From 82179b84353779b3e7381aaa98bcd19bd0fd665e Mon Sep 17 00:00:00 2001 From: mid-kid Date: Thu, 8 Dec 2016 10:36:50 +0100 Subject: [PATCH] Enable default ntp servers --- etc/ntp.conf | 72 ++++++++++++++++++++++++++++++++++++++++ etc/ntp.conf.orig | 72 ++++++++++++++++++++++++++++++++++++++++ rocket-config.SlackBuild | 2 +- 3 files changed, 145 insertions(+), 1 deletion(-) create mode 100644 etc/ntp.conf create mode 100644 etc/ntp.conf.orig diff --git a/etc/ntp.conf b/etc/ntp.conf new file mode 100644 index 0000000..7da25ea --- /dev/null +++ b/etc/ntp.conf @@ -0,0 +1,72 @@ +# Sample /etc/ntp.conf: Configuration file for ntpd. +# +# Undisciplined Local Clock. This is a fake driver intended for backup +# and when no outside source of synchronized time is available. The +# default stratum is usually 3, but in this case we elect to use stratum +# 0. Since the server line does not have the prefer keyword, this driver +# is never used for synchronization, unless no other other +# synchronization source is available. In case the local host is +# controlled by some external source, such as an external oscillator or +# another protocol, the prefer keyword would cause the local host to +# disregard all other synchronization sources, unless the kernel +# modifications are in use and declare an unsynchronized condition. +# +server 127.127.1.0 # local clock +fudge 127.127.1.0 stratum 10 + +# +# NTP server (list one or more) to synchronize with: +server 0.pool.ntp.org iburst +server 1.pool.ntp.org iburst +server 2.pool.ntp.org iburst +server 3.pool.ntp.org iburst + +# +# Drift file. Put this in a directory which the daemon can write to. +# No symbolic links allowed, either, since the daemon updates the file +# by creating a temporary in the same directory and then rename()'ing +# it to the file. +# +driftfile /etc/ntp/drift + +# +# Uncomment to use a multicast NTP server on the local subnet: +#multicastclient 224.0.1.1 # listen on default 224.0.1.1 +# Set an optional compensation for broadcast packet delay: +#broadcastdelay 0.008 + +# +# Keys file. If you want to diddle your server at run time, make a +# keys file (mode 600 for sure) and define the key number to be +# used for making requests. +# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote +# systems might be able to reset your clock at will. +# +#keys /etc/ntp/keys +#trustedkey 65535 +#requestkey 65535 +#controlkey 65535 + +# +# Don't serve time or stats to anyone else by default (more secure) +restrict default limited kod nomodify notrap nopeer noquery +restrict -6 default limited kod nomodify notrap nopeer noquery + +# +# Use these lines instead if you do want to serve time and stats to +# other machines on the network: +#restrict default limited kod nomodify notrap nopeer +#restrict -6 default limited kod nomodify notrap nopeer + +# +# Disable the ntpdc -c monlist command, which is insecure and can be used +# to cause a denial of service attack (CVE-2013-5211). Future versions of +# NTP will remove this command. +# (this feature was disabled by default with ntpd 4.2.7p230) +disable monitor + +# +# Trust ourselves. :-) +restrict 127.0.0.1 +restrict ::1 + diff --git a/etc/ntp.conf.orig b/etc/ntp.conf.orig new file mode 100644 index 0000000..1844fb9 --- /dev/null +++ b/etc/ntp.conf.orig @@ -0,0 +1,72 @@ +# Sample /etc/ntp.conf: Configuration file for ntpd. +# +# Undisciplined Local Clock. This is a fake driver intended for backup +# and when no outside source of synchronized time is available. The +# default stratum is usually 3, but in this case we elect to use stratum +# 0. Since the server line does not have the prefer keyword, this driver +# is never used for synchronization, unless no other other +# synchronization source is available. In case the local host is +# controlled by some external source, such as an external oscillator or +# another protocol, the prefer keyword would cause the local host to +# disregard all other synchronization sources, unless the kernel +# modifications are in use and declare an unsynchronized condition. +# +server 127.127.1.0 # local clock +fudge 127.127.1.0 stratum 10 + +# +# NTP server (list one or more) to synchronize with: +#server 0.pool.ntp.org iburst +#server 1.pool.ntp.org iburst +#server 2.pool.ntp.org iburst +#server 3.pool.ntp.org iburst + +# +# Drift file. Put this in a directory which the daemon can write to. +# No symbolic links allowed, either, since the daemon updates the file +# by creating a temporary in the same directory and then rename()'ing +# it to the file. +# +driftfile /etc/ntp/drift + +# +# Uncomment to use a multicast NTP server on the local subnet: +#multicastclient 224.0.1.1 # listen on default 224.0.1.1 +# Set an optional compensation for broadcast packet delay: +#broadcastdelay 0.008 + +# +# Keys file. If you want to diddle your server at run time, make a +# keys file (mode 600 for sure) and define the key number to be +# used for making requests. +# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote +# systems might be able to reset your clock at will. +# +#keys /etc/ntp/keys +#trustedkey 65535 +#requestkey 65535 +#controlkey 65535 + +# +# Don't serve time or stats to anyone else by default (more secure) +restrict default limited kod nomodify notrap nopeer noquery +restrict -6 default limited kod nomodify notrap nopeer noquery + +# +# Use these lines instead if you do want to serve time and stats to +# other machines on the network: +#restrict default limited kod nomodify notrap nopeer +#restrict -6 default limited kod nomodify notrap nopeer + +# +# Disable the ntpdc -c monlist command, which is insecure and can be used +# to cause a denial of service attack (CVE-2013-5211). Future versions of +# NTP will remove this command. +# (this feature was disabled by default with ntpd 4.2.7p230) +disable monitor + +# +# Trust ourselves. :-) +restrict 127.0.0.1 +restrict ::1 + diff --git a/rocket-config.SlackBuild b/rocket-config.SlackBuild index 456f85c..ad478d4 100755 --- a/rocket-config.SlackBuild +++ b/rocket-config.SlackBuild @@ -2,7 +2,7 @@ PKGNAM=rocket-config VERSION=14.2 -BUILD=${BUILD:-7rocket} +BUILD=${BUILD:-8rocket} ARCH=noarch CWD=$(pwd)