forked from pool/chrony
2bad924aa0
- clean up build section
- the configure script can actually import CC/CFLAGS from the
environment. no need to break any CFLAGS it might set in the
configure script.
- remove unneeded prefix from the make calls.
- enable building the binaries with PIE/relro now
- Update to version 1.29.1:
* Modify chronyc protocol to prevent amplification attacks
(CVE-2014-0021) (incompatible with previous protocol version,
chronyc supports both)
- Additional changes from 1.29
* Fix crash when processing crafted commands (CVE-2012-4502)
(possible with IP addresses allowed by cmdallow and localhost)
* Don't send uninitialized data in SUBNETS_ACCESSED and
CLIENT_ACCESSES replies (CVE-2012-4503) (not used by chronyc)
* Drop support for SUBNETS_ACCESSED and CLIENT_ACCESSES commands
- Updated chrony-config.patch:
- lots of config values were fixed upstream already
- key file patching is unnecessary
OBS-URL: https://build.opensuse.org/request/show/223745
OBS-URL: https://build.opensuse.org/package/show/network:time/chrony?expand=0&rev=5
64 lines
2.0 KiB
Diff
64 lines
2.0 KiB
Diff
Index: examples/chrony.conf.example
|
|
===================================================================
|
|
--- examples/chrony.conf.example.orig 2014-02-24 17:46:48.776464049 +0100
|
|
+++ examples/chrony.conf.example 2014-02-24 17:51:15.983463576 +0100
|
|
@@ -46,7 +46,37 @@
|
|
! server 0.pool.ntp.org iburst
|
|
! server 1.pool.ntp.org iburst
|
|
! server 2.pool.ntp.org iburst
|
|
-
|
|
+
|
|
+# for Europe:
|
|
+! server 0.europe.pool.ntp.org
|
|
+! server 1.europe.pool.ntp.org
|
|
+! server 2.europe.pool.ntp.org
|
|
+! server 3.europe.pool.ntp.org
|
|
+
|
|
+# for Asia:
|
|
+! server 0.asia.pool.ntp.org
|
|
+! server 1.asia.pool.ntp.org
|
|
+! server 2.asia.pool.ntp.org
|
|
+! server 3.asia.pool.ntp.org
|
|
+
|
|
+# for North America:
|
|
+! server 0.north-america.pool.ntp.org
|
|
+! server 1.north-america.pool.ntp.org
|
|
+! server 2.north-america.pool.ntp.org
|
|
+! server 3.north-america.pool.ntp.org
|
|
+
|
|
+# for South America:
|
|
+! server 0.south-america.pool.ntp.org
|
|
+! server 1.south-america.pool.ntp.org
|
|
+! server 2.south-america.pool.ntp.org
|
|
+! server 3.south-america.pool.ntp.org
|
|
+
|
|
+# for Oceania:
|
|
+! server 0.oceania.pool.ntp.org
|
|
+! server 1.oceania.pool.ntp.org
|
|
+! server 2.oceania.pool.ntp.org
|
|
+! server 3.oceania.pool.ntp.org
|
|
+
|
|
# However, for dial-up use you probably want these instead. The word
|
|
# 'offline' means that the server is not visible at boot time. Use
|
|
# chronyc's 'online' command to tell chronyd that these servers have
|
|
@@ -89,7 +119,7 @@
|
|
# immediately so that it doesn't gain or lose any more time. You
|
|
# generally want this, so it is uncommented.
|
|
|
|
-driftfile /var/lib/chrony/drift
|
|
+driftfile /var/lib/chrony/chrony.drift
|
|
|
|
# If you want to use the program called chronyc to configure aspects of
|
|
# chronyd's operation once it is running (e.g. tell it the Internet link
|
|
@@ -152,8 +182,8 @@ commandkey 1
|
|
# produce some graphs of your system's timekeeping performance, or you
|
|
# need help in debugging a problem.
|
|
|
|
-! logdir /var/log/chrony
|
|
-! log measurements statistics tracking
|
|
+logdir /var/log/chrony
|
|
+log measurements statistics tracking
|
|
|
|
# If you have real time clock support enabled (see below), you might want
|
|
# this line instead:
|