PNG  IHDR* pHYs+ IDATx]n#; cdLb Ǚ[at¤_:uP}>!Usă cag޿ ֵNu`ݼTâabO7uL&y^wFٝA"l[|ŲHLN밪4*sG3|Dv}?+y߉{OuOAt4Jj.u]Gz*҉sP'VQKbA1u\`& Af;HWj hsO;ogTu uj7S3/QzUr&wS`M$X_L7r2;aE+ώ%vikDA:dR+%KzƉo>eOth$z%: :{WwaQ:wz%4foɹE[9<]#ERINƻv溂E%P1i01 |Jvҗ&{b?9g=^wζXn/lK::90KwrюO\!ջ3uzuGv^;騢wq<Iatv09:tt~hEG`v;3@MNZD.1]L:{ծI3`L(÷ba")Y.iljCɄae#I"1 `3*Bdz>j<fU40⨬%O$3cGt]j%Fߠ_twJ;ABU8vP3uEԑwQ V:h%))LfraqX-ۿX]v-\9I gl8tzX ]ecm)-cgʒ#Uw=Wlێn(0hPP/ӨtQ“&J35 $=]r1{tLuǮ*i0_;NƝ8;-vݏr8+U-kruȕYr0RnC]*ެ(M:]gE;{]tg(#ZJ9y>utRDRMdr9㪩̞zֹb<ģ&wzJM"iI( .ꮅX)Qw:9,i좜\Ԛi7&N0:asϓc];=ΗOӣ APqz93 y $)A*kVHZwBƺnWNaby>XMN*45~ղM6Nvm;A=jֲ.~1}(9`KJ/V F9[=`~[;sRuk]rєT!)iQO)Y$V ی ۤmzWz5IM Zb )ˆC`6 rRa}qNmUfDsWuˤV{ Pݝ'=Kֳbg,UҘVz2ﴻnjNgBb{? ߮tcsͻQuxVCIY۠:(V뺕 ٥2;t`@Fo{Z9`;]wMzU~%UA蛚dI vGq\r82iu +St`cR.6U/M9IENDB`#!/bin/bash # This script configures running chronyd to use NTP servers obtained from # DHCP and _ntp._udp DNS SRV records. Files with servers from DHCP are managed # externally (e.g. by a dhclient script). Files with servers from DNS SRV # records are updated here using the dig utility. The script can also list # and set static sources in the chronyd configuration file. chronyc=/usr/bin/chronyc chrony_conf=/etc/chrony.conf chrony_service=chronyd.service helper_dir=/run/chrony-helper added_servers_file=$helper_dir/added_servers network_sysconfig_file=/etc/sysconfig/network nm_servers_files="$helper_dir/nm-dhcp.*" dhclient_servers_files="/var/lib/dhclient/chrony.servers.*" dnssrv_servers_files="$helper_dir/dnssrv@*" dnssrv_timer_prefix=chrony-dnssrv@ . $network_sysconfig_file &> /dev/null chrony_command() { $chronyc -n -m "$@" } is_running() { chrony_command "tracking" &> /dev/null } get_servers_files() { [ "$PEERNTP" != "no" ] && echo "$nm_servers_files" [ "$PEERNTP" != "no" ] && echo "$dhclient_servers_files" echo "$dnssrv_servers_files" } is_update_needed() { for file in $(get_servers_files) $added_servers_file; do [ -e "$file" ] && return 0 done return 1 } remove_daemon_state() { rm -f $added_servers_file } update_daemon() { local all_servers_with_args all_servers added_servers if ! is_running; then remove_daemon_state return 0 fi all_servers_with_args=$(cat $(get_servers_files) 2> /dev/null) all_servers=$( echo "$all_servers_with_args" | while read -r server serverargs; do echo "$server" done | sort -u) added_servers=$( ( cat $added_servers_file 2> /dev/null echo "$all_servers_with_args" | while read -r server serverargs; do [ -z "$server" ] && continue chrony_command "add server $server $serverargs" &> /dev/null && echo "$server" done) | sort -u) comm -23 <(echo -n "$added_servers") <(echo -n "$all_servers") | while read -r server; do chrony_command -c sources -a 2>/dev/null | while IFS=, read -r type _ address _; do [ "$type" = "^" ] || continue [ "$(chrony_command "sourcename $address")" = "$server" ] || continue chrony_command "delete $address" &> /dev/null break done done added_servers=$(comm -12 <(echo -n "$added_servers") <(echo -n "$all_servers")) if [ -n "$added_servers" ]; then echo "$added_servers" > $added_servers_file else rm -f $added_servers_file fi } get_dnssrv_servers() { local name=$1 output if ! command -v dig &> /dev/null; then echo "Missing dig (DNS lookup utility)" >&2 return 1 fi output=$(dig "$name" srv +short +ndots=2 +search 2> /dev/null) || return 0 echo "$output" | while read -r _ _ port target; do server=${target%.} [ -z "$server" ] && continue echo "$server port $port ${NTPSERVERARGS:-iburst}" done } check_dnssrv_name() { local name=$1 if [ -z "$name" ]; then echo "No DNS SRV name specified" >&2 return 1 fi if [ "${name:0:9}" != _ntp._udp ]; then echo "DNS SRV name $name doesn't start with _ntp._udp" >&2 return 1 fi } update_dnssrv_servers() { local name=$1 local srv_file=$helper_dir/dnssrv@$name servers check_dnssrv_name "$name" || return 1 servers=$(get_dnssrv_servers "$name") if [ -n "$servers" ]; then echo "$servers" > "$srv_file" else rm -f "$srv_file" fi } set_dnssrv_timer() { local state=$1 name=$2 local srv_file=$helper_dir/dnssrv@$name servers local timer timer=$dnssrv_timer_prefix$(systemd-escape "$name").timer || return 1 check_dnssrv_name "$name" || return 1 if [ "$state" = enable ]; then systemctl enable "$timer" systemctl start "$timer" elif [ "$state" = disable ]; then systemctl stop "$timer" systemctl disable "$timer" rm -f "$srv_file" fi } list_dnssrv_timers() { systemctl --all --full -t timer list-units | grep "^$dnssrv_timer_prefix" | \ sed "s|^$dnssrv_timer_prefix\(.*\)\.timer.*|\1|" | while read -r name; do systemd-escape --unescape "$name" done } prepare_helper_dir() { mkdir -p $helper_dir exec 100> $helper_dir/lock if ! flock -w 20 100; then echo "Failed to lock $helper_dir" >&2 return 1 fi } is_source_line() { local pattern="^[ \t]*(server|pool|peer|refclock)[ \t]+[^ \t]+" [[ "$1" =~ $pattern ]] } list_static_sources() { while read -r line; do if is_source_line "$line"; then echo "$line" fi done < $chrony_conf } set_static_sources() { local new_config tmp_conf new_config=$( sources=$( while read -r line; do is_source_line "$line" && echo "$line" done) while read -r line; do if ! is_source_line "$line"; then echo "$line" continue fi tmp_sources=$( local removed=0 echo "$sources" | while read -r line2; do if [ "$removed" -ne 0 ] || [ "$line" != "$line2" ]; then echo "$line2" else removed=1 fi done) [ "$sources" == "$tmp_sources" ] && continue sources=$tmp_sources echo "$line" done < $chrony_conf echo "$sources" ) tmp_conf=${chrony_conf}.tmp cp -a $chrony_conf $tmp_conf && echo "$new_config" > $tmp_conf && mv $tmp_conf $chrony_conf || return 1 systemctl try-restart $chrony_service } print_help() { echo "Usage: $0 COMMAND" echo echo "Commands:" echo " create-helper-directory" echo " update-daemon" echo " remove-daemon-state" echo " update-dnssrv-servers NAME" echo " enable-dnssrv NAME" echo " disable-dnssrv NAME" echo " list-dnssrv" echo " list-static-sources" echo " set-static-sources < sources.list" echo " is-running" echo " command CHRONYC-COMMAND" } case "$1" in create-helper-directory) prepare_helper_dir ;; update-daemon|add-dhclient-servers|remove-dhclient-servers) is_update_needed || exit 0 prepare_helper_dir && update_daemon ;; remove-daemon-state) remove_daemon_state ;; update-dnssrv-servers) prepare_helper_dir && update_dnssrv_servers "$2" && update_daemon ;; enable-dnssrv) set_dnssrv_timer enable "$2" ;; disable-dnssrv) set_dnssrv_timer disable "$2" && prepare_helper_dir && update_daemon ;; list-dnssrv) list_dnssrv_timers ;; list-static-sources) list_static_sources ;; set-static-sources) set_static_sources ;; is-running) is_running ;; command|forced-command) chrony_command "$2" ;; *) print_help exit 2 esac exit $?