diff options
Diffstat (limited to 'net-misc/chrony/chrony-9999.ebuild')
-rw-r--r-- | net-misc/chrony/chrony-9999.ebuild | 97 |
1 files changed, 59 insertions, 38 deletions
diff --git a/net-misc/chrony/chrony-9999.ebuild b/net-misc/chrony/chrony-9999.ebuild index 7e6fadddffaa..eb58830becb9 100644 --- a/net-misc/chrony/chrony-9999.ebuild +++ b/net-misc/chrony/chrony-9999.ebuild @@ -8,19 +8,26 @@ inherit systemd tmpfiles toolchain-funcs DESCRIPTION="NTP client and server programs" HOMEPAGE="https://chrony.tuxfamily.org/ https://git.tuxfamily.org/chrony/chrony.git" -if [[ ${PV} == "9999" ]]; then - inherit git-r3 +if [[ ${PV} == "9999" ]] ; then EGIT_REPO_URI="https://git.tuxfamily.org/chrony/chrony.git" + inherit git-r3 else + VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/mlichvar.asc + inherit verify-sig + SRC_URI="https://download.tuxfamily.org/${PN}/${P/_/-}.tar.gz" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86" + SRC_URI+=" verify-sig? ( https://download.tuxfamily.org/chrony/${P/_/-}-tar-gz-asc.txt -> ${P/_/-}.tar.gz.asc )" + + if [[ ${PV} != *_pre* ]] ; then + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86" + fi fi S="${WORKDIR}/${P/_/-}" LICENSE="GPL-2" SLOT="0" -IUSE="+caps +cmdmon debug html ipv6 libedit +nettle nss +ntp +phc +nts pps +refclock +rtc samba +seccomp +sechash selinux libtomcrypt" +IUSE="+caps +cmdmon debug html ipv6 libedit libtomcrypt +nettle nss +ntp +nts +phc pps +refclock +rtc samba +seccomp +sechash selinux" # nettle > nss > libtomcrypt in configure REQUIRED_USE=" sechash? ( || ( nettle nss libtomcrypt ) ) @@ -29,16 +36,14 @@ REQUIRED_USE=" libtomcrypt? ( !nettle !nss ) !sechash? ( !nss ) !sechash? ( !nts? ( !nettle ) ) - nts? ( nettle ) " -RESTRICT="test" - -BDEPEND="nettle? ( virtual/pkgconfig )" -if [[ ${PV} == "9999" ]]; then +if [[ ${PV} == "9999" ]] ; then # Needed for doc generation in 9999 - BDEPEND+=" virtual/w3m" REQUIRED_USE+=" html" + BDEPEND+=" virtual/w3m" +else + BDEPEND+=" verify-sig? ( app-crypt/openpgp-keys-mlichvar )" fi DEPEND=" @@ -47,18 +52,26 @@ DEPEND=" acct-user/ntp sys-libs/libcap ) - nts? ( net-libs/gnutls:= ) libedit? ( dev-libs/libedit ) + !libedit? ( sys-libs/readline:= ) nettle? ( dev-libs/nettle:= ) nss? ( dev-libs/nss:= ) - seccomp? ( sys-libs/libseccomp ) - html? ( dev-ruby/asciidoctor ) + nts? ( net-libs/gnutls:= ) pps? ( net-misc/pps-tools ) + seccomp? ( sys-libs/libseccomp ) " RDEPEND=" ${DEPEND} selinux? ( sec-policy/selinux-chronyd ) " +BDEPEND=" + html? ( dev-ruby/asciidoctor ) + nts? ( virtual/pkgconfig ) + sechash? ( + nettle? ( virtual/pkgconfig ) + nss? ( virtual/pkgconfig ) + ) +" PATCHES=( "${FILESDIR}"/${PN}-3.5-pool-vendor-gentoo.patch @@ -76,13 +89,13 @@ src_prepare() { } src_configure() { - if ! use caps; then + if ! use caps ; then sed -i \ -e 's/ -u ntp//' \ "${T}"/chronyd.conf examples/chronyd.service || die fi - if ! use seccomp; then + if ! use seccomp ; then sed -i \ -e 's/ -F 0//' \ "${T}"/chronyd.conf examples/chronyd.service || die @@ -94,26 +107,28 @@ src_configure() { # on a system that is time-synced. export SOURCE_DATE_EPOCH=1607976314 - # not an autotools generated script + # Not an autotools generated script local myconf=( $(use_enable seccomp scfilter) - $(usex caps '' --disable-linuxcaps) - $(usex cmdmon '' --disable-cmdmon) + + $(usex caps '' '--disable-linuxcaps') + $(usex cmdmon '' '--disable-cmdmon') $(usex debug '--enable-debug' '') - $(usex ipv6 '' --disable-ipv6) - $(usex libedit '' --without-editline) - $(usex nettle '' --without-nettle) - $(usex nss '' --without-nss) - $(usex ntp '' --disable-ntp) - $(usex nts '' --disable-nts) - $(usex nts '' --without-gnutls) - $(usex phc '' --disable-phc) - $(usex pps '' --disable-pps) - $(usex refclock '' --disable-refclock) - $(usex rtc '' --disable-rtc) - $(usex samba --enable-ntp-signd '') - $(usex sechash '' --disable-sechash) - $(usex libtomcrypt '' --disable-tomcrypt) + $(usex ipv6 '' '--disable-ipv6') + $(usex libedit '' '--without-editline') + $(usex libtomcrypt '' '--without-tomcrypt') + $(usex nettle '' '--without-nettle') + $(usex nss '' '--without-nss') + $(usex ntp '' '--disable-ntp') + $(usex nts '' '--disable-nts') + $(usex nts '' '--without-gnutls') + $(usex phc '' '--disable-phc') + $(usex pps '' '--disable-pps') + $(usex refclock '' '--disable-refclock') + $(usex rtc '' '--disable-rtc') + $(usex samba '--enable-ntp-signd' '') + $(usex sechash '' '--disable-sechash') + --chronysockdir="${EPREFIX}/run/chrony" --docdir="${EPREFIX}/usr/share/doc/${PF}" --mandir="${EPREFIX}/usr/share/man" @@ -121,17 +136,18 @@ src_configure() { --sysconfdir="${EPREFIX}/etc/chrony" --with-hwclockfile="${EPREFIX}/etc/adjtime" --with-pidfile="${EPREFIX}/run/chrony/chronyd.pid" + ${EXTRA_ECONF} ) - # print the ./configure call + # Print the ./configure call echo sh ./configure "${myconf[@]}" >&2 sh ./configure "${myconf[@]}" || die } src_compile() { - if [[ ${PV} == "9999" ]]; then - # uses w3m + if [[ ${PV} == "9999" ]] ; then + # Uses w3m emake -C doc man txt fi @@ -152,16 +168,17 @@ src_install() { newtmpfiles - chronyd.conf <<<"d /run/chrony 0750 $(usex caps 'ntp ntp' 'root root')" - if use html; then + if use html ; then docinto html dodoc doc/*.html fi keepdir /var/{lib,log}/chrony - if use caps; then + if use caps ; then # Prepare a directory for the chrony.drift file (a la ntpsec) # Ensures the environment is sane on new installs + # bug #711058 fowners ntp:ntp /var/{lib,log}/chrony fperms 770 /var/lib/chrony fi @@ -178,6 +195,8 @@ pkg_preinst() { HAD_CAPS=false HAD_SECCOMP=false + # See https://dev.gentoo.org/~zmedico/portage/doc/portage.html#package-ebuild-phases-after-2.1.5 + # in "Ebuild Phases" for an explanation of why we need to save the variable beforehand if has_version 'net-misc/chrony[caps]' ; then HAD_CAPS=true fi @@ -185,7 +204,6 @@ pkg_preinst() { if has_version 'net-misc/chrony[seccomp]' ; then HAD_SECCOMP=true fi - } pkg_postinst() { @@ -193,6 +211,7 @@ pkg_postinst() { if [[ -n "${REPLACING_VERSIONS}" ]] ; then if use caps && ! ${HAD_CAPS} ; then + # bug #719876 ewarn "Please adjust permissions on ${EROOT}/var/{lib,log}/chrony to be owned by ntp:ntp" ewarn "e.g. chown -R ntp:ntp ${EROOT}/var/{lib,log}/chrony" ewarn "This is necessary for chrony to drop privileges" @@ -201,6 +220,8 @@ pkg_postinst() { fi fi + # TODO: Will try to re-enable before final release ideally? + # bug #783915 if [[ ! ${HAD_SECCOMP} ]] && use seccomp ; then elog "To enable seccomp in enforcing mode, please modify:" elog "- /etc/conf.d/chronyd for OpenRC" |