Changeset 29127


Ignore:
Timestamp:
2011-11-14T19:30:05+01:00 (6 years ago)
Author:
tripolar
Message:

[packages] ntpd: * use libcap to drop roots privileges

  • add ntp-key and ntp-key-ssl (linked against OpenSSL)
  • update init file
    • add ntp group and user
  • compile with --without-lineeditlibs
  • add ntptime to the ntp-utils package
Location:
packages/net/ntpd
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • packages/net/ntpd/Makefile

    r28572 r29127  
    1010PKG_NAME:=ntp 
    1111PKG_VERSION:=4.2.6p4 
    12 PKG_RELEASE:=2 
     12PKG_RELEASE:=3 
    1313 
    1414PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz 
     
    3131  MAINTAINER:=Peter Wagner <tripolar@gmx.at> 
    3232  URL:=http://www.ntp.org/ 
     33  DEPENDS:=+libcap 
    3334endef 
    3435 
     
    5556  TITLE+= server (with OpenSSL support) 
    5657  VARIANT:=ssl 
    57   DEPENDS:=+libopenssl 
     58  DEPENDS+= +libopenssl 
    5859endef 
    5960 
     
    8081  TITLE+= utilities 
    8182  VARIANT:=nossl 
    82   DEPENDS:=+libncurses 
    8383endef 
    8484 
     
    8686$(call Package/ntpd/Default/description) 
    8787 . 
    88  This package contains ntpdc and ntpq. 
     88 This package contains ntpdc, ntpq and ntptime. 
     89endef 
     90 
     91define Package/ntp-keygen 
     92$(call Package/ntpd/Default) 
     93  TITLE+=keygen 
     94  VARIANT:=nossl 
     95endef 
     96 
     97define Package/ntp-keygen/description 
     98$(call Package/ntpd/Default/description) 
     99 . 
     100 This package contains the ntp-keygen. 
     101endef 
     102 
     103define Package/ntp-keygen-ssl 
     104$(call Package/ntpd/Default) 
     105  TITLE+=keygen (with OpenSSL support) 
     106  VARIANT:=ssl 
     107  DEPENDS+= +libopenssl 
     108endef 
     109 
     110define Package/ntp-keygen-ssl/description 
     111$(call Package/ntpd/Default/description) 
     112 . 
     113 This package contains the ntp-keygen with OpenSSL support. 
    89114endef 
    90115 
     
    104129        --disable-all-clocks \ 
    105130        --disable-parse-clocks \ 
     131        --without-ntpsnmpd \ 
     132        --without-lineeditlibs \ 
    106133        --enable-NMEA \ 
    107134        --enable-LOCAL-CLOCK \ 
    108135        --enable-SHM \ 
    109         --disable-linuxcaps \ 
    110         --without-ntpsnmpd \ 
     136        --enable-linuxcaps 
    111137 
    112138ifeq ($(BUILD_VARIANT),ssl) 
     
    154180        $(INSTALL_BIN) $(PKG_BUILD_DIR)/ntpdc/ntpdc $(1)/usr/sbin/ 
    155181        $(INSTALL_BIN) $(PKG_BUILD_DIR)/ntpq/ntpq $(1)/usr/sbin/ 
     182        $(INSTALL_BIN) $(PKG_BUILD_DIR)/util/ntptime $(1)/usr/sbin/ 
    156183endef 
     184 
     185define Package/ntp-keygen/install 
     186        $(INSTALL_DIR) $(1)/usr/sbin 
     187        $(INSTALL_BIN) $(PKG_BUILD_DIR)/util/ntp-keygen $(1)/usr/sbin/ 
     188endef 
     189 
     190Package/ntp-keygen-ssl/install = $(Package/ntp-keygen/install) 
    157191 
    158192$(eval $(call BuildPackage,ntpd)) 
     
    160194$(eval $(call BuildPackage,ntpdate)) 
    161195$(eval $(call BuildPackage,ntp-utils)) 
     196$(eval $(call BuildPackage,ntp-keygen)) 
     197$(eval $(call BuildPackage,ntp-keygen-ssl)) 
  • packages/net/ntpd/files/ntp.conf

    r10189 r29127  
    1 # use a random selection of 8 public stratum 2 servers 
     1# use a random selection of 4 public stratum 2 servers 
    22# see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers 
    33 
     
    55#restrict default noquery 
    66 
    7  
    87restrict 127.0.0.1 
    98 
    10 driftfile  /tmp/ntp.drift 
     9driftfile  /var/lib/ntp/ntp.drift 
    1110 
    1211server 0.openwrt.pool.ntp.org iburst 
  • packages/net/ntpd/files/ntpd.init

    r28883 r29127  
    33 
    44START=65 
     5STOP=65 
    56 
    67SERVICE_USE_PID=1 
     
    910#       ln -sf /dev/ttyS0 /dev/gps0 
    1011#       /usr/sbin/setgarmin -d /dev/gps -c /etc/setgarmin.conf 
    11         service_start /sbin/ntpd -g -p /var/run/ntpd.pid 
     12        user_exists ntp 123 || user_add ntp 123 123 ntp /var/lib/ntp 
     13        group_exists ntp 123 || group_add ntp 123 
     14        mkdir -p /var/lib/ntp 
     15        chown -R ntp:ntp /var/lib/ntp 
     16        service_start /sbin/ntpd -g -u ntp:ntp -p /var/run/ntpd.pid 
    1217} 
    1318 
Note: See TracChangeset for help on using the changeset viewer.