.org\)|\12.%{vendorzone}\2|' \ |
| < examples/chrony.conf.example2 > chrony.conf |
| |
| touch -r examples/chrony.conf.example2 chrony.conf |
| |
| |
| rm -f getdate.c |
| |
| mv clknetsim-%{clknetsim_ver}* test/simulation/clknetsim |
| |
| %build |
| %configure \ |
| %{?with_debug: --enable-debug} \ |
| --enable-ntp-signd \ |
| --enable-scfilter \ |
| --docdir=%{_docdir} \ |
| --with-ntp-era=$(date -d '1970-01-01 00:00:00+00:00' +'%s') \ |
| --with-user=chrony \ |
| --with-hwclockfile=%{_sysconfdir}/adjtime \ |
| --with-sendmail=%{_sbindir}/sendmail |
| make %{?_smp_mflags} |
| |
| %install |
| make install DESTDIR=$RPM_BUILD_ROOT |
| |
| rm -rf $RPM_BUILD_ROOT%{_docdir} |
| |
| mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/{sysconfig,logrotate.d} |
| mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/{lib,log}/chrony |
| mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/NetworkManager/dispatcher.d |
| mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/dhcp/dhclient.d |
| mkdir -p $RPM_BUILD_ROOT%{_libexecdir} |
| mkdir -p $RPM_BUILD_ROOT{%{_unitdir},%{_prefix}/lib/systemd/ntp-units.d} |
| |
| install -m 644 -p chrony.conf $RPM_BUILD_ROOT%{_sysconfdir}/chrony.conf |
| |
| install -m 640 -p examples/chrony.keys.example \ |
| $RPM_BUILD_ROOT%{_sysconfdir}/chrony.keys |
| install -m 755 -p examples/chrony.nm-dispatcher \ |
| $RPM_BUILD_ROOT%{_sysconfdir}/NetworkManager/dispatcher.d/20-chrony |
| install -m 755 -p %{SOURCE1} \ |
| $RPM_BUILD_ROOT%{_sysconfdir}/dhcp/dhclient.d/chrony.sh |
| install -m 644 -p examples/chrony.logrotate \ |
| $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/chrony |
| |
| install -m 644 -p examples/chronyd.service \ |
| $RPM_BUILD_ROOT%{_unitdir}/chronyd.service |
| install -m 644 -p examples/chrony-wait.service \ |
| $RPM_BUILD_ROOT%{_unitdir}/chrony-wait.service |
| install -m 644 -p %{SOURCE3} $RPM_BUILD_ROOT%{_unitdir}/chrony-dnssrv@.service |
| install -m 644 -p %{SOURCE4} $RPM_BUILD_ROOT%{_unitdir}/chrony-dnssrv@.timer |
| |
| install -m 755 -p %{SOURCE2} $RPM_BUILD_ROOT%{_libexecdir}/chrony-helper |
| |
| cat > $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/chronyd <<EOF |
| |
| OPTIONS="" |
| EOF |
| |
| touch $RPM_BUILD_ROOT%{_localstatedir}/lib/chrony/{drift,rtc} |
| |
| echo 'chronyd.service' > \ |
| $RPM_BUILD_ROOT%{_prefix}/lib/systemd/ntp-units.d/50-chronyd.list |
| |
| %check |
| |
| export CLKNETSIM_RANDOM_SEED=24502 |
| make %{?_smp_mflags} -C test/simulation/clknetsim |
| make check |
| |
| %pre |
| getent group chrony > /dev/null || /usr/sbin/groupadd -r chrony |
| getent passwd chrony > /dev/null || /usr/sbin/useradd -r -g chrony \ |
| -d %{_localstatedir}/lib/chrony -s /sbin/nologin chrony |
| : |
| |
| %post |
| %systemd_post chronyd.service chrony-wait.service |
| |
| %preun |
| %systemd_preun chronyd.service chrony-wait.service |
| |
| %postun |
| %systemd_postun_with_restart chronyd.service |
| |
| %files |
| %{!?_licensedir:%global license %%doc} |
| %license COPYING |
| %doc FAQ NEWS README |
| %config(noreplace) %{_sysconfdir}/chrony.conf |
| %config(noreplace) %verify(not md5 size mtime) %attr(640,root,chrony) %{_sysconfdir}/chrony.keys |
| %config(noreplace) %{_sysconfdir}/logrotate.d/chrony |
| %config(noreplace) %{_sysconfdir}/sysconfig/chronyd |
| %{_sysconfdir}/NetworkManager/dispatcher.d/20-chrony |
| %{_sysconfdir}/dhcp/dhclient.d/chrony.sh |
| %{_bindir}/chronyc |
| %{_sbindir}/chronyd |
| %{_libexecdir}/chrony-helper |
| %{_prefix}/lib/systemd/ntp-units.d/*.list |
| %{_unitdir}/chrony*.service |
| %{_unitdir}/chrony*.timer |
| %{_mandir}/man[158]/%{name}*.[158]* |
| %dir %attr(-,chrony,chrony) %{_localstatedir}/lib/chrony |
| %ghost %attr(-,chrony,chrony) %{_localstatedir}/lib/chrony/drift |
| %ghost %attr(-,chrony,chrony) %{_localstatedir}/lib/chrony/rtc |
| %dir %attr(-,chrony,chrony) %{_localstatedir}/log/chrony |
| |
| %changelog |
| * Tue Jan 24 2017 Miroslav Lichvar <mlichvar@redhat.com> 3.1-0.1.pre1 |
| - update to 3.1-pre1 |
| |
| * Mon Jan 16 2017 Miroslav Lichvar <mlichvar@redhat.com> 3.0-1 |
| - update to 3.0 |
| |
| * Fri Jan 06 2017 Miroslav Lichvar <mlichvar@redhat.com> 3.0-0.3.pre3 |
| - update to 3.0-pre3 |
| |
| * Thu Dec 15 2016 Miroslav Lichvar <mlichvar@redhat.com> 3.0-0.2.pre2 |
| - update to 3.0-pre2 |
| - enable support for MS-SNTP authentication in Samba |
| |
| * Fri Dec 09 2016 Miroslav Lichvar <mlichvar@redhat.com> 3.0-0.1.pre1 |
| - update to 3.0-pre1 |
| |
| * Mon Nov 21 2016 Miroslav Lichvar <mlichvar@redhat.com> 2.4.1-1 |
| - update to 2.4.1 |
| |
| * Thu Oct 27 2016 Miroslav Lichvar <mlichvar@redhat.com> 2.4-4 |
| - avoid AVC denials in chrony-wait service ( |
| |
| * Tue Sep 13 2016 Miroslav Lichvar <mlichvar@redhat.com> 2.4-3 |
| - fix chrony-helper to escape names of systemd units ( |
| |
| * Tue Jun 28 2016 Miroslav Lichvar <mlichvar@redhat.com> 2.4-2 |
| - fix chrony-helper to exit with correct status ( |
| |
| * Tue Jun 07 2016 Miroslav Lichvar <mlichvar@redhat.com> 2.4-1 |
| - update to 2.4 |
| - don't require info |
| |
| * Mon May 16 2016 Miroslav Lichvar <mlichvar@redhat.com> 2.4-0.1.pre1 |
| - update to 2.4-pre1 |
| - extend chrony-helper to allow management of static sources ( |
| |
| * Tue Feb 16 2016 Miroslav Lichvar <mlichvar@redhat.com> 2.3-1 |
| - update to 2.3 |
| |
| * Tue Feb 02 2016 Miroslav Lichvar <mlichvar@redhat.com> 2.3-0.1.pre1 |
| - update to 2.3-pre1 |
| |
| * Thu Jan 21 2016 Miroslav Lichvar <mlichvar@redhat.com> 2.2.1-1 |
| - update to 2.2.1 (CVE-2016-1567) |
| - set NTP era split explicitly |
| |
| * Mon Oct 19 2015 Miroslav Lichvar <mlichvar@redhat.com> 2.2-1 |
| - update to 2.2 |
| |
| * Fri Oct 09 2015 Miroslav Lichvar <mlichvar@redhat.com> 2.2-0.2.pre2 |
| - update to 2.2-pre2 |
| - require libseccomp-devel on supported archs only |
| |
| * Fri Oct 02 2015 Miroslav Lichvar <mlichvar@redhat.com> 2.2-0.1.pre1 |
| - update to 2.2-pre1 |
| - enable seccomp support |
| - use weak dependency for timedatex on Fedora 24 and later |
| |
| * Tue Jun 23 2015 Miroslav Lichvar <mlichvar@redhat.com> 2.1.1-1 |
| - update to 2.1.1 |
| - add -n option to gzip command to not save timestamp |
| |
| * Mon Jun 22 2015 Miroslav Lichvar <mlichvar@redhat.com> 2.1-1 |
| - update to 2.1 |
| - extend chrony-helper to allow using servers from DNS SRV records ( |
| - set random seed in testing to get deterministic results |
| |
| * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1-0.2.pre1 |
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild |
| |
| * Wed Jun 10 2015 Miroslav Lichvar <mlichvar@redhat.com> 2.1-0.1.pre1 |
| - update to 2.1-pre1 |
| |
| * Mon Apr 27 2015 Miroslav Lichvar <mlichvar@redhat.com> 2.0-1 |
| - update to 2.0 |
| |
| * Wed Apr 08 2015 Miroslav Lichvar <mlichvar@redhat.com> 2.0-0.3.pre2 |
| - update to 2.0-pre2 (CVE-2015-1853 CVE-2015-1821 CVE-2015-1822) |
| |
| * Thu Jan 29 2015 Miroslav Lichvar <mlichvar@redhat.com> 2.0-0.2.pre1 |
| - require timedatex ( |
| |
| * Tue Jan 27 2015 Miroslav Lichvar <mlichvar@redhat.com> 2.0-0.1.pre1 |
| - update to 2.0-pre1 |
| |
| * Thu Sep 11 2014 Miroslav Lichvar <mlichvar@redhat.com> 1.31-1 |
| - update to 1.31 |
| - add servers from DHCP with iburst option by default |
| - use upstream configuration files and scripts |
| - don't package configuration examples |
| - compress chrony.txt |
| |
| * Thu Aug 21 2014 Miroslav Lichvar <mlichvar@redhat.com> 1.31-0.1.pre1 |
| - update to 1.31-pre1 |
| - use license macro if available |
| |
| * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.30-3 |
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild |
| |
| * Fri Aug 15 2014 Miroslav Lichvar <mlichvar@redhat.com> 1.30-2 |
| - reconnect client sockets ( |
| |
| * Tue Jul 01 2014 Miroslav Lichvar <mlichvar@redhat.com> 1.30-1 |
| - update to 1.30 |
| - enable debug messages |
| |
| * Mon Jun 09 2014 Miroslav Lichvar <mlichvar@redhat.com> 1.30-0.1.pre1 |
| - update to 1.30-pre1 |
| - execute test suite |
| - avoid calling systemctl in helper script |
| - call chronyc directly from logrotate and NM dispatcher scripts |
| - add conflict with systemd-timesyncd service |
| |
| * Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.29.1-2 |
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild |
| |
| * Fri Jan 31 2014 Miroslav Lichvar <mlichvar@redhat.com> 1.29.1-1 |
| - update to 1.29.1 (CVE-2014-0021) |
| - replace hardening build flags with _hardened_build |
| |
| * Tue Nov 19 2013 Miroslav Lichvar <mlichvar@redhat.com> 1.29-3 |
| - let systemd remove pid file ( |
| |
| * Thu Oct 03 2013 Miroslav Lichvar <mlichvar@redhat.com> 1.29-2 |
| - add ordering dependency to not start chronyd before ntpd stopped |
| |
| * Thu Aug 08 2013 Miroslav Lichvar <mlichvar@redhat.com> 1.29-1 |
| - update to 1.29 (CVE-2012-4502, CVE-2012-4503) |
| |
| * Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.28-2 |
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild |
| |
| * Wed Jul 17 2013 Miroslav Lichvar <mlichvar@redhat.com> 1.28-1 |
| - update to 1.28 |
| - change default makestep limit to 10 seconds |
| |
| * Mon Jun 24 2013 Miroslav Lichvar <mlichvar@redhat.com> 1.28-0.2.pre1 |
| - buildrequire systemd-units |
| |
| * Fri Jun 21 2013 Miroslav Lichvar <mlichvar@redhat.com> 1.28-0.1.pre1 |
| - update to 1.28-pre1 |
| - listen for commands only on localhost by default |
| |
| * Thu May 09 2013 Miroslav Lichvar <mlichvar@redhat.com> 1.27-3 |
| - disable chrony-wait service by default ( |
| - drop old systemd scriptlets |
| - don't own ntp-units.d directory |
| - move files from /lib |
| - remove unncessary dependency on syslog target |
| |
| * Tue Mar 12 2013 Miroslav Lichvar <mlichvar@redhat.com> 1.27-2 |
| - suppress error messages from tr when generating key ( |
| - fix delta calculation with extreme frequency offsets |
| |
| * Fri Feb 01 2013 Miroslav Lichvar <mlichvar@redhat.com> 1.27-1 |
| - update to 1.27 |
| - start chrony-wait service with chronyd |
| - start chronyd service after sntp |
| - remove obsolete macros |
| |
| * Tue Sep 11 2012 Miroslav Lichvar <mlichvar@redhat.com> 1.27-0.5.pre1.git1ca844 |
| - update to git snapshot 1ca844 |
| - update systemd integration ( |
| - use systemd macros if available ( |
| - use correct vendor pool.ntp.org zone on RHEL ( |
| - don't log output of chrony-wait service |
| |
| * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.27-0.4.pre1 |
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild |
| |
| * Fri Apr 27 2012 Miroslav Lichvar <mlichvar@redhat.com> 1.27-0.3.pre1 |
| - update service file for systemd-timedated-ntp target ( |
| |
| * Fri Apr 06 2012 Miroslav Lichvar <mlichvar@redhat.com> 1.27-0.2.pre1 |
| use systemctl is-active instead of status in chrony-helper ( |
| |
| * Tue Feb 28 2012 Miroslav Lichvar <mlichvar@redhat.com> 1.27-0.1.pre1 |
| - update to 1.27-pre1 |
| - generate SHA1 command key instead of MD5 |
| |
| * Wed Feb 15 2012 Miroslav Lichvar <mlichvar@redhat.com> 1.26-6.20110831gitb088b7 |
| - remove old servers on DHCP update ( |
| |
| * Fri Feb 10 2012 Miroslav Lichvar <mlichvar@redhat.com> 1.26-5.20110831gitb088b7 |
| - improve chrony-helper to keep track of servers added from DHCP ( |
| - fix dhclient script to always return with zero exit code ( |
| |
| * Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.26-4.20110831gitb088b7 |
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild |
| |
| * Tue Sep 06 2011 Miroslav Lichvar <mlichvar@redhat.com> 1.26-3.20110831gitb088b7 |
| - update to git snapshot 20110831gitb088b7 |
| - on first start generate password with 16 chars |
| - change systemd service type to forking |
| - add forced-command to chrony-helper ( |
| |
| * Mon Aug 15 2011 Miroslav Lichvar <mlichvar@redhat.com> 1.26-2 |
| - fix iburst with very high jitters and long delays |
| - use timepps header from pps-tools-devel |
| |
| * Wed Jul 13 2011 Miroslav Lichvar <mlichvar@redhat.com> 1.26-1 |
| - update to 1.26 |
| - read options from sysconfig file if it exists |
| |
| * Fri Jun 24 2011 Miroslav Lichvar <mlichvar@redhat.com> 1.26-0.1.pre1 |
| - update to 1.26-pre1 |
| - fix service name in %%triggerun |
| - drop SysV init script |
| - add chrony-wait service |
| |
| * Fri May 06 2011 Bill Nottingham <notting@redhat.com> 1.25-2 |
| - fix systemd scriptlets for the upgrade case |
| |
| * Wed May 04 2011 Miroslav Lichvar <mlichvar@redhat.com> 1.25-1 |
| - update to 1.25 |
| |
| * Wed Apr 20 2011 Miroslav Lichvar <mlichvar@redhat.com> 1.25-0.3.pre2 |
| - update to 1.25-pre2 |
| - link with -Wl,-z,relro,-z,now options |
| |
| * Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.25-0.2.pre1 |
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild |
| |
| * Tue Feb 01 2011 Miroslav Lichvar <mlichvar@redhat.com> 1.25-0.1.pre1 |
| - update to 1.25-pre1 |
| - use iburst, four pool servers, rtcsync, stratumweight in default config |
| - add systemd support |
| - drop sysconfig file |
| - suppress install-info errors |
| |
| * Thu Apr 29 2010 Miroslav Lichvar <mlichvar@redhat.com> 1.24-4.20100428git73d775 |
| - update to 20100428git73d775 |
| - replace initstepslew directive with makestep in default config |
| - add NetworkManager dispatcher script |
| - add dhclient script |
| - retry server/peer name resolution at least once to workaround |
| NetworkManager race condition on boot |
| - don't verify chrony.keys |
| |
| * Fri Mar 12 2010 Miroslav Lichvar <mlichvar@redhat.com> 1.24-3.20100302git5fb555 |
| - update to snapshot 20100302git5fb555 |
| - compile with PPS API support |
| |
| * Thu Feb 04 2010 Miroslav Lichvar <mlichvar@redhat.com> 1.24-1 |
| - update to 1.24 ( |
| - modify default config |
| - step clock on start if it is off by more than 100 seconds |
| - disable client log |
| - build with -fPIE on sparc |
| |
| * Tue Dec 15 2009 Miroslav Lichvar <mlichvar@redhat.com> 1.24-0.1.pre1 |
| - update to 1.24-pre1 |
| |
| * Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.23-7.20081106gitbe42b4 |
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild |
| |
| * Fri Jul 17 2009 Miroslav Lichvar <mlichvar@redhat.com> 1.23-6.20081106gitbe42b4 |
| - switch to editline |
| - support arbitrary chronyc commands in init script |
| |
| * Mon Jun 08 2009 Dan Horak <dan[at]danny.cz> 1.23-5.20081106gitbe42b4 |
| - add patch with support for s390/s390x |
| |
| * Mon Mar 09 2009 Miroslav Lichvar <mlichvar@redhat.com> 1.23-4.20081106gitbe42b4 |
| - fix building with broken libcap header ( |
| |
| * Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.23-3.20081106gitbe42b4 |
| - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild |
| |
| * Wed Nov 19 2008 Miroslav Lichvar <mlichvar@redhat.com> 1.23-2.20081106gitbe42b4 |
| - fix info uninstall |
| - generate random command key in init script |
| - support cyclelogs, online, offline commands in init script |
| - add logrotate script |
| |
| * Tue Nov 11 2008 Miroslav Lichvar <mlichvar@redhat.com> 1.23-1.20081106gitbe42b4 |
| - initial release |