#!/bin/sh # # $FreeBSD$ # # PROVIDE: ntpd # REQUIRE: DAEMON ntpdate FILESYSTEMS devfs # BEFORE: LOGIN # KEYWORD: nojail shutdown . /etc/rc.subr name="ntpd" desc="Network Time Protocol daemon" rcvar="ntpd_enable" command="/usr/sbin/${name}" pidfile="/var/run/${name}.pid" extra_commands="fetch needfetch" fetch_cmd="ntpd_fetch_leapfile" needfetch_cmd="ntpd_needfetch_leapfile" start_precmd="ntpd_precmd" load_rc_config $name ntpd_precmd() { rc_flags="-c ${ntpd_config} ${ntpd_flags}" if checkyesno ntpd_sync_on_start; then rc_flags="-g $rc_flags" fi ntpd_init_leapfile if [ ! -f $ntp_db_leapfile ]; then ntpd_fetch_leapfile fi if [ -z "$ntpd_chrootdir" ]; then return 0; fi # If running in a chroot cage, ensure that the appropriate files # exist inside the cage, as well as helper symlinks into the cage # from outside. # # As this is called after the is_running and required_dir checks # are made in run_rc_command(), we can safely assume ${ntpd_chrootdir} # exists and ntpd isn't running at this point (unless forcestart # is used). # if [ ! -c "${ntpd_chrootdir}/dev/clockctl" ]; then rm -f "${ntpd_chrootdir}/dev/clockctl" ( cd /dev ; /bin/pax -rw -pe clockctl "${ntpd_chrootdir}/dev" ) fi ln -fs "${ntpd_chrootdir}/var/db/ntp.drift" /var/db/ntp.drift ln -fs "${ntpd_chrootdir}${ntp_tmp_leapfile}" ${ntp_tmp_leapfile} # Change run_rc_commands()'s internal copy of $ntpd_flags # rc_flags="-u ntpd:ntpd -i ${ntpd_chrootdir} $rc_flags" } current_ntp_ts() { # Seconds between 1900-01-01 and 1970-01-01 # echo $(((70*365+17)*86400)) ntp_to_unix=2208988800 echo $(($(date -u +%s)+$ntp_to_unix)) } get_ntp_leapfile_ver() { # Leapfile update date (version number). expr "$(awk '$1 == "#$" { print $2 }' "$1" 2>/dev/null)" : \ '^\([1-9][0-9]*\)$' \| 0 } get_ntp_leapfile_expiry() { # Leapfile expiry date. expr "$(awk '$1 == "#@" { print $2 }' "$1" 2>/dev/null)" : \ '^\([1-9][0-9]*\)$' \| 0 } ntpd_init_leapfile() { # Refresh working leapfile with an invalid hash due to # FreeBSD id header. Ntpd will ignore leapfiles with a # mismatch hash. The file must be the virgin file from # the source. if [ ! -f $ntp_db_leapfile ]; then cp -p $ntp_src_leapfile $ntp_db_leapfile fi } ntpd_needfetch_leapfile() { local ntp_tmp_leapfile rc verbose if checkyesno ntp_leapfile_fetch_verbose; then verbose=echo else verbose=: fi ntp_tmp_leapfile="/var/run/ntpd.leap-seconds.list" ntp_ver_no_src=$(get_ntp_leapfile_ver $ntp_src_leapfile) ntp_expiry_src=$(get_ntp_leapfile_expiry $ntp_src_leapfile) ntp_ver_no_db=$(get_ntp_leapfile_ver $ntp_db_leapfile) ntp_expiry_db=$(get_ntp_leapfile_expiry $ntp_db_leapfile) $verbose ntp_src_leapfile version is $ntp_ver_no_src $verbose ntp_db_leapfile version is $ntp_ver_no_db if [ "$ntp_ver_no_src" -gt "$ntp_ver_no_db" -o \ "$ntp_ver_no_src" -eq "$ntp_ver_no_db" -a \ "$ntp_expiry_src" -gt "$ntp_expiry_db" ]; then $verbose replacing $ntp_db_leapfile with $ntp_src_leapfile cp -p $ntp_src_leapfile $ntp_db_leapfile ntp_ver_no_db=$ntp_ver_no_src else $verbose not replacing $ntp_db_leapfile with $ntp_src_leapfile fi ntp_leapfile_expiry_seconds=$((ntp_leapfile_expiry_days*86400)) ntp_leap_expiry=$(get_ntp_leapfile_expiry $ntp_db_leapfile) ntp_leap_fetch_date=$((ntp_leap_expiry-ntp_leapfile_expiry_seconds)) if [ $(current_ntp_ts) -ge $ntp_leap_fetch_date ]; then $verbose Within ntp leapfile expiry limit, initiating fetch # Return code 0: ntp leapfile fetch needed return 0 fi # Return code 1: ntp leapfile fetch not needed return 1 } ntpd_fetch_leapfile() { if checkyesno ntp_leapfile_fetch_verbose; then verbose=echo else verbose=: fi if ntpd_needfetch_leapfile ; then for url in $ntp_leapfile_sources ; do $verbose fetching $url fetch $ntp_leapfile_fetch_opts -o $ntp_tmp_leapfile $url && break done ntp_ver_no_tmp=$(get_ntp_leapfile_ver $ntp_tmp_leapfile) ntp_expiry_tmp=$(get_ntp_leapfile_expiry $ntp_tmp_leapfile) if [ "$ntp_ver_no_tmp" -gt "$ntp_ver_no_db" -o \ "$ntp_ver_no_tmp" -eq "$ntp_ver_no_db" -a \ "$ntp_expiry_tmp" -gt "$ntp_expiry_db" ]; then $verbose using $url as $ntp_db_leapfile mv $ntp_tmp_leapfile $ntp_db_leapfile else $verbose using existing $ntp_db_leapfile fi fi } run_rc_command "$1"