diff options
Diffstat (limited to 'meta-networking/recipes-support/chrony/chrony_4.2.bb')
-rw-r--r-- | meta-networking/recipes-support/chrony/chrony_4.2.bb | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/meta-networking/recipes-support/chrony/chrony_4.2.bb b/meta-networking/recipes-support/chrony/chrony_4.2.bb index 57dd635dc3..b7d21b7e91 100644 --- a/meta-networking/recipes-support/chrony/chrony_4.2.bb +++ b/meta-networking/recipes-support/chrony/chrony_4.2.bb @@ -45,7 +45,7 @@ DEPENDS = "pps-tools" # Note: Despite being built via './configure; make; make install', # chrony does not use GNU Autotools. -inherit update-rc.d systemd +inherit update-rc.d systemd pkgconfig # Add chronyd user if privdrop packageconfig is selected inherit ${@bb.utils.contains('PACKAGECONFIG', 'privdrop', 'useradd', '', d)} @@ -53,14 +53,6 @@ USERADD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '${PN}', ' USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '--system -d / -M --shell /bin/nologin chronyd;', '', d)}" # Configuration options: -# - For command line editing support in chronyc, you may specify either -# 'editline' or 'readline' but not both. editline is smaller, but -# many systems already have readline for other purposes so you might want -# to choose that instead. However, beware license incompatibility -# since chrony is GPLv2 and readline versions after 6.0 are GPLv3+. -# You can of course choose neither, but if you're that tight on space -# consider dropping chronyc entirely (you can use it remotely with -# appropriate chrony.conf options). # - Security-related: # - 'sechash' is omitted by default because it pulls in nss which is huge. # - 'privdrop' allows chronyd to run as non-root; would need changes to @@ -70,14 +62,17 @@ USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '--sys PACKAGECONFIG ??= "editline \ ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ " -PACKAGECONFIG[readline] = "--without-editline,--without-readline,readline" PACKAGECONFIG[editline] = ",--without-editline,libedit" PACKAGECONFIG[sechash] = "--without-tomcrypt,--disable-sechash,nss" -PACKAGECONFIG[privdrop] = "--with-libcap,--disable-privdrop --without-libcap,libcap" +PACKAGECONFIG[privdrop] = ",--disable-privdrop,libcap" PACKAGECONFIG[scfilter] = "--enable-scfilter,--without-seccomp,libseccomp" PACKAGECONFIG[ipv6] = ",--disable-ipv6," -PACKAGECONFIG[nss] = "--with-nss,--without-nss,nss" -PACKAGECONFIG[libcap] = "--with-libcap,--without-libcap,libcap" + +# These are left for backwards compatibility, to avoid breaking existing +# configurations. +PACKAGECONFIG[libcap] = "" +PACKAGECONFIG[nss] = "" +PACKAGECONFIG[readline] = "" # --disable-static isn't supported by chrony's configure script. DISABLE_STATIC = "" @@ -126,6 +121,10 @@ do_install() { ${D}${systemd_unitdir}/system/chronyd.service sed -i 's!^PATH=.*!PATH=${base_sbindir}:${base_bindir}:${sbindir}:${bindir}!' ${D}${sysconfdir}/init.d/chronyd sed -i 's!^EnvironmentFile=.*!EnvironmentFile=-${sysconfdir}/default/chronyd!' ${D}${systemd_unitdir}/system/chronyd.service + + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /var/lib/chrony 0755 root root -" > ${D}${sysconfdir}/tmpfiles.d/chronyd.conf + } FILES:${PN} = "${sbindir}/chronyd ${sysconfdir} ${localstatedir}/lib/chrony ${localstatedir}" |