From 396d15c284b65cc88840488e2b72ca4696159ed8 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Tue, 9 Jan 2024 16:50:44 +0100 Subject: [PATCH 01/36] update clknetsim source --- chrony.spec | 4 ++-- sources | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/chrony.spec b/chrony.spec index e4e6820..b160209 100644 --- a/chrony.spec +++ b/chrony.spec @@ -20,7 +20,7 @@ Source2: https://chrony-project.org/gpgkey-8F375C7E8D0EE125A3D3BD51537E2B Source3: chrony.dhclient Source4: chrony.sysusers # simulator for test suite -Source10: https://github.com/mlichvar/clknetsim/archive/%{clknetsim_ver}/clknetsim-%{clknetsim_ver}.tar.gz +Source10: https://gitlab.com/chrony/clknetsim/-/archive/master/clknetsim-%{clknetsim_ver}.tar.gz %{?gitpatch:Patch0: chrony-%{version}%{?prerelease}-%{gitpatch}.patch.gz} # add distribution-specific bits to DHCP dispatcher @@ -94,7 +94,7 @@ sed -i '/^ExecStart/a SELinuxContext=system_u:system_r:chronyd_restricted_t:s0' # regenerate the file from getdate.y rm -f getdate.c -mv clknetsim-%{clknetsim_ver}* test/simulation/clknetsim +mv clknetsim-*-%{clknetsim_ver}* test/simulation/clknetsim %build %configure \ diff --git a/sources b/sources index 0f64136..970d87e 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ SHA512 (chrony-4.5.tar.gz) = 58a449e23186da799064b16ab16f799c1673296984b152b43e87c620d86e272c55365e83439d410fc89e4e0ba0befd7d5c625eac78a6665813b7ea75444f71b5 SHA512 (chrony-4.5-tar-gz-asc.txt) = 05470e6cc34524fdab494f70cee71d46172b38bdd4acd8173ac79fdec12178239248880db474437690094aae7909002113289ac7f9305130c5e0a1d9364122cb -SHA512 (clknetsim-5d1dc0.tar.gz) = 76889da425dc9d63ba78811661d78ffa922a63c4f83aeb809fef02c866f64a97b09dd4b0906ccfd1e20cee5091d8b886aadfce54cd338d3bf597b0e976a78927 +SHA512 (clknetsim-5d1dc0.tar.gz) = 7d542443d7d9334d900cee821207fab1ee87e57fda6580a9d894f65fb36d265fdc4a72022b4293134d54cdeffba7e84d2f68f732f4b228b84d846d8668b314b2 From 9cedf747bf723bba78cec22f32b236a1b3b4aa87 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 19 Jan 2024 15:25:29 +0000 Subject: [PATCH 02/36] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index b160209..c806558 100644 --- a/chrony.spec +++ b/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.5 -Release: 1%{?dist} +Release: 2%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -205,6 +205,9 @@ fi %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Fri Jan 19 2024 Fedora Release Engineering - 4.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Tue Dec 05 2023 Miroslav Lichvar 4.5-1 - update to 4.5 From 2484d4001eaa7d8378f1a4f97171ac58a01b68c4 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Tue, 23 Jan 2024 01:36:12 +0000 Subject: [PATCH 03/36] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index c806558..51a9c3a 100644 --- a/chrony.spec +++ b/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.5 -Release: 2%{?dist} +Release: 3%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -205,6 +205,9 @@ fi %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Tue Jan 23 2024 Fedora Release Engineering - 4.5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Fri Jan 19 2024 Fedora Release Engineering - 4.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From 5d030eca6da200ac89e44d66728a7623b8b8ad15 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 17 Jul 2024 19:17:25 +0000 Subject: [PATCH 04/36] Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index 51a9c3a..5401be6 100644 --- a/chrony.spec +++ b/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.5 -Release: 3%{?dist} +Release: 4%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -205,6 +205,9 @@ fi %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Wed Jul 17 2024 Fedora Release Engineering - 4.5-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + * Tue Jan 23 2024 Fedora Release Engineering - 4.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From 2aac4c014b2cb70255833115cbfb4bc759ea8eb2 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Tue, 30 Jul 2024 14:52:18 +0200 Subject: [PATCH 05/36] update to 4.6-pre1 --- .gitignore | 6 +++--- chrony.spec | 13 +++++++------ sources | 6 +++--- 3 files changed, 13 insertions(+), 12 deletions(-) diff --git a/.gitignore b/.gitignore index ca5815e..55c253a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -/chrony-4.5.tar.gz -/chrony-4.5-tar-gz-asc.txt -/clknetsim-5d1dc0.tar.gz +/chrony-4.6-pre1.tar.gz +/chrony-4.6-pre1-tar-gz-asc.txt +/clknetsim-633a0b.tar.gz diff --git a/chrony.spec b/chrony.spec index 5401be6..d43f3be 100644 --- a/chrony.spec +++ b/chrony.spec @@ -1,5 +1,6 @@ %global _hardened_build 1 -%global clknetsim_ver 5d1dc0 +%global clknetsim_ver 633a0b +%global prerelease -pre1 %bcond_without debug %bcond_without nts @@ -8,7 +9,7 @@ %endif Name: chrony -Version: 4.5 +Version: 4.6 Release: 4%{?dist} Summary: An NTP client/server @@ -34,7 +35,7 @@ BuildRequires: gcc gcc-c++ make bison systemd gnupg2 %{?systemd_requires} %{?sysusers_requires_compat} -# Needed by the leapsectz directive in default chrony.conf +# Needed by the leapseclist directive in default chrony.conf Requires: tzdata # Old NetworkManager expects the dispatcher scripts in a different place @@ -65,7 +66,7 @@ service to other computers in the network. # review changes in packaged configuration files and scripts md5sum -c <<-EOF | (! grep -v 'OK$') 5530d6e60f84b76c27495485d2510bac examples/chrony-wait.service - 2d01b94bc1a7b7fb70cbee831488d121 examples/chrony.conf.example2 + 826354a2d467d6147e412d43bfe07484 examples/chrony.conf.example2 6a3178c4670de7de393d9365e2793740 examples/chrony.logrotate c3992e2f985550739cd1cd95f98c9548 examples/chrony.nm-dispatcher.dhcp 4e85d36595727318535af3387411070c examples/chrony.nm-dispatcher.onoffline @@ -78,10 +79,10 @@ test -n "%{vendorzone}" # use example chrony.conf as the default config with some modifications: # - use our vendor zone (2.*pool.ntp.org names include IPv6 addresses) -# - enable leapsectz to get TAI-UTC offset and leap seconds from tzdata +# - enable leapseclist to get TAI-UTC offset and leap seconds # - use NTP servers from DHCP sed -e 's|^\(pool \)\(pool.ntp.org\)|\12.%{vendorzone}\2|' \ - -e 's|#\(leapsectz\)|\1|' \ + -e 's|#\(leapseclist\)|\1|' \ -e 's|^pool.*pool.ntp.org.*|&\n\n# Use NTP servers from DHCP.\nsourcedir /run/chrony-dhcp|' \ < examples/chrony.conf.example2 > chrony.conf diff --git a/sources b/sources index 970d87e..e895b1c 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (chrony-4.5.tar.gz) = 58a449e23186da799064b16ab16f799c1673296984b152b43e87c620d86e272c55365e83439d410fc89e4e0ba0befd7d5c625eac78a6665813b7ea75444f71b5 -SHA512 (chrony-4.5-tar-gz-asc.txt) = 05470e6cc34524fdab494f70cee71d46172b38bdd4acd8173ac79fdec12178239248880db474437690094aae7909002113289ac7f9305130c5e0a1d9364122cb -SHA512 (clknetsim-5d1dc0.tar.gz) = 7d542443d7d9334d900cee821207fab1ee87e57fda6580a9d894f65fb36d265fdc4a72022b4293134d54cdeffba7e84d2f68f732f4b228b84d846d8668b314b2 +SHA512 (chrony-4.6-pre1.tar.gz) = 9d978b359ac4a6d6859f0fb2d3b6d3ed455838c2dc31d3db1b15b360a62d4f2d8dce71d1e67648658407121020880cd545a4eeb69d0df88475db778851c15cb4 +SHA512 (chrony-4.6-pre1-tar-gz-asc.txt) = c6c7147e63fc19153e230fa81e6207a08b66da39a2156dd1d26d2435abb530210d4effcd8273ee6f3eede5ef0e29d33a601190ac41881f2d65a84a51e9070211 +SHA512 (clknetsim-633a0b.tar.gz) = 6fd8f5b0f3fc74e6dcaf64fc8058ef49806b1d010c8f76223715dd87286871e6bfc1c21be9b8379d9fddbd989490a98226f550805614c4b66c3ee0477acd6b59 From 02f36b402e2900050abfea5a93e23c49c3d31672 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Tue, 30 Jul 2024 14:52:53 +0200 Subject: [PATCH 06/36] 4.6-0.1.pre1 --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index d43f3be..6e86955 100644 --- a/chrony.spec +++ b/chrony.spec @@ -10,7 +10,7 @@ Name: chrony Version: 4.6 -Release: 4%{?dist} +Release: 0.1.pre1%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -206,6 +206,9 @@ fi %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Tue Jul 30 2024 Miroslav Lichvar 4.6-0.1.pre1 +- update to 4.6-pre1 + * Wed Jul 17 2024 Fedora Release Engineering - 4.5-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild From 60a3986f3a58bac2d6cb7956d790103a52d858cd Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Mon, 2 Sep 2024 15:15:35 +0200 Subject: [PATCH 07/36] update to 4.6 --- .gitignore | 4 ++-- chrony.spec | 1 - sources | 4 ++-- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 55c253a..bde5491 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -/chrony-4.6-pre1.tar.gz -/chrony-4.6-pre1-tar-gz-asc.txt +/chrony-4.6.tar.gz +/chrony-4.6-tar-gz-asc.txt /clknetsim-633a0b.tar.gz diff --git a/chrony.spec b/chrony.spec index 6e86955..03a40e9 100644 --- a/chrony.spec +++ b/chrony.spec @@ -1,6 +1,5 @@ %global _hardened_build 1 %global clknetsim_ver 633a0b -%global prerelease -pre1 %bcond_without debug %bcond_without nts diff --git a/sources b/sources index e895b1c..5265d98 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (chrony-4.6-pre1.tar.gz) = 9d978b359ac4a6d6859f0fb2d3b6d3ed455838c2dc31d3db1b15b360a62d4f2d8dce71d1e67648658407121020880cd545a4eeb69d0df88475db778851c15cb4 -SHA512 (chrony-4.6-pre1-tar-gz-asc.txt) = c6c7147e63fc19153e230fa81e6207a08b66da39a2156dd1d26d2435abb530210d4effcd8273ee6f3eede5ef0e29d33a601190ac41881f2d65a84a51e9070211 +SHA512 (chrony-4.6.tar.gz) = 84926b6c9eb90824ab98333412b001b18de9342dacb898d195ee8de52868b1945700a8b161de6b603c231460d290e02df6712c1dcb7f034ba45754b38466c8bd +SHA512 (chrony-4.6-tar-gz-asc.txt) = f735c1d52f1474d2af656e55d3a9abfd33b4ed706b983a393c7e3852b766b5179fe4098425ee7f32bb5db4a2e4170e8c5930cf63d20884be6c0eac338a3d26db SHA512 (clknetsim-633a0b.tar.gz) = 6fd8f5b0f3fc74e6dcaf64fc8058ef49806b1d010c8f76223715dd87286871e6bfc1c21be9b8379d9fddbd989490a98226f550805614c4b66c3ee0477acd6b59 From 0ba6e157c2d66353426798a3ca7938a29d10dcb8 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Mon, 2 Sep 2024 15:16:32 +0200 Subject: [PATCH 08/36] 4.6-1 --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index 03a40e9..62acd40 100644 --- a/chrony.spec +++ b/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.6 -Release: 0.1.pre1%{?dist} +Release: 1%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -205,6 +205,9 @@ fi %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Mon Sep 02 2024 Miroslav Lichvar 4.6-1 +- update to 4.6 + * Tue Jul 30 2024 Miroslav Lichvar 4.6-0.1.pre1 - update to 4.6-pre1 From bf7e96a93b94fecec55462ce210d8c1458b11ea6 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Mon, 2 Sep 2024 16:28:18 +0200 Subject: [PATCH 09/36] update clknetsim to fix %check on i686 --- .gitignore | 2 +- chrony.spec | 2 +- sources | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index bde5491..c02a352 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ /chrony-4.6.tar.gz /chrony-4.6-tar-gz-asc.txt -/clknetsim-633a0b.tar.gz +/clknetsim-64df92.tar.gz diff --git a/chrony.spec b/chrony.spec index 62acd40..98445d3 100644 --- a/chrony.spec +++ b/chrony.spec @@ -1,5 +1,5 @@ %global _hardened_build 1 -%global clknetsim_ver 633a0b +%global clknetsim_ver 64df92 %bcond_without debug %bcond_without nts diff --git a/sources b/sources index 5265d98..d1a6a50 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ SHA512 (chrony-4.6.tar.gz) = 84926b6c9eb90824ab98333412b001b18de9342dacb898d195ee8de52868b1945700a8b161de6b603c231460d290e02df6712c1dcb7f034ba45754b38466c8bd SHA512 (chrony-4.6-tar-gz-asc.txt) = f735c1d52f1474d2af656e55d3a9abfd33b4ed706b983a393c7e3852b766b5179fe4098425ee7f32bb5db4a2e4170e8c5930cf63d20884be6c0eac338a3d26db -SHA512 (clknetsim-633a0b.tar.gz) = 6fd8f5b0f3fc74e6dcaf64fc8058ef49806b1d010c8f76223715dd87286871e6bfc1c21be9b8379d9fddbd989490a98226f550805614c4b66c3ee0477acd6b59 +SHA512 (clknetsim-64df92.tar.gz) = 3253e6823b66f23f63203aad0ea22c25cf9d1f5af789722662f4d383111cb2c1816cb23d2fa06171a65b102ae82a5371376becb029d7c9b163b0aee710374c02 From 73179b1fbd3f2e049997a996781663b4ecb1ad87 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Mon, 2 Sep 2024 16:29:00 +0200 Subject: [PATCH 10/36] 4.6-1 From 9999104b0943393d25de12a148cbdb03d8b4d649 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Tue, 8 Oct 2024 15:39:55 +0200 Subject: [PATCH 11/36] update to 4.6.1 --- .gitignore | 4 ++-- chrony.spec | 2 +- sources | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index c02a352..04fffa0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -/chrony-4.6.tar.gz -/chrony-4.6-tar-gz-asc.txt +/chrony-4.6.1.tar.gz +/chrony-4.6.1-tar-gz-asc.txt /clknetsim-64df92.tar.gz diff --git a/chrony.spec b/chrony.spec index 98445d3..125cc4a 100644 --- a/chrony.spec +++ b/chrony.spec @@ -8,7 +8,7 @@ %endif Name: chrony -Version: 4.6 +Version: 4.6.1 Release: 1%{?dist} Summary: An NTP client/server diff --git a/sources b/sources index d1a6a50..a3dab97 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (chrony-4.6.tar.gz) = 84926b6c9eb90824ab98333412b001b18de9342dacb898d195ee8de52868b1945700a8b161de6b603c231460d290e02df6712c1dcb7f034ba45754b38466c8bd -SHA512 (chrony-4.6-tar-gz-asc.txt) = f735c1d52f1474d2af656e55d3a9abfd33b4ed706b983a393c7e3852b766b5179fe4098425ee7f32bb5db4a2e4170e8c5930cf63d20884be6c0eac338a3d26db +SHA512 (chrony-4.6.1.tar.gz) = 646ae08f2587366236796f2399d8ab3eb570979e0d82f5d13f5cec49939054c876cc93dc20c8d38e105fd3500e1720d05a223a15076783cd882d0de43afd9c7e +SHA512 (chrony-4.6.1-tar-gz-asc.txt) = 992b706636bf3a7eb6d502562a4990c9d8e20e5f3011d2cdb2ceb32220e9a1c2bfa6eca767212cee49b811823872602dc33f9e7201a7f9a93cc9c90e81b1db49 SHA512 (clknetsim-64df92.tar.gz) = 3253e6823b66f23f63203aad0ea22c25cf9d1f5af789722662f4d383111cb2c1816cb23d2fa06171a65b102ae82a5371376becb029d7c9b163b0aee710374c02 From efe2d99a073e9515ac7fe6145f33c9247539b432 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Tue, 8 Oct 2024 15:42:45 +0200 Subject: [PATCH 12/36] 4.6.1-1 --- chrony.spec | 3 +++ 1 file changed, 3 insertions(+) diff --git a/chrony.spec b/chrony.spec index 125cc4a..391bff2 100644 --- a/chrony.spec +++ b/chrony.spec @@ -205,6 +205,9 @@ fi %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Tue Oct 08 2024 Miroslav Lichvar 4.6.1-1 +- update to 4.6.1 + * Mon Sep 02 2024 Miroslav Lichvar 4.6-1 - update to 4.6 From 0aae5f7bf1ce7d871adec9ab714299a69b03ad57 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 16 Jan 2025 13:43:18 +0000 Subject: [PATCH 13/36] Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index 391bff2..3a4449a 100644 --- a/chrony.spec +++ b/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.6.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -205,6 +205,9 @@ fi %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Thu Jan 16 2025 Fedora Release Engineering - 4.6.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + * Tue Oct 08 2024 Miroslav Lichvar 4.6.1-1 - update to 4.6.1 From 18b59b582787633bac1fe86ec032536c38485d0c Mon Sep 17 00:00:00 2001 From: Ondrej Mejzlik Date: Tue, 1 Oct 2024 12:13:30 +0200 Subject: [PATCH 14/36] Update plans and gating --- gating.yaml | 14 +++++------- plans.fmf | 47 ++++++++++++++++++++++++++++++++++++++++ plans/public.fmf | 6 ----- plans/tier1-internal.fmf | 12 ---------- 4 files changed, 53 insertions(+), 26 deletions(-) create mode 100644 plans.fmf delete mode 100644 plans/public.fmf delete mode 100644 plans/tier1-internal.fmf diff --git a/gating.yaml b/gating.yaml index de5c323..1b16508 100644 --- a/gating.yaml +++ b/gating.yaml @@ -4,8 +4,8 @@ product_versions: decision_context: bodhi_update_push_testing subject_type: koji_build rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/public.functional} - + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional} + #Rawhide --- !Policy product_versions: @@ -13,15 +13,13 @@ product_versions: decision_context: bodhi_update_push_stable subject_type: koji_build rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/public.functional} - + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional} + #gating rhel --- !Policy product_versions: - rhel-* decision_context: osci_compose_gate rules: - - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional} - - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation} - - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional} - - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/public.functional} + - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-public.functional} + - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional} \ No newline at end of file diff --git a/plans.fmf b/plans.fmf new file mode 100644 index 0000000..661c046 --- /dev/null +++ b/plans.fmf @@ -0,0 +1,47 @@ +/tier1-internal: + plan: + import: + url: https://src.fedoraproject.org/tests/chrony.git + name: /plans/tier1/internal + adjust: + enabled: false + when: distro == centos-stream, fedora + because: They don't have access to internal repos. + +/tier1-public: + plan: + import: + url: https://src.fedoraproject.org/tests/chrony.git + name: /plans/tier1/public + +/tier2-tier3-internal: + plan: + import: + url: https://src.fedoraproject.org/tests/chrony.git + name: /plans/tier2-tier3/internal + adjust: + enabled: false + when: distro == centos-stream, fedora + because: They don't have access to internal repos. + +/tier2-tier3-public: + plan: + import: + url: https://src.fedoraproject.org/tests/chrony.git + name: /plans/tier2-tier3/public + +/others-internal: + plan: + import: + url: https://src.fedoraproject.org/tests/chrony.git + name: /plans/others/internal + adjust: + enabled: false + when: distro == centos-stream, fedora + because: They don't have access to internal repos. + +/others-public: + plan: + import: + url: https://src.fedoraproject.org/tests/chrony.git + name: /plans/others/public diff --git a/plans/public.fmf b/plans/public.fmf deleted file mode 100644 index cff1391..0000000 --- a/plans/public.fmf +++ /dev/null @@ -1,6 +0,0 @@ -summary: Test plan with all Fedora tests -discover: - how: fmf - url: https://src.fedoraproject.org/tests/chrony.git -execute: - how: tmt diff --git a/plans/tier1-internal.fmf b/plans/tier1-internal.fmf deleted file mode 100644 index 9714336..0000000 --- a/plans/tier1-internal.fmf +++ /dev/null @@ -1,12 +0,0 @@ -summary: CI plan, picks internal Tier1 tests, runs in beakerlib. -discover: - - name: rhel - how: fmf - filter: 'tier: 1' - url: git://pkgs.devel.redhat.com/tests/chrony -execute: - how: tmt -adjust: - enabled: false - when: distro == centos-stream, fedora - because: They don't have access to internal repos. From 8f77afe47e9dd596174ba2ed6a4914efea889189 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Wed, 21 May 2025 14:45:46 +0200 Subject: [PATCH 15/36] update to 4.7-pre1 --- .gitignore | 6 +++--- chrony.spec | 9 +++++---- sources | 6 +++--- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/.gitignore b/.gitignore index 04fffa0..96c8228 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -/chrony-4.6.1.tar.gz -/chrony-4.6.1-tar-gz-asc.txt -/clknetsim-64df92.tar.gz +/chrony-4.7-pre1-tar-gz-asc.txt +/chrony-4.7-pre1.tar.gz +/clknetsim-d60afc.tar.gz diff --git a/chrony.spec b/chrony.spec index 3a4449a..063693c 100644 --- a/chrony.spec +++ b/chrony.spec @@ -1,5 +1,6 @@ %global _hardened_build 1 -%global clknetsim_ver 64df92 +%global clknetsim_ver d60afc +%global prerelease -pre1 %bcond_without debug %bcond_without nts @@ -8,7 +9,7 @@ %endif Name: chrony -Version: 4.6.1 +Version: 4.7 Release: 2%{?dist} Summary: An NTP client/server @@ -69,8 +70,8 @@ md5sum -c <<-EOF | (! grep -v 'OK$') 6a3178c4670de7de393d9365e2793740 examples/chrony.logrotate c3992e2f985550739cd1cd95f98c9548 examples/chrony.nm-dispatcher.dhcp 4e85d36595727318535af3387411070c examples/chrony.nm-dispatcher.onoffline - c11159b78b89684eca773db6236a9855 examples/chronyd.service - 46fa3e2d42c8eb9c42e71095686c90ed examples/chronyd-restricted.service + 274a44cd51981d6d4d3a44dfc92c94ab examples/chronyd.service + 5ddbb8a8055f587cb6b0b462ca73ea46 examples/chronyd-restricted.service EOF # don't allow packaging without vendor zone diff --git a/sources b/sources index a3dab97..4931309 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (chrony-4.6.1.tar.gz) = 646ae08f2587366236796f2399d8ab3eb570979e0d82f5d13f5cec49939054c876cc93dc20c8d38e105fd3500e1720d05a223a15076783cd882d0de43afd9c7e -SHA512 (chrony-4.6.1-tar-gz-asc.txt) = 992b706636bf3a7eb6d502562a4990c9d8e20e5f3011d2cdb2ceb32220e9a1c2bfa6eca767212cee49b811823872602dc33f9e7201a7f9a93cc9c90e81b1db49 -SHA512 (clknetsim-64df92.tar.gz) = 3253e6823b66f23f63203aad0ea22c25cf9d1f5af789722662f4d383111cb2c1816cb23d2fa06171a65b102ae82a5371376becb029d7c9b163b0aee710374c02 +SHA512 (chrony-4.7-pre1-tar-gz-asc.txt) = 6180dfede6bc2d11b4b8a9f2708b306faecdf2f6c92552c52c222b8fe09210aa770ec28c9272a1105ea6716e66553e606dbb00077bce061c6faaf65e1ce2bbf9 +SHA512 (chrony-4.7-pre1.tar.gz) = 9f83887d9771a409edd812046a4b1b7e11966d02a99806d48442a52441ee41a7043a75987e29414b04ddb8ff82dedd0b7646135961f6532cc173c52c01c600c1 +SHA512 (clknetsim-d60afc.tar.gz) = 9fff0dc7c089169158926741860c933fa4fc6eda68c100a54ead137b294ec94b0a6fccb0e3f86abfed274b38621e89b49f3e1ad96fd9bed48a79fabcc0d0ba5f From 3b9d8b1213423834a2e59e5831b2ee429216961a Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Wed, 21 May 2025 14:47:16 +0200 Subject: [PATCH 16/36] 4.7-0.1.pre1 --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index 063693c..144ff7c 100644 --- a/chrony.spec +++ b/chrony.spec @@ -10,7 +10,7 @@ Name: chrony Version: 4.7 -Release: 2%{?dist} +Release: 0.1.pre1%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -206,6 +206,9 @@ fi %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Wed May 21 2025 Miroslav Lichvar 4.7-0.1.pre1 +- update to 4.7-pre1 + * Thu Jan 16 2025 Fedora Release Engineering - 4.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild From 5d99ee337f23f4e09fa4f7f669fa007629176ad9 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Thu, 22 May 2025 14:40:19 +0200 Subject: [PATCH 17/36] add workaround for broken build on aarch64 --- chrony.spec | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/chrony.spec b/chrony.spec index 144ff7c..1f023cb 100644 --- a/chrony.spec +++ b/chrony.spec @@ -98,6 +98,10 @@ rm -f getdate.c mv clknetsim-*-%{clknetsim_ver}* test/simulation/clknetsim %build +%ifarch aarch64 +# workaround for bug #2367978 +CFLAGS="$RPM_OPT_FLAGS -fno-inline" +%endif %configure \ %{?with_debug: --enable-debug} \ --enable-ntp-signd \ From 969143e1d65cdfd02a88360aed91f0f6adc6c324 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Thu, 22 May 2025 14:40:43 +0200 Subject: [PATCH 18/36] 4.7-0.2.pre1 --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index 1f023cb..34ffc37 100644 --- a/chrony.spec +++ b/chrony.spec @@ -10,7 +10,7 @@ Name: chrony Version: 4.7 -Release: 0.1.pre1%{?dist} +Release: 0.2.pre1%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -210,6 +210,9 @@ fi %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Thu May 22 2025 Miroslav Lichvar 4.7-0.2.pre1 +- add workaround for broken build on aarch64 + * Wed May 21 2025 Miroslav Lichvar 4.7-0.1.pre1 - update to 4.7-pre1 From d17bcd6d55f045f7ea7924dcd6d4c9b060bbf9e2 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Wed, 11 Jun 2025 15:46:31 +0200 Subject: [PATCH 19/36] update to 4.7 --- .gitignore | 6 +++--- chrony.spec | 5 ++--- sources | 6 +++--- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index 96c8228..2414820 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -/chrony-4.7-pre1-tar-gz-asc.txt -/chrony-4.7-pre1.tar.gz -/clknetsim-d60afc.tar.gz +/chrony-4.7.tar.gz +/chrony-4.7-tar-gz-asc.txt +/clknetsim-83cf9c.tar.gz diff --git a/chrony.spec b/chrony.spec index 34ffc37..440c600 100644 --- a/chrony.spec +++ b/chrony.spec @@ -1,6 +1,5 @@ %global _hardened_build 1 -%global clknetsim_ver d60afc -%global prerelease -pre1 +%global clknetsim_ver 83cf9c %bcond_without debug %bcond_without nts @@ -66,7 +65,7 @@ service to other computers in the network. # review changes in packaged configuration files and scripts md5sum -c <<-EOF | (! grep -v 'OK$') 5530d6e60f84b76c27495485d2510bac examples/chrony-wait.service - 826354a2d467d6147e412d43bfe07484 examples/chrony.conf.example2 + 3f2ddca6065c3e8f4565d7422739795a examples/chrony.conf.example2 6a3178c4670de7de393d9365e2793740 examples/chrony.logrotate c3992e2f985550739cd1cd95f98c9548 examples/chrony.nm-dispatcher.dhcp 4e85d36595727318535af3387411070c examples/chrony.nm-dispatcher.onoffline diff --git a/sources b/sources index 4931309..f03173e 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (chrony-4.7-pre1-tar-gz-asc.txt) = 6180dfede6bc2d11b4b8a9f2708b306faecdf2f6c92552c52c222b8fe09210aa770ec28c9272a1105ea6716e66553e606dbb00077bce061c6faaf65e1ce2bbf9 -SHA512 (chrony-4.7-pre1.tar.gz) = 9f83887d9771a409edd812046a4b1b7e11966d02a99806d48442a52441ee41a7043a75987e29414b04ddb8ff82dedd0b7646135961f6532cc173c52c01c600c1 -SHA512 (clknetsim-d60afc.tar.gz) = 9fff0dc7c089169158926741860c933fa4fc6eda68c100a54ead137b294ec94b0a6fccb0e3f86abfed274b38621e89b49f3e1ad96fd9bed48a79fabcc0d0ba5f +SHA512 (chrony-4.7.tar.gz) = 419594ab8ff0fd42acaf6e4ca1a011d5cf87c8d90ab040e90bb004b43570888329531593f073fb7c5a1093b5754d61c1ae6034d0b86660e4dc37d42ee0f30623 +SHA512 (chrony-4.7-tar-gz-asc.txt) = c2351e6e624f60e82973bddd5cb1d84c90ee5e862d7d24dfc2b7a8f60a6a948f7446c9b7d68c5e72be4afccbd5d8f572141a4e0bde9cfeefc59aebb7e4fc74e1 +SHA512 (clknetsim-83cf9c.tar.gz) = 2ffef556fc1edc3e19d44773ca550e9ac87889951a0162828238eab7dbd0586b46d16708d6a95a56aae8485acade1db5d16f7463362da00cb1d40cff394364e9 From fcb1dcbf532fec8ef5dbd6d3492125d233863e3b Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Wed, 11 Jun 2025 15:51:50 +0200 Subject: [PATCH 20/36] 4.7-1 --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index 440c600..775150a 100644 --- a/chrony.spec +++ b/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.7 -Release: 0.2.pre1%{?dist} +Release: 1%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -209,6 +209,9 @@ fi %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Wed Jun 11 2025 Miroslav Lichvar 4.7-1 +- update to 4.7 + * Thu May 22 2025 Miroslav Lichvar 4.7-0.2.pre1 - add workaround for broken build on aarch64 From 0de03083074a9787d1848551e5c44d0dd9db6814 Mon Sep 17 00:00:00 2001 From: Ondrej Mejzlik Date: Wed, 18 Jun 2025 20:38:17 +0200 Subject: [PATCH 21/36] Testing moves to RH gitlab centos-stream space --- plans.fmf | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/plans.fmf b/plans.fmf index 661c046..c28aa6f 100644 --- a/plans.fmf +++ b/plans.fmf @@ -1,7 +1,7 @@ /tier1-internal: plan: import: - url: https://src.fedoraproject.org/tests/chrony.git + url: https://gitlab.com/redhat/centos-stream/tests/chrony.git name: /plans/tier1/internal adjust: enabled: false @@ -11,13 +11,13 @@ /tier1-public: plan: import: - url: https://src.fedoraproject.org/tests/chrony.git + url: https://gitlab.com/redhat/centos-stream/tests/chrony.git name: /plans/tier1/public /tier2-tier3-internal: plan: import: - url: https://src.fedoraproject.org/tests/chrony.git + url: https://gitlab.com/redhat/centos-stream/tests/chrony.git name: /plans/tier2-tier3/internal adjust: enabled: false @@ -27,13 +27,13 @@ /tier2-tier3-public: plan: import: - url: https://src.fedoraproject.org/tests/chrony.git + url: https://gitlab.com/redhat/centos-stream/tests/chrony.git name: /plans/tier2-tier3/public /others-internal: plan: import: - url: https://src.fedoraproject.org/tests/chrony.git + url: https://gitlab.com/redhat/centos-stream/tests/chrony.git name: /plans/others/internal adjust: enabled: false @@ -43,5 +43,5 @@ /others-public: plan: import: - url: https://src.fedoraproject.org/tests/chrony.git + url: https://gitlab.com/redhat/centos-stream/tests/chrony.git name: /plans/others/public From 70a42e2391e14b3a9294e7f7c3cd162a6c244b1d Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Thu, 10 Jul 2025 11:49:16 +0200 Subject: [PATCH 22/36] drop old conflict with NetworkManager --- chrony.spec | 3 --- 1 file changed, 3 deletions(-) diff --git a/chrony.spec b/chrony.spec index 775150a..e7467b5 100644 --- a/chrony.spec +++ b/chrony.spec @@ -37,9 +37,6 @@ BuildRequires: gcc gcc-c++ make bison systemd gnupg2 # Needed by the leapseclist directive in default chrony.conf Requires: tzdata -# Old NetworkManager expects the dispatcher scripts in a different place -Conflicts: NetworkManager < 1.20 - # suggest drivers for hardware reference clocks Suggests: ntp-refclock From 53321f84b8e15e39e3483fcc5f396bc4e4244e42 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Thu, 10 Jul 2025 13:22:54 +0200 Subject: [PATCH 23/36] let systemd create /var/lib/chrony and /var/log/chrony (#2372944) Specify the directories in the chronyd unit file, so they don't have to exist before starting the service and rpm doesn't need to create any non-root directories/files. --- chrony-servicedirs.patch | 18 ++++++++++++++++++ chrony.spec | 9 ++++++--- 2 files changed, 24 insertions(+), 3 deletions(-) create mode 100644 chrony-servicedirs.patch diff --git a/chrony-servicedirs.patch b/chrony-servicedirs.patch new file mode 100644 index 0000000..e806dc9 --- /dev/null +++ b/chrony-servicedirs.patch @@ -0,0 +1,18 @@ +diff -up chrony-4.7/examples/chronyd.service.servicedirs chrony-4.7/examples/chronyd.service +--- chrony-4.7/examples/chronyd.service.servicedirs 2025-06-11 15:06:19.000000000 +0200 ++++ chrony-4.7/examples/chronyd.service 2025-07-10 12:06:57.354215498 +0200 +@@ -10,7 +10,13 @@ Type=notify + PIDFile=/run/chrony/chronyd.pid + Environment="OPTIONS=" + EnvironmentFile=-/etc/sysconfig/chronyd +-ExecStart=/usr/sbin/chronyd -n $OPTIONS ++ExecStart=!/usr/sbin/chronyd -n $OPTIONS ++ ++User=chrony ++LogsDirectory=chrony ++LogsDirectoryMode=0750 ++StateDirectory=chrony ++StateDirectoryMode=0750 + + CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE + CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_KILL CAP_LEASE CAP_LINUX_IMMUTABLE diff --git a/chrony.spec b/chrony.spec index e7467b5..c038549 100644 --- a/chrony.spec +++ b/chrony.spec @@ -25,6 +25,8 @@ Source10: https://gitlab.com/chrony/clknetsim/-/archive/master/clknetsim-% # add distribution-specific bits to DHCP dispatcher Patch1: chrony-nm-dispatcher-dhcp.patch +# let systemd create /var/lib/chrony and /var/log/chrony +Patch2: chrony-servicedirs.patch BuildRequires: libcap-devel libedit-devel nettle-devel pps-tools-devel BuildRequires: gcc gcc-c++ make bison systemd gnupg2 @@ -56,6 +58,7 @@ service to other computers in the network. %setup -q -n %{name}-%{version}%{?prerelease} -a 10 %{?gitpatch:%patch -P 0 -p1} %patch -P 1 -p1 -b .nm-dispatcher-dhcp +%patch -P 2 -p1 -b .servicedirs %{?gitpatch: echo %{version}-%{gitpatch} > version.txt} @@ -66,7 +69,7 @@ md5sum -c <<-EOF | (! grep -v 'OK$') 6a3178c4670de7de393d9365e2793740 examples/chrony.logrotate c3992e2f985550739cd1cd95f98c9548 examples/chrony.nm-dispatcher.dhcp 4e85d36595727318535af3387411070c examples/chrony.nm-dispatcher.onoffline - 274a44cd51981d6d4d3a44dfc92c94ab examples/chronyd.service + 607c82f56639486f52c31105632909eb examples/chronyd.service 5ddbb8a8055f587cb6b0b462ca73ea46 examples/chronyd-restricted.service EOF @@ -200,10 +203,10 @@ fi %{_unitdir}/chrony*.service %{_sysusersdir}/chrony.conf %{_mandir}/man[158]/%{name}*.[158]* -%dir %attr(750,chrony,chrony) %{_localstatedir}/lib/chrony +%ghost %dir %attr(750,chrony,chrony) %{_localstatedir}/lib/chrony %ghost %attr(-,chrony,chrony) %{_localstatedir}/lib/chrony/drift %ghost %attr(-,chrony,chrony) %{_localstatedir}/lib/chrony/rtc -%dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony +%ghost %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog * Wed Jun 11 2025 Miroslav Lichvar 4.7-1 From 98c501e504b72d90c688982295bfb850f955d74a Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Thu, 10 Jul 2025 14:02:11 +0200 Subject: [PATCH 24/36] drop workaround for broken build on aarch64 --- chrony.spec | 4 ---- 1 file changed, 4 deletions(-) diff --git a/chrony.spec b/chrony.spec index c038549..6d8a713 100644 --- a/chrony.spec +++ b/chrony.spec @@ -97,10 +97,6 @@ rm -f getdate.c mv clknetsim-*-%{clknetsim_ver}* test/simulation/clknetsim %build -%ifarch aarch64 -# workaround for bug #2367978 -CFLAGS="$RPM_OPT_FLAGS -fno-inline" -%endif %configure \ %{?with_debug: --enable-debug} \ --enable-ntp-signd \ From 58b9f12d345dde8b0eca270f97325b4e1f6df115 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Thu, 10 Jul 2025 14:02:56 +0200 Subject: [PATCH 25/36] 4.7-2 --- chrony.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index 6d8a713..887c864 100644 --- a/chrony.spec +++ b/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.7 -Release: 1%{?dist} +Release: 2%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -205,6 +205,11 @@ fi %ghost %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Thu Jul 10 2025 Miroslav Lichvar 4.7-2 +- let systemd create /var/lib/chrony and /var/log/chrony (#2372944) +- drop workaround for broken build on aarch64 +- drop old conflict with NetworkManager + * Wed Jun 11 2025 Miroslav Lichvar 4.7-1 - update to 4.7 From 71344384222ce47b080842ea020f1124d066ef7c Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 23 Jul 2025 18:17:48 +0000 Subject: [PATCH 26/36] Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index 887c864..410ce4b 100644 --- a/chrony.spec +++ b/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.7 -Release: 2%{?dist} +Release: 3%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -205,6 +205,9 @@ fi %ghost %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Wed Jul 23 2025 Fedora Release Engineering - 4.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + * Thu Jul 10 2025 Miroslav Lichvar 4.7-2 - let systemd create /var/lib/chrony and /var/log/chrony (#2372944) - drop workaround for broken build on aarch64 From 1db87bbe8dd549a2b29a496f63b5cb39a2000ac8 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Thu, 14 Aug 2025 16:32:02 +0200 Subject: [PATCH 27/36] update to 4.8-pre1 --- .gitignore | 6 +++--- chrony.spec | 5 +++-- sources | 6 +++--- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 2414820..bdfdbf2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -/chrony-4.7.tar.gz -/chrony-4.7-tar-gz-asc.txt -/clknetsim-83cf9c.tar.gz +/chrony-4.8-pre1-tar-gz-asc.txt +/chrony-4.8-pre1.tar.gz +/clknetsim-a2eb0b258f8b.tar.gz diff --git a/chrony.spec b/chrony.spec index 410ce4b..aa51417 100644 --- a/chrony.spec +++ b/chrony.spec @@ -1,5 +1,6 @@ %global _hardened_build 1 -%global clknetsim_ver 83cf9c +%global prerelease -pre1 +%global clknetsim_ver a2eb0b258f8b %bcond_without debug %bcond_without nts @@ -8,7 +9,7 @@ %endif Name: chrony -Version: 4.7 +Version: 4.8 Release: 3%{?dist} Summary: An NTP client/server diff --git a/sources b/sources index f03173e..bdf667b 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (chrony-4.7.tar.gz) = 419594ab8ff0fd42acaf6e4ca1a011d5cf87c8d90ab040e90bb004b43570888329531593f073fb7c5a1093b5754d61c1ae6034d0b86660e4dc37d42ee0f30623 -SHA512 (chrony-4.7-tar-gz-asc.txt) = c2351e6e624f60e82973bddd5cb1d84c90ee5e862d7d24dfc2b7a8f60a6a948f7446c9b7d68c5e72be4afccbd5d8f572141a4e0bde9cfeefc59aebb7e4fc74e1 -SHA512 (clknetsim-83cf9c.tar.gz) = 2ffef556fc1edc3e19d44773ca550e9ac87889951a0162828238eab7dbd0586b46d16708d6a95a56aae8485acade1db5d16f7463362da00cb1d40cff394364e9 +SHA512 (chrony-4.8-pre1-tar-gz-asc.txt) = 0daafd987e46d720c42bbe4de13f5a293feabb3e239c9caf90146197b8444504cf45efc2078f431e745fae52e222937f9d48da496b091372fe4301a3f8726983 +SHA512 (chrony-4.8-pre1.tar.gz) = 2e76fd523fbeaa31bcbecbe2a16105e4fa103751753f0d05e2d2fcfaed62dbd4e023b559e97a44b28756b3ae7bc5d0873a787f09eb760da6a00d8184eedc03ad +SHA512 (clknetsim-a2eb0b258f8b.tar.gz) = 88996d4652b73b603caf9387b030c8406e7bc015443bb4b348c4a626882a0b42398dbcefa971fc8ba02dcdc0a79171ea63cadc13c518961b66901fecbee7c8e3 From 283f2dad2f7e8f492a7582b83106c8bec90aa9e0 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Thu, 14 Aug 2025 16:33:01 +0200 Subject: [PATCH 28/36] 4.8-0.1.pre1 --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index aa51417..c5d2aaa 100644 --- a/chrony.spec +++ b/chrony.spec @@ -10,7 +10,7 @@ Name: chrony Version: 4.8 -Release: 3%{?dist} +Release: 0.1.pre1%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -206,6 +206,9 @@ fi %ghost %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Thu Aug 14 2025 Miroslav Lichvar 4.8-0.1.pre1 +- update to 4.8-pre1 + * Wed Jul 23 2025 Fedora Release Engineering - 4.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild From b9e07af77919a639d95c7ae1b533c3865f6c1b9e Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Wed, 27 Aug 2025 14:47:58 +0200 Subject: [PATCH 29/36] update to 4.8 --- .gitignore | 6 +++--- chrony.spec | 3 +-- sources | 6 +++--- 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index bdfdbf2..4d608e1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -/chrony-4.8-pre1-tar-gz-asc.txt -/chrony-4.8-pre1.tar.gz -/clknetsim-a2eb0b258f8b.tar.gz +/chrony-4.8-tar-gz-asc.txt +/chrony-4.8.tar.gz +/clknetsim-6ee99f50dec8.tar.gz diff --git a/chrony.spec b/chrony.spec index c5d2aaa..708d57b 100644 --- a/chrony.spec +++ b/chrony.spec @@ -1,6 +1,5 @@ %global _hardened_build 1 -%global prerelease -pre1 -%global clknetsim_ver a2eb0b258f8b +%global clknetsim_ver 6ee99f50dec8 %bcond_without debug %bcond_without nts diff --git a/sources b/sources index bdf667b..35a8415 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (chrony-4.8-pre1-tar-gz-asc.txt) = 0daafd987e46d720c42bbe4de13f5a293feabb3e239c9caf90146197b8444504cf45efc2078f431e745fae52e222937f9d48da496b091372fe4301a3f8726983 -SHA512 (chrony-4.8-pre1.tar.gz) = 2e76fd523fbeaa31bcbecbe2a16105e4fa103751753f0d05e2d2fcfaed62dbd4e023b559e97a44b28756b3ae7bc5d0873a787f09eb760da6a00d8184eedc03ad -SHA512 (clknetsim-a2eb0b258f8b.tar.gz) = 88996d4652b73b603caf9387b030c8406e7bc015443bb4b348c4a626882a0b42398dbcefa971fc8ba02dcdc0a79171ea63cadc13c518961b66901fecbee7c8e3 +SHA512 (chrony-4.8-tar-gz-asc.txt) = df7f4e06f74a4b8c9a49e8fe57ea02e0324c5683d036412c32192a09f08e08f33537609cef8df0b4302bfcd63332b3092f33f40c8d02857c93ecea13822b5b47 +SHA512 (chrony-4.8.tar.gz) = 949b796bb34db32a5c1b9e6b53be6a22e51c59f24a316d585b8a52a52ab1f61bdf0378dc58b282bb0ba4fac1f05e1e99fbe37cb4259aa2b359e7bf679c176aab +SHA512 (clknetsim-6ee99f50dec8.tar.gz) = 2621d1c44b84b42fcdf644f236ff90dab9f8a8407a138c8719c53dd9c4f21480db3b4ba598116aa1b9d6bd1fa02fc410d85a43baf55ddf8ad47fc09aba4c4477 From fbf4abe9539130145f2c6266b609cc388ed8eb42 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Wed, 27 Aug 2025 14:48:58 +0200 Subject: [PATCH 30/36] 4.8-1 --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index 708d57b..afe2248 100644 --- a/chrony.spec +++ b/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.8 -Release: 0.1.pre1%{?dist} +Release: 1%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -205,6 +205,9 @@ fi %ghost %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Wed Aug 27 2025 Miroslav Lichvar 4.8-1 +- update to 4.8 + * Thu Aug 14 2025 Miroslav Lichvar 4.8-0.1.pre1 - update to 4.8-pre1 From 95665ab0604acc9eb35e821ae580d6af41236047 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Mon, 8 Sep 2025 10:06:24 +0200 Subject: [PATCH 31/36] drop root privileges in chronyc by default Use the new configure option added in chrony-4.8 to change the default chronyc user to chrony. If chronyc is started under root, it will switch to the chrony user automatically to minimize impact of potential security issues. This shouldn't be visible to the user, but if for some reason the original behavior is required, "-u root" can be added to the chronyc command line. --- chrony.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/chrony.spec b/chrony.spec index afe2248..02fc8a8 100644 --- a/chrony.spec +++ b/chrony.spec @@ -105,6 +105,7 @@ mv clknetsim-*-%{clknetsim_ver}* test/simulation/clknetsim --chronyrundir=/run/chrony \ --docdir=%{_docdir} \ --with-ntp-era=$(date -d '1970-01-01 00:00:00+00:00' +'%s') \ + --with-chronyc-user=chrony \ --with-user=chrony \ --with-hwclockfile=%{_sysconfdir}/adjtime \ --with-pidfile=/run/chrony/chronyd.pid \ From 9c685eb118a6f049a5a253cd9b76daf008a2dd3a Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Mon, 8 Sep 2025 10:10:54 +0200 Subject: [PATCH 32/36] 4.8-2 --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index 02fc8a8..5da1033 100644 --- a/chrony.spec +++ b/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.8 -Release: 1%{?dist} +Release: 2%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -206,6 +206,9 @@ fi %ghost %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Mon Sep 08 2025 Miroslav Lichvar 4.8-2 +- drop root privileges in chronyc by default + * Wed Aug 27 2025 Miroslav Lichvar 4.8-1 - update to 4.8 From 57f2f4a8c160f18d4a544be5ab0f216771368c1c Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Tue, 21 Oct 2025 14:26:44 +0200 Subject: [PATCH 33/36] update seccomp filter for new glibc (#2405310) --- chrony-seccomp.patch | 35 +++++++++++++++++++++++++++++++++++ chrony.spec | 3 +++ 2 files changed, 38 insertions(+) create mode 100644 chrony-seccomp.patch diff --git a/chrony-seccomp.patch b/chrony-seccomp.patch new file mode 100644 index 0000000..af9f775 --- /dev/null +++ b/chrony-seccomp.patch @@ -0,0 +1,35 @@ +commit 03875f1ea5c4c0eeeb30a7d1fc5fdd53236f4ac2 +Author: Miroslav Lichvar +Date: Tue Oct 21 14:06:38 2025 +0200 + + sys_linux: allow ioctl(TCGETS2) in seccomp filter + + Add TCGETS2 to the list of allowed ioctls. It seems to be called by the + latest glibc version from isatty(), which is called from libpcsclite + used by gnutls in an NTS-KE session. + + Include the linux termios header instead of glibc header to get a usable + definition of TCGETS2. + +diff --git a/sys_linux.c b/sys_linux.c +index ca5540f2..e20e459d 100644 +--- a/sys_linux.c ++++ b/sys_linux.c +@@ -48,7 +48,7 @@ + #ifdef FEAT_SCFILTER + #include + #include +-#include ++#include + #ifdef FEAT_PPS + #include + #endif +@@ -615,7 +615,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) + const static int fcntls[] = { F_GETFD, F_SETFD, F_GETFL, F_SETFL }; + + const static unsigned long ioctls[] = { +- FIONREAD, TCGETS, TIOCGWINSZ, ++ FIONREAD, TCGETS, TCGETS2, TIOCGWINSZ, + #if defined(FEAT_PHC) || defined(HAVE_LINUX_TIMESTAMPING) + PTP_EXTTS_REQUEST, PTP_SYS_OFFSET, + #ifdef PTP_PIN_SETFUNC diff --git a/chrony.spec b/chrony.spec index 5da1033..78da102 100644 --- a/chrony.spec +++ b/chrony.spec @@ -27,6 +27,8 @@ Source10: https://gitlab.com/chrony/clknetsim/-/archive/master/clknetsim-% Patch1: chrony-nm-dispatcher-dhcp.patch # let systemd create /var/lib/chrony and /var/log/chrony Patch2: chrony-servicedirs.patch +# update seccomp filter for new glibc +Patch3: chrony-seccomp.patch BuildRequires: libcap-devel libedit-devel nettle-devel pps-tools-devel BuildRequires: gcc gcc-c++ make bison systemd gnupg2 @@ -59,6 +61,7 @@ service to other computers in the network. %{?gitpatch:%patch -P 0 -p1} %patch -P 1 -p1 -b .nm-dispatcher-dhcp %patch -P 2 -p1 -b .servicedirs +%patch -P 3 -p1 -b .seccomp %{?gitpatch: echo %{version}-%{gitpatch} > version.txt} From ed7a59c023170d91a880b2bd979b5ac8e494e8d0 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Tue, 21 Oct 2025 14:34:19 +0200 Subject: [PATCH 34/36] 4.8-3 --- chrony.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/chrony.spec b/chrony.spec index 78da102..66a86d5 100644 --- a/chrony.spec +++ b/chrony.spec @@ -9,7 +9,7 @@ Name: chrony Version: 4.8 -Release: 2%{?dist} +Release: 3%{?dist} Summary: An NTP client/server License: GPL-2.0-only @@ -209,6 +209,9 @@ fi %ghost %dir %attr(750,chrony,chrony) %{_localstatedir}/log/chrony %changelog +* Tue Oct 21 2025 Miroslav Lichvar 4.8-3 +- update seccomp filter for new glibc (#2405310) + * Mon Sep 08 2025 Miroslav Lichvar 4.8-2 - drop root privileges in chronyc by default From d146c7faa536a1a15e65bcf4270e0f098cb5fdbf Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Wed, 22 Oct 2025 14:15:13 +0200 Subject: [PATCH 35/36] fix seccomp fix to build on ppc64 --- chrony-seccomp.patch | 159 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 159 insertions(+) diff --git a/chrony-seccomp.patch b/chrony-seccomp.patch index af9f775..c8f79ae 100644 --- a/chrony-seccomp.patch +++ b/chrony-seccomp.patch @@ -33,3 +33,162 @@ index ca5540f2..e20e459d 100644 #if defined(FEAT_PHC) || defined(HAVE_LINUX_TIMESTAMPING) PTP_EXTTS_REQUEST, PTP_SYS_OFFSET, #ifdef PTP_PIN_SETFUNC +commit 3c39afa13c769452d4c340bfc987e229b7c9caeb +Author: Miroslav Lichvar +Date: Wed Oct 22 10:53:11 2025 +0200 + + sys_linux: fix building with older compilers and some archs + + The recent replacement of with to get + TCGETS2 seems to work only with compilers (or C standards) that allow + the same structure to be defined multiple times. There is a conflict + between and . + + Another problem is that TCGETS2 is not used on some archs like ppc64. + + Switch back to and move TCGETS2 to a list in a separate + file where it can be compiled without . + + Fixes: 03875f1ea5c4 ("sys_linux: allow ioctl(TCGETS2) in seccomp filter") + +diff --git a/configure b/configure +index 195b1ed7..ca64475d 100755 +--- a/configure ++++ b/configure +@@ -808,6 +808,7 @@ then + # a time and the async resolver would block the main thread + priv_ops="NAME2IPADDRESS RELOADDNS" + EXTRA_LIBS="$EXTRA_LIBS -lseccomp" ++ EXTRA_OBJECTS="$EXTRA_OBJECTS sys_linux_scmp.o" + fi + + if [ "x$priv_ops" != "x" ]; then +diff --git a/sys_linux.c b/sys_linux.c +index e20e459d..89eec950 100644 +--- a/sys_linux.c ++++ b/sys_linux.c +@@ -48,7 +48,7 @@ + #ifdef FEAT_SCFILTER + #include + #include +-#include ++#include + #ifdef FEAT_PPS + #include + #endif +@@ -63,6 +63,7 @@ + #endif + + #include "sys_linux.h" ++#include "sys_linux_scmp.h" + #include "sys_timex.h" + #include "conf.h" + #include "local.h" +@@ -615,7 +616,7 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) + const static int fcntls[] = { F_GETFD, F_SETFD, F_GETFL, F_SETFL }; + + const static unsigned long ioctls[] = { +- FIONREAD, TCGETS, TCGETS2, TIOCGWINSZ, ++ FIONREAD, TCGETS, TIOCGWINSZ, + #if defined(FEAT_PHC) || defined(HAVE_LINUX_TIMESTAMPING) + PTP_EXTTS_REQUEST, PTP_SYS_OFFSET, + #ifdef PTP_PIN_SETFUNC +@@ -728,6 +729,14 @@ SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context) + SCMP_A1(SCMP_CMP_EQ, ioctls[i])) < 0) + goto add_failed; + } ++ ++ /* Allow selected ioctls that need to be specified in a separate ++ file to avoid conflicting headers (e.g. TCGETS2) */ ++ for (i = 0; SYS_Linux_GetExtraScmpIoctl(i) != 0; i++) { ++ if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(ioctl), 1, ++ SCMP_A1(SCMP_CMP_EQ, SYS_Linux_GetExtraScmpIoctl(i))) < 0) ++ goto add_failed; ++ } + } + + if (seccomp_load(ctx) < 0) +diff --git a/sys_linux_scmp.c b/sys_linux_scmp.c +new file mode 100644 +index 00000000..a907a97d +--- /dev/null ++++ b/sys_linux_scmp.c +@@ -0,0 +1,44 @@ ++/* ++ chronyd/chronyc - Programs for keeping computer clocks accurate. ++ ++ ********************************************************************** ++ * Copyright (C) Miroslav Lichvar 2025 ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of version 2 of the GNU General Public License as ++ * published by the Free Software Foundation. ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ++ * ++ ********************************************************************** ++ ++ ======================================================================= ++ ++ Lists of values that are needed in seccomp filters but need to ++ be compiled separately from sys_linux.c due to conflicting headers. ++ */ ++ ++#include ++ ++#include "sys_linux_scmp.h" ++ ++unsigned long ++SYS_Linux_GetExtraScmpIoctl(int index) ++{ ++ const unsigned long ioctls[] = { ++#ifdef TCGETS2 ++ /* Conflict between and */ ++ TCGETS2, ++#endif ++ 0 ++ }; ++ ++ return ioctls[index]; ++} +diff --git a/sys_linux_scmp.h b/sys_linux_scmp.h +new file mode 100644 +index 00000000..62a9d548 +--- /dev/null ++++ b/sys_linux_scmp.h +@@ -0,0 +1,28 @@ ++/* ++ chronyd/chronyc - Programs for keeping computer clocks accurate. ++ ++ ********************************************************************** ++ * Copyright (C) Miroslav Lichvar 2025 ++ * ++ * This program is free software; you can redistribute it and/or modify ++ * it under the terms of version 2 of the GNU General Public License as ++ * published by the Free Software Foundation. ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License along ++ * with this program; if not, write to the Free Software Foundation, Inc., ++ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ++ * ++ ********************************************************************** ++ ++ ======================================================================= ++ ++ Header file for lists that are needed in seccomp filters but need to ++ be compiled separately from sys_linux.c due to conflicting headers. ++ */ ++ ++extern unsigned long SYS_Linux_GetExtraScmpIoctl(int index); From f14345b7112621a85497b2e5e45176f6fa807ec9 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Wed, 22 Oct 2025 14:16:17 +0200 Subject: [PATCH 36/36] 4.8-3