etc/rc.d/ntpd

#!/bin/sh
#
# $FreeBSD: stable/11/etc/rc.d/ntpd 304879 2016-08-27 02:53:21Z cy $
#

# PROVIDE: ntpd
# REQUIRE: DAEMON ntpdate FILESYSTEMS devfs
# BEFORE:  LOGIN
# KEYWORD: nojail shutdown

. /etc/rc.subr

name="ntpd"
desc="Network Time Protocol daemon"
rcvar="ntpd_enable"
command="/usr/sbin/${name}"
pidfile="/var/run/${name}.pid"
extra_commands="fetch"
fetch_cmd="ntpd_fetch_leapfile"
start_precmd="ntpd_precmd"

load_rc_config $name

ntpd_precmd()
{
	rc_flags="-c ${ntpd_config} ${ntpd_flags}"

	if checkyesno ntpd_sync_on_start; then
		rc_flags="-g $rc_flags"
	fi

	ntpd_init_leapfile

	if [ ! -f $ntp_db_leapfile ]; then
		ntpd_fetch_leapfile
	fi

	if [ -z "$ntpd_chrootdir" ]; then
		return 0;
	fi

	# If running in a chroot cage, ensure that the appropriate files
	# exist inside the cage, as well as helper symlinks into the cage
	# from outside.
	#
	# As this is called after the is_running and required_dir checks
	# are made in run_rc_command(), we can safely assume ${ntpd_chrootdir}
	# exists and ntpd isn't running at this point (unless forcestart
	# is used).
	#
	if [ ! -c "${ntpd_chrootdir}/dev/clockctl" ]; then
		rm -f "${ntpd_chrootdir}/dev/clockctl"
		( cd /dev ; /bin/pax -rw -pe clockctl "${ntpd_chrootdir}/dev" )
	fi
	ln -fs "${ntpd_chrootdir}/var/db/ntp.drift" /var/db/ntp.drift
	ln -fs "${ntpd_chrootdir}${ntp_tmp_leapfile}" ${ntp_tmp_leapfile}

	#	Change run_rc_commands()'s internal copy of $ntpd_flags
	#
	rc_flags="-u ntpd:ntpd -i ${ntpd_chrootdir} $rc_flags"
}

current_ntp_ts() {
	# Seconds between 1900-01-01 and 1970-01-01
	# echo $(((70*365+17)*86400))
	ntp_to_unix=2208988800

	echo $(($(date -u +%s)+$ntp_to_unix))
}

get_ntp_leapfile_ver() {
	# Leapfile update date (version number).
	expr "$(awk '$1 == "#$" { print $2 }' "$1" 2>/dev/null)" : \
		'^\([1-9][0-9]*\)$' \| 0
}

get_ntp_leapfile_expiry() {
	# Leapfile expiry date.
	expr "$(awk '$1 == "#@" { print $2 }' "$1" 2>/dev/null)" : \
		'^\([1-9][0-9]*\)$' \| 0
}

ntpd_init_leapfile() {
	# Refresh working leapfile with an invalid hash due to
	# FreeBSD id header. Ntpd will ignore leapfiles with a
	# mismatch hash. The file must be the virgin file from
	# the source.
	if [ ! -f $ntp_db_leapfile ]; then
		cp -p $ntp_src_leapfile $ntp_db_leapfile
	fi
}

ntpd_fetch_leapfile() {
	local ntp_tmp_leapfile rc verbose

	if checkyesno ntp_leapfile_fetch_verbose; then
		verbose=echo
	else
		verbose=:
	fi

	ntp_tmp_leapfile="/var/run/ntpd.leap-seconds.list"

	ntp_ver_no_src=$(get_ntp_leapfile_ver $ntp_src_leapfile)
	ntp_expiry_src=$(get_ntp_leapfile_expiry $ntp_src_leapfile)
	ntp_ver_no_db=$(get_ntp_leapfile_ver $ntp_db_leapfile)
	ntp_expiry_db=$(get_ntp_leapfile_expiry $ntp_db_leapfile)
	$verbose ntp_src_leapfile version is $ntp_ver_no_src
	$verbose ntp_db_leapfile version is $ntp_ver_no_db

	if [ "$ntp_ver_no_src" -gt "$ntp_ver_no_db" -o \
	     "$ntp_ver_no_src" -eq "$ntp_ver_no_db" -a \
	     "$ntp_expiry_src" -gt "$ntp_expiry_db" ]; then
		$verbose replacing $ntp_db_leapfile with $ntp_src_leapfile
		cp -p $ntp_src_leapfile $ntp_db_leapfile
		ntp_ver_no_db=$ntp_ver_no_src
	else
		$verbose not replacing $ntp_db_leapfile with $ntp_src_leapfile
	fi
	ntp_leapfile_expiry_seconds=$((ntp_leapfile_expiry_days*86400))
	ntp_leap_expiry=$(get_ntp_leapfile_expiry $ntp_db_leapfile)
	ntp_leap_fetch_date=$((ntp_leap_expiry-ntp_leapfile_expiry_seconds))
	if [ $(current_ntp_ts) -ge $ntp_leap_fetch_date ]; then
		$verbose Within ntp leapfile expiry limit, initiating fetch
		for url in $ntp_leapfile_sources ; do
			$verbose fetching $url
			fetch $ntp_leapfile_fetch_opts -o $ntp_tmp_leapfile $url && break
		done
		ntp_ver_no_tmp=$(get_ntp_leapfile_ver $ntp_tmp_leapfile)
		ntp_expiry_tmp=$(get_ntp_leapfile_expiry $ntp_tmp_leapfile)
		if [ "$ntp_ver_no_tmp" -gt "$ntp_ver_no_db" -o \
		     "$ntp_ver_no_tmp" -eq "$ntp_ver_no_db" -a \
		     "$ntp_expiry_tmp" -gt "$ntp_expiry_db" ]; then
			$verbose using $url as $ntp_db_leapfile
			mv $ntp_tmp_leapfile $ntp_db_leapfile
		else
			$verbose using existing $ntp_db_leapfile
		fi
	fi
}

run_rc_command "$1"