From 3b8450f1f57e1b0ebbaf33c1d8711250418755d2 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Sat, 18 Sep 2021 13:29:21 +0200 Subject: [PATCH] - updated to 4.1 --- allow-clock_adjtime.patch | 26 -------------------------- chrony.spec | 12 +++++------- chronyd.upstart | 22 ---------------------- dont-force-index.patch | 22 ---------------------- fix-seccomp-build.patch | 24 +++++++++++------------- 5 files changed, 16 insertions(+), 90 deletions(-) delete mode 100644 allow-clock_adjtime.patch delete mode 100644 chronyd.upstart delete mode 100644 dont-force-index.patch diff --git a/allow-clock_adjtime.patch b/allow-clock_adjtime.patch deleted file mode 100644 index 2fa3bac..0000000 --- a/allow-clock_adjtime.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 0cf506c92967c84f9ed83ba9e1be946a7fda6425 Mon Sep 17 00:00:00 2001 -From: Miroslav Lichvar -Date: Mon, 2 Dec 2019 12:47:13 +0100 -Subject: sys_linux: allow clock_adjtime in seccomp filter - -The adjtimex() function in glibc was switched to the clock_adjtime -system call. - -diff --git a/sys_linux.c b/sys_linux.c -index 63eb8f1..fcf89c2 100644 ---- a/sys_linux.c -+++ b/sys_linux.c -@@ -478,8 +478,8 @@ SYS_Linux_EnableSystemCallFilter(int level) - { - const int syscalls[] = { - /* Clock */ -- SCMP_SYS(adjtimex), SCMP_SYS(clock_gettime), SCMP_SYS(gettimeofday), -- SCMP_SYS(settimeofday), SCMP_SYS(time), -+ SCMP_SYS(adjtimex), SCMP_SYS(clock_adjtime), SCMP_SYS(clock_gettime), -+ SCMP_SYS(gettimeofday), SCMP_SYS(settimeofday), SCMP_SYS(time), - /* Process */ - SCMP_SYS(clone), SCMP_SYS(exit), SCMP_SYS(exit_group), SCMP_SYS(getpid), - SCMP_SYS(getrlimit), SCMP_SYS(rt_sigaction), SCMP_SYS(rt_sigreturn), --- -cgit v0.10.2 - diff --git a/chrony.spec b/chrony.spec index af9ad09..87f8016 100644 --- a/chrony.spec +++ b/chrony.spec @@ -4,20 +4,19 @@ Summary: An NTP client/server Summary(pl.UTF-8): Klient/serwer NTP Name: chrony -Version: 3.5 -Release: 6 +Version: 4.1 +Release: 1 License: GPL v2 Group: Daemons Source0: http://download.tuxfamily.org/chrony/%{name}-%{version}.tar.gz -# Source0-md5: 5f66338bc940a9b51eede8f391e7bed3 +# Source0-md5: 7133880806887b629678c36a48217806 Source1: %{name}.conf Source2: %{name}.keys Source3: %{name}d.sysconfig Source4: %{name}d.init Source5: %{name}.logrotate -Patch0: allow-clock_adjtime.patch -Patch1: fix-seccomp-build.patch -Patch2: dont-force-index.patch +Patch0: fix-seccomp-build.patch +Patch1: chrony-seccomp.patch URL: http://chrony.tuxfamily.org/ BuildRequires: asciidoc BuildRequires: bison @@ -65,7 +64,6 @@ Internetu, obsługuje także komputery na stałym łączu. %setup -q %patch0 -p1 %patch1 -p1 -%patch2 -p1 %build # NOTE: It is not autoconf generated configre diff --git a/chronyd.upstart b/chronyd.upstart deleted file mode 100644 index 0e25550..0000000 --- a/chronyd.upstart +++ /dev/null @@ -1,22 +0,0 @@ -description "NTP daemon" - -start on pld.network-started -stop on pld.shutdown-started - -env NTPD_USER="ntp" -env NTPD_OPTIONS="" - -respawn - -pre-start script - # do not bother to start if not configured - [ -f /etc/ntp/chrony.conf ] || /sbin/initctl stop -end script - -script - # Source old-style ntp service configuration - [ -f /etc/sysconfig/chronyd ] && . /etc/sysconfig/chronyd - - export USE_UPSTART=no - exec /etc/rc.d/init.d/chronyd start -end script diff --git a/dont-force-index.patch b/dont-force-index.patch deleted file mode 100644 index 32cb39c..0000000 --- a/dont-force-index.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/ntp_io.c b/ntp_io.c -index ec844cb..e92d27e 100644 ---- a/ntp_io.c -+++ b/ntp_io.c -@@ -827,8 +827,6 @@ NIO_SendPacket(NTP_Packet *packet, NTP_Remote_Address *remote_addr, - - ipi = (struct in_pktinfo *) CMSG_DATA(cmsg); - ipi->ipi_spec_dst.s_addr = htonl(local_addr->ip_addr.addr.in4); -- if (local_addr->if_index != INVALID_IF_INDEX) -- ipi->ipi_ifindex = local_addr->if_index; - } - #endif - -@@ -847,8 +845,6 @@ NIO_SendPacket(NTP_Packet *packet, NTP_Remote_Address *remote_addr, - ipi = (struct in6_pktinfo *) CMSG_DATA(cmsg); - memcpy(&ipi->ipi6_addr.s6_addr, &local_addr->ip_addr.addr.in6, - sizeof(ipi->ipi6_addr.s6_addr)); -- if (local_addr->if_index != INVALID_IF_INDEX) -- ipi->ipi6_ifindex = local_addr->if_index; - } - #endif - diff --git a/fix-seccomp-build.patch b/fix-seccomp-build.patch index 6888e7e..0c62438 100644 --- a/fix-seccomp-build.patch +++ b/fix-seccomp-build.patch @@ -1,13 +1,11 @@ -diff --git a/sys_linux.c b/sys_linux.c -index 898dc7a7f75..fcd334ecf03 100644 ---- a/sys_linux.c -+++ b/sys_linux.c -@@ -503,7 +503,7 @@ SYS_Linux_EnableSystemCallFilter(int level) - SCMP_SYS(socketcall), - /* General I/O */ - SCMP_SYS(_newselect), SCMP_SYS(close), SCMP_SYS(open), SCMP_SYS(openat), SCMP_SYS(pipe), -- SCMP_SYS(pipe2), SCMP_SYS(poll), SCMP_SYS(ppoll), SCMP_SYS(pselect6), SCMP_SYS(read), -+ SCMP_SYS(pipe2), SCMP_SYS(poll), SCMP_SYS(pselect6), SCMP_SYS(read), - SCMP_SYS(futex), SCMP_SYS(select), SCMP_SYS(set_robust_list), SCMP_SYS(write), - /* Miscellaneous */ - SCMP_SYS(getrandom), SCMP_SYS(sysinfo), SCMP_SYS(uname), +diff -ur chrony-4.1.orig/sys_linux.c chrony-4.1/sys_linux.c +--- chrony-4.1.orig/sys_linux.c 2021-05-12 13:06:15.000000000 +0200 ++++ chrony-4.1/sys_linux.c 2021-09-18 13:01:17.378223193 +0200 +@@ -591,7 +591,6 @@ + SCMP_SYS(pipe), + SCMP_SYS(pipe2), + SCMP_SYS(poll), +- SCMP_SYS(ppoll), + #ifdef __NR_ppoll_time64 + SCMP_SYS(ppoll_time64), + #endif -- 2.44.0