diff --git a/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/files/ntp.conf b/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/files/ntp.conf index 97bed8dd13..8411960435 100644 --- a/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/files/ntp.conf +++ b/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/files/ntp.conf @@ -1,34 +1,8 @@ -# NOTES: -# DHCP clients can append or replace NTP configuration files. -# You should consult your DHCP client documentation about its -# default behaviour and how to change it. - -# Name of the servers ntpd should sync with -# Please respect the access policy as stated by the responsible person. -#server ntp.example.tld iburst - -# Common pool for random people -#server pool.ntp.org - -# Pools for Gentoo users -server 0.gentoo.pool.ntp.org -server 1.gentoo.pool.ntp.org -server 2.gentoo.pool.ntp.org -server 3.gentoo.pool.ntp.org - -## -# A list of available servers can be found here: -# http://www.pool.ntp.org/ -# http://www.pool.ntp.org/#use -# A good way to get servers for your machine is: -# netselect -s 3 pool.ntp.org -## - -# you should not need to modify the following paths -driftfile /var/lib/ntp/ntp.drift - -#server ntplocal.example.com prefer -#server timeserver.example.org +# Common pool +server 0.pool.ntp.org +server 1.pool.ntp.org +server 2.pool.ntp.org +server 3.pool.ntp.org # Warning: Using default NTP settings will leave your NTP # server accessible to all hosts on the Internet. @@ -37,18 +11,9 @@ driftfile /var/lib/ntp/ntp.drift # from accessing the NTP server, uncomment: #restrict default ignore - # Default configuration: # - Allow only time queries, at a limited rate, sending KoD when in excess. # - Allow all local queries (IPv4, IPv6) restrict default nomodify nopeer noquery limited kod restrict 127.0.0.1 restrict [::1] - - -# To allow machines within your network to synchronize -# their clocks with your server, but ensure they are -# not allowed to configure the server or used as peers -# to synchronize against, uncomment this line. -# -#restrict 192.168.0.0 mask 255.255.255.0 nomodify nopeer notrap diff --git a/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/files/ntp.tmpfiles b/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/files/ntp.tmpfiles new file mode 100644 index 0000000000..ac582aaeab --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/files/ntp.tmpfiles @@ -0,0 +1,2 @@ +d /var/lib/ntp 0755 ntp ntp - - +L /etc/ntp.conf - - - - /usr/share/ntp/ntp.conf diff --git a/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/files/ntpd.service b/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/files/ntpd.service index 0b6109037c..2317d94d30 100644 --- a/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/files/ntpd.service +++ b/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/files/ntpd.service @@ -3,7 +3,7 @@ Description=Network Time Service After=ntpdate.service sntp.service [Service] -ExecStart=/usr/sbin/ntpd -g -n +ExecStart=/usr/sbin/ntpd -g -n -u ntp:ntp -f /var/lib/ntp/ntp.drift PrivateTmp=true [Install] diff --git a/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/ntp-4.2.6_p5-r10.ebuild b/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/ntp-4.2.6_p5-r10.ebuild index 2135a64c93..a2b04482fb 100644 --- a/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/ntp-4.2.6_p5-r10.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/net-misc/ntp/ntp-4.2.6_p5-r10.ebuild @@ -87,6 +87,7 @@ src_install() { keepdir /var/lib/ntp use prefix || fowners ntp:ntp /var/lib/ntp + systemd_newtmpfilesd "${FILESDIR}"/ntp.tmpfiles ntp.conf if use openntpd ; then cd "${ED}" @@ -96,6 +97,10 @@ src_install() { else systemd_dounit "${FILESDIR}"/ntpd.service systemd_enable_ntpunit 60-ntpd ntpd.service + if ! use caps ; then + sed -i "s|-u ntp:ntp||" \ + "${ED}/$(systemd_get_unitdir)/ntpd.service" || die + fi fi systemd_dounit "${FILESDIR}"/ntpdate.service