summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSam James <sam@gentoo.org>2022-06-12 12:59:14 +0100
committerSam James <sam@gentoo.org>2022-06-12 12:59:14 +0100
commit11ceb07fe0233dc7dd3c9596a6b256aa6c81acb9 (patch)
tree6f11422bdd82535e8d3422bedc71a5fd37207a74 /net-misc/ntpsec
parentdev-python/iocapture: Stabilize 0.1.2-r3 ALLARCHES, #851342 (diff)
downloadgentoo-11ceb07fe0233dc7dd3c9596a6b256aa6c81acb9.tar.gz
gentoo-11ceb07fe0233dc7dd3c9596a6b256aa6c81acb9.tar.bz2
gentoo-11ceb07fe0233dc7dd3c9596a6b256aa6c81acb9.zip
net-misc/ntpsec: backport glibc[nsd] seccomp patch
Closes: https://bugs.gentoo.org/851531 Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'net-misc/ntpsec')
-rw-r--r--net-misc/ntpsec/files/ntpsec-1.2.1-seccomp-nsd.patch34
-rw-r--r--net-misc/ntpsec/ntpsec-1.2.1-r5.ebuild178
2 files changed, 212 insertions, 0 deletions
diff --git a/net-misc/ntpsec/files/ntpsec-1.2.1-seccomp-nsd.patch b/net-misc/ntpsec/files/ntpsec-1.2.1-seccomp-nsd.patch
new file mode 100644
index 000000000000..5b7a4e51374c
--- /dev/null
+++ b/net-misc/ntpsec/files/ntpsec-1.2.1-seccomp-nsd.patch
@@ -0,0 +1,34 @@
+https://gitlab.com/NTPsec/ntpsec/-/commit/a49d53b7fe1d
+https://bugs.gentoo.org/851531
+
+From: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
+Date: Sat, 11 Jun 2022 15:16:15 +0200
+Subject: [PATCH] ntpd/ntp_sandbox.c: allow readv() for glibc nscd
+ getaddrinfo() provider
+
+Otherwise, ntpd crashes from time to time with the following stack trace:
+#0 0x00007f5763bfac4d in readv () from /lib64/libc.so.6
+#1 0x00007f5763c48b4c in __readvall () from /lib64/libc.so.6
+#2 0x00007f5763c467ed in nscd_gethst_r () from /lib64/libc.so.6
+#3 0x00007f5763c46c0d in __nscd_gethostbyname2_r () from /lib64/libc.so.6
+#4 0x00007f5763c15a2a in gethostbyname2_r () from /lib64/libc.so.6
+#5 0x00007f5763bed3ca in gaih_inet.constprop () from /lib64/libc.so.6
+#6 0x00007f5763bee225 in getaddrinfo () from /lib64/libc.so.6
+#7 0x000055fcf0ad6544 in open_TCP_socket ()
+#8 0x000055fcf0ad79b4 in nts_probe ()
+#9 0x000055fcf0ac37c4 in dns_lookup ()
+#10 0x00007f5763b8205a in start_thread () from /lib64/libc.so.6
+#11 0x00007f5763c05d1c in clone3 () from /lib64/libc.so.6
+
+Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
+--- a/ntpd/ntp_sandbox.c
++++ b/ntpd/ntp_sandbox.c
+@@ -357,6 +357,7 @@ int scmp_sc[] = {
+ SCMP_SYS(poll),
+ SCMP_SYS(pselect6),
+ SCMP_SYS(read),
++ SCMP_SYS(readv), /* nscd getaddrinfo() provider */
+ SCMP_SYS(recvfrom), /* Comment this out for testing.
+ * It will die on the first reply.
+ * (Or maybe sooner if a request arrives.)
+GitLab
diff --git a/net-misc/ntpsec/ntpsec-1.2.1-r5.ebuild b/net-misc/ntpsec/ntpsec-1.2.1-r5.ebuild
new file mode 100644
index 000000000000..faba59c221e6
--- /dev/null
+++ b/net-misc/ntpsec/ntpsec-1.2.1-r5.ebuild
@@ -0,0 +1,178 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{8..10} )
+PYTHON_REQ_USE='threads(+)'
+DISTUTILS_USE_SETUPTOOLS=no
+
+inherit distutils-r1 flag-o-matic waf-utils systemd
+
+if [[ ${PV} == *9999* ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://gitlab.com/NTPsec/ntpsec.git"
+else
+ SRC_URI="ftp://ftp.ntpsec.org/pub/releases/${P}.tar.gz"
+ KEYWORDS="~amd64 ~arm ~arm64 ~riscv ~x86"
+fi
+
+DESCRIPTION="The NTP reference implementation, refactored"
+HOMEPAGE="https://www.ntpsec.org/"
+
+NTPSEC_REFCLOCK=(
+ oncore trimble truetime gpsd jjy generic spectracom
+ shm pps hpgps zyfer arbiter nmea modem local
+)
+
+IUSE_NTPSEC_REFCLOCK=${NTPSEC_REFCLOCK[@]/#/rclock_}
+
+LICENSE="HPND MIT BSD-2 BSD CC-BY-SA-4.0"
+SLOT="0"
+IUSE="${IUSE_NTPSEC_REFCLOCK} debug doc early gdb heat libbsd nist ntpviz samba seccomp smear" #ionice
+REQUIRED_USE="${PYTHON_REQUIRED_USE} nist? ( rclock_local )"
+
+# net-misc/pps-tools oncore,pps
+DEPEND="${PYTHON_DEPS}
+ dev-libs/openssl:=
+ dev-python/psutil[${PYTHON_USEDEP}]
+ sys-libs/libcap
+ libbsd? ( dev-libs/libbsd:0= )
+ seccomp? ( sys-libs/libseccomp )
+ rclock_oncore? ( net-misc/pps-tools )
+ rclock_pps? ( net-misc/pps-tools )"
+RDEPEND="${DEPEND}
+ !net-misc/ntp
+ !net-misc/openntpd
+ acct-group/ntp
+ acct-user/ntp
+ ntpviz? ( sci-visualization/gnuplot media-fonts/liberation-fonts )"
+BDEPEND=">=app-text/asciidoc-8.6.8
+ dev-libs/libxslt
+ app-text/docbook-xsl-stylesheets
+ sys-devel/bison"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-1.1.9-remove-asciidoctor-from-config.patch"
+ "${FILESDIR}/${PN}-1.2.1-seccomp-rollup.patch"
+ "${FILESDIR}/${PN}-1.2.1-seccomp-rseq-glibc-2.35.patch"
+ "${FILESDIR}/${PN}-1.2.1-build-notests.patch"
+ "${FILESDIR}/${PN}-py3-test-clarify.patch"
+ "${FILESDIR}/${PN}-1.2.1-seccomp-nsd.patch"
+)
+
+WAF_BINARY="${S}/waf"
+
+src_prepare() {
+ default
+
+ # Remove autostripping of binaries
+ sed -i -e '/Strip binaries/d' wscript || die
+ if ! use libbsd ; then
+ eapply "${FILESDIR}/${PN}-no-bsd.patch"
+ fi
+ # remove extra default pool servers
+ sed -i '/use-pool/s/^/#/' "${S}"/etc/ntp.d/default.conf || die
+
+ python_copy_sources
+}
+
+src_configure() {
+ is-flagq -flto* && filter-flags -flto* -fuse-linker-plugin
+
+ local string_127=""
+ local rclocks="";
+ local CLOCKSTRING=""
+
+ for refclock in ${NTPSEC_REFCLOCK[@]} ; do
+ if use rclock_${refclock} ; then
+ string_127+="$refclock,"
+ fi
+ done
+ CLOCKSTRING="`echo ${string_127}|sed 's|,$||'`"
+
+ local myconf=(
+ --notests
+ --nopyc
+ --nopyo
+ --enable-pylib ext
+ --refclock="${CLOCKSTRING}"
+ #--build-epoch="$(date +%s)"
+ $(use doc || echo "--disable-doc")
+ $(use early && echo "--enable-early-droproot")
+ $(use gdb && echo "--enable-debug-gdb")
+ $(use samba && echo "--enable-mssntp")
+ $(use seccomp && echo "--enable-seccomp")
+ $(use smear && echo "--enable-leap-smear")
+ $(use debug && echo "--enable-debug")
+ )
+
+ python_configure() {
+ waf-utils_src_configure "${myconf[@]}"
+ }
+ python_foreach_impl run_in_build_dir python_configure
+}
+
+src_compile() {
+ unset MAKEOPTS
+ python_compile() {
+ waf-utils_src_compile --notests
+ }
+ python_foreach_impl run_in_build_dir python_compile
+}
+
+src_test() {
+ python_compile() {
+ waf-utils_src_compile check
+ }
+ python_foreach_impl run_in_build_dir python_compile
+}
+
+python_test() {
+ # Silence QA warning as we're running tests via src_test anyway.
+ :;
+}
+
+src_install() {
+ python_install() {
+ waf-utils_src_install --notests
+ python_fix_shebang "${ED}"
+ }
+ python_foreach_impl run_in_build_dir python_install
+ python_foreach_impl python_optimize
+
+ # Install heat generating scripts
+ use heat && dosbin "${S}"/contrib/ntpheat{,usb}
+
+ # Install the openrc files
+ newinitd "${FILESDIR}"/ntpd.rc-r3 ntp
+ newconfd "${FILESDIR}"/ntpd.confd ntp
+
+ # Install the systemd unit file
+ systemd_newunit "${FILESDIR}"/ntpd-r1.service ntpd.service
+
+ # Prepare a directory for the ntp.drift file
+ mkdir -pv "${ED}"/var/lib/ntp
+ chown ntp:ntp "${ED}"/var/lib/ntp
+ chmod 770 "${ED}"/var/lib/ntp
+ keepdir /var/lib/ntp
+
+ # Install a log rotate script
+ mkdir -pv "${ED}"/etc/logrotate.d
+ cp -v "${S}"/etc/logrotate-config.ntpd "${ED}"/etc/logrotate.d/ntpd
+
+ # Install the configuration file and sample configuration
+ cp -v "${FILESDIR}"/ntp.conf "${ED}"/etc/ntp.conf
+ cp -Rv "${S}"/etc/ntp.d/ "${ED}"/etc/
+
+ # move doc files to /usr/share/doc/"${P}"
+ use doc && mv -v "${ED}"/usr/share/doc/"${PN}" "${ED}"/usr/share/doc/"${P}"/html
+}
+
+pkg_postinst() {
+ einfo "If you want to serve time on your local network, then"
+ einfo "you should disable all the ref_clocks unless you have"
+ einfo "one and can get stable time from it. Feel free to try"
+ einfo "it but PPS probably won't work unless you have a UART"
+ einfo "GPS that actually provides PPS messages."
+}