diff options
-rw-r--r-- | net-misc/ntpsec/files/ntpd-r1.service | 19 | ||||
-rw-r--r-- | net-misc/ntpsec/ntpsec-1.1.7-r1.ebuild (renamed from net-misc/ntpsec/ntpsec-1.1.7.ebuild) | 2 | ||||
-rw-r--r-- | net-misc/ntpsec/ntpsec-9999.ebuild | 2 |
3 files changed, 21 insertions, 2 deletions
diff --git a/net-misc/ntpsec/files/ntpd-r1.service b/net-misc/ntpsec/files/ntpd-r1.service new file mode 100644 index 000000000000..5da473805aa0 --- /dev/null +++ b/net-misc/ntpsec/files/ntpd-r1.service @@ -0,0 +1,19 @@ +[Unit] +Description=Network Time Service +After=network.target nss-lookup.target +Conflicts=systemd-timesyncd.service + +[Service] +Type=forking +PrivateTmp=true +EnvironmentFile=-/etc/conf.d/ntp +ExecStart=/usr/sbin/ntpd ${NTPD_OPTS} +# Specifying -g on the command line allows ntpd to make large adjustments to +# the clock on boot. However, if Restart=yes is set, a malicious (or broken) +# server could send the incorrect time, trip the panic threshold, and when +# ntpd restarts, serve it the incorrect time (which would be accepted). +Restart=no +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/net-misc/ntpsec/ntpsec-1.1.7.ebuild b/net-misc/ntpsec/ntpsec-1.1.7-r1.ebuild index e5bf13be3bed..d6b4b3054594 100644 --- a/net-misc/ntpsec/ntpsec-1.1.7.ebuild +++ b/net-misc/ntpsec/ntpsec-1.1.7-r1.ebuild @@ -132,7 +132,7 @@ src_install() { newconfd "${FILESDIR}"/ntpd.confd ntp # Install the systemd unit file - systemd_newunit "${FILESDIR}"/ntpd.service ntpd.service + systemd_newunit "${FILESDIR}"/ntpd-r1.service ntpd.service # Prepare a directory for the ntp.drift file mkdir -pv "${ED}"/var/lib/ntp diff --git a/net-misc/ntpsec/ntpsec-9999.ebuild b/net-misc/ntpsec/ntpsec-9999.ebuild index 7cc6f74f6d34..050f701b387d 100644 --- a/net-misc/ntpsec/ntpsec-9999.ebuild +++ b/net-misc/ntpsec/ntpsec-9999.ebuild @@ -131,7 +131,7 @@ src_install() { newconfd "${FILESDIR}"/ntpd.confd ntp # Install the systemd unit file - systemd_newunit "${FILESDIR}"/ntpd.service ntpd.service + systemd_newunit "${FILESDIR}"/ntpd-r1.service ntpd.service # Prepare a directory for the ntp.drift file mkdir -pv "${ED}"/var/lib/ntp |