etc/rc.d/ntpd

   1 #!/bin/sh
   2 #
   3 # $FreeBSD$
   4 #
   5
   6 # PROVIDE: ntpd
   7 # REQUIRE: DAEMON ntpdate FILESYSTEMS devfs
   8 # BEFORE:  LOGIN
   9 # KEYWORD: nojail shutdown
  10
  11 . /etc/rc.subr
  12
  13 name="ntpd"
  14 desc="Network Time Protocol daemon"
  15 rcvar="ntpd_enable"
  16 command="/usr/sbin/${name}"
  17 pidfile="/var/run/${name}.pid"
  18 extra_commands="fetch needfetch"
  19 fetch_cmd="ntpd_fetch_leapfile"
  20 needfetch_cmd="ntpd_needfetch_leapfile"
  21 start_precmd="ntpd_precmd"
  22
  23 _ntp_tmp_leapfile="/var/run/ntpd.leap-seconds.list"
  24
  25 load_rc_config $name
  26
  27 ntpd_precmd()
  28 {
  29         rc_flags="-c ${ntpd_config} ${ntpd_flags}"
  30
  31         if checkyesno ntpd_sync_on_start; then
  32                 rc_flags="-g $rc_flags"
  33         fi
  34
  35         ntpd_init_leapfile
  36
  37         if [ ! -f $ntp_db_leapfile ]; then
  38                 ntpd_fetch_leapfile
  39         fi
  40
  41         if [ -z "$ntpd_chrootdir" ]; then
  42                 return 0;
  43         fi
  44
  45         # If running in a chroot cage, ensure that the appropriate files
  46         # exist inside the cage, as well as helper symlinks into the cage
  47         # from outside.
  48         #
  49         # As this is called after the is_running and required_dir checks
  50         # are made in run_rc_command(), we can safely assume ${ntpd_chrootdir}
  51         # exists and ntpd isn't running at this point (unless forcestart
  52         # is used).
  53         #
  54         if [ ! -c "${ntpd_chrootdir}/dev/clockctl" ]; then
  55                 rm -f "${ntpd_chrootdir}/dev/clockctl"
  56                 ( cd /dev ; /bin/pax -rw -pe clockctl "${ntpd_chrootdir}/dev" )
  57         fi
  58         ln -fs "${ntpd_chrootdir}/var/db/ntp.drift" /var/db/ntp.drift
  59         ln -fs "${ntpd_chrootdir}${_ntp_tmp_leapfile}" ${_ntp_tmp_leapfile}
  60
  61         #       Change run_rc_commands()'s internal copy of $ntpd_flags
  62         #
  63         rc_flags="-u ntpd:ntpd -i ${ntpd_chrootdir} $rc_flags"
  64 }
  65
  66 current_ntp_ts() {
  67         # Seconds between 1900-01-01 and 1970-01-01
  68         # echo $(((70*365+17)*86400))
  69         ntp_to_unix=2208988800
  70
  71         echo $(($(date -u +%s)+$ntp_to_unix))
  72 }
  73
  74 get_ntp_leapfile_ver() {
  75         # Leapfile update date (version number).
  76         expr "$(awk '$1 == "#$" { print $2 }' "$1" 2>/dev/null)" : \
  77                 '^\([1-9][0-9]*\)$' \| 0
  78 }
  79
  80 get_ntp_leapfile_expiry() {
  81         # Leapfile expiry date.
  82         expr "$(awk '$1 == "#@" { print $2 }' "$1" 2>/dev/null)" : \
  83                 '^\([1-9][0-9]*\)$' \| 0
  84 }
  85
  86 ntpd_init_leapfile() {
  87         # Refresh working leapfile with an invalid hash due to
  88         # FreeBSD id header. Ntpd will ignore leapfiles with a
  89         # mismatch hash. The file must be the virgin file from
  90         # the source.
  91         if [ ! -f $ntp_db_leapfile ]; then
  92                 cp -p $ntp_src_leapfile $ntp_db_leapfile
  93         fi
  94 }
  95
  96 ntpd_needfetch_leapfile() {
  97         local rc verbose
  98
  99         if checkyesno ntp_leapfile_fetch_verbose; then
 100                 verbose=echo
 101         else
 102                 verbose=:
 103         fi
 104
 105         ntp_ver_no_src=$(get_ntp_leapfile_ver $ntp_src_leapfile)
 106         ntp_expiry_src=$(get_ntp_leapfile_expiry $ntp_src_leapfile)
 107         ntp_ver_no_db=$(get_ntp_leapfile_ver $ntp_db_leapfile)
 108         ntp_expiry_db=$(get_ntp_leapfile_expiry $ntp_db_leapfile)
 109         $verbose ntp_src_leapfile version is $ntp_ver_no_src expires $ntp_expiry_src
 110         $verbose ntp_db_leapfile version is $ntp_ver_no_db expires $ntp_expiry_db
 111
 112         if [ "$ntp_ver_no_src" -gt "$ntp_ver_no_db" -o \
 113              "$ntp_ver_no_src" -eq "$ntp_ver_no_db" -a \
 114              "$ntp_expiry_src" -gt "$ntp_expiry_db" ]; then
 115                 $verbose replacing $ntp_db_leapfile with $ntp_src_leapfile
 116                 cp -p $ntp_src_leapfile $ntp_db_leapfile
 117                 ntp_ver_no_db=$ntp_ver_no_src
 118         else
 119                 $verbose not replacing $ntp_db_leapfile with $ntp_src_leapfile
 120         fi
 121         ntp_leapfile_expiry_seconds=$((ntp_leapfile_expiry_days*86400))
 122         ntp_leap_expiry=$(get_ntp_leapfile_expiry $ntp_db_leapfile)
 123         ntp_leap_fetch_date=$((ntp_leap_expiry-ntp_leapfile_expiry_seconds))
 124         if [ $(current_ntp_ts) -ge $ntp_leap_fetch_date ]; then
 125                 $verbose Within ntp leapfile expiry limit, initiating fetch
 126                 # Return code 0: ntp leapfile fetch needed
 127                 return 0
 128         fi
 129         # Return code 1: ntp leapfile fetch not needed
 130         return 1
 131 }
 132
 133 ntpd_fetch_leapfile() {
 134         if checkyesno ntp_leapfile_fetch_verbose; then
 135                 verbose=echo
 136         else
 137                 verbose=:
 138         fi
 139
 140         if ntpd_needfetch_leapfile ; then
 141                 for url in $ntp_leapfile_sources ; do
 142                         $verbose fetching $url
 143                         fetch $ntp_leapfile_fetch_opts -o $_ntp_tmp_leapfile $url && break
 144                 done
 145                 ntp_ver_no_tmp=$(get_ntp_leapfile_ver $_ntp_tmp_leapfile)
 146                 ntp_expiry_tmp=$(get_ntp_leapfile_expiry $_ntp_tmp_leapfile)
 147                 if [ "$ntp_expiry_tmp" -gt "$ntp_expiry_db" -o \
 148                      "$ntp_expiry_tmp" -eq "$ntp_expiry_db" -a \
 149                      "$ntp_ver_no_tmp" -gt "$ntp_ver_no_db" ]; then
 150                         $verbose using $url as $ntp_db_leapfile
 151                         mv -f $_ntp_tmp_leapfile $ntp_db_leapfile ||
 152                             $verbose "warning: cannot replace $ntp_db_leapfile (read-only fs?)"
 153                 else
 154                         $verbose using existing $ntp_db_leapfile
 155                 fi
 156         fi
 157 }
 158
 159 run_rc_command "$1"