diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2018-03-02 15:59:12 +0000 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2018-03-02 15:59:12 +0000 |
| commit | 06a7b5647e11a8ddf69b1c3d3ded6a8ba28b923e (patch) | |
| tree | 8d58c1f4b049da677b33209b072f2b3057268fe0 /net-misc/ntpsec/files | |
| parent | 99abbc5e5a6ecd3fc981b45646fd8cb5d320377b (diff) | |
gentoo resync : 02.03.2018
Diffstat (limited to 'net-misc/ntpsec/files')
| -rw-r--r-- | net-misc/ntpsec/files/ntp.conf | 21 | ||||
| -rw-r--r-- | net-misc/ntpsec/files/ntpd.confd | 5 | ||||
| -rw-r--r-- | net-misc/ntpsec/files/ntpd.rc-r2 (renamed from net-misc/ntpsec/files/ntpd.rc-r1) | 2 | ||||
| -rw-r--r-- | net-misc/ntpsec/files/ntpsec-1.0.0-fix-seccomp.patch | 16 |
4 files changed, 39 insertions, 5 deletions
diff --git a/net-misc/ntpsec/files/ntp.conf b/net-misc/ntpsec/files/ntp.conf new file mode 100644 index 000000000000..e8d68d2ba9bf --- /dev/null +++ b/net-misc/ntpsec/files/ntp.conf @@ -0,0 +1,21 @@ +# This is a Gentoo specific configuration file so ntpsec +# works out of the box as a client. Upstream configuration +# can be found in /etc/ntp.d/, but these are not used by +# this file. They are provided as a guide to more complex +# configurations. For more information on how to configure +# ntpsec see https://docs.ntpsec.org/latest/ + +# Pools for Gentoo users +pool 0.gentoo.pool.ntp.org +pool 1.gentoo.pool.ntp.org +pool 2.gentoo.pool.ntp.org +pool 3.gentoo.pool.ntp.org + +# These are the restrictions most people want +restrict default kod limited nomodify nopeer noquery +restrict -6 default kod limited nomodify nopeer noquery +restrict 127.0.0.1 +restrict -6 ::1 + +# Don't change this location. +driftfile /var/lib/ntp/ntp.drift diff --git a/net-misc/ntpsec/files/ntpd.confd b/net-misc/ntpsec/files/ntpd.confd index 92c553a62615..50c1aac60665 100644 --- a/net-misc/ntpsec/files/ntpd.confd +++ b/net-misc/ntpsec/files/ntpd.confd @@ -1,7 +1,4 @@ # /etc/conf.d/ntpd -# Options to pass to the ntpd process -# Most people should leave this line alone ... -# however, if you know what you're doing, feel free to tweak -#NTPD_OPTS="-g -n -u ntp:ntp" +# Most people should leave this line alone. NTPD_OPTS="-g -u ntp:ntp" diff --git a/net-misc/ntpsec/files/ntpd.rc-r1 b/net-misc/ntpsec/files/ntpd.rc-r2 index dbe76c85e536..13fcbdd092d2 100644 --- a/net-misc/ntpsec/files/ntpd.rc-r1 +++ b/net-misc/ntpsec/files/ntpd.rc-r2 @@ -4,7 +4,7 @@ # $Id$ description="ntpd - the network time protocol daemon" -pidfile="/var/run/ntpd.pid" +pidfile="/run/ntpd.pid" command="/usr/sbin/ntpd" command_args="-p ${pidfile} ${NTPD_OPTS}" start_stop_daemon_args="--pidfile ${pidfile}" diff --git a/net-misc/ntpsec/files/ntpsec-1.0.0-fix-seccomp.patch b/net-misc/ntpsec/files/ntpsec-1.0.0-fix-seccomp.patch new file mode 100644 index 000000000000..b9716569f631 --- /dev/null +++ b/net-misc/ntpsec/files/ntpsec-1.0.0-fix-seccomp.patch @@ -0,0 +1,16 @@ +This is a backport of https://gitlab.com/NTPsec/ntpsec/commit/eef92d6217da03ad2ae41e298d110bdb05031381 + +diff -Naur ntpsec-1.0.0.orig/ntpd/ntp_sandbox.c ntpsec-1.0.0/ntpd/ntp_sandbox.c +--- ntpsec-1.0.0.orig/ntpd/ntp_sandbox.c 2017-10-09 23:54:39.000000000 -0400 ++++ ntpsec-1.0.0/ntpd/ntp_sandbox.c 2018-02-28 07:31:28.381406881 -0500 +@@ -354,6 +354,10 @@ + SCMP_SYS(write), + SCMP_SYS(unlink), + ++#ifdef ENABLE_EARLY_DROPROOT ++ SCMP_SYS(getdents), ++#endif ++ + #ifdef ENABLE_DNS_LOOKUP + /* Don't comment out this block for testing. + * pthread_create blocks signals so it will crash |