1#!/bin/sh 2# 3# $FreeBSD: stable/11/etc/rc.d/ntpd 335948 2018-07-04 14:01:56Z ian $ 4# 5 6# PROVIDE: ntpd 7# REQUIRE: DAEMON ntpdate FILESYSTEMS devfs 8# BEFORE: LOGIN 9# KEYWORD: nojail shutdown 10 11. /etc/rc.subr 12 13name="ntpd" 14desc="Network Time Protocol daemon" 15rcvar="ntpd_enable" 16command="/usr/sbin/${name}" 17pidfile="/var/run/${name}.pid" 18extra_commands="fetch needfetch" 19fetch_cmd="ntpd_fetch_leapfile" 20needfetch_cmd="ntpd_needfetch_leapfile" 21start_precmd="ntpd_precmd" 22 23_ntp_tmp_leapfile="/var/run/ntpd.leap-seconds.list" 24 25load_rc_config $name 26 27ntpd_precmd() 28{ 29 rc_flags="-c ${ntpd_config} ${ntpd_flags}" 30 31 if checkyesno ntpd_sync_on_start; then 32 rc_flags="-g $rc_flags" 33 fi 34 35 ntpd_init_leapfile 36 37 if [ ! -f $ntp_db_leapfile ]; then 38 ntpd_fetch_leapfile 39 fi 40 41 if [ -z "$ntpd_chrootdir" ]; then 42 return 0; 43 fi 44 45 # If running in a chroot cage, ensure that the appropriate files 46 # exist inside the cage, as well as helper symlinks into the cage 47 # from outside. 48 # 49 # As this is called after the is_running and required_dir checks 50 # are made in run_rc_command(), we can safely assume ${ntpd_chrootdir} 51 # exists and ntpd isn't running at this point (unless forcestart 52 # is used). 53 # 54 if [ ! -c "${ntpd_chrootdir}/dev/clockctl" ]; then 55 rm -f "${ntpd_chrootdir}/dev/clockctl" 56 ( cd /dev ; /bin/pax -rw -pe clockctl "${ntpd_chrootdir}/dev" ) 57 fi 58 ln -fs "${ntpd_chrootdir}/var/db/ntp.drift" /var/db/ntp.drift 59 ln -fs "${ntpd_chrootdir}${_ntp_tmp_leapfile}" ${_ntp_tmp_leapfile} 60 61 # Change run_rc_commands()'s internal copy of $ntpd_flags 62 # 63 rc_flags="-u ntpd:ntpd -i ${ntpd_chrootdir} $rc_flags" 64} 65 66current_ntp_ts() { 67 # Seconds between 1900-01-01 and 1970-01-01 68 # echo $(((70*365+17)*86400)) 69 ntp_to_unix=2208988800 70 71 echo $(($(date -u +%s)+$ntp_to_unix)) 72} 73 74get_ntp_leapfile_ver() { 75 # Leapfile update date (version number). 76 expr "$(awk '$1 == "#$" { print $2 }' "$1" 2>/dev/null)" : \ 77 '^\([1-9][0-9]*\)$' \| 0 78} 79 80get_ntp_leapfile_expiry() { 81 # Leapfile expiry date. 82 expr "$(awk '$1 == "#@" { print $2 }' "$1" 2>/dev/null)" : \ 83 '^\([1-9][0-9]*\)$' \| 0 84} 85 86ntpd_init_leapfile() { 87 # Refresh working leapfile with an invalid hash due to 88 # FreeBSD id header. Ntpd will ignore leapfiles with a 89 # mismatch hash. The file must be the virgin file from 90 # the source. 91 if [ ! -f $ntp_db_leapfile ]; then 92 cp -p $ntp_src_leapfile $ntp_db_leapfile 93 fi 94} 95 96ntpd_needfetch_leapfile() { 97 local rc verbose 98 99 if checkyesno ntp_leapfile_fetch_verbose; then 100 verbose=echo 101 else 102 verbose=: 103 fi 104 105 ntp_ver_no_src=$(get_ntp_leapfile_ver $ntp_src_leapfile) 106 ntp_expiry_src=$(get_ntp_leapfile_expiry $ntp_src_leapfile) 107 ntp_ver_no_db=$(get_ntp_leapfile_ver $ntp_db_leapfile) 108 ntp_expiry_db=$(get_ntp_leapfile_expiry $ntp_db_leapfile) 109 $verbose ntp_src_leapfile version is $ntp_ver_no_src expires $ntp_expiry_src 110 $verbose ntp_db_leapfile version is $ntp_ver_no_db expires $ntp_expiry_db 111 112 if [ "$ntp_ver_no_src" -gt "$ntp_ver_no_db" -o \ 113 "$ntp_ver_no_src" -eq "$ntp_ver_no_db" -a \ 114 "$ntp_expiry_src" -gt "$ntp_expiry_db" ]; then 115 $verbose replacing $ntp_db_leapfile with $ntp_src_leapfile 116 cp -p $ntp_src_leapfile $ntp_db_leapfile 117 ntp_ver_no_db=$ntp_ver_no_src 118 else 119 $verbose not replacing $ntp_db_leapfile with $ntp_src_leapfile 120 fi 121 ntp_leapfile_expiry_seconds=$((ntp_leapfile_expiry_days*86400)) 122 ntp_leap_expiry=$(get_ntp_leapfile_expiry $ntp_db_leapfile) 123 ntp_leap_fetch_date=$((ntp_leap_expiry-ntp_leapfile_expiry_seconds)) 124 if [ $(current_ntp_ts) -ge $ntp_leap_fetch_date ]; then 125 $verbose Within ntp leapfile expiry limit, initiating fetch 126 # Return code 0: ntp leapfile fetch needed 127 return 0 128 fi 129 # Return code 1: ntp leapfile fetch not needed 130 return 1 131} 132 133ntpd_fetch_leapfile() { 134 if checkyesno ntp_leapfile_fetch_verbose; then 135 verbose=echo 136 else 137 verbose=: 138 fi 139 140 if ntpd_needfetch_leapfile ; then 141 for url in $ntp_leapfile_sources ; do 142 $verbose fetching $url 143 fetch $ntp_leapfile_fetch_opts -o $_ntp_tmp_leapfile $url && break 144 done 145 ntp_ver_no_tmp=$(get_ntp_leapfile_ver $_ntp_tmp_leapfile) 146 ntp_expiry_tmp=$(get_ntp_leapfile_expiry $_ntp_tmp_leapfile) 147 if [ "$ntp_expiry_tmp" -gt "$ntp_expiry_db" -o \ 148 "$ntp_expiry_tmp" -eq "$ntp_expiry_db" -a \ 149 "$ntp_ver_no_tmp" -gt "$ntp_ver_no_db" ]; then 150 $verbose using $url as $ntp_db_leapfile 151 mv -f $_ntp_tmp_leapfile $ntp_db_leapfile || 152 $verbose "warning: cannot replace $ntp_db_leapfile (read-only fs?)" 153 else 154 $verbose using existing $ntp_db_leapfile 155 fi 156 fi 157} 158 159run_rc_command "$1" 160