mkdir -p './initramfs-tools/scripts/nfs-top'
mkdir -p './initramfs-tools/scripts/panic'
mkdir -p './kernel/install.d'
-mkdir -p './network/if-post-down.d'
mkdir -p './opt'
mkdir -p './perl/CPAN'
mkdir -p './qemu/fsfreeze-hook.d'
maybe chmod 0600 '.gitignore'
maybe chmod 0755 'NetworkManager'
maybe chmod 0755 'NetworkManager/dispatcher.d'
+maybe chmod 0755 'NetworkManager/dispatcher.d/20-chrony'
maybe chmod 0755 'NetworkManager/dispatcher.d/cloud-init-hook-network-manager'
maybe chmod 0755 'X11'
maybe chmod 0755 'X11/Xsession.d'
maybe chmod 0755 'apparmor.d/force-complain'
maybe chmod 0755 'apparmor.d/local'
maybe chmod 0644 'apparmor.d/local/usr.bin.man'
+maybe chmod 0644 'apparmor.d/local/usr.sbin.chronyd'
maybe chmod 0644 'apparmor.d/local/usr.sbin.named'
maybe chmod 0644 'apparmor.d/usr.bin.man'
+maybe chmod 0644 'apparmor.d/usr.sbin.chronyd'
maybe chmod 0644 'apparmor.d/usr.sbin.named'
maybe chmod 0755 'apt'
maybe chmod 0644 'apt/SALTSTACK-GPG-KEY.pub'
maybe chmod 0755 'ca-certificates/update.d'
maybe chmod 0755 'calendar'
maybe chmod 0644 'calendar/default'
+maybe chmod 0755 'chrony'
+maybe chmod 0644 'chrony/chrony.conf'
+maybe chmod 0640 'chrony/chrony.keys'
maybe chmod 0755 'cloud'
maybe chmod 0644 'cloud/cloud.cfg'
maybe chmod 0755 'cloud/cloud.cfg.d'
maybe chmod 0644 'default/acpid'
maybe chmod 0644 'default/bind9'
maybe chmod 0644 'default/bsdmainutils'
+maybe chmod 0644 'default/chrony'
maybe chmod 0644 'default/console-setup'
maybe chmod 0644 'default/cron'
maybe chmod 0644 'default/cryptdisks'
maybe chmod 0644 'dhcp/debug'
maybe chmod 0755 'dhcp/dhclient-enter-hooks.d'
maybe chmod 0755 'dhcp/dhclient-exit-hooks.d'
+maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/chrony'
maybe chmod 0755 'dhcp/dhclient-exit-hooks.d/hook-dhclient'
maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes'
maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/timesyncd'
maybe chmod 0755 'init.d/acpid'
maybe chmod 0755 'init.d/atd'
maybe chmod 0755 'init.d/bind9'
+maybe chmod 0755 'init.d/chrony'
maybe chmod 0755 'init.d/cloud-config'
maybe chmod 0755 'init.d/cloud-final'
maybe chmod 0755 'init.d/cloud-init'
maybe chmod 0644 'logrotate.d/aptitude'
maybe chmod 0644 'logrotate.d/bind'
maybe chmod 0644 'logrotate.d/btmp'
+maybe chmod 0644 'logrotate.d/chrony'
maybe chmod 0644 'logrotate.d/dpkg'
maybe chmod 0644 'logrotate.d/rsyslog'
maybe chmod 0644 'logrotate.d/wtmp'
maybe chmod 0755 'network/if-down.d'
maybe chmod 0755 'network/if-down.d/bind9'
maybe chmod 0755 'network/if-post-down.d'
+maybe chmod 0755 'network/if-post-down.d/chrony'
maybe chmod 0755 'network/if-pre-up.d'
maybe chmod 0755 'network/if-pre-up.d/ethtool'
maybe chmod 0755 'network/if-up.d'
maybe chmod 0755 'network/if-up.d/bind9'
+maybe chmod 0755 'network/if-up.d/chrony'
maybe chmod 0755 'network/if-up.d/ethtool'
maybe chmod 0644 'network/interfaces'
maybe chmod 0755 'network/interfaces.d'
maybe chmod 0755 'ppp'
maybe chmod 0755 'ppp/ip-down.d'
maybe chmod 0755 'ppp/ip-down.d/bind9'
+maybe chmod 0755 'ppp/ip-down.d/chrony'
maybe chmod 0755 'ppp/ip-up.d'
maybe chmod 0755 'ppp/ip-up.d/bind9'
+maybe chmod 0755 'ppp/ip-up.d/chrony'
maybe chmod 0644 'profile'
maybe chmod 0755 'profile.d'
maybe chmod 0644 'profile.d/Z99-cloud-locale-test.sh'
--- /dev/null
+#!/bin/sh
+# This is a NetworkManager dispatcher / networkd-dispatcher script for
+# chronyd to set its NTP sources online or offline when a network interface
+# is configured or removed
+
+export LC_ALL=C
+
+# For NetworkManager consider only up/down events
+[ $# -ge 2 ] && [ "$2" != "up" ] && [ "$2" != "down" ] && exit 0
+
+# Note: for networkd-dispatcher routable.d ~= on and off.d ~= off
+
+chronyc onoffline > /dev/null 2>&1
+
+exit 0
--- /dev/null
+# Last Modified: Sat Jan 20 10:45:05 2018
+#include <tunables/global>
+
+/usr/sbin/chronyd (attach_disconnected) {
+ #include <abstractions/base>
+ #include <abstractions/nameservice>
+
+ capability sys_time,
+ capability net_bind_service,
+ capability setuid,
+ capability setgid,
+ capability sys_nice,
+ capability sys_resource,
+ # for /run/chrony to be created
+ capability chown,
+ # Needed to support HW timestamping
+ capability net_admin,
+
+ /usr/sbin/chronyd mr,
+
+ /etc/chrony/{,**} r,
+ /{,var/}run/chronyd.pid w,
+ /{,var/}run/chrony/{,*} rw,
+ /var/lib/chrony/{,*} r,
+ /var/lib/chrony/* w,
+ /var/log/chrony/{,*} r,
+ /var/log/chrony/* w,
+
+ # Using the “tempcomp” directive gives chronyd the ability to improve
+ # the stability and accuracy of the clock by compensating the temperature
+ # changes measured by a sensor close to the oscillator.
+ @{sys}/class/hwmon/hwmon[0-9]*/temp[0-9]*_input r,
+ @{sys}/devices/virtual/thermal/thermal_zone[0-9]*/hwmon[0-9]*/temp[0-9]*_input r,
+
+ # Support all paths suggested in the man page (LP: #1771028). Assume these
+ # are common use cases; others should be set as local include (see below).
+ # Configs using a 'chrony.' prefix like the tempcomp config file example
+ /etc/chrony.* r,
+ # Example gpsd socket is outside /{,var/}run/chrony/
+ /{,var/}run/chrony.tty{,*}.sock rw,
+ # To sign replies to MS-SNTP clients by the smbd daemon
+ /var/lib/samba/ntp_signd r,
+ /var/lib/samba/ntp_signd/{,*} rw,
+
+ # rtc
+ /etc/adjtime r,
+ /dev/rtc{,[0-9]*} rw,
+
+ # gps devices
+ /dev/pps[0-9]* rw,
+ /dev/ptp[0-9]* rw,
+
+ # For use with clocks that report via shared memory (e.g. gpsd),
+ # you may need to give ntpd access to all of shared memory, though
+ # this can be considered dangerous. See https://launchpad.net/bugs/722815
+ # for details. To enable, add this to local/usr.sbin.chronyd:
+ # capability ipc_owner,
+
+ # Site-specific additions and overrides. See local/README for details.
+ #include <local/usr.sbin.chronyd>
+}
--- /dev/null
+# Welcome to the chrony configuration file. See chrony.conf(5) for more
+# information about usuable directives.
+pool 2.debian.pool.ntp.org iburst
+
+# This directive specify the location of the file containing ID/key pairs for
+# NTP authentication.
+keyfile /etc/chrony/chrony.keys
+
+# This directive specify the file into which chronyd will store the rate
+# information.
+driftfile /var/lib/chrony/chrony.drift
+
+# Uncomment the following line to turn logging on.
+#log tracking measurements statistics
+
+# Log files location.
+logdir /var/log/chrony
+
+# Stop bad estimates upsetting machine clock.
+maxupdateskew 100.0
+
+# This directive enables kernel synchronisation (every 11 minutes) of the
+# real-time clock. Note that it can’t be used along with the 'rtcfile' directive.
+rtcsync
+
+# Step the system clock instead of slewing it if the adjustment is larger than
+# one second, but only in the first three clock updates.
+makestep 1 3
--- /dev/null
+# This file is solely used for NTP authentication with symmetric keys
+# as defined by RFC 1305 and RFC 5905.
+#
+# It can contain ID/key pairs which can be generated using the “keygen” option
+# from “chronyc”; for example:
+# chronyc keygen 1 SHA256 256 >> /etc/chrony/chrony.keys
+# would generate a 256-bit SHA-256 key using ID 1.
+#
+# A list of supported hash functions and output encoding can be found in
+# the "keyfile" section from the "/usr/share/doc/chrony/chrony.txt.gz" file.
--- /dev/null
+# This is a configuration file for /etc/init.d/chrony and
+# /lib/systemd/system/chrony.service; it allows you to pass various options to
+# the chrony daemon without editing the init script or service file.
+
+# Options to pass to chrony.
+DAEMON_OPTS="-F -1"
--- /dev/null
+SERVERFILE=/var/lib/dhcp/chrony.servers.$interface
+
+chrony_config() {
+ rm -f $SERVERFILE
+ for server in $new_ntp_servers; do
+ echo "$server iburst" >> $SERVERFILE
+ done
+ /usr/lib/chrony/chrony-helper update-daemon || :
+}
+
+chrony_restore() {
+ if [ -f $SERVERFILE ]; then
+ rm -f $SERVERFILE
+ /usr/lib/chrony/chrony-helper update-daemon || :
+ fi
+}
+
+case $reason in
+ BOUND|RENEW|REBIND|REBOOT)
+ chrony_config
+ ;;
+ EXPIRE|FAIL|RELEASE|STOP)
+ chrony_restore
+ ;;
+esac
systemd-coredump:x:999:
bind:x:112:
mlocate:x:113:
+_chrony:x:114:
ssh:x:111:
systemd-coredump:x:999:
bind:x:112:
+mlocate:x:113:
systemd-coredump:!!::
bind:!::
mlocate:!::
+_chrony:!::
ssh:!::
systemd-coredump:!!::
bind:!::
+mlocate:!::
--- /dev/null
+#! /bin/sh
+#
+# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
+# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+# Modified for Debian by Christoph Lameter <clameter@debian.org>
+# Modified for chrony by John Hasler <jhasler@debian.org> 1998-2012
+# Modified for Debian by Vincent Blut <vincent.debian@free.fr>
+
+### BEGIN INIT INFO
+# Provides: chrony
+# Required-Start: $remote_fs
+# Required-Stop: $remote_fs
+# Should-Start: $syslog $network $named $time
+# Should-Stop: $syslog $network $named $time
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Controls chronyd NTP time daemon
+# Description: Chronyd is the NTP time daemon in the Chrony package
+### END INIT INFO
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DAEMON=/usr/sbin/chronyd
+NAME="chronyd"
+DESC="time daemon"
+PIDFILE=/run/chronyd.pid
+CHRONY_HELPER=/usr/lib/chrony/chrony-helper
+
+[ -x "$DAEMON" ] || exit 0
+
+. /lib/lsb/init-functions
+
+# Override this variable by editing /etc/default/chrony.
+DAEMON_OPTS=""
+if [ -f /etc/default/chrony ]; then
+ . /etc/default/chrony
+fi
+
+case "$1" in
+ start)
+ if $0 status > /dev/null ; then
+ log_success_msg "$NAME is already running"
+ else
+ log_daemon_msg "Starting $DESC" "$NAME"
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
+ if [ -x $CHRONY_HELPER ]; then
+ $CHRONY_HELPER update-daemon
+ fi
+ log_end_msg $?
+ fi
+ ;;
+
+ stop)
+ log_daemon_msg "Stopping $DESC" "$NAME"
+ start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE --remove-pidfile --exec $DAEMON
+ log_end_msg $?
+ ;;
+
+ restart|force-reload)
+ $0 stop
+ $0 start
+ ;;
+
+ status)
+ status_of_proc -p $PIDFILE "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+
+ *)
+ log_action_msg "Usage: /etc/init.d/chrony {start|stop|restart|force-reload|status}"
+ exit 1
+ ;;
+esac
+
+exit 0
--- /dev/null
+/var/log/chrony/*.log {
+ missingok
+ nocreate
+ sharedscripts
+ postrotate
+ /usr/bin/chronyc cyclelogs > /dev/null 2>&1 || true
+ endscript
+}
--- /dev/null
+#!/bin/sh
+
+set -e
+
+[ -x /usr/sbin/chronyd ] || exit 0
+
+if [ -e /run/chronyd.pid ]; then
+ chronyc onoffline > /dev/null 2>&1
+fi
+
+exit 0
--- /dev/null
+#!/bin/sh
+
+set -e
+
+[ -x /usr/sbin/chronyd ] || exit 0
+
+if [ -e /run/chronyd.pid ]; then
+ chronyc onoffline > /dev/null 2>&1
+fi
+
+exit 0
sshd:x:105:65534::/run/sshd:/usr/sbin/nologin
systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
bind:x:106:112::/var/cache/bind:/usr/sbin/nologin
+_chrony:x:107:114:Chrony daemon,,,:/var/lib/chrony:/usr/sbin/nologin
sshd:x:105:65534::/run/sshd:/usr/sbin/nologin
systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
bind:x:106:112::/var/cache/bind:/usr/sbin/nologin
+_chrony:x:107:114::/var/lib/chrony:/usr/sbin/nologin
--- /dev/null
+#!/bin/sh
+# This script tells chronyd that the connection is down
+# so that it won't try to contact the server.
+# John Hasler <jhasler@debian.org> 1998-2003
+# Any possessor of a copy of this program may treat it as if it
+# were in the public domain. I waive all rights.
+# Modified by Vincent Blut <vincent.debian@free.fr>
+
+if [ -e /run/chronyd.pid ]; then
+ chronyc onoffline > /dev/null 2>&1
+fi
+
+exit 0
--- /dev/null
+#!/bin/sh
+# This script tells chronyd that the connection is up so that it can
+# contact the server. John Hasler <jhasler@debian.org> 1998-2003
+# Any possessor of a copy of this program may treat it as if it
+# were in the public domain. I waive all rights.
+# Modified by Vincent Blut <vincent.debian@free.fr>
+
+if [ -e /run/chronyd.pid ]; then
+ chronyc onoffline > /dev/null 2>&1
+fi
+
+exit 0
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
--- /dev/null
+../init.d/chrony
\ No newline at end of file
sshd:*:18686:0:99999:7:::
systemd-coredump:!!:18686::::::
bind:*:18724:0:99999:7:::
+_chrony:*:18724:0:99999:7:::
sshd:*:18686:0:99999:7:::
systemd-coredump:!!:18686::::::
bind:*:18724:0:99999:7:::
+_chrony:*:18724:0:99999:7:::
--- /dev/null
+/lib/systemd/system/chrony.service
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/chrony.service
\ No newline at end of file
projects / config / helga-hetzner / etc.git / commitdiff