From 0e7c85358649f1f015b1390455aede5bd1eb31f8 Mon Sep 17 00:00:00 2001 From: Sergey Cherevko Date: Tue, 17 Dec 2024 22:33:20 +0300 Subject: [PATCH] Synchronize time via Russian NTP servers --- ...hronize-time-via-Russian-NTP-servers.patch | 343 ++++++++++++++++++ SPECS/chrony.spec | 14 +- 2 files changed, 354 insertions(+), 3 deletions(-) create mode 100644 SOURCES/0001-Synchronize-time-via-Russian-NTP-servers.patch diff --git a/SOURCES/0001-Synchronize-time-via-Russian-NTP-servers.patch b/SOURCES/0001-Synchronize-time-via-Russian-NTP-servers.patch new file mode 100644 index 0000000..51e506a --- /dev/null +++ b/SOURCES/0001-Synchronize-time-via-Russian-NTP-servers.patch @@ -0,0 +1,343 @@ +From 490c310c3218f5ea5a27d850e42fa1083cec788b Mon Sep 17 00:00:00 2001 +From: Sergey Cherevko +Date: Tue, 17 Dec 2024 20:40:35 +0300 +Subject: [PATCH] Synchronize time via Russian NTP servers + +--- + FAQ | 12 ++++++------ + INSTALL | 4 ++-- + doc/chrony.conf.adoc | 8 ++++---- + doc/chrony.conf.man.in | 10 +++++----- + doc/chronyc.adoc | 2 +- + doc/chronyc.man.in | 4 ++-- + doc/faq.adoc | 12 ++++++------ + doc/installation.adoc | 4 ++-- + examples/chrony.conf.example1 | 11 +++++++++-- + examples/chrony.conf.example2 | 12 +++++++++--- + examples/chrony.conf.example3 | 4 ++-- + 11 files changed, 48 insertions(+), 35 deletions(-) + +diff --git a/FAQ b/FAQ +index c96acfa..18687b7 100644 +--- a/FAQ ++++ b/FAQ +@@ -101,7 +101,7 @@ poll multiple servers at the same time and detect servers having incorrect time + (falsetickers in the NTP terminology). It should be used only with trusted + reliable servers, ideally in local network. + +-Using timesyncd with pool.ntp.org is problematic. The pool is very robust as a ++Using timesyncd with https://www.vniiftri.ru/ is problematic. The pool is very robust as a + whole, but the individual servers run by volunteers cannot be relied on. + Occasionally, servers drift away or make a step to distant past or future due + to misconfiguration, problematic implementation, and other bugs (e.g. in +@@ -141,10 +141,10 @@ next boot from the RTC, the rtcsync directive enables a mode in which the + system time is periodically copied to the RTC. It is supported on Linux and + macOS. + +-If you wanted to use public NTP servers from the pool.ntp.org project, the ++If you wanted to use public NTP servers from the https://www.vniiftri.ru/ project, the + minimal chrony.conf file could be: + +-pool pool.ntp.org iburst ++pool https://www.vniiftri.ru/ iburst + driftfile /var/lib/chrony/drift + makestep 1 3 + rtcsync +@@ -433,7 +433,7 @@ the -Q option it will print the measured offset without setting the clock. If + you do not want to use a configuration file, NTP servers can be specified on + the command line. For example: + +-# chronyd -q 'pool pool.ntp.org iburst' ++# chronyd -q 'pool https://www.vniiftri.ru/ iburst' + + The command above would normally take about 5 seconds if the servers were well + synchronised and responding to all requests. If not synchronised or responding, +@@ -444,7 +444,7 @@ option to one (supported since chrony version 4.0), and a timeout can be + specified with the -t option. The following command would take only up to about + one second. + +-# chronyd -q -t 1 'server pool.ntp.org iburst maxsamples 1' ++# chronyd -q -t 1 'server https://www.vniiftri.ru/ iburst maxsamples 1' + + It is not recommended to run chronyd with the -q option periodically (e.g. from + a cron job) as a replacement for the daemon mode, because it performs +@@ -507,7 +507,7 @@ same server instance. + + An example configuration of the client instance could be + +-pool pool.ntp.org iburst ++pool https://www.vniiftri.ru/ iburst + allow 127.0.0.1 + port 11123 + driftfile /var/lib/chrony/drift +diff --git a/INSTALL b/INSTALL +index 9ca6e22..6f48020 100644 +--- a/INSTALL ++++ b/INSTALL +@@ -116,10 +116,10 @@ make install-docs + Now that the software is successfully installed, the next step is to set up a + configuration file. The default location of the file is /etc/chrony.conf. + Several examples of configuration with comments are included in the examples +-directory. Suppose you want to use public NTP servers from the pool.ntp.org ++directory. Suppose you want to use public NTP servers from the https://www.vniiftri.ru/ + project as your time reference. A minimal useful configuration file could be + +-pool pool.ntp.org iburst ++pool https://www.vniiftri.ru/ iburst + makestep 1.0 3 + rtcsync + +diff --git a/doc/chrony.conf.adoc b/doc/chrony.conf.adoc +index cb3f95c..1f0168e 100644 +--- a/doc/chrony.conf.adoc ++++ b/doc/chrony.conf.adoc +@@ -365,7 +365,7 @@ sources responding to requests. The default value is 4 and the maximum value is + An example of the *pool* directive is + + + ---- +-pool pool.ntp.org iburst maxsources 3 ++pool https://www.vniiftri.ru/ iburst maxsources 3 + ---- + + [[peer]]*peer* _hostname_ [_option_]...:: +@@ -2820,7 +2820,7 @@ the following methods: + stratum 1 and stratum 2 servers. You should find one or more servers that are + near to you. Check that their access policy allows you to use their + facilities. +-* Use public servers from the https://www.pool.ntp.org/[pool.ntp.org] project. ++* Use public servers from the https://www.vniiftri.ru/[ntp1.vniiftri.ru] project. + + Assuming that your NTP servers are called _ntp1.example.net_, _ntp2.example.net_ + and _ntp3.example.net_, your _chrony.conf_ file could contain as a minimum: +@@ -2853,7 +2853,7 @@ directive instead of multiple *server* directives. The configuration file could + in this case look like: + + ---- +-pool pool.ntp.org iburst ++pool ntp1.vniiftri.ru iburst + driftfile @CHRONYVARDIR@/drift + makestep 1.0 3 + rtcsync +@@ -3112,7 +3112,7 @@ information to be saved. + === Public NTP server + + *chronyd* can be configured to operate as a public NTP server, e.g. to join the +-https://www.pool.ntp.org/en/join.html[pool.ntp.org] project. The configuration ++https://www.vniiftri.ru/[ntp1.vniiftri.ru] project. The configuration + is similar to the NTP client with permanent connection, except it needs to + allow client access from all addresses. It is recommended to find at least four + good servers (e.g. from the pool, or on the NTP homepage). If the server has a +diff --git a/doc/chrony.conf.man.in b/doc/chrony.conf.man.in +index 66d2358..3a6d6a7 100644 +--- a/doc/chrony.conf.man.in ++++ b/doc/chrony.conf.man.in +@@ -479,7 +479,7 @@ An example of the \fBpool\fP directive is + .if n .RS 4 + .nf + .fam C +-pool pool.ntp.org iburst maxsources 3 ++pool ntp1.vniiftri.ru iburst maxsources 3 + .fam + .fi + .if n .RE +@@ -4651,7 +4651,7 @@ facilities. + . IP \(bu 2.3 + .\} + Use public servers from the \c +-.URL "https://www.pool.ntp.org/" "pool.ntp.org" "" ++.URL "https://www.ntp1.vniiftri.ru/" "ntp1.vniiftri.ru" "" + project. + .RE + .sp +@@ -4696,7 +4696,7 @@ in this case look like: + .if n .RS 4 + .nf + .fam C +-pool pool.ntp.org iburst ++pool ntp1.vniiftri.ru iburst + driftfile @CHRONYVARDIR@/drift + makestep 1.0 3 + rtcsync +@@ -4993,7 +4993,7 @@ information to be saved. + .SS "Public NTP server" + .sp + \fBchronyd\fP can be configured to operate as a public NTP server, e.g. to join the +-.URL "https://www.pool.ntp.org/en/join.html" "pool.ntp.org" "" ++.URL "https://www.ntp.vniiftri.ru/en/join.html" "ntp1.vniiftri.ru" "" + project. The configuration + is similar to the NTP client with permanent connection, except it needs to + allow client access from all addresses. It is recommended to find at least four +@@ -5040,4 +5040,4 @@ For instructions on how to report bugs, please visit + .URL "https://chrony\-project.org/" "" "." + .SH "AUTHORS" + .sp +-chrony was written by Richard Curnow, Miroslav Lichvar, and others. +\ No newline at end of file ++chrony was written by Richard Curnow, Miroslav Lichvar, and others. +diff --git a/doc/chronyc.adoc b/doc/chronyc.adoc +index 96a0551..d88c7dc 100644 +--- a/doc/chronyc.adoc ++++ b/doc/chronyc.adoc +@@ -979,7 +979,7 @@ them immediately, e.g. after suspending and resuming the machine in a different + network. + + + Note that with pools which have more than 16 addresses, or not all IPv4 or IPv6 +-addresses are included in a single DNS response (e.g. pool.ntp.org), this ++addresses are included in a single DNS response (e.g. https://www.vniiftri.ru/), this + command might replace the addresses even if they are still in the pool. + + [[reload]]*reload* *sources*:: +diff --git a/doc/chronyc.man.in b/doc/chronyc.man.in +index 4541fc6..7888eff 100644 +--- a/doc/chronyc.man.in ++++ b/doc/chronyc.man.in +@@ -1793,7 +1793,7 @@ them immediately, e.g. after suspending and resuming the machine in a different + network. + .sp + Note that with pools which have more than 16 addresses, or not all IPv4 or IPv6 +-addresses are included in a single DNS response (e.g. pool.ntp.org), this ++addresses are included in a single DNS response (e.g. ntp1.vniiftri.ru), this + command might replace the addresses even if they are still in the pool. + .RE + .sp +@@ -2753,4 +2753,4 @@ For instructions on how to report bugs, please visit + .URL "https://chrony\-project.org/" "" "." + .SH "AUTHORS" + .sp +-chrony was written by Richard Curnow, Miroslav Lichvar, and others. +\ No newline at end of file ++chrony was written by Richard Curnow, Miroslav Lichvar, and others. +diff --git a/doc/faq.adoc b/doc/faq.adoc +index 8fd350f..69b8b3e 100644 +--- a/doc/faq.adoc ++++ b/doc/faq.adoc +@@ -56,7 +56,7 @@ limitations is that it cannot poll multiple servers at the same time and detect + servers having incorrect time (falsetickers in the NTP terminology). It should + be used only with trusted reliable servers, ideally in local network. + +-Using `timesyncd` with `pool.ntp.org` is problematic. The pool is very ++Using `timesyncd` with `ntp.vniiftri.ru` is problematic. The pool is very + robust as a whole, but the individual servers run by volunteers cannot be + relied on. Occasionally, servers drift away or make a step to distant past or + future due to misconfiguration, problematic implementation, and other bugs +@@ -98,11 +98,11 @@ system time is periodically copied to the RTC. It is supported on Linux and + macOS. + + If you wanted to use public NTP servers from the +-https://www.pool.ntp.org/[pool.ntp.org] project, the minimal _chrony.conf_ file ++https://www.vniiftri.ru/[ntp1.vniiftri.ru] project, the minimal _chrony.conf_ file + could be: + + ---- +-pool pool.ntp.org iburst ++pool ntp1.vniiftri.ru iburst + driftfile /var/lib/chrony/drift + makestep 1 3 + rtcsync +@@ -411,7 +411,7 @@ clock. If you do not want to use a configuration file, NTP servers can be + specified on the command line. For example: + + ---- +-# chronyd -q 'pool pool.ntp.org iburst' ++# chronyd -q 'pool ntp1.vniiftri.ru iburst' + ---- + + The command above would normally take about 5 seconds if the servers were +@@ -424,7 +424,7 @@ timeout can be specified with the `-t` option. The following command would take + only up to about one second. + + ---- +-# chronyd -q -t 1 'server pool.ntp.org iburst maxsamples 1' ++# chronyd -q -t 1 'server ntp1.vniiftri.ru iburst maxsamples 1' + ---- + + It is not recommended to run `chronyd` with the `-q` option periodically (e.g. +@@ -491,7 +491,7 @@ the same server instance. + An example configuration of the client instance could be + + ---- +-pool pool.ntp.org iburst ++pool ntp1.vniiftri.ru iburst + allow 127.0.0.1 + port 11123 + driftfile /var/lib/chrony/drift +diff --git a/doc/installation.adoc b/doc/installation.adoc +index b683911..0fa1eca 100644 +--- a/doc/installation.adoc ++++ b/doc/installation.adoc +@@ -146,11 +146,11 @@ make install-docs + Now that the software is successfully installed, the next step is to set up a + configuration file. The default location of the file is _/etc/chrony.conf_. + Several examples of configuration with comments are included in the examples +-directory. Suppose you want to use public NTP servers from the pool.ntp.org ++directory. Suppose you want to use public NTP servers from the ntp1.vniiftri.ru + project as your time reference. A minimal useful configuration file could be + + ---- +-pool pool.ntp.org iburst ++pool ntp1.vniiftri.ru iburst + makestep 1.0 3 + rtcsync + ---- +diff --git a/examples/chrony.conf.example1 b/examples/chrony.conf.example1 +index 5e93ea7..dd960ad 100644 +--- a/examples/chrony.conf.example1 ++++ b/examples/chrony.conf.example1 +@@ -1,5 +1,12 @@ +-# Use public NTP servers from the pool.ntp.org project. +-pool pool.ntp.org iburst ++# Use Russian public NTP servers (vniiftri and msk-ix) ++server ntp.msk-ix.ru iburst ++server ntp1.vniiftri.ru iburst ++server vniiftri2.khv.ru iburst ++server ntp1.niiftri.irkutsk.ru iburst ++server ntp.sstf.nsk.ru iburst ++server ntp2.vniiftri.ru iburst ++server ntp3.vniiftri.ru iburst ++server ntp4.vniiftri.ru iburst + + # Record the rate at which the system clock gains/losses time. + driftfile /var/lib/chrony/drift +diff --git a/examples/chrony.conf.example2 b/examples/chrony.conf.example2 +index bf2bbdd..61b4576 100644 +--- a/examples/chrony.conf.example2 ++++ b/examples/chrony.conf.example2 +@@ -1,6 +1,12 @@ +-# Use public servers from the pool.ntp.org project. +-# Please consider joining the pool (https://www.pool.ntp.org/join.html). +-pool pool.ntp.org iburst ++# Use Russian public NTP servers (vniiftri and msk-ix) ++server ntp.msk-ix.ru iburst ++server ntp1.vniiftri.ru iburst ++server vniiftri2.khv.ru iburst ++server ntp1.niiftri.irkutsk.ru iburst ++server ntp.sstf.nsk.ru iburst ++server ntp2.vniiftri.ru iburst ++server ntp3.vniiftri.ru iburst ++server ntp4.vniiftri.ru iburst + + # Record the rate at which the system clock gains/losses time. + driftfile /var/lib/chrony/drift +diff --git a/examples/chrony.conf.example3 b/examples/chrony.conf.example3 +index 6d84c01..e893292 100644 +--- a/examples/chrony.conf.example3 ++++ b/examples/chrony.conf.example3 +@@ -25,13 +25,13 @@ + # Provider or company have one or more NTP servers that you can specify. + # Failing that, there are a lot of public NTP servers. There is a list + # you can access at http://support.ntp.org/bin/view/Servers/WebHome or +-# you can use servers from the pool.ntp.org project. ++# you can use servers from the https://www.vniiftri.ru/ project. + + ! server ntp1.example.net iburst + ! server ntp2.example.net iburst + ! server ntp3.example.net iburst + +-! pool pool.ntp.org iburst ++! pool ntp1.vniiftri.ru iburst + + ####################################################################### + ### AVOIDING POTENTIALLY BOGUS CHANGES TO YOUR CLOCK +-- +2.43.5 + diff --git a/SPECS/chrony.spec b/SPECS/chrony.spec index eab5d9f..0913b92 100644 --- a/SPECS/chrony.spec +++ b/SPECS/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.6 -Release: 1%{?dist} +Release: 1%{?dist}.inferit Summary: An NTP client/server License: GPL-2.0-only @@ -27,6 +27,10 @@ Source10: https://gitlab.com/chrony/clknetsim/-/archive/master/clknetsim-% Patch1: chrony-nm-dispatcher-dhcp.patch BuildRequires: gnutls-devel libcap-devel libedit-devel pps-tools-devel + +# MSVSphere +Patch100: 0001-Synchronize-time-via-Russian-NTP-servers.patch + BuildRequires: gcc gcc-c++ make bison systemd gnupg2 %{?with_nts:BuildRequires: gnutls-utils} %{?with_seccomp:BuildRequires: libseccomp-devel} @@ -51,7 +55,7 @@ can also operate as an NTPv4 (RFC 5905) server and peer to provide a time service to other computers in the network. %if 0%{!?vendorzone:1} -%global vendorzone %(source /etc/os-release && echo ${ID}.) +%global vendorzone ru. %endif %prep @@ -59,13 +63,14 @@ service to other computers in the network. %setup -q -n %{name}-%{version}%{?prerelease} -a 10 %{?gitpatch:%patch -P 0 -p1} %patch -P 1 -p1 -b .nm-dispatcher-dhcp +%patch -P 100 -p1 %{?gitpatch: echo %{version}-%{gitpatch} > version.txt} # review changes in packaged configuration files and scripts md5sum -c <<-EOF | (! grep -v 'OK$') 5530d6e60f84b76c27495485d2510bac examples/chrony-wait.service - 826354a2d467d6147e412d43bfe07484 examples/chrony.conf.example2 + 8ad4c7e927d15cdf57f517e36b225113 examples/chrony.conf.example2 6a3178c4670de7de393d9365e2793740 examples/chrony.logrotate c3992e2f985550739cd1cd95f98c9548 examples/chrony.nm-dispatcher.dhcp 4e85d36595727318535af3387411070c examples/chrony.nm-dispatcher.onoffline @@ -206,6 +211,9 @@ fi %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Tue Dec 17 2024 Sergey Cherevko - 4.6-1.inferit +- Synchronize time via Russian NTP servers + * Fri Oct 25 2024 MSVSphere Packaging Team - 4.6-1 - Rebuilt for MSVSphere 10