[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Jeroen Roovers]

commit:     a306eddeea640e2ea230838a0248d9c8a3cd77e6
Author:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 22 04:44:20 2016 +0000
Commit:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
CommitDate: Fri Jan 22 04:44:20 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a306edde

net-misc/chrony: Old.

Package-Manager: portage-2.2.27

 net-misc/chrony/Manifest               |   1 -
 net-misc/chrony/chrony-2.1.1.ebuild    | 114 ---------------------------------
 net-misc/chrony/files/chrony.logrotate |  11 ----
 3 files changed, 126 deletions(-)

diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest
index 930d5cb..cd0cc0c 100644
--- a/net-misc/chrony/Manifest
+++ b/net-misc/chrony/Manifest
@@ -1,3 +1,2 @@
-DIST chrony-2.1.1.tar.gz 391037 SHA256 b0565148eaa38e971291281d76556c32f0138ec22e9784f8bceab9c65f7ad7d4 SHA512 bbb6d4b3436b7c3c7d45628500678ce31291aaa7f59df0f616268fcdb9285f21a79b085d232773ce732eea82f28fa87f4c56ac5b6a7388275c67889daf641499 WHIRLPOOL a431253f173fb8c52f417c0a074c66e3125bb46247b3a177d6ad4c96d953a4557fb159e5940f03d39a83ad1b5a92dd73f84333e3d2274a42a5e93337ca2f6d7e
 DIST chrony-2.2.1.tar.gz 340514 SHA256 4776fa8e80d698723e9a88eb882170951f6c45860545d84ae9f9d8b9bbd73796 SHA512 caa18a22e7e64186f24f474e02862296bfa74c99671bc98e926caf27b88ce3580282543594602e76ad4be9b7f9623350888def893a7c1d96a7370d13a636442f WHIRLPOOL 77500bc25496dc15f17bce60023b86330205945999011b243272db26a924ac67193da70089c59e19bea7666c05059c8c4c1975ca19057775ec2dd8e468ab8dce
 DIST chrony-2.2.tar.gz 340285 SHA256 d3fd820fa63badf54ee0e48a649b94ea739df3aac5efa104bd90f89795aa2485 SHA512 40e5f3b803016a8ce2a3450f24e07e02b54c8b0134c005342e52e1f122592af646186ca231644801bdb7bbb00c576347da34e162d33920ef71f4018204e8a866 WHIRLPOOL 0f517914935b150bce9a42507f1c4b04ec50d9406d1ac504b396abbe0646a3bce21299cb6b946159e7369800bbcd106257bf2c02e544fffd19d8211f232ed469

diff --git a/net-misc/chrony/chrony-2.1.1.ebuild b/net-misc/chrony/chrony-2.1.1.ebuild
deleted file mode 100644
index ac2cc6a..0000000
--- a/net-misc/chrony/chrony-2.1.1.ebuild
+++ /dev/null
@@ -1,114 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit eutils systemd toolchain-funcs
-
-DESCRIPTION="NTP client and server programs"
-HOMEPAGE="http://chrony.tuxfamily.org/"
-SRC_URI="http://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
-LICENSE="GPL-2"
-SLOT="0"
-
-KEYWORDS="amd64 ~arm hppa ~mips ppc ppc64 sparc x86"
-IUSE="caps +cmdmon ipv6 libedit +ntp +phc +pps readline +refclock +rtc selinux +adns"
-REQUIRED_USE="
-	?? ( libedit readline )
-"
-
-CDEPEND="
-	caps? ( sys-libs/libcap )
-	libedit? ( dev-libs/libedit )
-	readline? ( >=sys-libs/readline-4.1-r4:= )
-"
-DEPEND="
-	${CDEPEND}
-	sys-apps/texinfo
-"
-RDEPEND="
-	${CDEPEND}
-	selinux? ( sec-policy/selinux-chronyd )
-"
-
-RESTRICT=test
-
-S="${WORKDIR}/${P/_/-}"
-
-src_prepare() {
-	sed -i \
-		-e 's:/etc/chrony\.:/etc/chrony/chrony.:g' \
-		-e 's:/var/run:/run:g' \
-		conf.c chrony.texi.in chrony.txt examples/* FAQ || die
-}
-
-src_configure() {
-	tc-export CC
-
-	local CHRONY_EDITLINE
-	# ./configure legend:
-	# --disable-readline : disable line editing entirely
-	# --without-readline : do not use sys-libs/readline (enabled by default)
-	# --without-editline : do not use dev-libs/libedit (enabled by default)
-	if ! use readline && ! use libedit; then
-		CHRONY_EDITLINE='--disable-readline'
-	else
-		CHRONY_EDITLINE+=" $(usex readline '' --without-readline)"
-		CHRONY_EDITLINE+=" $(usex libedit '' --without-editline)"
-	fi
-
-	# not an autotools generated script
-	local CHRONY_CONFIGURE="
-	./configure \
-		$(usex caps '' --disable-linuxcaps) \
-		$(usex cmdmon '' --disable-cmdmon) \
-		$(usex ipv6 '' --disable-ipv6) \
-		$(usex ntp '' --disable-ntp) \
-		$(usex phc '' --disable-phc) \
-		$(usex pps '' --disable-pps) \
-		$(usex rtc '' --disable-rtc) \
-		$(usex refclock '' --disable-refclock) \
-		$(usex adns '' --disable-asyncdns) \
-		${CHRONY_EDITLINE} \
-		${EXTRA_ECONF} \
-		--docdir=/usr/share/doc/${PF} \
-		--infodir=/usr/share/info \
-		--mandir=/usr/share/man \
-		--prefix=/usr \
-		--sysconfdir=/etc/chrony \
-		--disable-sechash \
-		--without-nss \
-		--without-tomcrypt
-	"
-
-	# print the ./configure call to aid in future debugging
-	einfo ${CHRONY_CONFIGURE}
-	bash ${CHRONY_CONFIGURE} || die
-}
-
-src_compile() {
-	emake all docs
-}
-
-src_install() {
-	default
-	rm "${D}"/usr/share/doc/${PF}/COPYING || die
-	doinfo chrony.info*
-
-	newinitd "${FILESDIR}"/chronyd.init chronyd
-	newconfd "${FILESDIR}"/chronyd.conf chronyd
-
-	insinto /etc/${PN}
-	newins examples/chrony.conf.example3 chrony.conf
-	newins examples/chrony.keys.example chrony.keys
-
-	dodoc examples/*.example*
-
-	keepdir /var/{lib,log}/chrony
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/chrony.logrotate chrony
-
-	systemd_newunit "${FILESDIR}"/chronyd.service-r2 chronyd.service
-	systemd_enable_ntpunit 50-chrony chronyd.service
-}

diff --git a/net-misc/chrony/files/chrony.logrotate b/net-misc/chrony/files/chrony.logrotate
deleted file mode 100644
index b788874..0000000
--- a/net-misc/chrony/files/chrony.logrotate
+++ /dev/null
@@ -1,11 +0,0 @@
-/var/log/chrony/*.log {
-	missingok
-	sharedscripts
-	postrotate
-                PASSWORD=`awk '$1 ~ /^1$/ {print $2; exit}' /etc/chrony/chrony.keys`
-                cat << EOF | /usr/bin/chronyc | sed '/^200 OK$/d'
-                password $PASSWORD
-                cyclelogs
-EOF
-        endscript
-}

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Tobias Klausmann]

commit:     420ee41fe4a94b6d6bc1c73305a1cf657a483804
Author:     Tobias Klausmann <klausman <AT> gentoo <DOT> org>
AuthorDate: Sun May 29 16:25:16 2016 +0000
Commit:     Tobias Klausmann <klausman <AT> gentoo <DOT> org>
CommitDate: Sun May 29 16:25:16 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=420ee41f

net-misc/chrony: Fix logrotate script

Since grep -v may return a non-zero exit status even in the benign case, we
need to just return 0 manually. Actual errors will still be reported normally
since any output will trigger mail sending.

Package-Manager: portage-2.3.0_rc1

 .../chrony/{chrony-2.4_pre1-r1.ebuild => chrony-2.4_pre1-r2.ebuild}     | 2 +-
 net-misc/chrony/files/{chrony-2.4.logrotate => chrony-2.4-r1.logrotate} | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/net-misc/chrony/chrony-2.4_pre1-r1.ebuild b/net-misc/chrony/chrony-2.4_pre1-r2.ebuild
similarity index 98%
rename from net-misc/chrony/chrony-2.4_pre1-r1.ebuild
rename to net-misc/chrony/chrony-2.4_pre1-r2.ebuild
index 7d20e20..4f9b613 100644
--- a/net-misc/chrony/chrony-2.4_pre1-r1.ebuild
+++ b/net-misc/chrony/chrony-2.4_pre1-r2.ebuild
@@ -111,7 +111,7 @@ src_install() {
 	keepdir /var/{lib,log}/chrony
 
 	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/chrony-2.4.logrotate chrony
+	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
 
 	systemd_newunit "${FILESDIR}"/chronyd.service-r2 chronyd.service
 	systemd_enable_ntpunit 50-chrony chronyd.service

diff --git a/net-misc/chrony/files/chrony-2.4.logrotate b/net-misc/chrony/files/chrony-2.4-r1.logrotate
similarity index 56%
rename from net-misc/chrony/files/chrony-2.4.logrotate
rename to net-misc/chrony/files/chrony-2.4-r1.logrotate
index d1ae72b..4140bc2 100644
--- a/net-misc/chrony/files/chrony-2.4.logrotate
+++ b/net-misc/chrony/files/chrony-2.4-r1.logrotate
@@ -2,6 +2,6 @@
 	missingok
 	sharedscripts
 	postrotate
-		/usr/bin/chronyc cyclelogs |grep -v '^200 OK'
+		/usr/bin/chronyc cyclelogs |grep -v '^200 OK'; return 0
 	endscript
 }

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Tobias Klausmann]

commit:     eae6c748da04fe37c47f5e9a6c245d11fffe5810
Author:     Tobias Klausmann <klausman <AT> gentoo <DOT> org>
AuthorDate: Mon Jun  6 07:25:28 2016 +0000
Commit:     Tobias Klausmann <klausman <AT> gentoo <DOT> org>
CommitDate: Mon Jun  6 07:25:28 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eae6c748

net-misc/chrony: Fix the logrotate script for good.

Also bump latest version so people get the new logrotate file.

Package-Manager: portage-2.3.0_rc1

 .../chrony/{chrony-2.4_pre1-r2.ebuild => chrony-2.4_pre1-r3.ebuild}     | 0
 net-misc/chrony/files/chrony-2.4-r1.logrotate                           | 2 +-
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/net-misc/chrony/chrony-2.4_pre1-r2.ebuild b/net-misc/chrony/chrony-2.4_pre1-r3.ebuild
similarity index 100%
rename from net-misc/chrony/chrony-2.4_pre1-r2.ebuild
rename to net-misc/chrony/chrony-2.4_pre1-r3.ebuild

diff --git a/net-misc/chrony/files/chrony-2.4-r1.logrotate b/net-misc/chrony/files/chrony-2.4-r1.logrotate
index 4140bc2..a2cf8fe 100644
--- a/net-misc/chrony/files/chrony-2.4-r1.logrotate
+++ b/net-misc/chrony/files/chrony-2.4-r1.logrotate
@@ -2,6 +2,6 @@
 	missingok
 	sharedscripts
 	postrotate
-		/usr/bin/chronyc cyclelogs |grep -v '^200 OK'; return 0
+		/usr/bin/chronyc cyclelogs |grep -v '^200 OK'; exit 0
 	endscript
 }

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Jeroen Roovers]

commit:     b85e7a2cccff1773bf8223003d3dfb9529f7024c
Author:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
AuthorDate: Sat Mar 31 10:49:48 2018 +0000
Commit:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
CommitDate: Sat Mar 31 10:49:48 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b85e7a2c

net-misc/chrony: Old.

Package-Manager: Portage-2.3.27, Repoman-2.3.9

 net-misc/chrony/Manifest                   |   2 -
 net-misc/chrony/chrony-2.3.ebuild          | 113 ---------------------------
 net-misc/chrony/chrony-2.4.1.ebuild        | 119 -----------------------------
 net-misc/chrony/files/chrony-2.2.logrotate |   7 --
 4 files changed, 241 deletions(-)

diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest
index 18ce30caecf..2eafb411211 100644
--- a/net-misc/chrony/Manifest
+++ b/net-misc/chrony/Manifest
@@ -1,5 +1,3 @@
-DIST chrony-2.3.tar.gz 355113 BLAKE2B 238269a79288186e93bd978bca1fb3258d35cfd72c0a90f888cdb35d0c5c01abbb80002e476478fd0fbc6fd1a080f68e0b6d2d11f13d9a37dff1c1068c13bd13 SHA512 2a9cda6c2bc931438b798bd037614196bdb1533d12432467a690d57095c74013c80c92fcaadbd43fd5b0c816872822527a1ade3014add458d669d7813d5fa080
-DIST chrony-2.4.1.tar.gz 390641 BLAKE2B 7faac0c71f27bd3459f8a25b338e247744850128b32330fef324e37fd2e7cbd66156311e5a48140288580fc78f1948f8cf02fd2f64fc2ed3cabdaee28af5a67c SHA512 7772065103ad95706f80374d88ba452b76cf8e29689abf22b38e7eb5ad2fcc491593e11702400daa8bf908218614df21b08ff15ab2d3d2347876119cd80abc4d
 DIST chrony-3.1.tar.gz 424109 BLAKE2B eb6bc13905a05eab15b00919577cceb4c8c881b4881fbd0e19d966dca86ed6973c31618b1ae56b59cad989144bf59a0206328d50d9eb436fdb058684e74a1661 SHA512 4ba3a75c3634050bb63ba9ee80d9be7a295f44ce4d195a050e4be4738bd7dd807fe37f2289d7ead4a75272bd5ebadbd03c233c67f859e9b68871fca5a6671427
 DIST chrony-3.2.tar.gz 433882 BLAKE2B 4351cd22efbb2c819f09a562b2e0c1851336f8973b37b3015ec6acc04b925e13c1207262d4561318c187809bf989710d9a8fdf54e93b3d3dac56d0d6df8782df SHA512 496af5bed91600f268c1a0fa577bb8c7785e485f78598b666829c674e94770c16548cec4289a2ae9d0a51191d2705eda00886cb6cccae3828aa201a49d4783a4
 DIST chrony-3.3-pre1.tar.gz 442045 BLAKE2B 122a36e46b5d5a3eb3e2d5e20ad2a5b4f419e496b9cd341e4895e6a4121f0c613860dba0375592ad169e3dbfdbdaf812f07124e6f3b005eba6b3296a663f601d SHA512 39bb4788d362d9aaf30b84c59eaf3421110c3776d57eb955f12d8fdd6013f8ffa91a6ff1e8b0018113f63d660570b1aa70d96f7c31faca29d5b720c2f3f1d625

diff --git a/net-misc/chrony/chrony-2.3.ebuild b/net-misc/chrony/chrony-2.3.ebuild
deleted file mode 100644
index f37a8f2cac7..00000000000
--- a/net-misc/chrony/chrony-2.3.ebuild
+++ /dev/null
@@ -1,113 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-inherit eutils systemd toolchain-funcs
-
-DESCRIPTION="NTP client and server programs"
-HOMEPAGE="http://chrony.tuxfamily.org/"
-SRC_URI="http://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
-LICENSE="GPL-2"
-SLOT="0"
-
-KEYWORDS="~alpha amd64 ~arm hppa ~mips ppc ppc64 ~sparc x86"
-IUSE="caps +cmdmon ipv6 libedit +ntp +phc +pps readline +refclock +rtc selinux +adns"
-REQUIRED_USE="
-	?? ( libedit readline )
-"
-
-CDEPEND="
-	caps? ( sys-libs/libcap )
-	libedit? ( dev-libs/libedit )
-	readline? ( >=sys-libs/readline-4.1-r4:= )
-"
-DEPEND="
-	${CDEPEND}
-	sys-apps/texinfo
-"
-RDEPEND="
-	${CDEPEND}
-	selinux? ( sec-policy/selinux-chronyd )
-"
-
-RESTRICT=test
-
-S="${WORKDIR}/${P/_/-}"
-
-src_prepare() {
-	sed -i \
-		-e 's:/etc/chrony\.:/etc/chrony/chrony.:g' \
-		-e 's:/var/run:/run:g' \
-		conf.c chrony.texi.in examples/* || die
-}
-
-src_configure() {
-	tc-export CC
-
-	local CHRONY_EDITLINE
-	# ./configure legend:
-	# --disable-readline : disable line editing entirely
-	# --without-readline : do not use sys-libs/readline (enabled by default)
-	# --without-editline : do not use dev-libs/libedit (enabled by default)
-	if ! use readline && ! use libedit; then
-		CHRONY_EDITLINE='--disable-readline'
-	else
-		CHRONY_EDITLINE+=" $(usex readline '' --without-readline)"
-		CHRONY_EDITLINE+=" $(usex libedit '' --without-editline)"
-	fi
-
-	# not an autotools generated script
-	local CHRONY_CONFIGURE="
-	./configure \
-		$(usex caps '' --disable-linuxcaps) \
-		$(usex cmdmon '' --disable-cmdmon) \
-		$(usex ipv6 '' --disable-ipv6) \
-		$(usex ntp '' --disable-ntp) \
-		$(usex phc '' --disable-phc) \
-		$(usex pps '' --disable-pps) \
-		$(usex rtc '' --disable-rtc) \
-		$(usex refclock '' --disable-refclock) \
-		$(usex adns '' --disable-asyncdns) \
-		${CHRONY_EDITLINE} \
-		${EXTRA_ECONF} \
-		--docdir=/usr/share/doc/${PF} \
-		--chronysockdir=/run/chrony \
-		--infodir=/usr/share/info \
-		--mandir=/usr/share/man \
-		--prefix=/usr \
-		--sysconfdir=/etc/chrony \
-		--disable-sechash \
-		--without-nss \
-		--without-tomcrypt
-	"
-
-	# print the ./configure call to aid in future debugging
-	einfo ${CHRONY_CONFIGURE}
-	bash ${CHRONY_CONFIGURE} || die
-}
-
-src_compile() {
-	emake all docs
-}
-
-src_install() {
-	default
-
-	doinfo chrony.info*
-
-	newinitd "${FILESDIR}"/chronyd.init-r1 chronyd
-	newconfd "${FILESDIR}"/chronyd.conf chronyd
-
-	insinto /etc/${PN}
-	newins examples/chrony.conf.example1 chrony.conf
-
-	dodoc examples/*.example*
-
-	keepdir /var/{lib,log}/chrony
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/chrony-2.2.logrotate chrony
-
-	systemd_newunit "${FILESDIR}"/chronyd.service-r2 chronyd.service
-	systemd_enable_ntpunit 50-chrony chronyd.service
-}

diff --git a/net-misc/chrony/chrony-2.4.1.ebuild b/net-misc/chrony/chrony-2.4.1.ebuild
deleted file mode 100644
index 6c4e5e3675f..00000000000
--- a/net-misc/chrony/chrony-2.4.1.ebuild
+++ /dev/null
@@ -1,119 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-inherit eutils systemd toolchain-funcs
-
-DESCRIPTION="NTP client and server programs"
-HOMEPAGE="http://chrony.tuxfamily.org/"
-SRC_URI="http://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
-LICENSE="GPL-2"
-SLOT="0"
-
-KEYWORDS="alpha ~amd64 ~arm hppa ppc ppc64"
-IUSE="caps +cmdmon html ipv6 libedit +ntp +phc pps readline +refclock +rtc selinux +adns"
-REQUIRED_USE="
-	?? ( libedit readline )
-"
-
-CDEPEND="
-	caps? ( sys-libs/libcap )
-	libedit? ( dev-libs/libedit )
-	readline? ( >=sys-libs/readline-4.1-r4:= )
-"
-DEPEND="
-	${CDEPEND}
-	html? ( dev-ruby/asciidoctor )
-	pps? ( net-misc/pps-tools )
-"
-RDEPEND="
-	${CDEPEND}
-	selinux? ( sec-policy/selinux-chronyd )
-"
-
-RESTRICT=test
-
-S="${WORKDIR}/${P/_/-}"
-
-src_prepare() {
-	sed -i \
-		-e 's:/etc/chrony\.:/etc/chrony/chrony.:g' \
-		-e 's:/var/run:/run:g' \
-		conf.c doc/*.man.in examples/* || die
-
-	default
-}
-
-src_configure() {
-	tc-export CC
-
-	local CHRONY_EDITLINE
-	# ./configure legend:
-	# --disable-readline : disable line editing entirely
-	# --without-readline : do not use sys-libs/readline (enabled by default)
-	# --without-editline : do not use dev-libs/libedit (enabled by default)
-	if ! use readline && ! use libedit; then
-		CHRONY_EDITLINE='--disable-readline'
-	else
-		CHRONY_EDITLINE+=" $(usex readline '' --without-readline)"
-		CHRONY_EDITLINE+=" $(usex libedit '' --without-editline)"
-	fi
-
-	# not an autotools generated script
-	local CHRONY_CONFIGURE="
-	./configure \
-		$(usex caps '' --disable-linuxcaps) \
-		$(usex cmdmon '' --disable-cmdmon) \
-		$(usex ipv6 '' --disable-ipv6) \
-		$(usex ntp '' --disable-ntp) \
-		$(usex phc '' --disable-phc) \
-		$(usex pps '' --disable-pps) \
-		$(usex rtc '' --disable-rtc) \
-		$(usex refclock '' --disable-refclock) \
-		$(usex adns '' --disable-asyncdns) \
-		${CHRONY_EDITLINE} \
-		${EXTRA_ECONF} \
-		--docdir=/usr/share/doc/${PF} \
-		--chronysockdir=/run/chrony \
-		--mandir=/usr/share/man \
-		--prefix=/usr \
-		--sysconfdir=/etc/chrony \
-		--disable-sechash \
-		--without-nss \
-		--without-tomcrypt
-	"
-
-	# print the ./configure call to aid in future debugging
-	einfo ${CHRONY_CONFIGURE}
-	bash ${CHRONY_CONFIGURE} || die
-}
-
-src_compile() {
-	emake all docs $(usex html '' 'ADOC=true')
-}
-
-src_install() {
-	default
-
-	newinitd "${FILESDIR}"/chronyd.init-r1 chronyd
-	newconfd "${FILESDIR}"/chronyd.conf chronyd
-
-	insinto /etc/${PN}
-	newins examples/chrony.conf.example1 chrony.conf
-
-	docinto examples
-	dodoc examples/*.example*
-
-	if use html; then
-		docinto html
-		dodoc doc/*.html
-	fi
-
-	keepdir /var/{lib,log}/chrony
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
-
-	systemd_newunit "${FILESDIR}"/chronyd.service-r2 chronyd.service
-	systemd_enable_ntpunit 50-chrony chronyd.service
-}

diff --git a/net-misc/chrony/files/chrony-2.2.logrotate b/net-misc/chrony/files/chrony-2.2.logrotate
deleted file mode 100644
index ae76c8de6af..00000000000
--- a/net-misc/chrony/files/chrony-2.2.logrotate
+++ /dev/null
@@ -1,7 +0,0 @@
-/var/log/chrony/*.log {
-	missingok
-	sharedscripts
-	postrotate
-		/usr/bin/chronyc cyclelogs
-	endscript
-}

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Jeroen Roovers]

commit:     6e9478074f14ff36bd4beb516f8ba144bef45201
Author:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
AuthorDate: Tue Sep  4 09:31:04 2018 +0000
Commit:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
CommitDate: Tue Sep  4 09:32:19 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6e947807

net-misc/chrony: Set default PID file and check for it

Fixes: https://bugs.gentoo.org/665212
Package-Manager: Portage-2.3.49, Repoman-2.3.10

 ...y-3.4_pre1.ebuild => chrony-3.4_pre1-r1.ebuild} | 12 ++--
 net-misc/chrony/files/chronyd.init-r2              | 70 ++++++++++++++++++++++
 2 files changed, 76 insertions(+), 6 deletions(-)

diff --git a/net-misc/chrony/chrony-3.4_pre1.ebuild b/net-misc/chrony/chrony-3.4_pre1-r1.ebuild
similarity index 93%
rename from net-misc/chrony/chrony-3.4_pre1.ebuild
rename to net-misc/chrony/chrony-3.4_pre1-r1.ebuild
index c3aed38aa99..a39dc7b24dc 100644
--- a/net-misc/chrony/chrony-3.4_pre1.ebuild
+++ b/net-misc/chrony/chrony-3.4_pre1-r1.ebuild
@@ -38,9 +38,8 @@ S="${WORKDIR}/${P/_/-}"
 
 src_prepare() {
 	sed -i \
-		-e 's:/etc/chrony\.:/etc/chrony/chrony.:g' \
-		-e 's:/var/run:/run:g' \
-		conf.c doc/*.man.in examples/* || die
+		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
+		doc/* examples/* || die
 
 	default
 }
@@ -75,12 +74,13 @@ src_configure() {
 		$(usex rtc '' --disable-rtc) \
 		${CHRONY_EDITLINE} \
 		${EXTRA_ECONF} \
-		--docdir=/usr/share/doc/${PF} \
 		--chronysockdir=/run/chrony \
+		--disable-sechash \
+		--docdir=/usr/share/doc/${PF} \
 		--mandir=/usr/share/man \
 		--prefix=/usr \
 		--sysconfdir=/etc/chrony \
-		--disable-sechash \
+		--with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
 		--without-nss \
 		--without-tomcrypt
 	"
@@ -97,7 +97,7 @@ src_compile() {
 src_install() {
 	default
 
-	newinitd "${FILESDIR}"/chronyd.init-r1 chronyd
+	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
 	newconfd "${FILESDIR}"/chronyd.conf chronyd
 
 	insinto /etc/${PN}

diff --git a/net-misc/chrony/files/chronyd.init-r2 b/net-misc/chrony/files/chronyd.init-r2
new file mode 100644
index 00000000000..4892a57b163
--- /dev/null
+++ b/net-misc/chrony/files/chronyd.init-r2
@@ -0,0 +1,70 @@
+#!/sbin/openrc-run
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+	use dns
+}
+
+checkconfig() {
+	# Note that /etc/chrony/chrony.keys is *NOT* checked. This
+	# is because the user may have specified another key
+	# file, and we don't want to force the user to use that
+	# exact name for the key file.
+	if [ ! -f "${CFGFILE}" ] ; then
+		eerror "Please create ${CFGFILE} and the"
+		eerror "chrony key file (usually /etc/chrony/chrony.keys)"
+		eerror "by using the"
+		eerror ""
+		eerror "        chrony.conf.example"
+		eerror "        chrony.keys.example"
+		eerror ""
+		eerror "files (from the documentation directory)"
+		eerror "as templates."
+		return 1
+	else
+		# Actually, I tried it, and chrony seems to ignore the pidfile
+		# option. I'm going to leave it here anyway, since you never
+		# know if it might be handy
+		PIDFILE=`awk '/^ *pidfile/{print $2}' "${CFGFILE}"`
+		[ -z "${PIDFILE}" ] && PIDFILE=/run/chrony/chronyd.pid
+	fi
+	return 0
+}
+
+setxtrarg() {
+	if [ -c /dev/rtc ]; then
+		grep -q '^rtcfile' "${CFGFILE}" && ARGS="${ARGS} -s"
+	fi
+	grep -q '^dumponexit$' "${CFGFILE}" && ARGS="${ARGS} -r"
+	return 0
+}
+
+start() {
+	checkconfig || return $?
+	setxtrarg
+
+	[ -n "${PIDFILE}" ] || PIDFILE=/run/chronyd.pid
+
+	ebegin "Starting chronyd"
+	start-stop-daemon \
+		--start \
+		--quiet \
+		--exec /usr/sbin/chronyd \
+		--pidfile "${PIDFILE}" \
+		-- -f "${CFGFILE}" ${ARGS}
+	eend $? "Failed to start chronyd"
+}
+
+stop() {
+	checkconfig || return $?
+
+	[ -n "${PIDFILE}" ] || PIDFILE=/run/chronyd.pid
+
+	ebegin "Stopping chronyd"
+	start-stop-daemon \
+		--stop \
+		--quiet \
+		--pidfile "${PIDFILE}"
+	eend $? "Failed to stop chronyd"
+}

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Jeroen Roovers]

commit:     35ed7204c7e08cc8ed2aaee87bb045701827beba
Author:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
AuthorDate: Wed May 15 10:00:19 2019 +0000
Commit:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
CommitDate: Wed May 15 10:07:43 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=35ed7204

net-misc/chrony: Fix patch filename

Package-Manager: Portage-2.3.66, Repoman-2.3.12
Signed-off-by: Jeroen Roovers <jer <AT> gentoo.org>

 net-misc/chrony/chrony-3.4.ebuild                                     | 4 ++--
 net-misc/chrony/chrony-3.5_pre1.ebuild                                | 2 +-
 net-misc/chrony/chrony-9999.ebuild                                    | 2 +-
 .../{chronyd-systemd-gentoo.patch => chrony-3.4-systemd-gentoo.patch} | 0
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/net-misc/chrony/chrony-3.4.ebuild b/net-misc/chrony/chrony-3.4.ebuild
index 2b17b91c999..749bf8e23ef 100644
--- a/net-misc/chrony/chrony-3.4.ebuild
+++ b/net-misc/chrony/chrony-3.4.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=6
@@ -37,7 +37,7 @@ RESTRICT=test
 S="${WORKDIR}/${P/_/-}"
 
 PATCHES=(
-	"${FILESDIR}"/chronyd-systemd-gentoo.patch
+	"${FILESDIR}"/${PN}-3.4-systemd-gentoo.patch
 )
 
 src_prepare() {

diff --git a/net-misc/chrony/chrony-3.5_pre1.ebuild b/net-misc/chrony/chrony-3.5_pre1.ebuild
index d32f046f9da..72eeaef1fb9 100644
--- a/net-misc/chrony/chrony-3.5_pre1.ebuild
+++ b/net-misc/chrony/chrony-3.5_pre1.ebuild
@@ -37,7 +37,7 @@ RESTRICT=test
 S="${WORKDIR}/${P/_/-}"
 
 PATCHES=(
-	"${FILESDIR}"/chronyd-systemd-gentoo.patch
+	"${FILESDIR}"/${PN}-3.4-systemd-gentoo.patch
 )
 
 src_prepare() {

diff --git a/net-misc/chrony/chrony-9999.ebuild b/net-misc/chrony/chrony-9999.ebuild
index 188564043dd..dfe5253524d 100644
--- a/net-misc/chrony/chrony-9999.ebuild
+++ b/net-misc/chrony/chrony-9999.ebuild
@@ -35,7 +35,7 @@ RESTRICT=test
 S="${WORKDIR}/${P/_/-}"
 
 PATCHES=(
-	"${FILESDIR}"/chronyd-systemd-gentoo.patch
+	"${FILESDIR}"/${PN}-3.4-systemd-gentoo.patch
 )
 
 src_prepare() {

diff --git a/net-misc/chrony/files/chronyd-systemd-gentoo.patch b/net-misc/chrony/files/chrony-3.4-systemd-gentoo.patch
similarity index 100%
rename from net-misc/chrony/files/chronyd-systemd-gentoo.patch
rename to net-misc/chrony/files/chrony-3.4-systemd-gentoo.patch

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Jeroen Roovers]

commit:     29500f59287b983f27b842d72d183ed757069ba0
Author:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
AuthorDate: Wed May 15 10:03:57 2019 +0000
Commit:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
CommitDate: Wed May 15 10:07:44 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=29500f59

net-misc/chrony: Version 3.5

Package-Manager: Portage-2.3.66, Repoman-2.3.12
Signed-off-by: Jeroen Roovers <jer <AT> gentoo.org>

 net-misc/chrony/Manifest                                     |  2 +-
 .../chrony/{chrony-3.5_pre1.ebuild => chrony-3.5.ebuild}     |  2 +-
 net-misc/chrony/chrony-9999.ebuild                           |  2 +-
 net-misc/chrony/files/chrony-3.5-systemd-gentoo.patch        | 12 ++++++++++++
 4 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest
index 3a12680dcc7..868a62967f5 100644
--- a/net-misc/chrony/Manifest
+++ b/net-misc/chrony/Manifest
@@ -1,4 +1,4 @@
 DIST chrony-3.1.tar.gz 424109 BLAKE2B eb6bc13905a05eab15b00919577cceb4c8c881b4881fbd0e19d966dca86ed6973c31618b1ae56b59cad989144bf59a0206328d50d9eb436fdb058684e74a1661 SHA512 4ba3a75c3634050bb63ba9ee80d9be7a295f44ce4d195a050e4be4738bd7dd807fe37f2289d7ead4a75272bd5ebadbd03c233c67f859e9b68871fca5a6671427
 DIST chrony-3.3.tar.gz 443571 BLAKE2B cc35f55b8d63eed85495f88b71c9285c68867a28b27c6c5e7d4475a77857ce4a09fbe561906757d66fee13b19d9ee750d41518050048776b2c0ef600407632e9 SHA512 36975d863599141e8e5b071d35cf67326b27f5b0da7ec942dbb4530377d10472b0729eea632e0702718b515cb2d5fd41a7eba158e6dade7f05adfb1bdffa5df0
 DIST chrony-3.4.tar.gz 453056 BLAKE2B 088eb18bfc9ae4a7a3d656dfabddc565bc4a0da995c172183bed12bc5df59e87ab7363ba64e3579cdb414da77bd7f1fe05b66e33474282df57daf1fd8a55e182 SHA512 4fbb0311c8d363a87edd6f5d1be3d8554da169f260ba23c1ad9e8c567808258c6fd7513ba630d6fa27453ecfd81f0ece0e26d5ee2f98ca47fbc9887181a36918
-DIST chrony-3.5-pre1.tar.gz 457961 BLAKE2B a43e36df7d3b2a2865efb784240e399c2a16748064cedf96b0da849f0cdf8b4d91e7fc616995277f29d2c55176e08526dbedbc8b866238994f8a4187b822aa20 SHA512 ccca35e17f18ed80e0db984c321f5fefabb1056feaae3aed08bf9e1ae732b22af05f87bafe812154af7e5adced91d90618e3833bc266be06ba2fa095685b07da
+DIST chrony-3.5.tar.gz 458226 BLAKE2B 611f21e36c6e745208e00eba988519fcd912c6c0c3518c953591f43224dc3da79f627027a6cd4bf9c4227e9f8659a69adbdb634252ff3920d2ef677e32012456 SHA512 c4f6376a44d71b6ac2b6d86e3d6fb4348642faeef7f3f3a4d6431627b5645efcc868b005cc398c8292bc3b63a1161fbd1a042c6ac2a0595843f908fe32eed90c

diff --git a/net-misc/chrony/chrony-3.5_pre1.ebuild b/net-misc/chrony/chrony-3.5.ebuild
similarity index 98%
rename from net-misc/chrony/chrony-3.5_pre1.ebuild
rename to net-misc/chrony/chrony-3.5.ebuild
index 72eeaef1fb9..ec8018cd297 100644
--- a/net-misc/chrony/chrony-3.5_pre1.ebuild
+++ b/net-misc/chrony/chrony-3.5.ebuild
@@ -37,7 +37,7 @@ RESTRICT=test
 S="${WORKDIR}/${P/_/-}"
 
 PATCHES=(
-	"${FILESDIR}"/${PN}-3.4-systemd-gentoo.patch
+	"${FILESDIR}"/${PN}-3.5-systemd-gentoo.patch
 )
 
 src_prepare() {

diff --git a/net-misc/chrony/chrony-9999.ebuild b/net-misc/chrony/chrony-9999.ebuild
index dfe5253524d..2fadb9f5fdb 100644
--- a/net-misc/chrony/chrony-9999.ebuild
+++ b/net-misc/chrony/chrony-9999.ebuild
@@ -35,7 +35,7 @@ RESTRICT=test
 S="${WORKDIR}/${P/_/-}"
 
 PATCHES=(
-	"${FILESDIR}"/${PN}-3.4-systemd-gentoo.patch
+	"${FILESDIR}"/${PN}-3.5-systemd-gentoo.patch
 )
 
 src_prepare() {

diff --git a/net-misc/chrony/files/chrony-3.5-systemd-gentoo.patch b/net-misc/chrony/files/chrony-3.5-systemd-gentoo.patch
new file mode 100644
index 00000000000..addba4ca1a9
--- /dev/null
+++ b/net-misc/chrony/files/chrony-3.5-systemd-gentoo.patch
@@ -0,0 +1,12 @@
+--- a/examples/chronyd.service
++++ b/examples/chronyd.service
+@@ -8,8 +8,7 @@
+ [Service]
+ Type=forking
+ PIDFile=/run/chrony/chronyd.pid
+-EnvironmentFile=-/etc/sysconfig/chronyd
+-ExecStart=/usr/sbin/chronyd $OPTIONS
++ExecStart=/usr/sbin/chronyd
+ PrivateTmp=yes
+ ProtectHome=yes
+ ProtectSystem=full

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Thomas Deutschmann]

commit:     5eefb61d11a77c123475fec73db819fa6121b7f2
Author:     Sam James (sam_c) <sam <AT> cmpct <DOT> info>
AuthorDate: Wed Mar  4 04:49:58 2020 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Mon Mar 30 18:36:43 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5eefb61d

net-misc/chrony: Run as non-root when USE=caps, revbump

When caps is enabled, drop to the user ntp (acct-user/ntp),
as opposed to remaining root.

Adds a tmpfile.d entry for /run/chrony to ensure correct permissions.

Closes: https://bugs.gentoo.org/711058
Signed-off-by: Sam James (sam_c) <sam <AT> cmpct.info>
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

 .../{chrony-9999.ebuild => chrony-3.5-r3.ebuild}   | 45 +++++++++++++++++-----
 net-misc/chrony/chrony-9999.ebuild                 | 29 ++++++++++++--
 net-misc/chrony/files/chronyd.conf                 |  2 +-
 3 files changed, 63 insertions(+), 13 deletions(-)

diff --git a/net-misc/chrony/chrony-9999.ebuild b/net-misc/chrony/chrony-3.5-r3.ebuild
similarity index 70%
copy from net-misc/chrony/chrony-9999.ebuild
copy to net-misc/chrony/chrony-3.5-r3.ebuild
index e939129a01a..3f11f8dd951 100644
--- a/net-misc/chrony/chrony-9999.ebuild
+++ b/net-misc/chrony/chrony-3.5-r3.ebuild
@@ -1,16 +1,16 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
-inherit git-r3 systemd toolchain-funcs
+inherit systemd tmpfiles toolchain-funcs
 
 DESCRIPTION="NTP client and server programs"
 HOMEPAGE="https://chrony.tuxfamily.org/"
-EGIT_REPO_URI="https://git.tuxfamily.org/chrony/chrony.git/"
+SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
 LICENSE="GPL-2"
 SLOT="0"
 
-KEYWORDS=""
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ppc ~ppc64 ~sparc ~x86"
 IUSE="
 	+adns caps +cmdmon html ipv6 libedit +ntp +phc pps readline +refclock +rtc
 	seccomp selinux
@@ -27,14 +27,17 @@ CDEPEND="
 "
 DEPEND="
 	${CDEPEND}
-	dev-ruby/asciidoctor
+	caps? ( acct-group/ntp acct-user/ntp )
+	html? ( dev-ruby/asciidoctor )
 	pps? ( net-misc/pps-tools )
 "
 RDEPEND="
 	${CDEPEND}
 	selinux? ( sec-policy/selinux-chronyd )
 "
+
 RESTRICT=test
+
 S="${WORKDIR}/${P/_/-}"
 
 PATCHES=(
@@ -47,6 +50,16 @@ src_prepare() {
 	sed -i \
 		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
 		doc/* examples/* || die
+
+	# Copy for potential user fixup
+	cp "${FILESDIR}"/chronyd.conf "$T"/chronyd.conf
+
+	# Set config for privdrop
+	if ! use caps; then
+		sed -i \
+			-e 's/-u ntp//' \
+			"${T}"/chronyd.conf || die
+	fi
 }
 
 src_configure() {
@@ -95,14 +108,14 @@ src_configure() {
 }
 
 src_compile() {
-	emake all docs
+	emake all docs $(usex html '' 'ADOC=true')
 }
 
 src_install() {
 	default
 
 	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
-	newconfd "${FILESDIR}"/chronyd.conf chronyd
+	newconfd "${T}"/chronyd.conf chronyd
 
 	insinto /etc/${PN}
 	newins examples/chrony.conf.example1 chrony.conf
@@ -110,8 +123,12 @@ src_install() {
 	docinto examples
 	dodoc examples/*.example*
 
-	docinto html
-	dodoc doc/*.html
+	newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
+
+	if use html; then
+		docinto html
+		dodoc doc/*.html
+	fi
 
 	keepdir /var/{lib,log}/chrony
 
@@ -121,3 +138,13 @@ src_install() {
 	systemd_dounit examples/{chronyd,chrony-wait}.service
 	systemd_enable_ntpunit 50-chrony chronyd.service
 }
+
+pkg_preinst() {
+	if use caps && has_version net-misc/chrony[-caps]; then
+		elog "/run/chronyd needs ntp:ntp permissions; please check."
+		elog "The safest option is reboot, but you may chown manually."
+	elif ! use caps && has_version net-misc/chrony[caps]; then
+		elog "/run/chronyd needs root:root permissions; please check."
+		elog "The safest option is reboot, but you may chown manually."
+	fi
+}

diff --git a/net-misc/chrony/chrony-9999.ebuild b/net-misc/chrony/chrony-9999.ebuild
index e939129a01a..5b03ec4fe42 100644
--- a/net-misc/chrony/chrony-9999.ebuild
+++ b/net-misc/chrony/chrony-9999.ebuild
@@ -1,8 +1,8 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
-inherit git-r3 systemd toolchain-funcs
+inherit git-r3 tmpfiles systemd toolchain-funcs
 
 DESCRIPTION="NTP client and server programs"
 HOMEPAGE="https://chrony.tuxfamily.org/"
@@ -27,6 +27,7 @@ CDEPEND="
 "
 DEPEND="
 	${CDEPEND}
+	caps? ( acct-group/ntp acct-user/ntp )
 	dev-ruby/asciidoctor
 	pps? ( net-misc/pps-tools )
 "
@@ -47,6 +48,16 @@ src_prepare() {
 	sed -i \
 		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
 		doc/* examples/* || die
+
+	# Copy for potential user fixup
+	cp "${FILESDIR}"/chronyd.conf "$T"/chronyd.conf
+
+	# Set config for privdrop
+	if ! use caps; then
+		sed -i \
+			-e 's/-u ntp//' \
+			"${T}"/chronyd.conf || die
+	fi
 }
 
 src_configure() {
@@ -102,7 +113,7 @@ src_install() {
 	default
 
 	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
-	newconfd "${FILESDIR}"/chronyd.conf chronyd
+	newconfd "${T}"/chronyd.conf chronyd
 
 	insinto /etc/${PN}
 	newins examples/chrony.conf.example1 chrony.conf
@@ -110,6 +121,8 @@ src_install() {
 	docinto examples
 	dodoc examples/*.example*
 
+	newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
+
 	docinto html
 	dodoc doc/*.html
 
@@ -121,3 +134,13 @@ src_install() {
 	systemd_dounit examples/{chronyd,chrony-wait}.service
 	systemd_enable_ntpunit 50-chrony chronyd.service
 }
+
+pkg_preinst() {
+	if use caps && has_version net-misc/chrony[-caps]; then
+		elog "/run/chronyd needs ntp:ntp permissions; please check."
+		elog "The safest option is reboot, but you may chown manually."
+	elif ! use caps && has_version net-misc/chrony[caps]; then
+		elog "/run/chronyd needs root:root permissions; please check."
+		elog "The safest option is reboot, but you may chown manually."
+	fi
+}

diff --git a/net-misc/chrony/files/chronyd.conf b/net-misc/chrony/files/chronyd.conf
index fc43a95c40f..c641d985e56 100644
--- a/net-misc/chrony/files/chronyd.conf
+++ b/net-misc/chrony/files/chronyd.conf
@@ -9,4 +9,4 @@ CFGFILE="/etc/chrony/chrony.conf"
 # The combination of "-s -r" allows chronyd to perform long term averaging of
 # the gain or loss rate across system reboots and shutdowns.
 
-ARGS=""
+ARGS="-u ntp"

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Thomas Deutschmann]

commit:     c3d88f854528be87d8bb689c5dc456a3aab2d64f
Author:     Sam James (sam_c) <sam <AT> cmpct <DOT> info>
AuthorDate: Sun Apr 19 20:54:06 2020 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Sat May  2 10:43:27 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c3d88f85

net-misc/chrony: Fix paths to config file

OpenRC only; systemd unaffected by issue.
New "capsified" versions will use new config file, current stable
chrony now has a fixed file.

Revbump is complicated here given -r3, ..., already exists.
This should not have affected many users so this seems like
the simplest solution.

Closes: https://bugs.gentoo.org/719876
Signed-off-by: Sam James (sam_c) <sam <AT> cmpct.info>
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

 net-misc/chrony/chrony-3.5-r4.ebuild                    | 2 +-
 net-misc/chrony/chrony-4.0_pre1-r2.ebuild               | 2 +-
 net-misc/chrony/chrony-4.0_pre2-r1.ebuild               | 2 +-
 net-misc/chrony/chrony-9999.ebuild                      | 2 +-
 net-misc/chrony/files/chronyd.conf                      | 2 +-
 net-misc/chrony/files/{chronyd.conf => chronyd.conf-r1} | 0
 6 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/net-misc/chrony/chrony-3.5-r4.ebuild b/net-misc/chrony/chrony-3.5-r4.ebuild
index ae752af2fb5..a7a99b957db 100644
--- a/net-misc/chrony/chrony-3.5-r4.ebuild
+++ b/net-misc/chrony/chrony-3.5-r4.ebuild
@@ -51,7 +51,7 @@ src_prepare() {
 		doc/* examples/* || die
 
 	# Copy for potential user fixup
-	cp "${FILESDIR}"/chronyd.conf "${T}"/chronyd.conf
+	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf
 	cp examples/chronyd.service "${T}"/chronyd.service
 
 	# Set config for privdrop

diff --git a/net-misc/chrony/chrony-4.0_pre1-r2.ebuild b/net-misc/chrony/chrony-4.0_pre1-r2.ebuild
index c4c8a13c29a..7cc61849d3d 100644
--- a/net-misc/chrony/chrony-4.0_pre1-r2.ebuild
+++ b/net-misc/chrony/chrony-4.0_pre1-r2.ebuild
@@ -53,7 +53,7 @@ src_prepare() {
 		doc/* examples/* || die
 
 	# Copy for potential user fixup
-	cp "${FILESDIR}"/chronyd.conf "${T}"/chronyd.conf
+	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf
 	cp examples/chronyd.service "${T}"/chronyd.service
 
 	# Set config for privdrop

diff --git a/net-misc/chrony/chrony-4.0_pre2-r1.ebuild b/net-misc/chrony/chrony-4.0_pre2-r1.ebuild
index 07017bb6772..503840b2754 100644
--- a/net-misc/chrony/chrony-4.0_pre2-r1.ebuild
+++ b/net-misc/chrony/chrony-4.0_pre2-r1.ebuild
@@ -53,7 +53,7 @@ src_prepare() {
 		doc/* examples/* || die
 
 	# Copy for potential user fixup
-	cp "${FILESDIR}"/chronyd.conf "${T}"/chronyd.conf
+	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf
 	cp examples/chronyd.service "${T}"/chronyd.service
 
 	# Set config for privdrop

diff --git a/net-misc/chrony/chrony-9999.ebuild b/net-misc/chrony/chrony-9999.ebuild
index 543cabf61d5..8d8758fa5c6 100644
--- a/net-misc/chrony/chrony-9999.ebuild
+++ b/net-misc/chrony/chrony-9999.ebuild
@@ -50,7 +50,7 @@ src_prepare() {
 		doc/* examples/* || die
 
 	# Copy for potential user fixup
-	cp "${FILESDIR}"/chronyd.conf "${T}"/chronyd.conf
+	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf
 	cp examples/chronyd.service "${T}"/chronyd.service
 
 	# Set config for privdrop

diff --git a/net-misc/chrony/files/chronyd.conf b/net-misc/chrony/files/chronyd.conf
index c04f3525f0b..fc43a95c40f 100644
--- a/net-misc/chrony/files/chronyd.conf
+++ b/net-misc/chrony/files/chronyd.conf
@@ -9,4 +9,4 @@ CFGFILE="/etc/chrony/chrony.conf"
 # The combination of "-s -r" allows chronyd to perform long term averaging of
 # the gain or loss rate across system reboots and shutdowns.
 
-ARGS="-u ntp -F 1"
+ARGS=""

diff --git a/net-misc/chrony/files/chronyd.conf b/net-misc/chrony/files/chronyd.conf-r1
similarity index 100%
copy from net-misc/chrony/files/chronyd.conf
copy to net-misc/chrony/files/chronyd.conf-r1

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Jeroen Roovers]

commit:     6fbce4846282a2d77a9a8094e3d2fcd7176afcd6
Author:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
AuthorDate: Mon Aug 31 08:35:47 2020 +0000
Commit:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
CommitDate: Mon Aug 31 08:39:58 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6fbce484

net-misc/chrony: Disable non-default seccomp filter option

With `-F 1' chronyd sets up a syscall filter and has itself killed when
a "forbidden" syscall is made. Since we cannot control that (as
explained in the chronyd(8) manual) we should disable the filter by
default.

Package-Manager: Portage-3.0.4, Repoman-3.0.1
Bug: https://bugs.gentoo.org/739714
Signed-off-by: Jeroen Roovers <jer <AT> gentoo.org>

 net-misc/chrony/chrony-3.5.1-r1.ebuild | 11 ++++++-----
 net-misc/chrony/chrony-4.0_pre3.ebuild | 11 ++++++-----
 net-misc/chrony/chrony-9999.ebuild     | 11 ++++++-----
 net-misc/chrony/files/chronyd.conf-r1  |  2 +-
 4 files changed, 19 insertions(+), 16 deletions(-)

diff --git a/net-misc/chrony/chrony-3.5.1-r1.ebuild b/net-misc/chrony/chrony-3.5.1-r1.ebuild
index f112b330706..f0c66705c22 100644
--- a/net-misc/chrony/chrony-3.5.1-r1.ebuild
+++ b/net-misc/chrony/chrony-3.5.1-r1.ebuild
@@ -67,13 +67,14 @@ src_prepare() {
 		-e 's|pkg-config|${PKG_CONFIG}|g' \
 		configure || die
 
-	# Copy for potential user fixup
-	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf
-	cp examples/chronyd.service "${T}"/chronyd.service
+	sed \
+		-e 's/-F 1/-F 0/' \
+		examples/chronyd.service > "${T}"/chronyd.service || die
+
+	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf || die
 }
 
 src_configure() {
-	# Set config for privdrop
 	if ! use caps; then
 		sed -i \
 			-e 's/-u ntp//' \
@@ -82,7 +83,7 @@ src_configure() {
 
 	if ! use seccomp; then
 		sed -i \
-			-e 's/-F 1//' \
+			-e 's/-F 0//' \
 			"${T}"/chronyd.conf "${T}"/chronyd.service || die
 	fi
 

diff --git a/net-misc/chrony/chrony-4.0_pre3.ebuild b/net-misc/chrony/chrony-4.0_pre3.ebuild
index f08fcf89f2e..e8f5a46d753 100644
--- a/net-misc/chrony/chrony-4.0_pre3.ebuild
+++ b/net-misc/chrony/chrony-4.0_pre3.ebuild
@@ -67,13 +67,14 @@ src_prepare() {
 		-e 's|pkg-config|${PKG_CONFIG}|g' \
 		configure || die
 
-	# Copy for potential user fixup
-	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf
-	cp examples/chronyd.service "${T}"/chronyd.service
+	sed \
+		-e 's/-F 1/-F 0/' \
+		examples/chronyd.service > "${T}"/chronyd.service || die
+
+	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf || die
 }
 
 src_configure() {
-	# Set config for privdrop
 	if ! use caps; then
 		sed -i \
 			-e 's/-u ntp//' \
@@ -82,7 +83,7 @@ src_configure() {
 
 	if ! use seccomp; then
 		sed -i \
-			-e 's/-F 1//' \
+			-e 's/-F 0//' \
 			"${T}"/chronyd.conf "${T}"/chronyd.service || die
 	fi
 

diff --git a/net-misc/chrony/chrony-9999.ebuild b/net-misc/chrony/chrony-9999.ebuild
index f08fcf89f2e..e8f5a46d753 100644
--- a/net-misc/chrony/chrony-9999.ebuild
+++ b/net-misc/chrony/chrony-9999.ebuild
@@ -67,13 +67,14 @@ src_prepare() {
 		-e 's|pkg-config|${PKG_CONFIG}|g' \
 		configure || die
 
-	# Copy for potential user fixup
-	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf
-	cp examples/chronyd.service "${T}"/chronyd.service
+	sed \
+		-e 's/-F 1/-F 0/' \
+		examples/chronyd.service > "${T}"/chronyd.service || die
+
+	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf || die
 }
 
 src_configure() {
-	# Set config for privdrop
 	if ! use caps; then
 		sed -i \
 			-e 's/-u ntp//' \
@@ -82,7 +83,7 @@ src_configure() {
 
 	if ! use seccomp; then
 		sed -i \
-			-e 's/-F 1//' \
+			-e 's/-F 0//' \
 			"${T}"/chronyd.conf "${T}"/chronyd.service || die
 	fi
 

diff --git a/net-misc/chrony/files/chronyd.conf-r1 b/net-misc/chrony/files/chronyd.conf-r1
index c04f3525f0b..2783f29e684 100644
--- a/net-misc/chrony/files/chronyd.conf-r1
+++ b/net-misc/chrony/files/chronyd.conf-r1
@@ -9,4 +9,4 @@ CFGFILE="/etc/chrony/chrony.conf"
 # The combination of "-s -r" allows chronyd to perform long term averaging of
 # the gain or loss rate across system reboots and shutdowns.
 
-ARGS="-u ntp -F 1"
+ARGS="-u ntp -F 0"

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Jeroen Roovers]

commit:     f7179379b3d676aab1cd6eceafd28145bfed2ae1
Author:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
AuthorDate: Wed Sep  2 15:50:50 2020 +0000
Commit:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
CommitDate: Wed Sep  2 15:51:37 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f7179379

net-misc/chrony: Simplify setting systemd default options

Package-Manager: Portage-3.0.5, Repoman-3.0.1
Bug: https://bugs.gentoo.org/show_bug.cgi?id=739714
Fixes: 6fbce4846282a2d77a9a8094e3d2fcd7176afcd6
Signed-off-by: Jeroen Roovers <jer <AT> gentoo.org>

 net-misc/chrony/chrony-3.5.1-r1.ebuild                   | 14 +++++---------
 net-misc/chrony/chrony-4.0_pre3.ebuild                   | 14 +++++---------
 net-misc/chrony/chrony-9999.ebuild                       | 14 +++++---------
 net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch |  2 +-
 4 files changed, 16 insertions(+), 28 deletions(-)

diff --git a/net-misc/chrony/chrony-3.5.1-r1.ebuild b/net-misc/chrony/chrony-3.5.1-r1.ebuild
index 38d6c2500b7..38bd1ccc1f0 100644
--- a/net-misc/chrony/chrony-3.5.1-r1.ebuild
+++ b/net-misc/chrony/chrony-3.5.1-r1.ebuild
@@ -68,24 +68,20 @@ src_prepare() {
 		-e 's|pkg-config|${PKG_CONFIG}|g' \
 		configure || die
 
-	sed \
-		-e 's/-F 1/-F 0/' \
-		examples/chronyd.service > "${T}"/chronyd.service || die
-
 	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf || die
 }
 
 src_configure() {
 	if ! use caps; then
 		sed -i \
-			-e 's/-u ntp//' \
-			"${T}"/chronyd.conf "${T}"/chronyd.service || die
+			-e 's/ -u ntp//' \
+			"${T}"/chronyd.conf examples/chronyd.service || die
 	fi
 
 	if ! use seccomp; then
 		sed -i \
-			-e 's/-F 0//' \
-			"${T}"/chronyd.conf "${T}"/chronyd.service || die
+			-e 's/ -F 0//' \
+			"${T}"/chronyd.conf examples/chronyd.service || die
 	fi
 
 	tc-export CC PKG_CONFIG
@@ -176,7 +172,7 @@ src_install() {
 	insinto /etc/logrotate.d
 	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
 
-	systemd_dounit "${T}"/chronyd.service
+	systemd_dounit examples/chronyd.service
 	systemd_dounit examples/chrony-wait.service
 	systemd_enable_ntpunit 50-chrony chronyd.service
 }

diff --git a/net-misc/chrony/chrony-4.0_pre3.ebuild b/net-misc/chrony/chrony-4.0_pre3.ebuild
index 8ff387f448e..25ae917e91e 100644
--- a/net-misc/chrony/chrony-4.0_pre3.ebuild
+++ b/net-misc/chrony/chrony-4.0_pre3.ebuild
@@ -68,24 +68,20 @@ src_prepare() {
 		-e 's|pkg-config|${PKG_CONFIG}|g' \
 		configure || die
 
-	sed \
-		-e 's/-F 1/-F 0/' \
-		examples/chronyd.service > "${T}"/chronyd.service || die
-
 	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf || die
 }
 
 src_configure() {
 	if ! use caps; then
 		sed -i \
-			-e 's/-u ntp//' \
-			"${T}"/chronyd.conf "${T}"/chronyd.service || die
+			-e 's/ -u ntp//' \
+			"${T}"/chronyd.conf examples/chronyd.service || die
 	fi
 
 	if ! use seccomp; then
 		sed -i \
-			-e 's/-F 0//' \
-			"${T}"/chronyd.conf "${T}"/chronyd.service || die
+			-e 's/ -F 0//' \
+			"${T}"/chronyd.conf examples/chronyd.service || die
 	fi
 
 	tc-export CC PKG_CONFIG
@@ -176,7 +172,7 @@ src_install() {
 	insinto /etc/logrotate.d
 	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
 
-	systemd_dounit "${T}"/chronyd.service
+	systemd_dounit examples/chronyd.service
 	systemd_dounit examples/chrony-wait.service
 	systemd_enable_ntpunit 50-chrony chronyd.service
 }

diff --git a/net-misc/chrony/chrony-9999.ebuild b/net-misc/chrony/chrony-9999.ebuild
index 8ff387f448e..25ae917e91e 100644
--- a/net-misc/chrony/chrony-9999.ebuild
+++ b/net-misc/chrony/chrony-9999.ebuild
@@ -68,24 +68,20 @@ src_prepare() {
 		-e 's|pkg-config|${PKG_CONFIG}|g' \
 		configure || die
 
-	sed \
-		-e 's/-F 1/-F 0/' \
-		examples/chronyd.service > "${T}"/chronyd.service || die
-
 	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf || die
 }
 
 src_configure() {
 	if ! use caps; then
 		sed -i \
-			-e 's/-u ntp//' \
-			"${T}"/chronyd.conf "${T}"/chronyd.service || die
+			-e 's/ -u ntp//' \
+			"${T}"/chronyd.conf examples/chronyd.service || die
 	fi
 
 	if ! use seccomp; then
 		sed -i \
-			-e 's/-F 0//' \
-			"${T}"/chronyd.conf "${T}"/chronyd.service || die
+			-e 's/ -F 0//' \
+			"${T}"/chronyd.conf examples/chronyd.service || die
 	fi
 
 	tc-export CC PKG_CONFIG
@@ -176,7 +172,7 @@ src_install() {
 	insinto /etc/logrotate.d
 	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
 
-	systemd_dounit "${T}"/chronyd.service
+	systemd_dounit examples/chronyd.service
 	systemd_dounit examples/chrony-wait.service
 	systemd_enable_ntpunit 50-chrony chronyd.service
 }

diff --git a/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch b/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch
index 0ea3c921980..a3a2962ddd1 100644
--- a/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch
+++ b/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch
@@ -6,7 +6,7 @@
  PIDFile=/run/chrony/chronyd.pid
 -EnvironmentFile=-/etc/sysconfig/chronyd
 -ExecStart=/usr/sbin/chronyd $OPTIONS
-+ExecStart=/usr/sbin/chronyd -u ntp -F 1
++ExecStart=/usr/sbin/chronyd -u ntp -F 0
  PrivateTmp=yes
  ProtectHome=yes
  ProtectSystem=full

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Jeroen Roovers]

commit:     0e1caaf3bc2225e4703cd9c66adf90ba3882836e
Author:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
AuthorDate: Wed Sep  2 15:30:10 2020 +0000
Commit:     Jeroen Roovers <jer <AT> gentoo <DOT> org>
CommitDate: Wed Sep  2 15:51:37 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0e1caaf3

net-misc/chrony: Old

Package-Manager: Portage-3.0.5, Repoman-3.0.1
Bug: https://bugs.gentoo.org/738154
Signed-off-by: Jeroen Roovers <jer <AT> gentoo.org>

 net-misc/chrony/Manifest                           |   1 -
 net-misc/chrony/chrony-3.5-r2.ebuild               | 127 ---------------
 net-misc/chrony/chrony-3.5-r4.ebuild               | 172 ---------------------
 .../chrony/files/chrony-3.5-systemd-gentoo.patch   |  12 --
 net-misc/chrony/metadata.xml                       |   1 -
 5 files changed, 313 deletions(-)

diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest
index 9f6cb8529de..3f68dddc784 100644
--- a/net-misc/chrony/Manifest
+++ b/net-misc/chrony/Manifest
@@ -1,3 +1,2 @@
 DIST chrony-3.5.1.tar.gz 459902 BLAKE2B 503402c0dd68a340eb5ecd8b57dcb83d90124f31e8deb6e20bd1e9ed19b5dc952fa7f40a697d0d0cb77c349c9f3297dcd32265d77670a71836ba8709dcc83053 SHA512 489cf614bfb2c1e024343af1316c339b287ed5c7b6cec15b44ef3d90512036fb1da3fd627d291a193c59d9c5c095afa66c529eeb6fd0c1bbc8256ed8873b7984
-DIST chrony-3.5.tar.gz 458226 BLAKE2B 611f21e36c6e745208e00eba988519fcd912c6c0c3518c953591f43224dc3da79f627027a6cd4bf9c4227e9f8659a69adbdb634252ff3920d2ef677e32012456 SHA512 c4f6376a44d71b6ac2b6d86e3d6fb4348642faeef7f3f3a4d6431627b5645efcc868b005cc398c8292bc3b63a1161fbd1a042c6ac2a0595843f908fe32eed90c
 DIST chrony-4.0-pre3.tar.gz 539117 BLAKE2B f26fcac8e29322151251e60b385a815c53155f163d7ed1e1269f90f3418c59ec8f4952b1bba1203549607c63bb373cbaab17af933e02e659eced91827519bc6b SHA512 e52f2454b0cbe60ab7c8975deba499f1ff2e84cd1c3d0a0fb208f11f12ca762f2d0cd74af7aacc8022e628cdeaa4ac388fdd134715cc3e274b3818d5c12da460

diff --git a/net-misc/chrony/chrony-3.5-r2.ebuild b/net-misc/chrony/chrony-3.5-r2.ebuild
deleted file mode 100644
index 3bc2bacb283..00000000000
--- a/net-misc/chrony/chrony-3.5-r2.ebuild
+++ /dev/null
@@ -1,127 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-inherit systemd toolchain-funcs
-
-DESCRIPTION="NTP client and server programs"
-HOMEPAGE="https://chrony.tuxfamily.org/"
-SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
-LICENSE="GPL-2"
-SLOT="0"
-
-KEYWORDS="~alpha amd64 arm hppa ppc ppc64 sparc x86"
-IUSE="
-	+adns caps +cmdmon html ipv6 libedit +ntp +phc pps readline +refclock +rtc
-	seccomp selinux
-"
-REQUIRED_USE="
-	?? ( libedit readline )
-"
-
-CDEPEND="
-	caps? ( sys-libs/libcap )
-	libedit? ( dev-libs/libedit )
-	readline? ( >=sys-libs/readline-4.1-r4:= )
-	seccomp? ( sys-libs/libseccomp )
-"
-DEPEND="
-	${CDEPEND}
-	html? ( dev-ruby/asciidoctor )
-	pps? ( net-misc/pps-tools )
-"
-RDEPEND="
-	${CDEPEND}
-	selinux? ( sec-policy/selinux-chronyd )
-"
-
-RESTRICT=test
-
-S="${WORKDIR}/${P/_/-}"
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
-	"${FILESDIR}"/${PN}-3.5-systemd-gentoo.patch
-)
-
-src_prepare() {
-	default
-	sed -i \
-		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
-		doc/* examples/* || die
-}
-
-src_configure() {
-	tc-export CC
-
-	local CHRONY_EDITLINE
-	# ./configure legend:
-	# --disable-readline : disable line editing entirely
-	# --without-readline : do not use sys-libs/readline (enabled by default)
-	# --without-editline : do not use dev-libs/libedit (enabled by default)
-	if ! use readline && ! use libedit; then
-		CHRONY_EDITLINE='--disable-readline'
-	else
-		CHRONY_EDITLINE+=" $(usex readline '' --without-readline)"
-		CHRONY_EDITLINE+=" $(usex libedit '' --without-editline)"
-	fi
-
-	# not an autotools generated script
-	local myconf=(
-		$(use_enable seccomp scfilter)
-		$(usex adns '' --disable-asyncdns)
-		$(usex caps '' --disable-linuxcaps)
-		$(usex cmdmon '' --disable-cmdmon)
-		$(usex ipv6 '' --disable-ipv6)
-		$(usex ntp '' --disable-ntp)
-		$(usex phc '' --disable-phc)
-		$(usex pps '' --disable-pps)
-		$(usex refclock '' --disable-refclock)
-		$(usex rtc '' --disable-rtc)
-		${CHRONY_EDITLINE}
-		${EXTRA_ECONF}
-		--chronysockdir="${EPREFIX}/run/chrony"
-		--disable-sechash
-		--docdir="${EPREFIX}/usr/share/doc/${PF}"
-		--mandir="${EPREFIX}/usr/share/man"
-		--prefix="${EPREFIX}/usr"
-		--sysconfdir="${EPREFIX}/etc/chrony"
-		--with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
-		--without-nss
-		--without-tomcrypt
-	)
-
-	# print the ./configure call to aid in future debugging
-	echo bash ./configure "${myconf[@]}" >&2
-	bash ./configure "${myconf[@]}" || die
-}
-
-src_compile() {
-	emake all docs $(usex html '' 'ADOC=true')
-}
-
-src_install() {
-	default
-
-	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
-	newconfd "${FILESDIR}"/chronyd.conf chronyd
-
-	insinto /etc/${PN}
-	newins examples/chrony.conf.example1 chrony.conf
-
-	docinto examples
-	dodoc examples/*.example*
-
-	if use html; then
-		docinto html
-		dodoc doc/*.html
-	fi
-
-	keepdir /var/{lib,log}/chrony
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
-
-	systemd_dounit examples/{chronyd,chrony-wait}.service
-	systemd_enable_ntpunit 50-chrony chronyd.service
-}

diff --git a/net-misc/chrony/chrony-3.5-r4.ebuild b/net-misc/chrony/chrony-3.5-r4.ebuild
deleted file mode 100644
index fa28cf69009..00000000000
--- a/net-misc/chrony/chrony-3.5-r4.ebuild
+++ /dev/null
@@ -1,172 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-inherit systemd tmpfiles toolchain-funcs
-
-DESCRIPTION="NTP client and server programs"
-HOMEPAGE="https://chrony.tuxfamily.org/"
-SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
-LICENSE="GPL-2"
-SLOT="0"
-
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
-IUSE="
-	+adns +caps +cmdmon html ipv6 libedit +ntp +phc pps readline +refclock +rtc
-	+seccomp selinux
-"
-REQUIRED_USE="
-	?? ( libedit readline )
-"
-
-CDEPEND="
-	caps? ( acct-group/ntp acct-user/ntp sys-libs/libcap )
-	libedit? ( dev-libs/libedit )
-	readline? ( >=sys-libs/readline-4.1-r4:= )
-	seccomp? ( sys-libs/libseccomp )
-"
-DEPEND="
-	${CDEPEND}
-	html? ( dev-ruby/asciidoctor )
-	pps? ( net-misc/pps-tools )
-"
-RDEPEND="
-	${CDEPEND}
-	selinux? ( sec-policy/selinux-chronyd )
-"
-
-RESTRICT=test
-
-S="${WORKDIR}/${P/_/-}"
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
-	"${FILESDIR}"/${PN}-3.5-r3-systemd-gentoo.patch
-)
-
-src_prepare() {
-	default
-	sed -i \
-		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
-		doc/* examples/* || die
-
-	# Copy for potential user fixup
-	cp "${FILESDIR}"/chronyd.conf-r1 "${T}"/chronyd.conf
-	cp examples/chronyd.service "${T}"/chronyd.service
-
-	# Set config for privdrop
-	if ! use caps; then
-		sed -i \
-			-e 's/-u ntp//' \
-			"${T}"/chronyd.conf "${T}"/chronyd.service || die
-	fi
-
-	if ! use seccomp; then
-		sed -i \
-			-e 's/-F 1//' \
-			"${T}"/chronyd.conf "${T}"/chronyd.service || die
-	fi
-}
-
-src_configure() {
-	tc-export CC
-
-	local CHRONY_EDITLINE
-	# ./configure legend:
-	# --disable-readline : disable line editing entirely
-	# --without-readline : do not use sys-libs/readline (enabled by default)
-	# --without-editline : do not use dev-libs/libedit (enabled by default)
-	if ! use readline && ! use libedit; then
-		CHRONY_EDITLINE='--disable-readline'
-	else
-		CHRONY_EDITLINE+=" $(usex readline '' --without-readline)"
-		CHRONY_EDITLINE+=" $(usex libedit '' --without-editline)"
-	fi
-
-	# not an autotools generated script
-	local myconf=(
-		$(use_enable seccomp scfilter)
-		$(usex adns '' --disable-asyncdns)
-		$(usex caps '' --disable-linuxcaps)
-		$(usex cmdmon '' --disable-cmdmon)
-		$(usex ipv6 '' --disable-ipv6)
-		$(usex ntp '' --disable-ntp)
-		$(usex phc '' --disable-phc)
-		$(usex pps '' --disable-pps)
-		$(usex refclock '' --disable-refclock)
-		$(usex rtc '' --disable-rtc)
-		${CHRONY_EDITLINE}
-		${EXTRA_ECONF}
-		--chronysockdir="${EPREFIX}/run/chrony"
-		--disable-sechash
-		--docdir="${EPREFIX}/usr/share/doc/${PF}"
-		--mandir="${EPREFIX}/usr/share/man"
-		--prefix="${EPREFIX}/usr"
-		--sysconfdir="${EPREFIX}/etc/chrony"
-		--with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
-		--without-nss
-		--without-tomcrypt
-	)
-
-	# print the ./configure call to aid in future debugging
-	echo bash ./configure "${myconf[@]}" >&2
-	bash ./configure "${myconf[@]}" || die
-}
-
-src_compile() {
-	emake all docs $(usex html '' 'ADOC=true')
-}
-
-src_install() {
-	default
-
-	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
-	newconfd "${T}"/chronyd.conf chronyd
-
-	insinto /etc/${PN}
-	newins examples/chrony.conf.example1 chrony.conf
-
-	docinto examples
-	dodoc examples/*.example*
-
-	newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
-
-	if use html; then
-		docinto html
-		dodoc doc/*.html
-	fi
-
-	keepdir /var/{lib,log}/chrony
-
-	if use caps; then
-		# Prepare a directory for the chrony.drift file (a la ntpsec)
-		# Ensures the environment is sane on new installs
-		fowners ntp:ntp /var/{lib,log}/chrony
-		fperms 770 /var/lib/chrony
-	fi
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
-
-	systemd_dounit "${T}"/chronyd.service
-	systemd_dounit examples/chrony-wait.service
-	systemd_enable_ntpunit 50-chrony chronyd.service
-}
-
-pkg_preinst() {
-	HAD_CAPS=false
-
-	if has_version 'net-misc/chrony[caps]'; then
-		HAD_CAPS=true
-	fi
-}
-
-pkg_postinst() {
-	tmpfiles_process chronyd.conf
-
-	if [[ -n ${REPLACING_VERSIONS} ]] && use caps && ! ${HAD_CAPS}; then
-		ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"
-		ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"
-		ewarn "This is necessary for chrony to drop privileges"
-	fi
-}

diff --git a/net-misc/chrony/files/chrony-3.5-systemd-gentoo.patch b/net-misc/chrony/files/chrony-3.5-systemd-gentoo.patch
deleted file mode 100644
index addba4ca1a9..00000000000
--- a/net-misc/chrony/files/chrony-3.5-systemd-gentoo.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/examples/chronyd.service
-+++ b/examples/chronyd.service
-@@ -8,8 +8,7 @@
- [Service]
- Type=forking
- PIDFile=/run/chrony/chronyd.pid
--EnvironmentFile=-/etc/sysconfig/chronyd
--ExecStart=/usr/sbin/chronyd $OPTIONS
-+ExecStart=/usr/sbin/chronyd
- PrivateTmp=yes
- ProtectHome=yes
- ProtectSystem=full

diff --git a/net-misc/chrony/metadata.xml b/net-misc/chrony/metadata.xml
index d13933dc6d5..9b7e225c3ad 100644
--- a/net-misc/chrony/metadata.xml
+++ b/net-misc/chrony/metadata.xml
@@ -18,7 +18,6 @@ Chrony はコンピュータのシステム・クロックの精度を保つた
 な接続でも機能します。
 </longdescription>
 <use>
-<flag name="adns">Support for asynchronous DNS</flag>
 <flag name="cmdmon">Support for command and monitoring</flag>
 <flag name="html">Install HTML documentation</flag>
 <flag name="nettle">Use <pkg>dev-libs/nettle</pkg> for hash functions</flag>

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Sam James]

commit:     b4b89d0fd4d27f5e7798a79a38bee223f549dbfc
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sun Dec 20 06:27:31 2020 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sun Dec 20 06:27:31 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b4b89d0f

net-misc/chrony: cleanup old

Package-Manager: Portage-3.0.12-prefix, Repoman-3.0.2
Signed-off-by: Sam James <sam <AT> gentoo.org>

 net-misc/chrony/Manifest               |   1 -
 net-misc/chrony/chrony-3.5.1-r1.ebuild | 196 ---------------------------------
 net-misc/chrony/files/chronyd.init     |  65 -----------
 3 files changed, 262 deletions(-)

diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest
index f52b2b3f5f6..d338cb37157 100644
--- a/net-misc/chrony/Manifest
+++ b/net-misc/chrony/Manifest
@@ -1,2 +1 @@
-DIST chrony-3.5.1.tar.gz 459902 BLAKE2B 503402c0dd68a340eb5ecd8b57dcb83d90124f31e8deb6e20bd1e9ed19b5dc952fa7f40a697d0d0cb77c349c9f3297dcd32265d77670a71836ba8709dcc83053 SHA512 489cf614bfb2c1e024343af1316c339b287ed5c7b6cec15b44ef3d90512036fb1da3fd627d291a193c59d9c5c095afa66c529eeb6fd0c1bbc8256ed8873b7984
 DIST chrony-4.0.tar.gz 546939 BLAKE2B 1d4035977be3603b34024c5c1c2aa5f2b4aca03fe7dc1eb41be2e9aeefa06e20a5f74776c50bdadaffba10ae25e7980bcbd9cf2b999bd73087728afe7a80253e SHA512 a1c11a386c43f495910f7f2e9b5fbb1652c3631471d182b9b8203dfef98611d11535ad547a879856551263aed0ae2e30e4135b8ed89553684706166bc1c725c9

diff --git a/net-misc/chrony/chrony-3.5.1-r1.ebuild b/net-misc/chrony/chrony-3.5.1-r1.ebuild
deleted file mode 100644
index ca404b746fd..00000000000
--- a/net-misc/chrony/chrony-3.5.1-r1.ebuild
+++ /dev/null
@@ -1,196 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-inherit systemd tmpfiles toolchain-funcs
-
-DESCRIPTION="NTP client and server programs"
-HOMEPAGE="https://chrony.tuxfamily.org/"
-
-if [[ ${PV} == "9999" ]]; then
-	EGIT_REPO_URI="https://git.tuxfamily.org/chrony/chrony.git"
-
-	inherit git-r3
-else
-	SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
-	KEYWORDS="~alpha amd64 arm arm64 hppa ppc ppc64 sparc x86"
-fi
-
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="
-	+caps +cmdmon html ipv6 libedit +nettle +ntp +phc pps readline +refclock
-	+rtc samba +seccomp +sechash selinux
-"
-REQUIRED_USE="
-	?? ( libedit readline )
-	sechash? ( nettle )
-"
-RESTRICT=test
-CDEPEND="
-	caps? ( acct-group/ntp acct-user/ntp sys-libs/libcap )
-	libedit? ( dev-libs/libedit )
-	nettle? ( dev-libs/nettle:= )
-	readline? ( >=sys-libs/readline-4.1-r4:= )
-	seccomp? ( sys-libs/libseccomp )
-"
-DEPEND="
-	${CDEPEND}
-	html? ( dev-ruby/asciidoctor )
-	pps? ( net-misc/pps-tools )
-"
-RDEPEND="
-	${CDEPEND}
-	selinux? ( sec-policy/selinux-chronyd )
-"
-BDEPEND="
-	nettle? ( virtual/pkgconfig )
-"
-PATCHES=(
-	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
-	"${FILESDIR}"/${PN}-3.5-r3-systemd-gentoo.patch
-)
-S="${WORKDIR}/${P/_/-}"
-
-if [[ ${PV} == "9999" ]]; then
-	BDEPEND+=" virtual/w3m"
-fi
-
-src_prepare() {
-	default
-
-	sed -i \
-		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
-		doc/* examples/* || die
-
-	sed -i \
-		-e 's|RELOADDNS||g' \
-		-e 's|pkg-config|${PKG_CONFIG}|g' \
-		configure || die
-
-	cp "${FILESDIR}"/chronyd.conf "${T}"/chronyd.conf || die
-}
-
-src_configure() {
-	if ! use caps; then
-		sed -i \
-			-e 's/ -u ntp//' \
-			"${T}"/chronyd.conf examples/chronyd.service || die
-	fi
-
-	if ! use seccomp; then
-		sed -i \
-			-e 's/ -F 0//' \
-			"${T}"/chronyd.conf examples/chronyd.service || die
-	fi
-
-	tc-export CC PKG_CONFIG
-
-	local CHRONY_EDITLINE
-	# ./configure legend:
-	# --disable-readline : disable line editing entirely
-	# --without-readline : do not use sys-libs/readline (enabled by default)
-	# --without-editline : do not use dev-libs/libedit (enabled by default)
-	if ! use readline && ! use libedit; then
-		CHRONY_EDITLINE='--disable-readline'
-	else
-		CHRONY_EDITLINE+=" $(usex readline '' --without-readline)"
-		CHRONY_EDITLINE+=" $(usex libedit '' --without-editline)"
-	fi
-
-	# Note: ncurses and nss switches are mentioned in the configure script but
-	# do nothing
-	# not an autotools generated script
-	local myconf=(
-		$(use_enable seccomp scfilter)
-		$(usex caps '' --disable-linuxcaps)
-		$(usex cmdmon '' --disable-cmdmon)
-		$(usex ipv6 '' --disable-ipv6)
-		$(usex nettle '' --without-nettle)
-		$(usex ntp '' --disable-ntp)
-		$(usex phc '' --disable-phc)
-		$(usex pps '' --disable-pps)
-		$(usex refclock '' --disable-refclock)
-		$(usex rtc '' --disable-rtc)
-		$(usex samba --enable-ntp-signd '')
-		$(usex sechash '' --disable-sechash)
-		${CHRONY_EDITLINE}
-		${EXTRA_ECONF}
-		--chronysockdir="${EPREFIX}/run/chrony"
-		--docdir="${EPREFIX}/usr/share/doc/${PF}"
-		--mandir="${EPREFIX}/usr/share/man"
-		--prefix="${EPREFIX}/usr"
-		--sysconfdir="${EPREFIX}/etc/chrony"
-		--with-hwclockfile="${EPREFIX}/etc/adjtime"
-		--with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
-		--without-nss
-		--without-tomcrypt
-	)
-
-	# print the ./configure call
-	echo sh ./configure "${myconf[@]}" >&2
-	sh ./configure "${myconf[@]}" || die
-}
-
-src_compile() {
-	if [[ ${PV} == "9999" ]]; then
-		# uses w3m
-		emake -C doc man txt
-	fi
-
-	emake all docs $(usex html '' 'ADOC=true')
-}
-
-src_install() {
-	default
-
-	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
-	newconfd "${T}"/chronyd.conf chronyd
-
-	insinto /etc/${PN}
-	newins examples/chrony.conf.example1 chrony.conf
-
-	docinto examples
-	dodoc examples/*.example*
-
-	newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
-
-	if use html; then
-		docinto html
-		dodoc doc/*.html
-	fi
-
-	keepdir /var/{lib,log}/chrony
-
-	if use caps; then
-		# Prepare a directory for the chrony.drift file (a la ntpsec)
-		# Ensures the environment is sane on new installs
-		fowners ntp:ntp /var/{lib,log}/chrony
-		fperms 770 /var/lib/chrony
-	fi
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
-
-	systemd_dounit examples/chronyd.service
-	systemd_dounit examples/chrony-wait.service
-	systemd_enable_ntpunit 50-chrony chronyd.service
-}
-
-pkg_preinst() {
-	HAD_CAPS=false
-
-	if has_version 'net-misc/chrony[caps]'; then
-		HAD_CAPS=true
-	fi
-}
-
-pkg_postinst() {
-	tmpfiles_process chronyd.conf
-
-	if [[ -n ${REPLACING_VERSIONS} ]] && use caps && ! ${HAD_CAPS}; then
-		ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"
-		ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"
-		ewarn "This is necessary for chrony to drop privileges"
-	fi
-}

diff --git a/net-misc/chrony/files/chronyd.init b/net-misc/chrony/files/chronyd.init
deleted file mode 100644
index 3a71fe748fd..00000000000
--- a/net-misc/chrony/files/chronyd.init
+++ /dev/null
@@ -1,65 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2013 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-depend() {
-	use dns
-}
-
-checkconfig() {
-	# Note that /etc/chrony/chrony.keys is *NOT* checked. This
-	# is because the user may have specified another key
-	# file, and we don't want to force the user to use that
-	# exact name for the key file.
-	if [ ! -f "${CFGFILE}" ] ; then
-		eerror "Please create ${CFGFILE} and the"
-		eerror "chrony key file (usually /etc/chrony/chrony.keys)"
-		eerror "by using the"
-		eerror ""
-		eerror "        chrony.conf.example"
-		eerror "        chrony.keys.example"
-		eerror ""
-		eerror "files (from the documentation directory)"
-		eerror "as templates."
-		return 1
-	else
-		# Actually, I tried it, and chrony seems to ignore the pidfile
-		# option. I'm going to leave it here anyway, since you never
-		# know if it might be handy
-		PIDFILE=`awk '/^ *pidfile/{print $2}' "${CFGFILE}"`
-	fi
-	return 0
-}
-
-setxtrarg() {
-	if [ -c /dev/rtc ]; then
-		grep -q '^rtcfile' "${CFGFILE}" && ARGS="${ARGS} -s"
-	fi
-	grep -q '^dumponexit$' "${CFGFILE}" && ARGS="${ARGS} -r"
-	return 0
-}
-
-start() {
-	checkconfig || return $?
-	setxtrarg
-
-	[ -n "${PIDFILE}" ] || PIDFILE=/run/chronyd.pid
-
-	ebegin "Starting chronyd"
-	start-stop-daemon --start --background --quiet \
-		--exec /usr/sbin/chronyd \
-		--pidfile "${PIDFILE}" \
-		-- -f "${CFGFILE}" ${ARGS}
-	eend $? "Failed to start chronyd"
-}
-
-stop() {
-	checkconfig || return $?
-
-	[ -n "${PIDFILE}" ] || PIDFILE=/run/chronyd.pid
-
-	ebegin "Stopping chronyd"
-	start-stop-daemon --stop --quiet \
-		--pidfile "${PIDFILE}"
-	eend $? "Failed to stop chronyd"
-}

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Sam James]

commit:     8aa0d8a92ee4568de9d6c431b5fa8c2263f750ee
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Thu May 13 14:24:34 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Thu May 13 16:14:07 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8aa0d8a9

net-misc/chrony: add 4.1

Enables seccomp by default with the new upstream limited
filter range (-F 2). Please use -F 1 if you can test it and
it works on your system.

Bug: https://bugs.gentoo.org/783915
Signed-off-by: Sam James <sam <AT> gentoo.org>

 net-misc/chrony/Manifest                           |   2 +
 net-misc/chrony/chrony-4.1.ebuild                  | 252 +++++++++++++++++++++
 .../chrony/files/chrony-4.1-systemd-gentoo.patch   |  12 +
 net-misc/chrony/files/chronyd.conf-r3              |  12 +
 4 files changed, 278 insertions(+)

diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest
index d898b8aa015..ca17156141a 100644
--- a/net-misc/chrony/Manifest
+++ b/net-misc/chrony/Manifest
@@ -2,3 +2,5 @@ DIST chrony-4.0.tar.gz 546939 BLAKE2B 1d4035977be3603b34024c5c1c2aa5f2b4aca03fe7
 DIST chrony-4.0.tar.gz.asc 195 BLAKE2B 1947a73f35eb5c58f91775d76473210a7b5edff5b808e360eb0c3724351c54ac4f187a2aa4450830130da718c6a0c488baa170ca87e7e6eac781d85c67b3773f SHA512 c3156d91f4fdb6f9e2fdbc83b1399afb0ecdfa9b7bc92648c5bce477c3f0f921d2a13aa21ac6c281f18b008c60f08e3db6d82b642b646f064aea1dbe19295c4c
 DIST chrony-4.1-pre1.tar.gz 563277 BLAKE2B 474d27d0e402d83bda52125940b8205119519b93571e6b8df3fea5eeb5f1f3babbcc40bc81db77bc345830d5e9528ad087ff539026a1a585ce220feeb851e978 SHA512 03e28e6651d6aa3c99333b94ee503843c3a69b8c8366bf647c41a3a9e34e987c440e289ec16e5c62c2a7405271bddc533efbd59d6c6ab43712c8908dfb86322e
 DIST chrony-4.1-pre1.tar.gz.asc 195 BLAKE2B 4a06b35be3257a52cc824e2acfdff32b6598d1744bc23418e89291d71d6d9a86c35559eab26034ce2e05c4152ffb691b5ec4104dc339821e93523c33c8cbdd72 SHA512 8eb695c3f85f90d02b22b1202c8766347289a6da1d0658a3d89eed90202799bcfc647b96e5f931fb862011e85feed5f4914b39e45a3e20f01827509fe271a2d7
+DIST chrony-4.1.tar.gz 564648 BLAKE2B f9c4b44c521ee592c109b8a3d500b9cb3ea4fbf0d7dce9d8754498ad41ce2ac87c913cf72a38557ce5f28208672163b21b067307f723fd91cc91d71f69e739ef SHA512 5e283d6a56e6852606c681a7c29c5786b102d584178cbd7033ebbc95a8e95533605631363b850a3087cca438a5878db7a317f120aab2fd856487d02fccfbcb1f
+DIST chrony-4.1.tar.gz.asc 833 BLAKE2B 6d800ae436523f61cd713cdd12cf0246db53e732554433d5ef6cf1a437296ee9d0da3b2e9e72d1ccb0e3a6b1ee1227e5d1626bf031b0491670ee0712e17c57ff SHA512 82faf9171d782c18224d2d44b340994b0ddab141e88cc803dea83d0ffbb6468bc51e8b11c8dd9bd327220cae04f7d789b58ab23141a2bdf038ce628f9adeb57a

diff --git a/net-misc/chrony/chrony-4.1.ebuild b/net-misc/chrony/chrony-4.1.ebuild
new file mode 100644
index 00000000000..0870f5908e7
--- /dev/null
+++ b/net-misc/chrony/chrony-4.1.ebuild
@@ -0,0 +1,252 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit systemd tmpfiles toolchain-funcs
+
+DESCRIPTION="NTP client and server programs"
+HOMEPAGE="https://chrony.tuxfamily.org/ https://git.tuxfamily.org/chrony/chrony.git"
+
+if [[ ${PV} == "9999" ]] ; then
+	EGIT_REPO_URI="https://git.tuxfamily.org/chrony/chrony.git"
+	inherit git-r3
+else
+	VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/mlichvar.asc
+	inherit verify-sig
+
+	SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
+	SRC_URI+=" verify-sig? ( https://download.tuxfamily.org/chrony/${P/_/-}-tar-gz-asc.txt -> ${P/_/-}.tar.gz.asc )"
+
+	if [[ ${PV} != *_pre* ]] ; then
+		KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
+	fi
+fi
+
+S="${WORKDIR}/${P/_/-}"
+
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="+caps +cmdmon debug html ipv6 libedit libtomcrypt +nettle nss +ntp +nts +phc pps +refclock +rtc samba +seccomp +sechash selinux"
+# nettle > nss > libtomcrypt in configure
+REQUIRED_USE="
+	sechash? ( || ( nettle nss libtomcrypt ) )
+	nettle? ( !nss )
+	nss? ( !nettle )
+	libtomcrypt? ( !nettle !nss )
+	!sechash? ( !nss )
+	!sechash? ( !nts? ( !nettle ) )
+"
+
+DEPEND="
+	caps? (
+		acct-group/ntp
+		acct-user/ntp
+		sys-libs/libcap
+	)
+	libedit? ( dev-libs/libedit )
+	!libedit? ( sys-libs/readline:= )
+	nettle? ( dev-libs/nettle:= )
+	nss? ( dev-libs/nss:= )
+	nts? ( net-libs/gnutls:= )
+	pps? ( net-misc/pps-tools )
+	seccomp? ( sys-libs/libseccomp )
+"
+RDEPEND="
+	${DEPEND}
+	selinux? ( sec-policy/selinux-chronyd )
+"
+BDEPEND="
+	html? ( dev-ruby/asciidoctor )
+	nts? ( virtual/pkgconfig )
+	sechash? (
+		nettle? ( virtual/pkgconfig )
+		nss? ( virtual/pkgconfig )
+	)
+"
+
+if [[ ${PV} == "9999" ]] ; then
+	# Needed for doc generation in 9999
+	REQUIRED_USE+=" html"
+	BDEPEND+=" virtual/w3m"
+else
+	BDEPEND+=" verify-sig? ( >=app-crypt/openpgp-keys-mlichvar-20210513 )"
+fi
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
+	"${FILESDIR}"/${PN}-4.1-systemd-gentoo.patch
+)
+
+src_prepare() {
+	default
+
+	sed -i \
+		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
+		doc/* examples/* || die
+
+	cp "${FILESDIR}"/chronyd.conf-r3 "${T}"/chronyd.conf || die
+}
+
+src_configure() {
+	if ! use caps ; then
+		sed -i \
+			-e 's/ -u ntp//' \
+			"${T}"/chronyd.conf examples/chronyd.service || die
+	fi
+
+	if ! use seccomp ; then
+		sed -i \
+			-e 's/ -F 0//' \
+			"${T}"/chronyd.conf examples/chronyd.service || die
+	fi
+
+	tc-export CC PKG_CONFIG
+
+	# Update from time to time with output from "date +%s"
+	# on a system that is time-synced.
+	export SOURCE_DATE_EPOCH=1607976314
+
+	# Not an autotools generated script
+	local myconf=(
+		$(use_enable seccomp scfilter)
+
+		$(usex caps '' '--disable-linuxcaps')
+		$(usex cmdmon '' '--disable-cmdmon')
+		$(usex debug '--enable-debug' '')
+		$(usex ipv6 '' '--disable-ipv6')
+		$(usex libedit '' '--without-editline')
+		$(usex libtomcrypt '' '--without-tomcrypt')
+		$(usex nettle '' '--without-nettle')
+		$(usex nss '' '--without-nss')
+		$(usex ntp '' '--disable-ntp')
+		$(usex nts '' '--disable-nts')
+		$(usex nts '' '--without-gnutls')
+		$(usex phc '' '--disable-phc')
+		$(usex pps '' '--disable-pps')
+		$(usex refclock '' '--disable-refclock')
+		$(usex rtc '' '--disable-rtc')
+		$(usex samba '--enable-ntp-signd' '')
+		$(usex sechash '' '--disable-sechash')
+
+		--chronysockdir="${EPREFIX}/run/chrony"
+		--docdir="${EPREFIX}/usr/share/doc/${PF}"
+		--mandir="${EPREFIX}/usr/share/man"
+		--prefix="${EPREFIX}/usr"
+		--sysconfdir="${EPREFIX}/etc/chrony"
+		--with-hwclockfile="${EPREFIX}/etc/adjtime"
+		--with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
+
+		${EXTRA_ECONF}
+	)
+
+	# Print the ./configure call
+	echo sh ./configure "${myconf[@]}" >&2
+	sh ./configure "${myconf[@]}" || die
+}
+
+src_compile() {
+	if [[ ${PV} == "9999" ]] ; then
+		# Uses w3m
+		emake -C doc man txt
+	fi
+
+	emake all docs $(usex html '' 'ADOC=true')
+}
+
+src_install() {
+	default
+
+	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
+	newconfd "${T}"/chronyd.conf chronyd
+
+	insinto /etc/${PN}
+	newins examples/chrony.conf.example1 chrony.conf
+
+	docinto examples
+	dodoc examples/*.example*
+
+	newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
+
+	if use html ; then
+		docinto html
+		dodoc doc/*.html
+	fi
+
+	keepdir /var/{lib,log}/chrony
+
+	if use caps ; then
+		# Prepare a directory for the chrony.drift file (a la ntpsec)
+		# Ensures the environment is sane on new installs
+		# bug #711058
+		fowners ntp:ntp /var/{lib,log}/chrony
+		fperms 770 /var/lib/chrony
+	fi
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
+
+	systemd_dounit examples/chronyd.service
+	systemd_dounit examples/chrony-wait.service
+	systemd_enable_ntpunit 50-chrony chronyd.service
+}
+
+pkg_preinst() {
+	HAD_CAPS=0
+	HAD_SECCOMP=0
+	HAD_PRE_NEW_SECCOMP_LEVEL=0
+
+	# See https://dev.gentoo.org/~zmedico/portage/doc/portage.html#package-ebuild-phases-after-2.1.5
+	# in "Ebuild Phases" for an explanation of why we need to save the variable beforehand
+	if has_version 'net-misc/chrony[caps]' ; then
+		HAD_CAPS=1
+	fi
+
+	if has_version 'net-misc/chrony[seccomp]' ; then
+		HAD_SECCOMP=1
+	fi
+
+	if has_version '>=net-misc/chrony-4.1[seccomp]' ; then
+		# This version introduced a new filter level: -F 2
+		# It's a limited set of seccomp filters designed to be 'bare minimum'
+		HAD_PRE_NEW_SECCOMP_LEVEL=1
+	fi
+}
+
+pkg_postinst() {
+	tmpfiles_process chronyd.conf
+
+	if [[ -n "${REPLACING_VERSIONS}" ]] ; then
+		if use caps && ! [[ ${HAD_CAPS} -eq 1 ]] ; then
+			# bug #719876
+			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"
+			ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"
+			ewarn "This is necessary for chrony to drop privileges"
+		elif ! use caps && [[ ${HAD_CAPS} -eq 0 ]] ; then
+			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by root:root"
+		fi
+	fi
+
+	# See bug #783915 for general discussion on enabling seccomp filtering
+	# by default.
+	local show_seccomp_enable_msg=0
+
+	# Was seccomp disabled before and now enabled?
+    if [[ ${HAD_SECCOMP} -eq 0 ]] && use seccomp ; then
+		show_seccomp_enable_msg=1
+	fi
+
+	# Are we coming from an old version without the new 'minimal' filter?
+	# (-F 2)
+	if [[ ${HAD_PRE_NEW_SECCOMP_LEVEL} -eq 0 ]] ; then
+		show_seccomp_enable_msg=1
+	fi
+
+	if [[ ${show_seccomp_enable_msg} -eq 1 ]] ; then
+		elog "To enable seccomp in a stricter mode, please modify:"
+		elog "- /etc/conf.d/chronyd for OpenRC"
+		elog "- systemctl edit chronyd for systemd"
+		elog "By default, we now use -F 2 which is a baseline/minimal filter."
+		elog "to use -F 1 or -F -1 instead of -F 2 (see man chronyd)"
+	fi
+}

diff --git a/net-misc/chrony/files/chrony-4.1-systemd-gentoo.patch b/net-misc/chrony/files/chrony-4.1-systemd-gentoo.patch
new file mode 100644
index 00000000000..ff3b320d1e4
--- /dev/null
+++ b/net-misc/chrony/files/chrony-4.1-systemd-gentoo.patch
@@ -0,0 +1,12 @@
+--- a/examples/chronyd.service
++++ b/examples/chronyd.service
+@@ -8,8 +8,7 @@
+ [Service]
+ Type=forking
+ PIDFile=/run/chrony/chronyd.pid
+-EnvironmentFile=-/etc/sysconfig/chronyd
+-ExecStart=/usr/sbin/chronyd $OPTIONS
++ExecStart=/usr/sbin/chronyd -u ntp -F 2
+ PrivateTmp=yes
+ ProtectHome=yes
+ ProtectSystem=full

diff --git a/net-misc/chrony/files/chronyd.conf-r3 b/net-misc/chrony/files/chronyd.conf-r3
new file mode 100644
index 00000000000..25a4758954e
--- /dev/null
+++ b/net-misc/chrony/files/chronyd.conf-r3
@@ -0,0 +1,12 @@
+# /etc/conf.d/chronyd
+
+CFGFILE="/etc/chrony/chrony.conf"
+
+# Configuration dependant options :
+#      -s - Set system time from RTC if rtcfile directive present
+#      -r - Reload sample histories if dumponexit directive present
+#
+# The combination of "-s -r" allows chronyd to perform long term averaging of
+# the gain or loss rate across system reboots and shutdowns.
+
+ARGS=" -u ntp -F 2"

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[David Seifert]

commit:     c1451383d43e7a3cec646dd097309dd595601726
Author:     David Seifert <soap <AT> gentoo <DOT> org>
AuthorDate: Sat Sep  4 17:34:00 2021 +0000
Commit:     David Seifert <soap <AT> gentoo <DOT> org>
CommitDate: Sat Sep  4 17:34:00 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c1451383

net-misc/chrony: drop 4.0-r2

Signed-off-by: David Seifert <soap <AT> gentoo.org>

 net-misc/chrony/Manifest                           |   2 -
 net-misc/chrony/chrony-4.0-r2.ebuild               | 217 ---------------------
 .../files/chrony-3.5-r3-systemd-gentoo.patch       |  12 --
 net-misc/chrony/files/chronyd.conf                 |  12 --
 4 files changed, 243 deletions(-)

diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest
index 74b5ad8efb9..ee8a90b57aa 100644
--- a/net-misc/chrony/Manifest
+++ b/net-misc/chrony/Manifest
@@ -1,4 +1,2 @@
-DIST chrony-4.0.tar.gz 546939 BLAKE2B 1d4035977be3603b34024c5c1c2aa5f2b4aca03fe7dc1eb41be2e9aeefa06e20a5f74776c50bdadaffba10ae25e7980bcbd9cf2b999bd73087728afe7a80253e SHA512 a1c11a386c43f495910f7f2e9b5fbb1652c3631471d182b9b8203dfef98611d11535ad547a879856551263aed0ae2e30e4135b8ed89553684706166bc1c725c9
-DIST chrony-4.0.tar.gz.asc 195 BLAKE2B 1947a73f35eb5c58f91775d76473210a7b5edff5b808e360eb0c3724351c54ac4f187a2aa4450830130da718c6a0c488baa170ca87e7e6eac781d85c67b3773f SHA512 c3156d91f4fdb6f9e2fdbc83b1399afb0ecdfa9b7bc92648c5bce477c3f0f921d2a13aa21ac6c281f18b008c60f08e3db6d82b642b646f064aea1dbe19295c4c
 DIST chrony-4.1.tar.gz 564648 BLAKE2B f9c4b44c521ee592c109b8a3d500b9cb3ea4fbf0d7dce9d8754498ad41ce2ac87c913cf72a38557ce5f28208672163b21b067307f723fd91cc91d71f69e739ef SHA512 5e283d6a56e6852606c681a7c29c5786b102d584178cbd7033ebbc95a8e95533605631363b850a3087cca438a5878db7a317f120aab2fd856487d02fccfbcb1f
 DIST chrony-4.1.tar.gz.asc 833 BLAKE2B 6d800ae436523f61cd713cdd12cf0246db53e732554433d5ef6cf1a437296ee9d0da3b2e9e72d1ccb0e3a6b1ee1227e5d1626bf031b0491670ee0712e17c57ff SHA512 82faf9171d782c18224d2d44b340994b0ddab141e88cc803dea83d0ffbb6468bc51e8b11c8dd9bd327220cae04f7d789b58ab23141a2bdf038ce628f9adeb57a

diff --git a/net-misc/chrony/chrony-4.0-r2.ebuild b/net-misc/chrony/chrony-4.0-r2.ebuild
deleted file mode 100644
index 693ea18334e..00000000000
--- a/net-misc/chrony/chrony-4.0-r2.ebuild
+++ /dev/null
@@ -1,217 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit systemd tmpfiles toolchain-funcs
-
-DESCRIPTION="NTP client and server programs"
-HOMEPAGE="https://chrony.tuxfamily.org/ https://git.tuxfamily.org/chrony/chrony.git"
-
-if [[ ${PV} == "9999" ]]; then
-	EGIT_REPO_URI="https://git.tuxfamily.org/chrony/chrony.git"
-	inherit git-r3
-else
-	VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/mlichvar.asc
-	inherit verify-sig
-
-	SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
-	SRC_URI+=" verify-sig? ( https://download.tuxfamily.org/chrony/${P}-tar-gz-asc.txt -> ${P}.tar.gz.asc )"
-	KEYWORDS="~alpha amd64 arm arm64 ~hppa ~mips ppc ppc64 sparc x86"
-fi
-
-S="${WORKDIR}/${P/_/-}"
-
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="+caps +cmdmon debug html ipv6 libedit +nettle nss +ntp +phc +nts pps +refclock +rtc samba +seccomp +sechash selinux libtomcrypt"
-# nettle > nss > libtomcrypt in configure
-REQUIRED_USE="
-	sechash? ( || ( nettle nss libtomcrypt ) )
-	nettle? ( !nss )
-	nss? ( !nettle )
-	libtomcrypt? ( !nettle !nss )
-	!sechash? ( !nss )
-	!sechash? ( !nts? ( !nettle ) )
-	nts? ( nettle )
-"
-
-BDEPEND="
-	nettle? ( virtual/pkgconfig )
-"
-
-if [[ ${PV} == "9999" ]]; then
-	# Needed for doc generation in 9999
-	REQUIRED_USE+=" html"
-	BDEPEND+=" virtual/w3m"
-else
-	BDEPEND+=" verify-sig? ( <=app-crypt/openpgp-keys-mlichvar-20210416 )"
-fi
-
-DEPEND="
-	caps? (
-		acct-group/ntp
-		acct-user/ntp
-		sys-libs/libcap
-	)
-	nts? ( net-libs/gnutls:= )
-	libedit? ( dev-libs/libedit )
-	nettle? ( dev-libs/nettle:= )
-	nss? ( dev-libs/nss:= )
-	seccomp? ( sys-libs/libseccomp )
-	html? ( dev-ruby/asciidoctor )
-	pps? ( net-misc/pps-tools )
-"
-RDEPEND="
-	${DEPEND}
-	selinux? ( sec-policy/selinux-chronyd )
-"
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
-	"${FILESDIR}"/${PN}-3.5-r3-systemd-gentoo.patch
-)
-
-src_prepare() {
-	default
-
-	sed -i \
-		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
-		doc/* examples/* || die
-
-	cp "${FILESDIR}"/chronyd.conf "${T}"/chronyd.conf || die
-}
-
-src_configure() {
-	if ! use caps; then
-		sed -i \
-			-e 's/ -u ntp//' \
-			"${T}"/chronyd.conf examples/chronyd.service || die
-	fi
-
-	if ! use seccomp; then
-		sed -i \
-			-e 's/ -F 0//' \
-			"${T}"/chronyd.conf examples/chronyd.service || die
-	fi
-
-	tc-export CC PKG_CONFIG
-
-	# Update from time to time with output from "date +%s"
-	# on a system that is time-synced.
-	export SOURCE_DATE_EPOCH=1607976314
-
-	# not an autotools generated script
-	local myconf=(
-		$(use_enable seccomp scfilter)
-		$(usex caps '' --disable-linuxcaps)
-		$(usex cmdmon '' --disable-cmdmon)
-		$(usex debug '--enable-debug' '')
-		$(usex ipv6 '' --disable-ipv6)
-		$(usex libedit '' --without-editline)
-		$(usex nettle '' --without-nettle)
-		$(usex nss '' --without-nss)
-		$(usex ntp '' --disable-ntp)
-		$(usex nts '' --disable-nts)
-		$(usex nts '' --without-gnutls)
-		$(usex phc '' --disable-phc)
-		$(usex pps '' --disable-pps)
-		$(usex refclock '' --disable-refclock)
-		$(usex rtc '' --disable-rtc)
-		$(usex samba --enable-ntp-signd '')
-		$(usex sechash '' --disable-sechash)
-		$(usex libtomcrypt '' --without-tomcrypt)
-		--chronysockdir="${EPREFIX}/run/chrony"
-		--docdir="${EPREFIX}/usr/share/doc/${PF}"
-		--mandir="${EPREFIX}/usr/share/man"
-		--prefix="${EPREFIX}/usr"
-		--sysconfdir="${EPREFIX}/etc/chrony"
-		--with-hwclockfile="${EPREFIX}/etc/adjtime"
-		--with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
-		${EXTRA_ECONF}
-	)
-
-	# print the ./configure call
-	echo sh ./configure "${myconf[@]}" >&2
-	sh ./configure "${myconf[@]}" || die
-}
-
-src_compile() {
-	if [[ ${PV} == "9999" ]]; then
-		# uses w3m
-		emake -C doc man txt
-	fi
-
-	emake all docs $(usex html '' 'ADOC=true')
-}
-
-src_install() {
-	default
-
-	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
-	newconfd "${T}"/chronyd.conf chronyd
-
-	insinto /etc/${PN}
-	newins examples/chrony.conf.example1 chrony.conf
-
-	docinto examples
-	dodoc examples/*.example*
-
-	newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
-
-	if use html; then
-		docinto html
-		dodoc doc/*.html
-	fi
-
-	keepdir /var/{lib,log}/chrony
-
-	if use caps; then
-		# Prepare a directory for the chrony.drift file (a la ntpsec)
-		# Ensures the environment is sane on new installs
-		fowners ntp:ntp /var/{lib,log}/chrony
-		fperms 770 /var/lib/chrony
-	fi
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
-
-	systemd_dounit examples/chronyd.service
-	systemd_dounit examples/chrony-wait.service
-	systemd_enable_ntpunit 50-chrony chronyd.service
-}
-
-pkg_preinst() {
-	HAD_CAPS=false
-	HAD_SECCOMP=false
-
-	if has_version 'net-misc/chrony[caps]' ; then
-		HAD_CAPS=true
-	fi
-
-	if has_version 'net-misc/chrony[seccomp]' ; then
-		HAD_SECCOMP=true
-	fi
-
-}
-
-pkg_postinst() {
-	tmpfiles_process chronyd.conf
-
-	if [[ -n "${REPLACING_VERSIONS}" ]] ; then
-		if use caps && ! ${HAD_CAPS} ; then
-			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"
-			ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"
-			ewarn "This is necessary for chrony to drop privileges"
-		elif ! use caps && ! ${HAD_CAPS} ; then
-			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by root:root"
-		fi
-	fi
-
-	if [[ ! ${HAD_SECCOMP} ]] && use seccomp ; then
-		elog "To enable seccomp in enforcing mode, please modify:"
-		elog "- /etc/conf.d/chronyd for OpenRC"
-		elog "- systemctl edit chronyd for systemd"
-		elog "to use -F 1 or -F -1 instead of -F 0 (see man chronyd)"
-	fi
-}

diff --git a/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch b/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch
deleted file mode 100644
index a3a2962ddd1..00000000000
--- a/net-misc/chrony/files/chrony-3.5-r3-systemd-gentoo.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/examples/chronyd.service
-+++ b/examples/chronyd.service
-@@ -8,8 +8,7 @@
- [Service]
- Type=forking
- PIDFile=/run/chrony/chronyd.pid
--EnvironmentFile=-/etc/sysconfig/chronyd
--ExecStart=/usr/sbin/chronyd $OPTIONS
-+ExecStart=/usr/sbin/chronyd -u ntp -F 0
- PrivateTmp=yes
- ProtectHome=yes
- ProtectSystem=full

diff --git a/net-misc/chrony/files/chronyd.conf b/net-misc/chrony/files/chronyd.conf
deleted file mode 100644
index d017660d599..00000000000
--- a/net-misc/chrony/files/chronyd.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-# /etc/conf.d/chronyd
-
-CFGFILE="/etc/chrony/chrony.conf"
-
-# Configuration dependant options :
-#      -s - Set system time from RTC if rtcfile directive present
-#      -r - Reload sample histories if dumponexit directive present
-#
-# The combination of "-s -r" allows chronyd to perform long term averaging of
-# the gain or loss rate across system reboots and shutdowns.
-
-ARGS=" -u ntp -F 0"

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Sam James]

commit:     0b5494d3110ca3afbb2f9981df68a9f477850134
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sun Nov 14 08:48:36 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sun Nov 14 08:48:53 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0b5494d3

net-misc/chrony: allow clone3 for glibc-2.34 (seccomp filter fix)

Bug: https://bugs.gentoo.org/823692
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../{chrony-4.1-r1.ebuild => chrony-4.1-r2.ebuild} |  1 +
 .../files/chrony-4.1-seccomp-glibc-2-3-4.patch     | 30 ++++++++++++++++++++++
 2 files changed, 31 insertions(+)

diff --git a/net-misc/chrony/chrony-4.1-r1.ebuild b/net-misc/chrony/chrony-4.1-r2.ebuild
similarity index 99%
rename from net-misc/chrony/chrony-4.1-r1.ebuild
rename to net-misc/chrony/chrony-4.1-r2.ebuild
index 600250a5169f..1f5c3e41f685 100644
--- a/net-misc/chrony/chrony-4.1-r1.ebuild
+++ b/net-misc/chrony/chrony-4.1-r2.ebuild
@@ -76,6 +76,7 @@ fi
 PATCHES=(
 	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
 	"${FILESDIR}"/${PN}-4.1-systemd-gentoo.patch
+	"${FILESDIR}"/${P}-seccomp-glibc-2-3-4.patch
 )
 
 src_prepare() {

diff --git a/net-misc/chrony/files/chrony-4.1-seccomp-glibc-2-3-4.patch b/net-misc/chrony/files/chrony-4.1-seccomp-glibc-2-3-4.patch
new file mode 100644
index 000000000000..56dd89b3ffdc
--- /dev/null
+++ b/net-misc/chrony/files/chrony-4.1-seccomp-glibc-2-3-4.patch
@@ -0,0 +1,30 @@
+https://git.tuxfamily.org/chrony/chrony.git/patch/?id=bbbd80bf03223f181d4abf5c8e5fe6136ab6129a
+
+From bbbd80bf03223f181d4abf5c8e5fe6136ab6129a Mon Sep 17 00:00:00 2001
+From: Miroslav Lichvar <mlichvar@redhat.com>
+Date: Mon, 9 Aug 2021 11:48:21 +0200
+Subject: sys_linux: allow clone3 and pread64 in seccomp filter
+
+These seem to be needed with the latest glibc.
+
+--- a/sys_linux.c
++++ b/sys_linux.c
+@@ -503,6 +503,9 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
+ 
+     /* Process */
+     SCMP_SYS(clone),
++#ifdef __NR_clone3
++    SCMP_SYS(clone3),
++#endif
+     SCMP_SYS(exit),
+     SCMP_SYS(exit_group),
+     SCMP_SYS(getpid),
+@@ -595,6 +598,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
+ #ifdef __NR_ppoll_time64
+     SCMP_SYS(ppoll_time64),
+ #endif
++    SCMP_SYS(pread64),
+     SCMP_SYS(pselect6),
+ #ifdef __NR_pselect6_time64
+     SCMP_SYS(pselect6_time64),
+cgit v0.10.2

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Sam James]

commit:     fcb3491cce5f2b5980718eb67305e90b558658be
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Fri Feb 18 00:47:06 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Feb 18 00:47:06 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fcb3491c

net-misc/chrony: add glibc-2.35 seccomp patch

We also add a mawk test patch.

Signed-off-by: Sam James <sam <AT> gentoo.org>

 net-misc/chrony/chrony-4.2-r1.ebuild               | 255 +++++++++++++++++++++
 .../chrony/files/chrony-4.2-seccomp-rseq.patch     |  30 +++
 net-misc/chrony/files/chrony-4.2-test-mawk.patch   |  30 +++
 3 files changed, 315 insertions(+)

diff --git a/net-misc/chrony/chrony-4.2-r1.ebuild b/net-misc/chrony/chrony-4.2-r1.ebuild
new file mode 100644
index 000000000000..9df110347a58
--- /dev/null
+++ b/net-misc/chrony/chrony-4.2-r1.ebuild
@@ -0,0 +1,255 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit systemd tmpfiles toolchain-funcs
+
+DESCRIPTION="NTP client and server programs"
+HOMEPAGE="https://chrony.tuxfamily.org/ https://git.tuxfamily.org/chrony/chrony.git"
+
+if [[ ${PV} == "9999" ]] ; then
+	EGIT_REPO_URI="https://git.tuxfamily.org/chrony/chrony.git"
+	inherit git-r3
+else
+	VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/mlichvar.asc
+	inherit verify-sig
+
+	SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
+	SRC_URI+=" verify-sig? ( https://download.tuxfamily.org/chrony/${P/_/-}-tar-gz-asc.txt -> ${P/_/-}.tar.gz.asc )"
+
+	if [[ ${PV} != *_pre* ]] ; then
+		KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~m68k ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86"
+	fi
+fi
+
+S="${WORKDIR}/${P/_/-}"
+
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="+caps +cmdmon debug html ipv6 libedit libtomcrypt +nettle nss +ntp +nts +phc pps +refclock +rtc samba +seccomp +sechash selinux"
+# nettle > nss > libtomcrypt in configure
+REQUIRED_USE="
+	sechash? ( || ( nettle nss libtomcrypt ) )
+	nettle? ( !nss )
+	nss? ( !nettle )
+	libtomcrypt? ( !nettle !nss )
+	!sechash? ( !nss )
+	!sechash? ( !nts? ( !nettle ) )
+"
+
+DEPEND="
+	caps? (
+		acct-group/ntp
+		acct-user/ntp
+		sys-libs/libcap
+	)
+	libedit? ( dev-libs/libedit )
+	!libedit? ( sys-libs/readline:= )
+	nettle? ( dev-libs/nettle:= )
+	nss? ( dev-libs/nss:= )
+	nts? ( net-libs/gnutls:= )
+	pps? ( net-misc/pps-tools )
+	seccomp? ( sys-libs/libseccomp )
+"
+RDEPEND="
+	${DEPEND}
+	selinux? ( sec-policy/selinux-chronyd )
+"
+BDEPEND="
+	html? ( dev-ruby/asciidoctor )
+	nts? ( virtual/pkgconfig )
+	sechash? (
+		nettle? ( virtual/pkgconfig )
+		nss? ( virtual/pkgconfig )
+	)
+"
+
+if [[ ${PV} == "9999" ]] ; then
+	# Needed for doc generation in 9999
+	REQUIRED_USE+=" html"
+	BDEPEND+=" virtual/w3m"
+else
+	BDEPEND+=" verify-sig? ( >=sec-keys/openpgp-keys-mlichvar-20210513 )"
+fi
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
+	"${FILESDIR}"/${PN}-4.2-systemd-gentoo.patch
+
+	"${FILESDIR}"/${P}-test-mawk.patch
+	"${FILESDIR}"/${P}-seccomp-rseq.patch
+)
+
+src_prepare() {
+	default
+
+	sed -i \
+		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
+		doc/* examples/* || die
+
+	cp "${FILESDIR}"/chronyd.conf-r3 "${T}"/chronyd.conf || die
+}
+
+src_configure() {
+	if ! use caps ; then
+		sed -i \
+			-e 's/ -u ntp//' \
+			"${T}"/chronyd.conf examples/chronyd.service || die
+	fi
+
+	if ! use seccomp ; then
+		sed -i \
+			-e 's/ -F 2//' \
+			"${T}"/chronyd.conf examples/chronyd.service || die
+	fi
+
+	tc-export CC PKG_CONFIG
+
+	# Update from time to time with output from "date +%s"
+	# on a system that is time-synced.
+	export SOURCE_DATE_EPOCH=1607976314
+
+	# Not an autotools generated script
+	local myconf=(
+		$(use_enable seccomp scfilter)
+
+		$(usex caps '' '--disable-linuxcaps')
+		$(usex cmdmon '' '--disable-cmdmon')
+		$(usex debug '--enable-debug' '')
+		$(usex ipv6 '' '--disable-ipv6')
+		$(usex libedit '' '--without-editline')
+		$(usex libtomcrypt '' '--without-tomcrypt')
+		$(usex nettle '' '--without-nettle')
+		$(usex nss '' '--without-nss')
+		$(usex ntp '' '--disable-ntp')
+		$(usex nts '' '--disable-nts')
+		$(usex nts '' '--without-gnutls')
+		$(usex phc '' '--disable-phc')
+		$(usex pps '' '--disable-pps')
+		$(usex refclock '' '--disable-refclock')
+		$(usex rtc '' '--disable-rtc')
+		$(usex samba '--enable-ntp-signd' '')
+		$(usex sechash '' '--disable-sechash')
+
+		--chronysockdir="${EPREFIX}/run/chrony"
+		--docdir="${EPREFIX}/usr/share/doc/${PF}"
+		--mandir="${EPREFIX}/usr/share/man"
+		--prefix="${EPREFIX}/usr"
+		--sysconfdir="${EPREFIX}/etc/chrony"
+		--with-hwclockfile="${EPREFIX}/etc/adjtime"
+		--with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
+
+		${EXTRA_ECONF}
+	)
+
+	# Print the ./configure call
+	echo sh ./configure "${myconf[@]}" >&2
+	sh ./configure "${myconf[@]}" || die
+}
+
+src_compile() {
+	if [[ ${PV} == "9999" ]] ; then
+		# Uses w3m
+		emake -C doc man txt
+	fi
+
+	emake all docs $(usex html '' 'ADOC=true')
+}
+
+src_install() {
+	default
+
+	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
+	newconfd "${T}"/chronyd.conf chronyd
+
+	insinto /etc/${PN}
+	newins examples/chrony.conf.example1 chrony.conf
+
+	docinto examples
+	dodoc examples/*.example*
+
+	newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
+
+	if use html ; then
+		docinto html
+		dodoc doc/*.html
+	fi
+
+	keepdir /var/{lib,log}/chrony
+
+	if use caps ; then
+		# Prepare a directory for the chrony.drift file (a la ntpsec)
+		# Ensures the environment is sane on new installs
+		# bug #711058
+		fowners ntp:ntp /var/{lib,log}/chrony
+		fperms 770 /var/lib/chrony
+	fi
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
+
+	systemd_dounit examples/chronyd.service
+	systemd_dounit examples/chrony-wait.service
+	systemd_enable_ntpunit 50-chrony chronyd.service
+}
+
+pkg_preinst() {
+	HAD_CAPS=0
+	HAD_SECCOMP=0
+	HAD_PRE_NEW_SECCOMP_LEVEL=0
+
+	# See https://dev.gentoo.org/~zmedico/portage/doc/portage.html#package-ebuild-phases-after-2.1.5
+	# in "Ebuild Phases" for an explanation of why we need to save the variable beforehand
+	if has_version 'net-misc/chrony[caps]' ; then
+		HAD_CAPS=1
+	fi
+
+	if has_version 'net-misc/chrony[seccomp]' ; then
+		HAD_SECCOMP=1
+	fi
+
+	if has_version '>=net-misc/chrony-4.1[seccomp]' ; then
+		# This version introduced a new filter level: -F 2
+		# It's a limited set of seccomp filters designed to be 'bare minimum'
+		HAD_PRE_NEW_SECCOMP_LEVEL=1
+	fi
+}
+
+pkg_postinst() {
+	tmpfiles_process chronyd.conf
+
+	if [[ -n "${REPLACING_VERSIONS}" ]] ; then
+		if use caps && ! [[ ${HAD_CAPS} -eq 1 ]] ; then
+			# bug #719876
+			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"
+			ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"
+			ewarn "This is necessary for chrony to drop privileges"
+		elif ! use caps && [[ ${HAD_CAPS} -eq 0 ]] ; then
+			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by root:root"
+		fi
+	fi
+
+	# See bug #783915 for general discussion on enabling seccomp filtering
+	# by default.
+	local show_seccomp_enable_msg=0
+
+	# Was seccomp disabled before and now enabled?
+	if [[ ${HAD_SECCOMP} -eq 0 ]] && use seccomp ; then
+		show_seccomp_enable_msg=1
+	fi
+
+	# Are we coming from an old version without the new 'minimal' filter?
+	# (-F 2)
+	if [[ ${HAD_PRE_NEW_SECCOMP_LEVEL} -eq 0 ]] ; then
+		show_seccomp_enable_msg=1
+	fi
+
+	if [[ ${show_seccomp_enable_msg} -eq 1 ]] ; then
+		elog "To enable seccomp in a stricter mode, please modify:"
+		elog "- /etc/conf.d/chronyd for OpenRC"
+		elog "- systemctl edit chronyd for systemd"
+		elog "to use -F 1 or -F -1 instead of -F 2 (see man chronyd)"
+		elog "By default, we now use -F 2 which is a baseline/minimal filter."
+	fi
+}

diff --git a/net-misc/chrony/files/chrony-4.2-seccomp-rseq.patch b/net-misc/chrony/files/chrony-4.2-seccomp-rseq.patch
new file mode 100644
index 000000000000..e36a7b33186a
--- /dev/null
+++ b/net-misc/chrony/files/chrony-4.2-seccomp-rseq.patch
@@ -0,0 +1,30 @@
+https://git.tuxfamily.org/chrony/chrony.git/patch/?id=8bb8f15a7d049ed26c69d95087065b381f76ec4d
+
+From: Michael Hudson-Doyle <michael.hudson@canonical.com>
+Date: Wed, 9 Feb 2022 09:06:13 +0100
+Subject: sys_linux: allow rseq in seccomp filter
+
+Libc 2.35 will use rseq syscalls [1][2] by default and thereby
+break chrony in seccomp isolation.
+
+[1]: https://www.efficios.com/blog/2019/02/08/linux-restartable-sequences/
+[2]: https://sourceware.org/pipermail/libc-alpha/2022-February/136040.html
+
+Tested-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
+Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
+Signed-off-by: Michael Hudson-Doyle <michael.hudson@canonical.com>
+Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
+
+--- a/sys_linux.c
++++ b/sys_linux.c
+@@ -497,6 +497,9 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
+     SCMP_SYS(getrlimit),
+     SCMP_SYS(getuid),
+     SCMP_SYS(getuid32),
++#ifdef __NR_rseq
++    SCMP_SYS(rseq),
++#endif
+     SCMP_SYS(rt_sigaction),
+     SCMP_SYS(rt_sigreturn),
+     SCMP_SYS(rt_sigprocmask),
+cgit v0.10.2

diff --git a/net-misc/chrony/files/chrony-4.2-test-mawk.patch b/net-misc/chrony/files/chrony-4.2-test-mawk.patch
new file mode 100644
index 000000000000..3e9e2eeb422d
--- /dev/null
+++ b/net-misc/chrony/files/chrony-4.2-test-mawk.patch
@@ -0,0 +1,30 @@
+https://git.tuxfamily.org/chrony/chrony.git/patch/?id=b61cbed6895fcd3eae4c8458a69995870a22a5e0
+
+From: Vincent Blut <vincent.debian@free.fr>
+Date: Wed, 12 Jan 2022 18:08:34 +0100
+Subject: test: ensure awk commands in 008-ntpera return an integer
+
+Some awk interpreters (e.g. mawk) print long integers in exponential
+notation skewing the test result.
+
+--- a/test/simulation/008-ntpera
++++ b/test/simulation/008-ntpera
+@@ -29,7 +29,7 @@ echo "$ntp_start" | grep -q '-' && test_skip
+ 
+ for time_offset in -1e-1 1e-1; do
+ 	for start_offset in 0 "2^32 - $limit"; do
+-		export CLKNETSIM_START_DATE=$(awk "BEGIN {print $ntp_start + $start_offset}")
++		export CLKNETSIM_START_DATE=$(awk "BEGIN {printf \"%.0f\", $ntp_start + $start_offset}")
+ 		run_test || test_fail
+ 		check_chronyd_exit || test_fail
+ 		check_source_selection || test_fail
+@@ -38,7 +38,7 @@ for time_offset in -1e-1 1e-1; do
+ 	done
+ 
+ 	for start_offset in -$limit "2^32"; do
+-		export CLKNETSIM_START_DATE=$(awk "BEGIN {print $ntp_start + $start_offset}")
++		export CLKNETSIM_START_DATE=$(awk "BEGIN {printf \"%.0f\", $ntp_start + $start_offset}")
+ 		run_test || test_fail
+ 		check_chronyd_exit || test_fail
+ 		check_source_selection || test_fail
+cgit v0.10.2

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Sam James]

commit:     f125e6af3e2eec2114c45a8ed3926e00f89d384f
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sun Apr 17 16:41:21 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sun Apr 17 16:41:21 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f125e6af

net-misc/chrony: drop 4.1-r2, 4.2

Signed-off-by: Sam James <sam <AT> gentoo.org>

 net-misc/chrony/Manifest                           |   2 -
 net-misc/chrony/chrony-4.1-r2.ebuild               | 253 ---------------------
 net-misc/chrony/chrony-4.2.ebuild                  | 252 --------------------
 .../files/chrony-4.1-seccomp-glibc-2-3-4.patch     |  30 ---
 4 files changed, 537 deletions(-)

diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest
index 6fc04ec3c097..bb1c6ba9cc2e 100644
--- a/net-misc/chrony/Manifest
+++ b/net-misc/chrony/Manifest
@@ -1,4 +1,2 @@
-DIST chrony-4.1.tar.gz 564648 BLAKE2B f9c4b44c521ee592c109b8a3d500b9cb3ea4fbf0d7dce9d8754498ad41ce2ac87c913cf72a38557ce5f28208672163b21b067307f723fd91cc91d71f69e739ef SHA512 5e283d6a56e6852606c681a7c29c5786b102d584178cbd7033ebbc95a8e95533605631363b850a3087cca438a5878db7a317f120aab2fd856487d02fccfbcb1f
-DIST chrony-4.1.tar.gz.asc 833 BLAKE2B 6d800ae436523f61cd713cdd12cf0246db53e732554433d5ef6cf1a437296ee9d0da3b2e9e72d1ccb0e3a6b1ee1227e5d1626bf031b0491670ee0712e17c57ff SHA512 82faf9171d782c18224d2d44b340994b0ddab141e88cc803dea83d0ffbb6468bc51e8b11c8dd9bd327220cae04f7d789b58ab23141a2bdf038ce628f9adeb57a
 DIST chrony-4.2.tar.gz 578411 BLAKE2B 6eac4f144f5811d0f83a9827e2b5113dead1ff96952f6e6d32dcea9858e04512f635d70237fe6faced095991204b0f62bcb0e9d1a4b34e8778f205058afdfb45 SHA512 7f946b27de605b3ebea62cf23916dfad77c99e8b2338ba239ede6b8216ce436b3d4d87770f371c8d8e006507c51d5c831b51f067957abd2935adfdec3f5aa67d
 DIST chrony-4.2.tar.gz.asc 833 BLAKE2B 41cb83f62dd58489313438672d209cc65fdbb5f8f595ea38f990d5e15194f91532d3f3221c6c38581467d62e95d23853a4fc438d32b99606def5f06db0031969 SHA512 d8ae4b540ce3529a5a72e10c14765a33ca6fc41529b6fdc9928fb171f25bd6fb87f930b7783638892f42f4cbcfaab4cb1064c930bae1d5204a71babad72b6e10

diff --git a/net-misc/chrony/chrony-4.1-r2.ebuild b/net-misc/chrony/chrony-4.1-r2.ebuild
deleted file mode 100644
index eefd2899e047..000000000000
--- a/net-misc/chrony/chrony-4.1-r2.ebuild
+++ /dev/null
@@ -1,253 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit systemd tmpfiles toolchain-funcs
-
-DESCRIPTION="NTP client and server programs"
-HOMEPAGE="https://chrony.tuxfamily.org/ https://git.tuxfamily.org/chrony/chrony.git"
-
-if [[ ${PV} == "9999" ]] ; then
-	EGIT_REPO_URI="https://git.tuxfamily.org/chrony/chrony.git"
-	inherit git-r3
-else
-	VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/mlichvar.asc
-	inherit verify-sig
-
-	SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
-	SRC_URI+=" verify-sig? ( https://download.tuxfamily.org/chrony/${P/_/-}-tar-gz-asc.txt -> ${P/_/-}.tar.gz.asc )"
-
-	if [[ ${PV} != *_pre* ]] ; then
-		KEYWORDS="~alpha amd64 arm arm64 ~hppa ~mips ppc ppc64 ~riscv sparc x86"
-	fi
-fi
-
-S="${WORKDIR}/${P/_/-}"
-
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="+caps +cmdmon debug html ipv6 libedit libtomcrypt +nettle nss +ntp +nts +phc pps +refclock +rtc samba +seccomp +sechash selinux"
-# nettle > nss > libtomcrypt in configure
-REQUIRED_USE="
-	sechash? ( || ( nettle nss libtomcrypt ) )
-	nettle? ( !nss )
-	nss? ( !nettle )
-	libtomcrypt? ( !nettle !nss )
-	!sechash? ( !nss )
-	!sechash? ( !nts? ( !nettle ) )
-"
-
-DEPEND="
-	caps? (
-		acct-group/ntp
-		acct-user/ntp
-		sys-libs/libcap
-	)
-	libedit? ( dev-libs/libedit )
-	!libedit? ( sys-libs/readline:= )
-	nettle? ( dev-libs/nettle:= )
-	nss? ( dev-libs/nss:= )
-	nts? ( net-libs/gnutls:= )
-	pps? ( net-misc/pps-tools )
-	seccomp? ( sys-libs/libseccomp )
-"
-RDEPEND="
-	${DEPEND}
-	selinux? ( sec-policy/selinux-chronyd )
-"
-BDEPEND="
-	html? ( dev-ruby/asciidoctor )
-	nts? ( virtual/pkgconfig )
-	sechash? (
-		nettle? ( virtual/pkgconfig )
-		nss? ( virtual/pkgconfig )
-	)
-"
-
-if [[ ${PV} == "9999" ]] ; then
-	# Needed for doc generation in 9999
-	REQUIRED_USE+=" html"
-	BDEPEND+=" virtual/w3m"
-else
-	BDEPEND+=" verify-sig? ( >=sec-keys/openpgp-keys-mlichvar-20210513 )"
-fi
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
-	"${FILESDIR}"/${PN}-4.1-systemd-gentoo.patch
-	"${FILESDIR}"/${P}-seccomp-glibc-2-3-4.patch
-)
-
-src_prepare() {
-	default
-
-	sed -i \
-		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
-		doc/* examples/* || die
-
-	cp "${FILESDIR}"/chronyd.conf-r3 "${T}"/chronyd.conf || die
-}
-
-src_configure() {
-	if ! use caps ; then
-		sed -i \
-			-e 's/ -u ntp//' \
-			"${T}"/chronyd.conf examples/chronyd.service || die
-	fi
-
-	if ! use seccomp ; then
-		sed -i \
-			-e 's/ -F 2//' \
-			"${T}"/chronyd.conf examples/chronyd.service || die
-	fi
-
-	tc-export CC PKG_CONFIG
-
-	# Update from time to time with output from "date +%s"
-	# on a system that is time-synced.
-	export SOURCE_DATE_EPOCH=1607976314
-
-	# Not an autotools generated script
-	local myconf=(
-		$(use_enable seccomp scfilter)
-
-		$(usex caps '' '--disable-linuxcaps')
-		$(usex cmdmon '' '--disable-cmdmon')
-		$(usex debug '--enable-debug' '')
-		$(usex ipv6 '' '--disable-ipv6')
-		$(usex libedit '' '--without-editline')
-		$(usex libtomcrypt '' '--without-tomcrypt')
-		$(usex nettle '' '--without-nettle')
-		$(usex nss '' '--without-nss')
-		$(usex ntp '' '--disable-ntp')
-		$(usex nts '' '--disable-nts')
-		$(usex nts '' '--without-gnutls')
-		$(usex phc '' '--disable-phc')
-		$(usex pps '' '--disable-pps')
-		$(usex refclock '' '--disable-refclock')
-		$(usex rtc '' '--disable-rtc')
-		$(usex samba '--enable-ntp-signd' '')
-		$(usex sechash '' '--disable-sechash')
-
-		--chronysockdir="${EPREFIX}/run/chrony"
-		--docdir="${EPREFIX}/usr/share/doc/${PF}"
-		--mandir="${EPREFIX}/usr/share/man"
-		--prefix="${EPREFIX}/usr"
-		--sysconfdir="${EPREFIX}/etc/chrony"
-		--with-hwclockfile="${EPREFIX}/etc/adjtime"
-		--with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
-
-		${EXTRA_ECONF}
-	)
-
-	# Print the ./configure call
-	echo sh ./configure "${myconf[@]}" >&2
-	sh ./configure "${myconf[@]}" || die
-}
-
-src_compile() {
-	if [[ ${PV} == "9999" ]] ; then
-		# Uses w3m
-		emake -C doc man txt
-	fi
-
-	emake all docs $(usex html '' 'ADOC=true')
-}
-
-src_install() {
-	default
-
-	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
-	newconfd "${T}"/chronyd.conf chronyd
-
-	insinto /etc/${PN}
-	newins examples/chrony.conf.example1 chrony.conf
-
-	docinto examples
-	dodoc examples/*.example*
-
-	newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
-
-	if use html ; then
-		docinto html
-		dodoc doc/*.html
-	fi
-
-	keepdir /var/{lib,log}/chrony
-
-	if use caps ; then
-		# Prepare a directory for the chrony.drift file (a la ntpsec)
-		# Ensures the environment is sane on new installs
-		# bug #711058
-		fowners ntp:ntp /var/{lib,log}/chrony
-		fperms 770 /var/lib/chrony
-	fi
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
-
-	systemd_dounit examples/chronyd.service
-	systemd_dounit examples/chrony-wait.service
-	systemd_enable_ntpunit 50-chrony chronyd.service
-}
-
-pkg_preinst() {
-	HAD_CAPS=0
-	HAD_SECCOMP=0
-	HAD_PRE_NEW_SECCOMP_LEVEL=0
-
-	# See https://dev.gentoo.org/~zmedico/portage/doc/portage.html#package-ebuild-phases-after-2.1.5
-	# in "Ebuild Phases" for an explanation of why we need to save the variable beforehand
-	if has_version 'net-misc/chrony[caps]' ; then
-		HAD_CAPS=1
-	fi
-
-	if has_version 'net-misc/chrony[seccomp]' ; then
-		HAD_SECCOMP=1
-	fi
-
-	if has_version '>=net-misc/chrony-4.1[seccomp]' ; then
-		# This version introduced a new filter level: -F 2
-		# It's a limited set of seccomp filters designed to be 'bare minimum'
-		HAD_PRE_NEW_SECCOMP_LEVEL=1
-	fi
-}
-
-pkg_postinst() {
-	tmpfiles_process chronyd.conf
-
-	if [[ -n "${REPLACING_VERSIONS}" ]] ; then
-		if use caps && ! [[ ${HAD_CAPS} -eq 1 ]] ; then
-			# bug #719876
-			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"
-			ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"
-			ewarn "This is necessary for chrony to drop privileges"
-		elif ! use caps && [[ ${HAD_CAPS} -eq 0 ]] ; then
-			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by root:root"
-		fi
-	fi
-
-	# See bug #783915 for general discussion on enabling seccomp filtering
-	# by default.
-	local show_seccomp_enable_msg=0
-
-	# Was seccomp disabled before and now enabled?
-	if [[ ${HAD_SECCOMP} -eq 0 ]] && use seccomp ; then
-		show_seccomp_enable_msg=1
-	fi
-
-	# Are we coming from an old version without the new 'minimal' filter?
-	# (-F 2)
-	if [[ ${HAD_PRE_NEW_SECCOMP_LEVEL} -eq 0 ]] ; then
-		show_seccomp_enable_msg=1
-	fi
-
-	if [[ ${show_seccomp_enable_msg} -eq 1 ]] ; then
-		elog "To enable seccomp in a stricter mode, please modify:"
-		elog "- /etc/conf.d/chronyd for OpenRC"
-		elog "- systemctl edit chronyd for systemd"
-		elog "to use -F 1 or -F -1 instead of -F 2 (see man chronyd)"
-		elog "By default, we now use -F 2 which is a baseline/minimal filter."
-	fi
-}

diff --git a/net-misc/chrony/chrony-4.2.ebuild b/net-misc/chrony/chrony-4.2.ebuild
deleted file mode 100644
index 51af47377ea6..000000000000
--- a/net-misc/chrony/chrony-4.2.ebuild
+++ /dev/null
@@ -1,252 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit systemd tmpfiles toolchain-funcs
-
-DESCRIPTION="NTP client and server programs"
-HOMEPAGE="https://chrony.tuxfamily.org/ https://git.tuxfamily.org/chrony/chrony.git"
-
-if [[ ${PV} == "9999" ]] ; then
-	EGIT_REPO_URI="https://git.tuxfamily.org/chrony/chrony.git"
-	inherit git-r3
-else
-	VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/mlichvar.asc
-	inherit verify-sig
-
-	SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
-	SRC_URI+=" verify-sig? ( https://download.tuxfamily.org/chrony/${P/_/-}-tar-gz-asc.txt -> ${P/_/-}.tar.gz.asc )"
-
-	if [[ ${PV} != *_pre* ]] ; then
-		KEYWORDS="~alpha amd64 arm arm64 hppa ~m68k ~mips ppc ppc64 ~riscv sparc x86"
-	fi
-fi
-
-S="${WORKDIR}/${P/_/-}"
-
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="+caps +cmdmon debug html ipv6 libedit libtomcrypt +nettle nss +ntp +nts +phc pps +refclock +rtc samba +seccomp +sechash selinux"
-# nettle > nss > libtomcrypt in configure
-REQUIRED_USE="
-	sechash? ( || ( nettle nss libtomcrypt ) )
-	nettle? ( !nss )
-	nss? ( !nettle )
-	libtomcrypt? ( !nettle !nss )
-	!sechash? ( !nss )
-	!sechash? ( !nts? ( !nettle ) )
-"
-
-DEPEND="
-	caps? (
-		acct-group/ntp
-		acct-user/ntp
-		sys-libs/libcap
-	)
-	libedit? ( dev-libs/libedit )
-	!libedit? ( sys-libs/readline:= )
-	nettle? ( dev-libs/nettle:= )
-	nss? ( dev-libs/nss:= )
-	nts? ( net-libs/gnutls:= )
-	pps? ( net-misc/pps-tools )
-	seccomp? ( sys-libs/libseccomp )
-"
-RDEPEND="
-	${DEPEND}
-	selinux? ( sec-policy/selinux-chronyd )
-"
-BDEPEND="
-	html? ( dev-ruby/asciidoctor )
-	nts? ( virtual/pkgconfig )
-	sechash? (
-		nettle? ( virtual/pkgconfig )
-		nss? ( virtual/pkgconfig )
-	)
-"
-
-if [[ ${PV} == "9999" ]] ; then
-	# Needed for doc generation in 9999
-	REQUIRED_USE+=" html"
-	BDEPEND+=" virtual/w3m"
-else
-	BDEPEND+=" verify-sig? ( >=sec-keys/openpgp-keys-mlichvar-20210513 )"
-fi
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
-	"${FILESDIR}"/${PN}-4.2-systemd-gentoo.patch
-)
-
-src_prepare() {
-	default
-
-	sed -i \
-		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
-		doc/* examples/* || die
-
-	cp "${FILESDIR}"/chronyd.conf-r3 "${T}"/chronyd.conf || die
-}
-
-src_configure() {
-	if ! use caps ; then
-		sed -i \
-			-e 's/ -u ntp//' \
-			"${T}"/chronyd.conf examples/chronyd.service || die
-	fi
-
-	if ! use seccomp ; then
-		sed -i \
-			-e 's/ -F 2//' \
-			"${T}"/chronyd.conf examples/chronyd.service || die
-	fi
-
-	tc-export CC PKG_CONFIG
-
-	# Update from time to time with output from "date +%s"
-	# on a system that is time-synced.
-	export SOURCE_DATE_EPOCH=1607976314
-
-	# Not an autotools generated script
-	local myconf=(
-		$(use_enable seccomp scfilter)
-
-		$(usex caps '' '--disable-linuxcaps')
-		$(usex cmdmon '' '--disable-cmdmon')
-		$(usex debug '--enable-debug' '')
-		$(usex ipv6 '' '--disable-ipv6')
-		$(usex libedit '' '--without-editline')
-		$(usex libtomcrypt '' '--without-tomcrypt')
-		$(usex nettle '' '--without-nettle')
-		$(usex nss '' '--without-nss')
-		$(usex ntp '' '--disable-ntp')
-		$(usex nts '' '--disable-nts')
-		$(usex nts '' '--without-gnutls')
-		$(usex phc '' '--disable-phc')
-		$(usex pps '' '--disable-pps')
-		$(usex refclock '' '--disable-refclock')
-		$(usex rtc '' '--disable-rtc')
-		$(usex samba '--enable-ntp-signd' '')
-		$(usex sechash '' '--disable-sechash')
-
-		--chronysockdir="${EPREFIX}/run/chrony"
-		--docdir="${EPREFIX}/usr/share/doc/${PF}"
-		--mandir="${EPREFIX}/usr/share/man"
-		--prefix="${EPREFIX}/usr"
-		--sysconfdir="${EPREFIX}/etc/chrony"
-		--with-hwclockfile="${EPREFIX}/etc/adjtime"
-		--with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
-
-		${EXTRA_ECONF}
-	)
-
-	# Print the ./configure call
-	echo sh ./configure "${myconf[@]}" >&2
-	sh ./configure "${myconf[@]}" || die
-}
-
-src_compile() {
-	if [[ ${PV} == "9999" ]] ; then
-		# Uses w3m
-		emake -C doc man txt
-	fi
-
-	emake all docs $(usex html '' 'ADOC=true')
-}
-
-src_install() {
-	default
-
-	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
-	newconfd "${T}"/chronyd.conf chronyd
-
-	insinto /etc/${PN}
-	newins examples/chrony.conf.example1 chrony.conf
-
-	docinto examples
-	dodoc examples/*.example*
-
-	newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
-
-	if use html ; then
-		docinto html
-		dodoc doc/*.html
-	fi
-
-	keepdir /var/{lib,log}/chrony
-
-	if use caps ; then
-		# Prepare a directory for the chrony.drift file (a la ntpsec)
-		# Ensures the environment is sane on new installs
-		# bug #711058
-		fowners ntp:ntp /var/{lib,log}/chrony
-		fperms 770 /var/lib/chrony
-	fi
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
-
-	systemd_dounit examples/chronyd.service
-	systemd_dounit examples/chrony-wait.service
-	systemd_enable_ntpunit 50-chrony chronyd.service
-}
-
-pkg_preinst() {
-	HAD_CAPS=0
-	HAD_SECCOMP=0
-	HAD_PRE_NEW_SECCOMP_LEVEL=0
-
-	# See https://dev.gentoo.org/~zmedico/portage/doc/portage.html#package-ebuild-phases-after-2.1.5
-	# in "Ebuild Phases" for an explanation of why we need to save the variable beforehand
-	if has_version 'net-misc/chrony[caps]' ; then
-		HAD_CAPS=1
-	fi
-
-	if has_version 'net-misc/chrony[seccomp]' ; then
-		HAD_SECCOMP=1
-	fi
-
-	if has_version '>=net-misc/chrony-4.1[seccomp]' ; then
-		# This version introduced a new filter level: -F 2
-		# It's a limited set of seccomp filters designed to be 'bare minimum'
-		HAD_PRE_NEW_SECCOMP_LEVEL=1
-	fi
-}
-
-pkg_postinst() {
-	tmpfiles_process chronyd.conf
-
-	if [[ -n "${REPLACING_VERSIONS}" ]] ; then
-		if use caps && ! [[ ${HAD_CAPS} -eq 1 ]] ; then
-			# bug #719876
-			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"
-			ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"
-			ewarn "This is necessary for chrony to drop privileges"
-		elif ! use caps && [[ ${HAD_CAPS} -eq 0 ]] ; then
-			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by root:root"
-		fi
-	fi
-
-	# See bug #783915 for general discussion on enabling seccomp filtering
-	# by default.
-	local show_seccomp_enable_msg=0
-
-	# Was seccomp disabled before and now enabled?
-	if [[ ${HAD_SECCOMP} -eq 0 ]] && use seccomp ; then
-		show_seccomp_enable_msg=1
-	fi
-
-	# Are we coming from an old version without the new 'minimal' filter?
-	# (-F 2)
-	if [[ ${HAD_PRE_NEW_SECCOMP_LEVEL} -eq 0 ]] ; then
-		show_seccomp_enable_msg=1
-	fi
-
-	if [[ ${show_seccomp_enable_msg} -eq 1 ]] ; then
-		elog "To enable seccomp in a stricter mode, please modify:"
-		elog "- /etc/conf.d/chronyd for OpenRC"
-		elog "- systemctl edit chronyd for systemd"
-		elog "to use -F 1 or -F -1 instead of -F 2 (see man chronyd)"
-		elog "By default, we now use -F 2 which is a baseline/minimal filter."
-	fi
-}

diff --git a/net-misc/chrony/files/chrony-4.1-seccomp-glibc-2-3-4.patch b/net-misc/chrony/files/chrony-4.1-seccomp-glibc-2-3-4.patch
deleted file mode 100644
index 56dd89b3ffdc..000000000000
--- a/net-misc/chrony/files/chrony-4.1-seccomp-glibc-2-3-4.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-https://git.tuxfamily.org/chrony/chrony.git/patch/?id=bbbd80bf03223f181d4abf5c8e5fe6136ab6129a
-
-From bbbd80bf03223f181d4abf5c8e5fe6136ab6129a Mon Sep 17 00:00:00 2001
-From: Miroslav Lichvar <mlichvar@redhat.com>
-Date: Mon, 9 Aug 2021 11:48:21 +0200
-Subject: sys_linux: allow clone3 and pread64 in seccomp filter
-
-These seem to be needed with the latest glibc.
-
---- a/sys_linux.c
-+++ b/sys_linux.c
-@@ -503,6 +503,9 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
- 
-     /* Process */
-     SCMP_SYS(clone),
-+#ifdef __NR_clone3
-+    SCMP_SYS(clone3),
-+#endif
-     SCMP_SYS(exit),
-     SCMP_SYS(exit_group),
-     SCMP_SYS(getpid),
-@@ -595,6 +598,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
- #ifdef __NR_ppoll_time64
-     SCMP_SYS(ppoll_time64),
- #endif
-+    SCMP_SYS(pread64),
-     SCMP_SYS(pselect6),
- #ifdef __NR_pselect6_time64
-     SCMP_SYS(pselect6_time64),
-cgit v0.10.2

[gentoo-commits] repo/gentoo:master commit in: net-misc/chrony/files/, net-misc/chrony/

[Sam James]

commit:     f3f5035b6682ffc66d5c7b7cd3ca5642f8b0e7a3
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Nov 25 06:34:09 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Nov 25 06:34:09 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f3f5035b

net-misc/chrony: drop 4.3-r5

Signed-off-by: Sam James <sam <AT> gentoo.org>

 net-misc/chrony/Manifest                           |   2 -
 net-misc/chrony/chrony-4.3-r5.ebuild               | 264 ---------------------
 .../chrony-4.3-strict-prototypes-clang16.patch     |  71 ------
 3 files changed, 337 deletions(-)

diff --git a/net-misc/chrony/Manifest b/net-misc/chrony/Manifest
index da9d29c4ac09..74d76950aa23 100644
--- a/net-misc/chrony/Manifest
+++ b/net-misc/chrony/Manifest
@@ -1,4 +1,2 @@
-DIST chrony-4.3.tar.gz 593560 BLAKE2B 51ba6d19312fd52cd6d6d8ab9437c886a3779877170674db6dc37d657e849101e2669fd6c8723d24e43c895cd1924c3d8d2ff442baeef9abe8a6c313929edf5f SHA512 1394bac3ed684352fe89b7fef7da50e61f9f522abee807627ae1fc4c2dde891017bc8e5b13759fced028f3a1e875d5e4e5a4f85de65c63b5f83d0ca03bb4c5df
-DIST chrony-4.3.tar.gz.asc 833 BLAKE2B 12399205da4ee5c442207bfdf936ac88552a49b21b0db8c15b09118b579e2076f7cfec6ad916b08b41edc4f9f8e03b13d7758ed08e116bee54d0f0f9cd68a505 SHA512 300b06f253ac3727edb86a1b7c337f9529ee752bbb471b266217b6a8ac5183e827264177a3210d436425d746673bf11fbdc41da145673213e28165197c6c76b7
 DIST chrony-4.4.tar.gz 612094 BLAKE2B 470c3d4ab9aa5949df1c10d0ecbd556fba3ce9b05e9dc4a5475795c174fca48a624975df68552f78927a19b72cb6b4f136ed4e5fa04a833dbd8139d0be144e4f SHA512 45e060eb0c5892552f28dc436429e5823409cc93533127af27b64d08ff9c769fdc72694272232114f5ca1884c2bc8b5e842fae7956dc457358e937bcd3dda4d7
 DIST chrony-4.4.tar.gz.asc 833 BLAKE2B 07f863381d37e30435c3796c7ff4ac628dd81b248e76fe1b9ce6dff07f9f2bd9423a013c7d0a09f2bfe251a8e176b04731e1cb60829f1dc83a7321274d3f6992 SHA512 bb795b428567434937cbf3a12c559b549b89abe65010d04eed0fbdcfde35e7266771ea01c2c5581f3e5fae993f1782fff5a62c5ae09259d2b65dab9473d756a3

diff --git a/net-misc/chrony/chrony-4.3-r5.ebuild b/net-misc/chrony/chrony-4.3-r5.ebuild
deleted file mode 100644
index 4b78f2f22ba9..000000000000
--- a/net-misc/chrony/chrony-4.3-r5.ebuild
+++ /dev/null
@@ -1,264 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit edo systemd tmpfiles toolchain-funcs
-
-DESCRIPTION="NTP client and server programs"
-HOMEPAGE="https://chrony.tuxfamily.org/ https://git.tuxfamily.org/chrony/chrony.git"
-
-if [[ ${PV} == 9999 ]] ; then
-	EGIT_REPO_URI="https://git.tuxfamily.org/chrony/chrony.git"
-	inherit git-r3
-else
-	VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/mlichvar.asc
-	inherit verify-sig
-
-	SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz"
-	SRC_URI+=" verify-sig? ( https://download.tuxfamily.org/chrony/${P/_/-}-tar-gz-asc.txt -> ${P/_/-}.tar.gz.asc )"
-
-	if [[ ${PV} != *_pre* ]] ; then
-		KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv sparc x86"
-	fi
-fi
-
-S="${WORKDIR}/${P/_/-}"
-
-LICENSE="GPL-2"
-SLOT="0"
-IUSE="+caps +cmdmon debug html libtomcrypt +nettle nss +ntp +nts +phc pps +readline +refclock +rtc samba +seccomp +sechash selinux"
-# nettle > nss > libtomcrypt in configure
-REQUIRED_USE="
-	sechash? ( || ( nettle nss libtomcrypt ) )
-	nettle? ( !nss )
-	nss? ( !nettle )
-	libtomcrypt? ( !nettle !nss )
-	!sechash? ( !nss )
-	!sechash? ( !nts? ( !nettle ) )
-"
-
-DEPEND="
-	caps? (
-		acct-group/ntp
-		acct-user/ntp
-		sys-libs/libcap
-	)
-	libtomcrypt? ( dev-libs/libtomcrypt:= )
-	nettle? ( dev-libs/nettle:= )
-	nss? ( dev-libs/nss:= )
-	nts? ( net-libs/gnutls:= )
-	pps? ( net-misc/pps-tools )
-	readline? ( dev-libs/libedit )
-	seccomp? ( sys-libs/libseccomp )
-"
-RDEPEND="
-	${DEPEND}
-	selinux? ( sec-policy/selinux-chronyd )
-"
-# bison dep only for 4.3-r1 for ${P}-strict-prototypes-clang16.patch
-BDEPEND="
-	sys-devel/bison
-	html? ( dev-ruby/asciidoctor )
-	nts? ( virtual/pkgconfig )
-	sechash? (
-		nettle? ( virtual/pkgconfig )
-		nss? ( virtual/pkgconfig )
-	)
-"
-
-if [[ ${PV} == 9999 ]] ; then
-	# Needed for doc generation in 9999
-	REQUIRED_USE+=" html"
-	BDEPEND+="
-		sys-devel/bison
-		virtual/w3m
-	"
-else
-	BDEPEND+=" verify-sig? ( >=sec-keys/openpgp-keys-mlichvar-20210513 )"
-fi
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch
-	"${FILESDIR}"/${PN}-4.2-systemd-gentoo.patch
-	"${FILESDIR}"/${P}-strict-prototypes-clang16.patch
-)
-
-src_prepare() {
-	default
-
-	sed -i \
-		-e 's:/etc/chrony\.conf:/etc/chrony/chrony.conf:g' \
-		doc/* examples/* || die
-
-	cp "${FILESDIR}"/chronyd.conf-r3 "${T}"/chronyd.conf || die
-}
-
-src_configure() {
-	if ! use caps ; then
-		sed -i \
-			-e 's/ -u ntp//' \
-			"${T}"/chronyd.conf examples/chronyd.service || die
-	fi
-
-	if ! use seccomp ; then
-		sed -i \
-			-e 's/ -F 2//' \
-			"${T}"/chronyd.conf examples/chronyd.service || die
-	fi
-
-	tc-export CC PKG_CONFIG
-
-	# Update from time to time with output from "date +%s"
-	# on a system that is time-synced.
-	export SOURCE_DATE_EPOCH=1607976314
-
-	# Not an autotools generated script
-	local myconf=(
-		$(use_enable seccomp scfilter)
-
-		$(usev !caps '--disable-linuxcaps')
-		$(usev !cmdmon '--disable-cmdmon')
-		$(usev debug '--enable-debug')
-
-		# USE=readline here means "readline-like functionality"
-		# chrony only supports libedit in terms of the library providing
-		# it.
-		$(usev !readline '--without-editline --disable-readline')
-
-		$(usev !libtomcrypt '--without-tomcrypt')
-		$(usev !nettle '--without-nettle')
-		$(usev !nss '--without-nss')
-		$(usev !ntp '--disable-ntp')
-		$(usev !nts '--disable-nts')
-		$(usev !nts '--without-gnutls')
-		$(usev !phc '--disable-phc')
-		$(usev !pps '--disable-pps')
-		$(usev !refclock '--disable-refclock')
-		$(usev !rtc '--disable-rtc')
-		$(usev samba '--enable-ntp-signd')
-		$(usev !sechash '--disable-sechash')
-
-		--chronysockdir="${EPREFIX}/run/chrony"
-		--docdir="${EPREFIX}/usr/share/doc/${PF}"
-		--mandir="${EPREFIX}/usr/share/man"
-		--prefix="${EPREFIX}/usr"
-		--sysconfdir="${EPREFIX}/etc/chrony"
-		--with-hwclockfile="${EPREFIX}/etc/adjtime"
-		--with-pidfile="${EPREFIX}/run/chrony/chronyd.pid"
-
-		${EXTRA_ECONF}
-	)
-
-	# Print the ./configure call
-	edo ./configure "${myconf[@]}" || die
-}
-
-src_compile() {
-	if [[ ${PV} == 9999 ]] ; then
-		# Uses w3m
-		emake -C doc man txt
-	fi
-
-	emake all docs $(usev !html 'ADOC=true')
-}
-
-src_install() {
-	default
-
-	# Compatibility with other distributions who install to /etc/chrony.conf (bug #835461)
-	dosym -r /etc/chrony/chrony.conf /etc/chrony.conf
-
-	newinitd "${FILESDIR}"/chronyd.init-r2 chronyd
-	newconfd "${T}"/chronyd.conf chronyd
-
-	insinto /etc/${PN}
-	newins examples/chrony.conf.example1 chrony.conf
-
-	docinto examples
-	dodoc examples/*.example*
-
-	newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')"
-
-	if use html ; then
-		docinto html
-		dodoc doc/*.html
-	fi
-
-	keepdir /var/{lib,log}/chrony
-
-	if use caps ; then
-		# Prepare a directory for the chrony.drift file (a la ntpsec)
-		# Ensures the environment is sane on new installs
-		# bug #711058
-		fowners -R ntp:ntp /var/{lib,log}/chrony
-		fperms -R 770 /var/lib/chrony
-	fi
-
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/chrony-2.4-r1.logrotate chrony
-
-	systemd_dounit examples/chronyd.service
-	systemd_dounit examples/chrony-wait.service
-	systemd_enable_ntpunit 50-chrony chronyd.service
-}
-
-pkg_preinst() {
-	HAD_CAPS=0
-	HAD_SECCOMP=0
-	HAD_PRE_NEW_SECCOMP_LEVEL=0
-
-	# See https://dev.gentoo.org/~zmedico/portage/doc/portage.html#package-ebuild-phases-after-2.1.5
-	# in "Ebuild Phases" for an explanation of why we need to save the variable beforehand
-	if has_version 'net-misc/chrony[caps]' ; then
-		HAD_CAPS=1
-	fi
-
-	if has_version 'net-misc/chrony[seccomp]' ; then
-		HAD_SECCOMP=1
-	fi
-
-	if has_version '>=net-misc/chrony-4.1[seccomp]' ; then
-		# This version introduced a new filter level: -F 2
-		# It's a limited set of seccomp filters designed to be 'bare minimum'
-		HAD_PRE_NEW_SECCOMP_LEVEL=1
-	fi
-}
-
-pkg_postinst() {
-	tmpfiles_process chronyd.conf
-
-	if [[ -n "${REPLACING_VERSIONS}" ]] ; then
-		if use caps && ! [[ ${HAD_CAPS} -eq 1 ]] ; then
-			# bug #719876
-			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp"
-			ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony"
-			ewarn "This is necessary for chrony to drop privileges"
-		elif ! use caps && [[ ${HAD_CAPS} -eq 0 ]] ; then
-			ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by root:root"
-		fi
-	fi
-
-	# See bug #783915 for general discussion on enabling seccomp filtering
-	# by default.
-	local show_seccomp_enable_msg=0
-
-	# Was seccomp disabled before and now enabled?
-	if [[ ${HAD_SECCOMP} -eq 0 ]] && use seccomp ; then
-		show_seccomp_enable_msg=1
-	fi
-
-	# Are we coming from an old version without the new 'minimal' filter?
-	# (-F 2)
-	if [[ ${HAD_PRE_NEW_SECCOMP_LEVEL} -eq 0 ]] ; then
-		show_seccomp_enable_msg=1
-	fi
-
-	if [[ ${show_seccomp_enable_msg} -eq 1 ]] ; then
-		elog "To enable seccomp in a stricter mode, please modify:"
-		elog "- ${EROOT}/etc/conf.d/chronyd for OpenRC"
-		elog "- systemctl edit chronyd for systemd"
-		elog "to use -F 1 or -F -1 instead of -F 2 (see man chronyd)"
-		elog "By default, we now use -F 2 which is a baseline/minimal filter."
-	fi
-}

diff --git a/net-misc/chrony/files/chrony-4.3-strict-prototypes-clang16.patch b/net-misc/chrony/files/chrony-4.3-strict-prototypes-clang16.patch
deleted file mode 100644
index fb89a1eb3fef..000000000000
--- a/net-misc/chrony/files/chrony-4.3-strict-prototypes-clang16.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-https://git.tuxfamily.org/chrony/chrony.git/commit/?id=7b97668319f9449b4adb1a978bb1fe9b0fb22e4d
-https://bugs.gentoo.org/880519
-
-From 7b97668319f9449b4adb1a978bb1fe9b0fb22e4d Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Holger=20Hoffst=C3=A4tte?= <holger@applied-asynchrony.com>
-Date: Wed, 9 Nov 2022 09:17:14 +0100
-Subject: getdate: fix various warnings which will be errors with clang-16
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-These were found by Gentoo's QA while rebuilding the world with
-clang-16: https://bugs.gentoo.org/880519
-
-Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com>
-
---- a/getdate.y
-+++ b/getdate.y
-@@ -448,9 +448,9 @@ o_merid	: /* NULL */
-    the same signature as the function definition does. */
- #include "getdate.h"
- 
--extern struct tm	*gmtime ();
--extern struct tm	*localtime ();
--extern time_t		mktime ();
-+extern struct tm	*gmtime (const time_t *timep);
-+extern struct tm	*localtime (const time_t *timep);
-+extern time_t		mktime (struct tm *tm);
- 
- /* Month and day table. */
- static TABLE const MonthDayTable[] = {
-@@ -641,16 +641,13 @@ static TABLE const MilitaryTable[] = {
- 
- /* ARGSUSED */
- static int
--yyerror (s)
--     char *s ATTRIBUTE_UNUSED;
-+yyerror (char *s ATTRIBUTE_UNUSED)
- {
-   return 0;
- }
- 
- static int
--ToHour (Hours, Meridian)
--     int Hours;
--     MERIDIAN Meridian;
-+ToHour (int Hours, MERIDIAN Meridian)
- {
-   switch (Meridian)
-     {
-@@ -677,8 +674,7 @@ ToHour (Hours, Meridian)
- }
- 
- static int
--ToYear (Year)
--     int Year;
-+ToYear (int Year)
- {
-   if (Year < 0)
-     Year = -Year;
-@@ -694,8 +690,7 @@ ToYear (Year)
- }
- 
- static int
--LookupWord (buff)
--     char *buff;
-+LookupWord (char *buff)
- {
-   register char *p;
-   register char *q;
-cgit v0.10.2