3 files changed, 21 insertions, 2 deletions

diff --git a/net-misc/ntpsec/files/ntpd-r1.service b/net-misc/ntpsec/files/ntpd-r1.service
new file mode 100644
index 000000000000..5da473805aa0
--- /dev/null
+++ b/net-misc/ntpsec/files/ntpd-r1.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=Network Time Service
+After=network.target nss-lookup.target
+Conflicts=systemd-timesyncd.service
+
+[Service]
+Type=forking
+PrivateTmp=true
+EnvironmentFile=-/etc/conf.d/ntp
+ExecStart=/usr/sbin/ntpd ${NTPD_OPTS}
+# Specifying -g on the command line allows ntpd to make large adjustments to
+# the clock on boot.  However, if Restart=yes is set, a malicious (or broken)
+# server could send the incorrect time, trip the panic threshold, and when
+# ntpd restarts, serve it the incorrect time (which would be accepted).
+Restart=no
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-misc/ntpsec/ntpsec-1.1.7.ebuild b/net-misc/ntpsec/ntpsec-1.1.7-r1.ebuild
index e5bf13be3bed..d6b4b3054594 100644
--- a/net-misc/ntpsec/ntpsec-1.1.7.ebuild
+++ b/net-misc/ntpsec/ntpsec-1.1.7-r1.ebuild
@@ -132,7 +132,7 @@ src_install() {
 	newconfd "${FILESDIR}"/ntpd.confd ntp
 
 	# Install the systemd unit file
-	systemd_newunit "${FILESDIR}"/ntpd.service ntpd.service
+	systemd_newunit "${FILESDIR}"/ntpd-r1.service ntpd.service
 
 	# Prepare a directory for the ntp.drift file
 	mkdir -pv "${ED}"/var/lib/ntp
diff --git a/net-misc/ntpsec/ntpsec-9999.ebuild b/net-misc/ntpsec/ntpsec-9999.ebuild
index 7cc6f74f6d34..050f701b387d 100644
--- a/net-misc/ntpsec/ntpsec-9999.ebuild
+++ b/net-misc/ntpsec/ntpsec-9999.ebuild
@@ -131,7 +131,7 @@ src_install() {
 	newconfd "${FILESDIR}"/ntpd.confd ntp
 
 	# Install the systemd unit file
-	systemd_newunit "${FILESDIR}"/ntpd.service ntpd.service
+	systemd_newunit "${FILESDIR}"/ntpd-r1.service ntpd.service
 
 	# Prepare a directory for the ntp.drift file
 	mkdir -pv "${ED}"/var/lib/ntp