Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/ntp/Solaris/ntp.sh
author Brian Utterback <brian.utterback@oracle.com>
Mon, 28 Nov 2016 18:59:56 -0800
branchs11u3-sru
changeset 7534 2aa7c5a61a30
parent 6564 cf734c3c4e88
permissions -rw-r--r--
24660275 adj_systime: too chatty on NGZ 17774349 ntp: adj_systime: Not owner in messages file after p2v migration PSARC/2016/614 NTP SMF property ignore_sys_time_error

#!/sbin/sh
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#

#
# Copyright (c) 2009, 2017, Oracle and/or its affiliates. All rights reserved.
#

# Standard prolog
#
. /lib/svc/share/smf_include.sh

if [ -z $SMF_FMRI ]; then
        echo "SMF framework variables are not initialized."
        exit $SMF_EXIT_ERR
fi

#
# Is NTP configured?
#
if [ ! -f /etc/inet/ntp.conf ]; then
	echo "Error: Configuration file '/etc/inet/ntp.conf' not found." \
	    "  See ntpd(1M)."
	exit $SMF_EXIT_ERR_CONFIG
fi

# Disable globbing to prevent privilege escalations by users authorized
# to set property values for the NTP service.
set -f

# Do we want to run without setting the clock? If not and we don't have
# the priv to set the clock, exit. If so, remove the priv and
# continue on. Set env variable to tell ntpd to ignore EPERM errors.
val=`svcprop -c -p config/disable_local_time_adjustment $SMF_FMRI`
if [ "$val" = "true" ]; then
       	export IGNORE_SYS_TIME_ERROR=1
	ppriv -s EIP-sys_time $$
else
	ppriv -q sys_time
	if (($? > 0)); then
		echo "Error: Insufficient privilege to adjust the system clock." \
	    	" Set the disable_local_time_adjustment property to run anyway."
		exit $SMF_EXIT_ERR_CONFIG
	fi
fi
#
# Build the command line flags
#
shift $#
set -- --pidfile /var/run/ntp.pid
# We allow a step larger than the panic value of 17 minutes only 
# once when ntpd starts up. If always_allow_large_step is true, 
# then we allow this each time ntpd starts. Otherwise, we allow
# it only the very first time ntpd starts after a boot. We 
# check that by making ntpd write its pid to a file in /var/run.

val=`svcprop -c -p config/always_allow_large_step $SMF_FMRI`
if [ "$val" = "true" ] || \
    [ ! -f /var/run/ntp.pid ]; then
        set -- "$@" --panicgate
fi

# Auth was off by default in xntpd now the default is on. Better have a way
# to turn it off again. Also check for the obsolete "authentication" keyword.
val=`svcprop -c -p config/no_auth_required $SMF_FMRI`
if [ ! "$val" = "true" ]; then
        val=`/usr/bin/nawk '/^[ \t]*#/{next}
            /^[ \t]*authentication[ \t]+no/ {
                printf("true", $2)
                next } ' /etc/inet/ntp.conf`
fi
[ "$val" = "true" ] && set -- "$@" --authnoreq

# Set up logging if requested.
logfile=`svcprop -c -p config/logfile $SMF_FMRI`
val=`svcprop -c -p config/verbose_logging $SMF_FMRI`
[ "$val" = "true" ] && [ -n "$logfile" ]  && set -- "$@" --logfile $logfile

# Register with mDNS.
val=`svcprop -c -p config/mdnsregister $SMF_FMRI`
mdns=`svcprop -c -p general/enabled svc:/network/dns/multicast:default`
[ "$val" = "true" ] && [ "$mdns" = "true" ] && set -- "$@" --mdns

# We used to support the slewalways keyword, but that was a Sun thing
# and not in V4. Look for "slewalways yes" and set the new slew option.
slew_always=`svcprop -c -p config/slew_always $SMF_FMRI`
if [ ! "$slew_always" = "true" ]; then
	slew_always=`/usr/bin/nawk '/^[ \t]*#/{next}
	    /^[ \t]*slewalways[ \t]+yes/ {
        	printf("true", $2)
        	next } ' /etc/inet/ntp.conf`
fi
[ "$slew_always" = "true" ] && set -- "$@" --slew

# Set up debugging.
deb=`svcprop -c -p config/debuglevel $SMF_FMRI`

# If slew_always is set to true, then the large offset after a reboot
# might take a very long time to correct the clock. Optionally allow
# a step once after a reboot if slew_always is set when allow_step_at_boot
# is also set. 
val=`svcprop -c -p config/allow_step_at_boot $SMF_FMRI`
if [ "$val" = "true" ] && [ "$slew_always" = "true" ] && \
    [ ! -f /var/run/ntp.pid ]; then
	set -- "$@" --force-step-once
fi

# Start the daemon. If debugging is requested, put it in the background, 
# since it won't do it on it's own.
if [ "$deb" -gt 0 ]; then
	/usr/lib/inet/ntpd "$@" --set-debug-level=$deb >/var/ntp/ntp.debug &
else
	/usr/lib/inet/ntpd "$@"
fi

# Now, wait for the first sync, if requested.
val=`svcprop -c -p config/wait_for_sync $SMF_FMRI`
[ "$val" = "true" ] && /usr/lib/inet/ntp-wait

exit $SMF_EXIT_OK
upstream/oracle/userland-gate