| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
| |
Explicitly mention the support of NTS (or the lack of it) in the description of chrony and chrony-nts
Signed-off-by: Reguna <60984878+regunakyle@users.noreply.github.com>
|
| |
|
|
|
|
|
|
| |
When the service is started, wait for the clock to be synchronized for
up to 5 minutes and provide the stratum action once for ntp hotplug
scripts.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Automatically compute and substitute current values for all
$(AUTORELEASE) instances as this feature is deprecated and shouldn't be
used.
The following temporary change was made to the core:
diff --git a/rules.mk b/rules.mk
index 57d7995d4fa8..f16367de87a8 100644
--- a/rules.mk
+++ b/rules.mk
@@ -429,7 +429,7 @@ endef
abi_version_str = $(subst -,,$(subst _,,$(subst .,,$(1))))
COMMITCOUNT = $(if $(DUMP),0,$(call commitcount))
-AUTORELEASE = $(if $(DUMP),0,$(call commitcount,1))
+AUTORELEASE = $(if $(DUMP),0,$(shell sed -i "s/\$$(AUTORELEASE)/$(call commitcount,1)/" $(CURDIR)/Makefile))
all:
FORCE: ;
And this command used to fix affected packages:
for i in $(cd feeds/packages; git grep -l PKG_RELEASE:=.*AUTORELEASE | \
sed 's^.*/\([^/]*\)/Makefile^\1^';);
do
make package/$i/download
done
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
See commit 07730ff3 "treewide: add support for "lto" in PKG_BUILD_FLAGS"
on the main repository.
Note: Some packages only added `-flto` to CFLAGS and not LDFLAGS. This
fixes it and properly enables LTO.
Signed-off-by: Andre Heider <a.heider@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
|
|
| |
Avoid building unused gnutls and ca dependencies
Signed-off-by: Boris Krasnovskiy <borkra@gmail.com>
|
| |
|
|
|
|
|
|
| |
Size difference of the ipk on qoriq:
* chrony: 718571 676886
* chrony-nts: 786960 757064
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
| |
|
|
|
|
|
| |
Enable AUTORELEASE in a separate commit so that the next commit can be
reverted without having to manually re-introduce it.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Both packages provide the same files:
/usr/bin/chronyc
/usr/sbin/chronyd
/etc/chrony/chrony.conf
/etc/hotplug.d/iface/20-chrony
/etc/init.d/chronyd
They should not be installed side by side.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The chrony interface hotplug script reuses the handle_allow function
from the init script to allow NTP access on interfaces specified in uci.
The function requires /lib/functions/network.sh. Include the file in the
hotplug script to make the function work as expected.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Extend configuration of NTP sources in UCI:
- Add nts option to enable NTS
- Add disabled option to allow inactive sources
Add nts section to UCI with:
- rtccheck option to disable certificate time checks on systems that
don't have an RTC to avoid the chicken-and-egg problem (it is less
secure, but still should be better than no NTS at all)
- systemcerts option to disable system certificates
- trustedcerts option to specify path to trusted certificates
Save NTS keys and cookies by default to avoid unnecessary NTS-KE
sessions when restarted or switching back to an already used NTS source.
Also, save the drift to stabilize the clock after chronyd restart.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Fix the init script to allow access from IPv6 subnets of the interface
specified in allow section in /etc/config/chrony.
Fixes issue #7039.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
|
|
|
| |
Don't use the Nettle library (or NSS, libtomcrypt) even if it is
available.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
|
|
| |
A + sign does not have meaning in build depends.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Else the system will always stay in UNSYNC state.
Even if there is no real RTC.
See chrony minimal config:
http://chrony.tuxfamily.org/faq.html#_what_is_the_minimum_recommended_configuration_for_an_ntp_client
Signed-off-by: Stefan Sydow <st@metafly.info>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
| |
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
|
|
| |
Fixes CVE-2016-1567.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- fix the init script to read the right config
- rework the init script to allow reusing its code in the hotplug script
- find wan interfaces in the hotplug script instead of using hardcoded
name and set the online/offline status separately for IPv4/IPv6
- allow NTP access on interfaces that are configured after chronyd start
- add NTP servers obtained from DHCP, options are specified in a new
dhcp_ntp_server config section
- start chronyd before the network service, include a patch to always
have IP_FREEBIND defined, which seems to be missing with uclibc
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
| |
|
|
|
|
|
| |
Support for authentication with command key was replaced with
communication over Unix domain socket.
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|
|
|
Signed-off-by: Miroslav Lichvar <mlichvar0@gmail.com>
|