commit: 839ee317aeb7166949a75c17997ada40fca2d74c
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Sun Feb 25 17:18:40 2018 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Sun Feb 25 17:19:01 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=839ee317
net-misc/ntpsec: improve out-of-box configuration
Package-Manager: Portage-2.3.19, Repoman-2.3.6
net-misc/ntpsec/files/ntp.conf | 21 +++++++++++++++++++
net-misc/ntpsec/files/ntpd.confd | 5 +----
net-misc/ntpsec/files/{ntpd.rc-r1 => ntpd.rc-r2} | 2 +-
...psec-1.0.0-r2.ebuild => ntpsec-1.0.0-r3.ebuild} | 24 +++++++++++++---------
net-misc/ntpsec/ntpsec-9999.ebuild | 24 +++++++++++++---------
5 files changed, 51 insertions(+), 25 deletions(-)
diff --git a/net-misc/ntpsec/files/ntp.conf b/net-misc/ntpsec/files/ntp.conf
new file mode 100644
index 00000000000..e8d68d2ba9b
--- /dev/null
+++ b/net-misc/ntpsec/files/ntp.conf
@@ -0,0 +1,21 @@
+# This is a Gentoo specific configuration file so ntpsec
+# works out of the box as a client. Upstream configuration
+# can be found in /etc/ntp.d/, but these are not used by
+# this file. They are provided as a guide to more complex
+# configurations. For more information on how to configure
+# ntpsec see https://docs.ntpsec.org/latest/
+
+# Pools for Gentoo users
+pool 0.gentoo.pool.ntp.org
+pool 1.gentoo.pool.ntp.org
+pool 2.gentoo.pool.ntp.org
+pool 3.gentoo.pool.ntp.org
+
+# These are the restrictions most people want
+restrict default kod limited nomodify nopeer noquery
+restrict -6 default kod limited nomodify nopeer noquery
+restrict 127.0.0.1
+restrict -6 ::1
+
+# Don't change this location.
+driftfile /var/lib/ntp/ntp.drift
diff --git a/net-misc/ntpsec/files/ntpd.confd b/net-misc/ntpsec/files/ntpd.confd
index 92c553a6261..50c1aac6066 100644
--- a/net-misc/ntpsec/files/ntpd.confd
+++ b/net-misc/ntpsec/files/ntpd.confd
@@ -1,7 +1,4 @@
# /etc/conf.d/ntpd
-# Options to pass to the ntpd process
-# Most people should leave this line alone ...
-# however, if you know what you're doing, feel free to tweak
-#NTPD_OPTS="-g -n -u ntp:ntp"
+# Most people should leave this line alone.
NTPD_OPTS="-g -u ntp:ntp"
diff --git a/net-misc/ntpsec/files/ntpd.rc-r1 b/net-misc/ntpsec/files/ntpd.rc-r2
similarity index 94%
rename from net-misc/ntpsec/files/ntpd.rc-r1
rename to net-misc/ntpsec/files/ntpd.rc-r2
index dbe76c85e53..13fcbdd092d 100644
--- a/net-misc/ntpsec/files/ntpd.rc-r1
+++ b/net-misc/ntpsec/files/ntpd.rc-r2
@@ -4,7 +4,7 @@
# $Id$
description="ntpd - the network time protocol daemon"
-pidfile="/var/run/ntpd.pid"
+pidfile="/run/ntpd.pid"
command="/usr/sbin/ntpd"
command_args="-p ${pidfile} ${NTPD_OPTS}"
start_stop_daemon_args="--pidfile ${pidfile}"
diff --git a/net-misc/ntpsec/ntpsec-1.0.0-r2.ebuild
b/net-misc/ntpsec/ntpsec-1.0.0-r3.ebuild
similarity index 83%
rename from net-misc/ntpsec/ntpsec-1.0.0-r2.ebuild
rename to net-misc/ntpsec/ntpsec-1.0.0-r3.ebuild
index 46136f2fa0e..ab3302255ec 100644
--- a/net-misc/ntpsec/ntpsec-1.0.0-r2.ebuild
+++ b/net-misc/ntpsec/ntpsec-1.0.0-r3.ebuild
@@ -118,21 +118,25 @@ src_install() {
python_foreach_impl run_in_build_dir python_install
# Install heat generating scripts
- use heat && dosbin "${S}/contrib/ntpheat"{,usb}
+ use heat && dosbin "${S}"/contrib/ntpheat{,usb}
# Install the openrc files
- newinitd "${FILESDIR}/ntpd.rc-r1" "ntp"
- newconfd "${FILESDIR}/ntpd.confd" "ntp"
+ newinitd "${FILESDIR}"/ntpd.rc-r2 ntp
+ newconfd "${FILESDIR}"/ntpd.confd ntp
# Install the systemd unit file
- systemd_newunit "${FILESDIR}/ntpd.service" ntpd.service
+ systemd_newunit "${FILESDIR}"/ntpd.service ntpd.service
+
+ # Prepare a directory for the ntp.drift file
+ mkdir -pv "${ED}"/var/lib/ntp
+ chown ntp:ntp "${ED}"/var/lib/ntp
+ chmod 770 "${ED}"/var/lib/ntp
# Install a log rotate script
- mkdir -pv "${ED}/etc/"logrotate.d
- cp -v "${S}/etc/logrotate-config.ntpd" "${ED}/etc/logrotate.d/ntpd"
+ mkdir -pv "${ED}"/etc/logrotate.d
+ cp -v "${S}"/etc/logrotate-config.ntpd "${ED}"/etc/logrotate.d/ntpd
- # Install the configuration files
- cp -Rv "${S}/etc/ntp.d/" "${ED}/etc/"
- mv -v "${ED}/etc/ntp.d/default.conf" "${ED}/etc/ntp.conf"
- sed "s|includefile |includefile ntp.d/|" -i "${ED}/etc/ntp.conf"
+ # Install the configuration file and sample configuration
+ cp -v "${FILESDIR}"/ntp.conf "${ED}"/etc/ntp.conf
+ cp -Rv "${S}"/etc/ntp.d/ "${ED}"/etc/
}
diff --git a/net-misc/ntpsec/ntpsec-9999.ebuild
b/net-misc/ntpsec/ntpsec-9999.ebuild
index 8263e59187f..a565abf1c84 100644
--- a/net-misc/ntpsec/ntpsec-9999.ebuild
+++ b/net-misc/ntpsec/ntpsec-9999.ebuild
@@ -117,21 +117,25 @@ src_install() {
python_foreach_impl run_in_build_dir python_install
# Install heat generating scripts
- use heat && dosbin "${S}/contrib/ntpheat"{,usb}
+ use heat && dosbin "${S}"/contrib/ntpheat{,usb}
# Install the openrc files
- newinitd "${FILESDIR}/ntpd.rc-r1" "ntp"
- newconfd "${FILESDIR}/ntpd.confd" "ntp"
+ newinitd "${FILESDIR}"/ntpd.rc-r2 ntp
+ newconfd "${FILESDIR}"/ntpd.confd ntp
# Install the systemd unit file
- systemd_newunit "${FILESDIR}/ntpd.service" ntpd.service
+ systemd_newunit "${FILESDIR}"/ntpd.service ntpd.service
+
+ # Prepare a directory for the ntp.drift file
+ mkdir -pv "${ED}"/var/lib/ntp
+ chown ntp:ntp "${ED}"/var/lib/ntp
+ chmod 770 "${ED}"/var/lib/ntp
# Install a log rotate script
- mkdir -pv "${ED}/etc/"logrotate.d
- cp -v "${S}/etc/logrotate-config.ntpd" "${ED}/etc/logrotate.d/ntpd"
+ mkdir -pv "${ED}"/etc/logrotate.d
+ cp -v "${S}"/etc/logrotate-config.ntpd "${ED}"/etc/logrotate.d/ntpd
- # Install the configuration files
- cp -Rv "${S}/etc/ntp.d/" "${ED}/etc/"
- mv -v "${ED}/etc/ntp.d/default.conf" "${ED}/etc/ntp.conf"
- sed "s|includefile |includefile ntp.d/|" -i "${ED}/etc/ntp.conf"
+ # Install the configuration file and sample configuration
+ cp -v "${FILESDIR}"/ntp.conf "${ED}"/etc/ntp.conf
+ cp -Rv "${S}"/etc/ntp.d/ "${ED}"/etc/
}
