1#!/bin/sh
2#
3# $FreeBSD: stable/10/etc/rc.d/ntpd 335952 2018-07-04 14:12:09Z ian $
4#
5
6# PROVIDE: ntpd
7# REQUIRE: DAEMON ntpdate FILESYSTEMS devfs
8# BEFORE:  LOGIN
9# KEYWORD: nojail shutdown
10
11. /etc/rc.subr
12
13name="ntpd"
14rcvar="ntpd_enable"
15command="/usr/sbin/${name}"
16pidfile="/var/run/${name}.pid"
17extra_commands="fetch"
18fetch_cmd="ntpd_fetch_leapfile"
19start_precmd="ntpd_precmd"
20
21_ntp_tmp_leapfile="/var/run/ntpd.leap-seconds.list"
22
23load_rc_config $name
24
25ntpd_precmd()
26{
27	rc_flags="-c ${ntpd_config} ${ntpd_flags}"
28
29	if checkyesno ntpd_sync_on_start; then
30		rc_flags="-g $rc_flags"
31	fi
32
33	ntpd_init_leapfile
34
35	if [ ! -f $ntp_db_leapfile ]; then
36		ntpd_fetch_leapfile
37	fi
38
39	if [ -z "$ntpd_chrootdir" ]; then
40		return 0;
41	fi
42
43	# If running in a chroot cage, ensure that the appropriate files
44	# exist inside the cage, as well as helper symlinks into the cage
45	# from outside.
46	#
47	# As this is called after the is_running and required_dir checks
48	# are made in run_rc_command(), we can safely assume ${ntpd_chrootdir}
49	# exists and ntpd isn't running at this point (unless forcestart
50	# is used).
51	#
52	if [ ! -c "${ntpd_chrootdir}/dev/clockctl" ]; then
53		rm -f "${ntpd_chrootdir}/dev/clockctl"
54		( cd /dev ; /bin/pax -rw -pe clockctl "${ntpd_chrootdir}/dev" )
55	fi
56	ln -fs "${ntpd_chrootdir}/var/db/ntp.drift" /var/db/ntp.drift
57	ln -fs "${ntpd_chrootdir}${_ntp_tmp_leapfile}" ${_ntp_tmp_leapfile}
58
59	#	Change run_rc_commands()'s internal copy of $ntpd_flags
60	#
61	rc_flags="-u ntpd:ntpd -i ${ntpd_chrootdir} $rc_flags"
62}
63
64current_ntp_ts() {
65	# Seconds between 1900-01-01 and 1970-01-01
66	# echo $(((70*365+17)*86400))
67	ntp_to_unix=2208988800
68
69	echo $(($(date -u +%s)+$ntp_to_unix))
70}
71	
72get_ntp_leapfile_ver() {
73	# Leapfile update date (version number).
74	expr "$(awk '$1 == "#$" { print $2 }' "$1" 2>/dev/null)" : \
75		'^\([1-9][0-9]*\)$' \| 0
76}
77
78get_ntp_leapfile_expiry() {
79	# Leapfile expiry date.
80	expr "$(awk '$1 == "#@" { print $2 }' "$1" 2>/dev/null)" : \
81		'^\([1-9][0-9]*\)$' \| 0
82}
83
84ntpd_init_leapfile() {
85	# Refresh working leapfile with an invalid hash due to
86	# FreeBSD id header. Ntpd will ignore leapfiles with a
87	# mismatch hash. The file must be the virgin file from
88	# the source.
89	if [ ! -f $ntp_db_leapfile ]; then
90		cp -p $ntp_src_leapfile $ntp_db_leapfile
91	fi
92}
93
94ntpd_fetch_leapfile() {
95	local rc verbose
96	
97	if checkyesno ntp_leapfile_fetch_verbose; then
98		verbose=echo
99	else
100		verbose=:
101	fi
102
103	ntp_ver_no_src=$(get_ntp_leapfile_ver $ntp_src_leapfile)
104	ntp_expiry_src=$(get_ntp_leapfile_expiry $ntp_src_leapfile)
105	ntp_ver_no_db=$(get_ntp_leapfile_ver $ntp_db_leapfile)
106	ntp_expiry_db=$(get_ntp_leapfile_expiry $ntp_db_leapfile)
107	$verbose ntp_src_leapfile version is $ntp_ver_no_src
108	$verbose ntp_db_leapfile version is $ntp_ver_no_db
109
110	if [ "$ntp_ver_no_src" -gt "$ntp_ver_no_db" -o \
111	     "$ntp_ver_no_src" -eq "$ntp_ver_no_db" -a \
112	     "$ntp_expiry_src" -gt "$ntp_expiry_db" ]; then
113		$verbose replacing $ntp_db_leapfile with $ntp_src_leapfile 
114		cp -p $ntp_src_leapfile $ntp_db_leapfile
115		ntp_ver_no_db=$ntp_ver_no_src
116	else
117		$verbose not replacing $ntp_db_leapfile with $ntp_src_leapfile 
118	fi
119	ntp_leapfile_expiry_seconds=$((ntp_leapfile_expiry_days*86400))
120	ntp_leap_expiry=$(get_ntp_leapfile_expiry $ntp_db_leapfile)
121	ntp_leap_fetch_date=$((ntp_leap_expiry-ntp_leapfile_expiry_seconds))
122	if [ $(current_ntp_ts) -ge $ntp_leap_fetch_date ]; then
123		$verbose Within ntp leapfile expiry limit, initiating fetch
124		for url in $ntp_leapfile_sources ; do
125			$verbose fetching $url
126			fetch $ntp_leapfile_fetch_opts -o $_ntp_tmp_leapfile $url && break
127		done
128		ntp_ver_no_tmp=$(get_ntp_leapfile_ver $_ntp_tmp_leapfile)
129		ntp_expiry_tmp=$(get_ntp_leapfile_expiry $_ntp_tmp_leapfile)
130		if [ "$ntp_expiry_tmp" -gt "$ntp_expiry_db" -o \
131		     "$ntp_expiry_tmp" -eq "$ntp_expiry_db" -a \
132		     "$ntp_ver_no_tmp" -gt "$ntp_ver_no_db" ]; then
133			$verbose using $url as $ntp_db_leapfile
134			mv -f $_ntp_tmp_leapfile $ntp_db_leapfile ||
135			    $verbose "warning: cannot replace $ntp_db_leapfile (read-only fs?)"
136		else
137			$verbose using existing $ntp_db_leapfile
138		fi
139	fi
140}
141
142run_rc_command "$1"
143