From 943f60413728b1be30b4dca02d4de20bba571390 Mon Sep 17 00:00:00 2001 From: Juan RP Date: Thu, 13 Oct 2011 21:23:44 +0200 Subject: [PATCH] chrony: added a working conf file. --- srcpkgs/chrony/files/chrony.conf | 312 +++++++++++++++++++++++++++++++ srcpkgs/chrony/template | 3 +- 2 files changed, 314 insertions(+), 1 deletion(-) create mode 100644 srcpkgs/chrony/files/chrony.conf diff --git a/srcpkgs/chrony/files/chrony.conf b/srcpkgs/chrony/files/chrony.conf new file mode 100644 index 0000000000..e8a909c326 --- /dev/null +++ b/srcpkgs/chrony/files/chrony.conf @@ -0,0 +1,312 @@ +####################################################################### +# +# This is an example chrony configuration file. You should copy it to +# /etc/chrony.conf after uncommenting and editing the options that you +# want to enable. The more obscure options are not included. Refer +# to the documentation for these. +# +# Copyright 2002 Richard P. Curnow +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of version 2 of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# +# +####################################################################### +### COMMENTS +# Any of the following lines are comments (you have a choice of +# comment start character): +# a comment +% a comment +! a comment +; a comment +# +# Below, the '!' form is used for lines that you might want to +# uncomment and edit to make your own chrony.conf file. +# +####################################################################### +####################################################################### +### SPECIFY YOUR NTP SERVERS +# Most computers using chrony will send measurement requests to one or +# more 'NTP servers'. You will probably find that your Internet Service +# Provider or company have one or more NTP servers that you can specify. +# Failing that, there are a lot of public NTP servers. There is a list +# you can access at +# http://www.eecis.udel.edu/~mills/ntp/servers.htm. + +server 0.pool.ntp.org +server 1.pool.ntp.org +server 2.pool.ntp.org + +# However, for dial-up use you probably want these instead. The word +# 'offline' means that the server is not visible at boot time. Use +# chronyc's 'online' command to tell chronyd that these servers have +# become visible after you go on-line. + +! server ntp0.your-isp.com offline +! server ntp1.your-isp.com offline +! server ntp.public-server.org offline + +# You may want to specify NTP 'peers' instead. If you run a network +# with a lot of computers and want several computers running chrony to +# have the 'front-line' interface to the public NTP servers, you can +# 'peer' these machines together to increase robustness. + +! peer ntp0.my-company.com + +# There are other options to the 'server' and 'peer' directives that you +# might want to use. For example, you can ignore measurements whose +# round-trip-time is too large (indicating that the measurement is +# probably useless, because you don't know which way the measurement +# message got held up.) Consult the full documentation for details. + +####################################################################### +### AVOIDING POTENTIALLY BOGUS CHANGES TO YOUR CLOCK +# +# To avoid changes being made to your computer's gain/loss compensation +# when the measurement history is too erratic, you might want to enable +# one of the following lines. The first seems good for dial-up (or +# other high-latency connections like slow leased lines), the second +# seems OK for a LAN environment. + +! maxupdateskew 100 +maxupdateskew 5 + +####################################################################### +### FILENAMES ETC +# Chrony likes to keep information about your computer's clock in files. +# The 'driftfile' stores the computer's clock gain/loss rate in parts +# per million. When chronyd starts, the system clock can be tuned +# immediately so that it doesn't gain or lose any more time. You +# generally want this, so it is uncommented. + +driftfile /etc/chrony.drift + +# If you want to use the program called chronyc to configure aspects of +# chronyd's operation once it is running (e.g. tell it the Internet link +# has gone up or down), you need a password. This is stored in the +# following keys file. (You also need keys to support authenticated NTP +# exchanges between cooperating machines.) Again, this option is +# assumed by default. + +keyfile /etc/chrony.keys + +# Tell chronyd which numbered key in the file is used as the password +# for chronyc. (You can pick any integer up to 2**32-1. '1' is just a +# default. Using another value will _NOT_ increase security.) + +commandkey 1 + +# chronyd can save the measurement history for the servers to files when +# it it exits. This is useful in 2 situations: +# +# 1. On Linux, if you stop chronyd and restart it with '-r' (e.g. after +# an upgrade), the old measurements will still be relevant when chronyd +# is restarted. This will reduce the time needed to get accurate +# gain/loss measurements, especially with a dial-up link. +# +# 2. Again on Linux, if you use the RTC support and start chronyd with +# '-r -s' on bootup, measurements from the last boot will still be +# useful (the real time clock is used to 'flywheel' chronyd between +# boots). +# +# Enable these two options to use this. + +! dumponexit +! dumpdir /var/log/chrony + +# chronyd writes its process ID to a file. If you try to start a second +# copy of chronyd, it will detect that the process named in the file is +# still running and bail out. If you want to change the path to the PID +# file, uncomment this line and edit it. The default path is shown. + +! pidfile /var/run/chronyd.pid + +####################################################################### +### INITIAL CLOCK CORRECTION +# This option is only useful if your NTP servers are visible at boot +# time. This probably means you are on a LAN. If so, the following +# option will choose the best-looking of the servers and correct the +# system time to that. The value '10' means that if the error is less +# than 10 seconds, it will be gradually removed by speeding up or +# slowing down your computer's clock until it is correct. If the error +# is above 10 seconds, an immediate time jump will be applied to correct +# it. Some software can get upset if the system clock jumps (especially +# backwards), so be careful! + +! initstepslew 10 ntp0.your-company.com ntp1.your-company.com ntp2.your-company.com + +####################################################################### +### LOGGING +# If you want to log information about the time measurements chronyd has +# gathered, you might want to enable the following lines. You probably +# only need this if you really enjoy looking at the logs, you want to +# produce some graphs of your system's timekeeping performance, or you +# need help in debugging a problem. + +! logdir /var/log/chrony +! log measurements statistics tracking + +# If you have real time clock support enabled (see below), you might want +# this line instead: + +! log measurements statistics tracking rtc + +####################################################################### +### ACTING AS AN NTP SERVER +# You might want the computer to be an NTP server for other computers. +# e.g. you might be running chronyd on a dial-up machine that has a LAN +# sitting behind it with several 'satellite' computers on it. +# +# By default, chronyd does not allow any clients to access it. You need +# to explicitly enable access using 'allow' and 'deny' directives. +# +# e.g. to enable client access from the 192.168.*.* class B subnet, + +! allow 192.168/16 + +# .. but disallow the 192.168.100.* subnet of that, + +! deny 192.168.100/24 + +# You can have as many allow and deny directives as you need. The order +# is unimportant. + +# If you want chronyd to act as an NTP broadcast server, enable and edit +# (and maybe copy) the following line. This means that a broadcast +# packet is sent to the address 192.168.1.255 every 60 seconds. The +# address MUST correspond to the broadcast address of one of the network +# interfaces on your machine. If you have multiple network interfaces, +# add a broadcast line for each. + +! broadcast 60 192.168.1.255 + +# If you want to present your computer's time for others to synchronise +# with, even if you don't seem to be synchronised to any NTP servers +# yourself, enable the following line. The value 10 may be varied +# between 1 and 15. You should avoid small values because you will look +# like a real NTP server. The value 10 means that you appear to be 10 +# NTP 'hops' away from an authoritative source (atomic clock, GPS +# receiver, radio clock etc). + +! local stratum 10 + +# Normally, chronyd will keep track of how many times each client +# machine accesses it. The information can be accessed by the 'clients' +# command of chronyc. You can disable this facility by uncommenting the +# following line. This will save a bit of memory if you have many +# clients. + +! noclientlog + +# The clientlog size is limited to 512KB by default. If you have many +# clients, especially in many different subnets, you might want to +# increase the limit. + +! clientloglimit 4194304 + +####################################################################### +### REPORTING BIG CLOCK CHANGES +# Perhaps you want to know if chronyd suddenly detects any large error +# in your computer's clock. This might indicate a fault or a problem +# with the server(s) you are using, for example. +# +# The next option causes a message to be written to syslog when chronyd +# has to correct an error above 0.5 seconds (you can use any amount you +# like). + +! logchange 0.5 + +# The next option will send email to the named person when chronyd has +# to correct an error above 0.5 seconds. (If you need to send mail to +# several people, you need to set up a mailing list or sendmail alias +# for them and use the address of that.) + +! mailonchange wibble@foobar.org 0.5 + +####################################################################### +### COMMAND ACCESS +# The program chronyc is used to show the current operation of chronyd +# and to change parts of its configuration whilst it is running. + +# Normally, chronyd will only allow connections from chronyc on the same +# machine as itself. This is for security. If you have a subnet +# 192.168.*.* and you want to be able to use chronyc from any machine on +# it, you could uncomment the following line. (Edit this to your own +# situation.) + +! cmdallow 192.168/16 + +# You can add as many 'cmdallow' and 'cmddeny' lines as you like. The +# syntax and meaning is the same as for 'allow' and 'deny', except that +# 'cmdallow' and 'cmddeny' control access to the chronyd's command port. + +# NOTE, even if the host where you run chronyc is granted access, you +# still need a command key set up and you have to know the password to +# put into chronyc to allow you to modify chronyd's parameters. By +# default all you can do is view information about chronyd's operation. + +# Some people have reported that the need the following line to allow +# chronyc to work even on the same machine. This should not be +# necessary, and the problem is being investigated. You can leave this +# line enabled, as it's benign otherwise. + +cmdallow 127.0.0.1 + +####################################################################### +### REAL TIME CLOCK +# chronyd can characterise the system's real-time clock. This is the +# clock that keeps running when the power is turned off, so that the +# machine knows the approximate time when it boots again. The error at +# a particular epoch and gain/loss rate can be written to a file and +# used later by chronyd when it is started with the '-s' option. +# +# You need to have 'enhanced RTC support' compiled into your Linux +# kernel. (Note, these options apply only to Linux.) + +! rtcfile /etc/chrony.rtc + +# Your RTC can be set to keep Universal Coordinated Time (UTC) or local +# time. (Local time means UTC +/- the effect of your timezone.) If you +# use UTC, chronyd will function correctly even if the computer is off +# at the epoch when you enter or leave summer time (aka daylight saving +# time). However, if you dual boot your system with Microsoft Windows, +# that will work better if your RTC maintains local time. You take your +# pick! + +! rtconutc + +# By default chronyd assumes that the enhanced RTC device is accessed as +# /dev/rtc. If it's accessed somewhere else on your system (e.g. you're +# using devfs), uncomment and edit the following line. + +! rtcdevice /dev/misc/rtc + +####################################################################### +### REAL TIME SCHEDULER +# This directive tells chronyd to use the real-time FIFO scheduler with the +# specified priority (which must be between 0 and 100). This should result +# in reduced latency. You don't need it unless you really have a requirement +# for extreme clock stability. Works only on Linux. Note that the "-P" +# command-line switch will override this. + +! sched_priority 1 + +####################################################################### +### LOCKING CHRONYD INTO RAM +# This directive tells chronyd to use the mlockall() syscall to lock itself +# into RAM so that it will never be paged out. This should result in reduced +# latency. You don't need it unless you really have a requirement +# for extreme clock stability. Works only on Linux. Note that the "-m" +# command-line switch will also enable this feature. + +! lock_all diff --git a/srcpkgs/chrony/template b/srcpkgs/chrony/template index abb904328d..996e910fb2 100644 --- a/srcpkgs/chrony/template +++ b/srcpkgs/chrony/template @@ -1,6 +1,7 @@ # Template file for 'chrony' pkgname=chrony version=1.26 +revision=1 homepage="http://chrony.tuxfamily.org/" distfiles="http://download.tuxfamily.org/chrony/$pkgname-$version.tar.gz" build_style=gnu_configure @@ -31,7 +32,7 @@ Add_dependency build libcap-devel Add_dependency build readline-devel post_install() { - vinstall examples/chrony.conf.example 644 etc chrony.conf + vinstall ${FILESDIR}/chrony.conf 644 etc vinstall ${FILESDIR}/chrony.service 644 lib/systemd/system rm -rf ${DESTDIR}/usr/share/doc }