1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-30 01:20:40 +00:00
Commit graph

42 commits

Author SHA1 Message Date
David Costa 6759b7900e ntp: fix ntpd shutdown by using upstream patch
After a series of amendments the seccomp.patch made ntpd work properly
but only on 32-bit systems.
This commit replaces that patch with the one submitted upstream by
cleverca22 and that fixes the issue also on 64-bit systems.

Close #38627, #45885
2018-10-31 23:01:40 +00:00
volth a4f4886ba3
ntp: fix cross-build 2018-10-12 12:48:59 +00:00
R. RyanTM 2524ad67da ntp: 4.2.8p11 -> 4.2.8p12 (#45180)
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/ntp/versions.
2018-08-21 14:49:38 +02:00
Markus Kowalewski 6aba5e26b3
ntp: add license 2018-08-17 23:52:16 +02:00
Richard Marko 91575dd285 pps-tools: init at 1.0.2, enable for chrony, gpsd, ntp (#42889) 2018-07-04 11:28:07 +00:00
Silvan Mosberger 57bccb3cb8 treewide: http -> https sources (#42676)
* treewide: http -> https sources

This updates the source urls of all top-level packages from http to
https where possible.

* buildtorrent: fix url and tab -> spaces
2018-06-28 20:43:35 +02:00
Michael Bishop f115afa5d5 ntp: fix a missed syscall in seccomp
ntpd uses openat to adjust the drift file, which it only does after a few hours of uptime
2018-06-11 07:40:26 -03:00
R. RyanTM 81a0a3b39c ntp: 4.2.8p10 -> 4.2.8p11 (#40661)
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/ntp/versions.

These checks were done:

- built on NixOS
- /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/calc_tickadj passed the binary check.
- /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/ntp-wait passed the binary check.
- /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/ntptrace passed the binary check.
- Warning: no invocation of /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/update-leap had a zero exit code or showed the expected version
- /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/sntp passed the binary check.
- /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/ntpd passed the binary check.
- Warning: no invocation of /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/ntpdate had a zero exit code or showed the expected version
- /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/ntpdc passed the binary check.
- /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/ntpq passed the binary check.
- /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/ntp-keygen passed the binary check.
- Warning: no invocation of /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/ntptime had a zero exit code or showed the expected version
- Warning: no invocation of /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11/bin/tickadj had a zero exit code or showed the expected version
- 8 of 12 passed binary check by having a zero exit code.
- 0 of 12 passed binary check by having the new version present in output.
- found 4.2.8p11 with grep in /nix/store/ib7i3wijfdx2h24aswazaqivr6hfrbip-ntp-4.2.8p11
- directory tree listing: https://gist.github.com/643849ae077bac0514537c8aa923dd6d
- du listing: https://gist.github.com/1b2abf7cee80b022945ff72be1eb7070
2018-05-18 01:08:47 +02:00
Joachim F bb771e0405 Merge pull request #24573 from ambrop72/ntpd-fix
ntpd: Add patch to allow getpid syscall in seccomp filter.
2017-04-06 11:06:13 +01:00
Jörg Thalheim 500818b997
ntp: 4.2.8p9 -> 4.2.8p10; fix 10 medium/4 low CVEs
http://nwtime.org/network-time-foundation-publishes-ntp-4-2-8-p10/
2017-04-02 23:06:43 +02:00
Ambroz Bizjak 35e0eea053 ntpd: Allow additional syscalls in seccomp filter.
Fixes issue #21136.

The problem is that the seccomp system call filter configured by ntpd did not
include some system calls that were apparently needed. For example the
program hanged in getpid just after the filter was installed:

prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)  = 0
seccomp(SECCOMP_SET_MODE_STRICT, 1, NULL) = -1 EINVAL (Invalid argument)
seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=41, filter=0x5620d7f0bd90}) = 0
getpid()                                = ?

I do not know exactly why this is a problem on NixOS only, perhaps we have getpid
caching disabled.

The fcntl and setsockopt system calls also had to be added.
2017-04-02 21:44:06 +02:00
Tuomas Tynkkynen 2d679dbe74 ntp: Don't use seccomp on non-x86
It only has the allowed system call numbers defined for i386 and x86_64
so it fails to build otherwise.
2016-11-26 20:38:17 +02:00
Franz Pletz 009e37d277
ntp: fix ntp-wait script, depends on perl 2016-11-21 23:25:21 +01:00
Franz Pletz 67fd21a170
ntp: use seccomp on linux 2016-11-21 23:11:05 +01:00
Franz Pletz db66a95e5b
ntp: 4.2.8p8 -> 4.2.8p9
Includes fixes for 10 CVEs and contains other fixes.

See http://support.ntp.org/bin/view/Main/SecurityNotice#November_2016_ntp_4_2_8p9_NTP_Se.
2016-11-21 22:49:02 +01:00
Robin Gloster 5185bc1773 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-07-15 14:41:01 +00:00
Franz Pletz bdf4c0d21f ntp: 4.2.8p6 -> 4.2.8p8 (security)
Fixes CVE-2016-4953, CVE-2016-4954, CVE-2016-4955, CVE-2016-4956.
2016-07-10 10:48:11 +02:00
Franz Pletz aff1f4ab94 Use general hardening flag toggle lists
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
2016-03-05 18:55:26 +01:00
Robin Gloster 3b4765c9e5 Merge remote-tracking branch 'upstream/master' into hardened-stdenv 2016-02-28 16:32:57 +00:00
Franz Pletz c691b6a858 ntp: 4.2.8p4 -> 4.2.8p6 (multiple CVEs)
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
2016-02-27 16:34:02 +01:00
Robin Gloster 631c09bbe5 checksec: clean up 2016-02-26 17:26:03 +00:00
Tobias Geerinckx-Rice 32d40f0f98 Remove no longer (or never) referenced patches
55 files changed, 6041 deletions. Tested with `nix-build -A tarball`.
2016-01-24 02:02:21 +01:00
koral f510253de3 ntp: 4.2.8p3 -> 4.2.8p4 2015-11-08 13:44:11 +00:00
Mathnerd314 43b388fbd6 ntp: 4.2.8p2 -> 4.2.8p3 2015-09-05 18:35:45 -06:00
William A. Kennington III bcbda5d95b ntp: Refactor and add signing support 2015-04-25 21:27:53 -07:00
William A. Kennington III 458c8381e0 ntp: 4.2.8 -> 4.2.8p2 2015-04-08 14:07:26 -07:00
Eelco Dolstra 782440310d ntp: Don't depend on openssl, don't install docs 2014-12-28 19:38:45 +01:00
Vladimír Čunát 0fbc5ddadb ntp: security update, and use libcrypto
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

The package would no longer build without libcrypto,
and it wouldn't find it without pkgconfig.
I checked that Debian and Arch do use openssl as a dependency,
so it's probably not so bad a thing to have.

CC maintainer @edolstra.
2014-12-25 12:30:53 +01:00
Eelco Dolstra d451d12128 ntp: Update to 4.2.6p5 2014-02-03 23:44:11 +01:00
Lluís Batlle i Rossell 74ef91cfae Updating ntp
svn path=/nixpkgs/trunk/; revision=30290
2011-11-07 15:07:19 +00:00
Eelco Dolstra 4e94575014 * NTP updated to 4.2.6p2.
svn path=/nixpkgs/trunk/; revision=24118
2010-10-06 16:02:44 +00:00
Lluís Batlle i Rossell 5cbd244265 Updating ntp.
svn path=/nixpkgs/trunk/; revision=18916
2009-12-12 19:48:12 +00:00
Eelco Dolstra 6556756115 * ntp 4.2.4p7.
svn path=/nixpkgs/trunk/; revision=15828
2009-06-02 19:35:26 +00:00
Eelco Dolstra 5a594ea219 * Updated ntp.
svn path=/nixpkgs/trunk/; revision=14798
2009-03-31 09:26:20 +00:00
Eelco Dolstra 0548c19dbe * NTP 4.2.4p5 (and the old url was broken).
svn path=/nixpkgs/trunk/; revision=12883
2008-09-18 21:15:14 +00:00
Eelco Dolstra e55c2246ff * ntp 4.2.4p4.
svn path=/nixpkgs/trunk/; revision=10217
2008-01-18 13:20:04 +00:00
Eelco Dolstra 8f4d8573c0 * Fix a bunch of URLs.
svn path=/nixpkgs/trunk/; revision=9292
2007-09-11 10:15:07 +00:00
Armijn Hemel 403d766a59 new version
svn path=/nixpkgs/trunk/; revision=7528
2007-01-01 18:49:23 +00:00
Armijn Hemel 6b8b7566fb location moved
svn path=/nixpkgs/trunk/; revision=7527
2007-01-01 16:16:54 +00:00
Eelco Dolstra d96ee92a8c * Purity.
svn path=/nixpkgs/trunk/; revision=7465
2006-12-22 22:16:06 +00:00
Eelco Dolstra 33db7f3dd3 * Build ntpd with capabilities support.
svn path=/nixpkgs/trunk/; revision=7462
2006-12-22 19:22:57 +00:00
Eelco Dolstra 000b1f4cd6 * NTP daemon.
svn path=/nixpkgs/trunk/; revision=7459
2006-12-21 22:23:17 +00:00