Switching to OpenNTPD

Joerg Sonnenberger joerg at britannica.bec.de
Tue Nov 9 14:17:52 PST 2004


Hi all,
the attached patch switches from ntp.org's ntpd to OpenNTPD. This means:
- a much smaller ntpd
- a much more secure daemon
- less features
- ATM no ntptrace
- ntpdate functionality is mostly integrated into ntpd, this is the default
  behaviour (sync if time difference is greater > 180 seconds, otherwise use
  normal algorithm)
- no support/need for the other helper programs of ntp

Just setup /etc/ntpd.conf (not /etc/ntp.conf!) e.g. with the following
content should be enough:
servers pool.ntp.org

With no objections, with goes into the tree tomorrow.

Joerg
Index: UPDATING
===================================================================
RCS file: /home/joerg/wd/repository/dragonflybsd/src/UPDATING,v
retrieving revision 1.8
diff -u -r1.8 UPDATING
--- UPDATING	27 Oct 2004 02:51:41 -0000	1.8
+++ UPDATING	9 Nov 2004 21:55:46 -0000
@@ -17,12 +17,16 @@
 add any that are missing:
 
 smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/sbin/nologin
+_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/sbin/nologin
+_ntp:*:65:65::0:0:ntpd privsep user:/var/empty:/sbin/nologin
 
 The following groups may be missing from your group file.  Use vi /etc/group
 and add any that are missing:
 
 smmsp:*:25:
 authpf:*:63:
+_pflogd:*:64:
+_ntp:*:65:
 
 
 > Upgrading to DragonFly from FreeBSD
Index: usr.sbin/Makefile
===================================================================
RCS file: /home/joerg/wd/repository/dragonflybsd/src/usr.sbin/Makefile,v
retrieving revision 1.15
diff -u -r1.15 Makefile
--- usr.sbin/Makefile	30 Oct 2004 20:26:44 -0000	1.15
+++ usr.sbin/Makefile	9 Nov 2004 21:58:10 -0000
@@ -62,7 +62,7 @@
 	newsyslog \
 	ngctl \
 	nghook \
-	ntp \
+	ntpd \
 	pccard \
 	pciconf \
 	periodic \
Index: etc/ftpusers
===================================================================
RCS file: /home/joerg/wd/repository/dragonflybsd/src/etc/ftpusers,v
retrieving revision 1.4
diff -u -r1.4 ftpusers
--- etc/ftpusers	21 Sep 2004 21:25:28 -0000	1.4
+++ etc/ftpusers	9 Nov 2004 21:55:19 -0000
@@ -17,6 +17,7 @@
 sshd
 bind
 proxy
+_ntp
 _pflogd
 uucp
 xten
Index: etc/group
===================================================================
RCS file: /home/joerg/wd/repository/dragonflybsd/src/etc/group,v
retrieving revision 1.3
diff -u -r1.3 group
--- etc/group	21 Sep 2004 21:25:28 -0000	1.3
+++ etc/group	9 Nov 2004 21:32:42 -0000
@@ -21,6 +21,7 @@
 proxy:*:62:
 authpf:*:63:
 _pflogd:*:64:
+_ntp:*:65:
 uucp:*:66:
 xten:*:67:xten
 dialer:*:68:
Index: etc/master.passwd
===================================================================
RCS file: /home/joerg/wd/repository/dragonflybsd/src/etc/master.passwd,v
retrieving revision 1.3
diff -u -r1.3 master.passwd
--- etc/master.passwd	21 Sep 2004 21:25:28 -0000	1.3
+++ etc/master.passwd	9 Nov 2004 21:32:47 -0000
@@ -15,8 +15,9 @@
 smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/sbin/nologin
 mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/sbin/nologin
 bind:*:53:53::0:0:Bind Sandbox:/:/sbin/nologin
-proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
-_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
+proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/sbin/nologin
+_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/sbin/nologin
+_ntp:*:65:65::0:0:ntpd privsep user:/var/empty:/sbin/nologin
 uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/libexec/uucp/uucico
 xten:*:67:67::0:0:X-10 daemon:/usr/local/xten:/sbin/nologin
 pop:*:68:6::0:0:Post Office Owner:/nonexistent:/sbin/nologin
Index: etc/defaults/rc.conf
===================================================================
RCS file: /home/joerg/wd/repository/dragonflybsd/src/etc/defaults/rc.conf,v
retrieving revision 1.16
diff -u -r1.16 rc.conf
--- etc/defaults/rc.conf	22 Oct 2004 20:26:11 -0000	1.16
+++ etc/defaults/rc.conf	9 Nov 2004 21:38:29 -0000
@@ -208,12 +208,9 @@
 ### Network Time Services options: ###
 timed_enable="NO"		# Run the time daemon (or NO).
 timed_flags=""			# Flags to timed (if enabled).
-ntpdate_enable="NO"		# Run ntpdate to sync time on boot (or NO).
-ntpdate_program="/usr/sbin/ntpdate"	# path to ntpdate, if you want a different one.
-ntpdate_flags="-b"		# Flags to ntpdate (if enabled).
 ntpd_enable="NO"		# Run ntpd Network Time Protocol (or NO).
 ntpd_program="/usr/sbin/ntpd"	# path to ntpd, if you want a different one.
-ntpd_flags="-p /var/run/ntpd.pid"	# Flags to ntpd (if enabled).
+ntpd_flags="-s"			# Flags to ntpd (if enabled).
 
 # Network Information Services (NIS) options: All need rpcbind_enable="YES" ###
 nis_client_enable="NO"		# We're an NIS client (or NO).
Index: etc/mail/aliases
===================================================================
RCS file: /home/joerg/wd/repository/dragonflybsd/src/etc/mail/aliases,v
retrieving revision 1.3
diff -u -r1.3 aliases
--- etc/mail/aliases	21 Sep 2004 21:25:28 -0000	1.3
+++ etc/mail/aliases	9 Nov 2004 21:55:24 -0000
@@ -24,6 +24,7 @@
 postmaster: root
 
 # General redirections for pseudo accounts
+_ntp:	root
 _pflogd: root
 bin:	root
 bind:	root
Index: etc/rc.d/ntpd
===================================================================
RCS file: /home/joerg/wd/repository/dragonflybsd/src/etc/rc.d/ntpd,v
retrieving revision 1.2
diff -u -r1.2 ntpd
--- etc/rc.d/ntpd	27 Jan 2004 00:42:45 -0000	1.2
+++ etc/rc.d/ntpd	9 Nov 2004 21:52:13 -0000
@@ -15,33 +15,6 @@
 name=ntpd
 rcvar=`set_rcvar`
 command="/usr/sbin/${name}"
-pidfile="/var/run/${name}.pid"
-required_files="/etc/ntp.conf"
-ntpd_precmd()
-{
-	if [ -z "$ntpd_chrootdir" ]; then
-		return 0;
-	fi
-
-	# If running in a chroot cage, ensure that the appropriate files
-	# exist inside the cage, as well as helper symlinks into the cage
-	# from outside.
-	#
-	# As this is called after the is_running and required_dir checks
-	# are made in run_rc_command(), we can safely assume ${ntpd_chrootdir}
-	# exists and ntpd isn't running at this point (unless forcestart
-	# is used).
-	#
-	if [ ! -c "${ntpd_chrootdir}/dev/clockctl" ]; then
-		rm -f "${ntpd_chrootdir}/dev/clockctl"
-		( cd /dev ; /bin/pax -rw -pe clockctl "${ntpd_chrootdir}/dev" )
-	fi
-	ln -fs "${ntpd_chrootdir}/var/db/ntp.drift" /var/db/ntp.drift
-
-	#	Change run_rc_commands()'s internal copy of $ntpd_flags
-	#
-	rc_flags="-u ntpd:ntpd -i ${ntpd_chrootdir} $rc_flags"
-}
-
+required_files="/etc/ntpd.conf"
 load_rc_config $name
 run_rc_command "$1"
Index: etc/rc.d/ntpdate
===================================================================
RCS file: etc/rc.d/ntpdate
diff -N etc/rc.d/ntpdate
--- etc/rc.d/ntpdate	19 Nov 2003 10:32:45 -0000	1.2
+++ /dev/null	1 Jan 1970 00:00:00 -0000
@@ -1,49 +0,0 @@
-#!/bin/sh
-#
-# $NetBSD: ntpdate,v 1.8 2002/03/22 04:16:39 lukem Exp $
-# $FreeBSD: src/etc/rc.d/ntpdate,v 1.4 2002/10/12 10:31:31 schweikh Exp $
-# $DragonFly: src/etc/rc.d/ntpdate,v 1.2 2003/11/19 10:32:45 eirikn Exp $
-#
-
-# PROVIDE: ntpdate
-# REQUIRE: NETWORKING syslogd
-# KEYWORD: DragonFly FreeBSD NetBSD
-
-. /etc/rc.subr
-
-name="ntpdate"
-rcvar=`set_rcvar`
-
-case ${OSTYPE} in
-DragonFly)
-	command="/usr/sbin/${name}"
-	command_args=">/dev/null 2>&1"
-	pidfile="/var/run/${name}.pid"
-	;;
-FreeBSD)
-	command="/usr/sbin/${name}"
-	command_args=">/dev/null 2>&1"
-	pidfile="/var/run/${name}.pid"
-	;;
-NetBSD)
-	start_cmd="ntpdate_start"
-	stop_cmd=":"
-	;;
-esac
-
-ntpdate_start()
-{
-	if [ -z "$ntpdate_hosts" ]; then
-		ntpdate_hosts=`awk '
-			/^server[ \t]*127.127/      {next}
-			/^(server|peer)/            {print $2}
-		' </etc/ntp.conf`
-	fi
-	if [ -n "$ntpdate_hosts"  ]; then
-		echo "Setting date via ntp."
-		ntpdate $rc_flags $ntpdate_hosts
-	fi
-}
-
-load_rc_config $name
-run_rc_command "$1"




More information about the Submit mailing list