+++ /dev/null
-From 0cf506c92967c84f9ed83ba9e1be946a7fda6425 Mon Sep 17 00:00:00 2001
-From: Miroslav Lichvar <mlichvar@redhat.com>
-Date: Mon, 2 Dec 2019 12:47:13 +0100
-Subject: sys_linux: allow clock_adjtime in seccomp filter
-
-The adjtimex() function in glibc was switched to the clock_adjtime
-system call.
-
-diff --git a/sys_linux.c b/sys_linux.c
-index 63eb8f1..fcf89c2 100644
---- a/sys_linux.c
-+++ b/sys_linux.c
-@@ -478,8 +478,8 @@ SYS_Linux_EnableSystemCallFilter(int level)
- {
- const int syscalls[] = {
- /* Clock */
-- SCMP_SYS(adjtimex), SCMP_SYS(clock_gettime), SCMP_SYS(gettimeofday),
-- SCMP_SYS(settimeofday), SCMP_SYS(time),
-+ SCMP_SYS(adjtimex), SCMP_SYS(clock_adjtime), SCMP_SYS(clock_gettime),
-+ SCMP_SYS(gettimeofday), SCMP_SYS(settimeofday), SCMP_SYS(time),
- /* Process */
- SCMP_SYS(clone), SCMP_SYS(exit), SCMP_SYS(exit_group), SCMP_SYS(getpid),
- SCMP_SYS(getrlimit), SCMP_SYS(rt_sigaction), SCMP_SYS(rt_sigreturn),
---
-cgit v0.10.2
-
Summary: An NTP client/server
Summary(pl.UTF-8): Klient/serwer NTP
Name: chrony
-Version: 3.5
-Release: 6
+Version: 4.1
+Release: 1
License: GPL v2
Group: Daemons
Source0: http://download.tuxfamily.org/chrony/%{name}-%{version}.tar.gz
-# Source0-md5: 5f66338bc940a9b51eede8f391e7bed3
+# Source0-md5: 7133880806887b629678c36a48217806
Source1: %{name}.conf
Source2: %{name}.keys
Source3: %{name}d.sysconfig
Source4: %{name}d.init
Source5: %{name}.logrotate
-Patch0: allow-clock_adjtime.patch
-Patch1: fix-seccomp-build.patch
-Patch2: dont-force-index.patch
+Patch0: fix-seccomp-build.patch
+Patch1: chrony-seccomp.patch
URL: http://chrony.tuxfamily.org/
BuildRequires: asciidoc
BuildRequires: bison
%setup -q
%patch0 -p1
%patch1 -p1
-%patch2 -p1
%build
# NOTE: It is not autoconf generated configre
+++ /dev/null
-description "NTP daemon"
-
-start on pld.network-started
-stop on pld.shutdown-started
-
-env NTPD_USER="ntp"
-env NTPD_OPTIONS=""
-
-respawn
-
-pre-start script
- # do not bother to start if not configured
- [ -f /etc/ntp/chrony.conf ] || /sbin/initctl stop
-end script
-
-script
- # Source old-style ntp service configuration
- [ -f /etc/sysconfig/chronyd ] && . /etc/sysconfig/chronyd
-
- export USE_UPSTART=no
- exec /etc/rc.d/init.d/chronyd start
-end script
+++ /dev/null
-diff --git a/ntp_io.c b/ntp_io.c
-index ec844cb..e92d27e 100644
---- a/ntp_io.c
-+++ b/ntp_io.c
-@@ -827,8 +827,6 @@ NIO_SendPacket(NTP_Packet *packet, NTP_Remote_Address *remote_addr,
-
- ipi = (struct in_pktinfo *) CMSG_DATA(cmsg);
- ipi->ipi_spec_dst.s_addr = htonl(local_addr->ip_addr.addr.in4);
-- if (local_addr->if_index != INVALID_IF_INDEX)
-- ipi->ipi_ifindex = local_addr->if_index;
- }
- #endif
-
-@@ -847,8 +845,6 @@ NIO_SendPacket(NTP_Packet *packet, NTP_Remote_Address *remote_addr,
- ipi = (struct in6_pktinfo *) CMSG_DATA(cmsg);
- memcpy(&ipi->ipi6_addr.s6_addr, &local_addr->ip_addr.addr.in6,
- sizeof(ipi->ipi6_addr.s6_addr));
-- if (local_addr->if_index != INVALID_IF_INDEX)
-- ipi->ipi6_ifindex = local_addr->if_index;
- }
- #endif
-
-diff --git a/sys_linux.c b/sys_linux.c
-index 898dc7a7f75..fcd334ecf03 100644
---- a/sys_linux.c
-+++ b/sys_linux.c
-@@ -503,7 +503,7 @@ SYS_Linux_EnableSystemCallFilter(int level)
- SCMP_SYS(socketcall),
- /* General I/O */
- SCMP_SYS(_newselect), SCMP_SYS(close), SCMP_SYS(open), SCMP_SYS(openat), SCMP_SYS(pipe),
-- SCMP_SYS(pipe2), SCMP_SYS(poll), SCMP_SYS(ppoll), SCMP_SYS(pselect6), SCMP_SYS(read),
-+ SCMP_SYS(pipe2), SCMP_SYS(poll), SCMP_SYS(pselect6), SCMP_SYS(read),
- SCMP_SYS(futex), SCMP_SYS(select), SCMP_SYS(set_robust_list), SCMP_SYS(write),
- /* Miscellaneous */
- SCMP_SYS(getrandom), SCMP_SYS(sysinfo), SCMP_SYS(uname),
+diff -ur chrony-4.1.orig/sys_linux.c chrony-4.1/sys_linux.c
+--- chrony-4.1.orig/sys_linux.c 2021-05-12 13:06:15.000000000 +0200
++++ chrony-4.1/sys_linux.c 2021-09-18 13:01:17.378223193 +0200
+@@ -591,7 +591,6 @@
+ SCMP_SYS(pipe),
+ SCMP_SYS(pipe2),
+ SCMP_SYS(poll),
+- SCMP_SYS(ppoll),
+ #ifdef __NR_ppoll_time64
+ SCMP_SYS(ppoll_time64),
+ #endif