From unknown Tue Jun 17 01:43:59 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#45794] [PATCH 0/1] services: openntpd: Remove support for deprecated "-s" option. Resent-From: Simon South Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 11 Jan 2021 17:03:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 45794 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 45794@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.161038456930511 (code B ref -1); Mon, 11 Jan 2021 17:03:01 +0000 Received: (at submit) by debbugs.gnu.org; 11 Jan 2021 17:02:49 +0000 Received: from localhost ([127.0.0.1]:58129 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kz0af-0007w3-GF for submit@debbugs.gnu.org; Mon, 11 Jan 2021 12:02:49 -0500 Received: from lists.gnu.org ([209.51.188.17]:49498) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kz0ac-0007vt-M5 for submit@debbugs.gnu.org; Mon, 11 Jan 2021 12:02:47 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48032) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kz0ac-0004Tc-Eo for guix-patches@gnu.org; Mon, 11 Jan 2021 12:02:46 -0500 Received: from mailout.easymail.ca ([64.68.200.34]:44416) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kz0aZ-0004l1-0j for guix-patches@gnu.org; Mon, 11 Jan 2021 12:02:46 -0500 Received: from localhost (localhost [127.0.0.1]) by mailout.easymail.ca (Postfix) with ESMTP id B42BBC08E3 for ; Mon, 11 Jan 2021 17:02:39 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at emo04-pco.easydns.vpn Received: from mailout.easymail.ca ([127.0.0.1]) by localhost (emo04-pco.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WmqCDqdZyG2x for ; Mon, 11 Jan 2021 17:02:39 +0000 (UTC) Received: from localhost.localdomain (unknown [108.162.141.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailout.easymail.ca (Postfix) with ESMTPSA id 046B9C08DA for ; Mon, 11 Jan 2021 17:02:38 +0000 (UTC) From: Simon South Date: Mon, 11 Jan 2021 12:02:34 -0500 Message-Id: X-Mailer: git-send-email 2.29.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=64.68.200.34; envelope-from=simon@simonsouth.net; helo=mailout.easymail.ca X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) This patch removes support for OpenNTPD's deprecated "-s" command-line option and the corresponding "allow-large-adjustment?" field from Guix's openntpd-configuration record type. Previously this option allowed OpenNTPD to make a single, arbitrarily large adjustment to the clock at startup. In the current release this option has been disabled[0] in favour of the use of authenticated constraints, and configuring a service with "(allow-large-adjustment? #t)" now causes this message to appear in /var/log/ntpd: -s option no longer works and will be removed soon. Please reconfigure to use constraints or trusted servers. For systems like the ROCK64 that lack a battery-backed clock, generally the solution is to replace the "allow-large-adjustment?" option with a setting like (constraint-from '("www.gnu.org")) which will give OpenNTPD an independent estimate of the current time and allow it to evaluate the trustworthiness of the configured NTP servers. [0] https://cvsweb.openbsd.org/src/usr.sbin/ntpd/ntpd.c?rev=1.127&content-type=text/x-cvsweb-markup -- Simon South simon@simonsouth.net Simon South (1): services: openntpd: Remove support for deprecated "-s" option. doc/guix.texi | 6 +----- gnu/services/networking.scm | 12 +++--------- tests/networking.scm | 3 +-- 3 files changed, 5 insertions(+), 16 deletions(-) -- 2.29.2 From unknown Tue Jun 17 01:43:59 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#45794] [PATCH 1/1] services: openntpd: Remove support for deprecated "-s" option. Resent-From: Simon South Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 11 Jan 2021 17:06:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 45794 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 45794@debbugs.gnu.org Received: via spool by 45794-submit@debbugs.gnu.org id=B45794.161038471030755 (code B ref 45794); Mon, 11 Jan 2021 17:06:01 +0000 Received: (at 45794) by debbugs.gnu.org; 11 Jan 2021 17:05:10 +0000 Received: from localhost ([127.0.0.1]:58134 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kz0cw-0007zy-1V for submit@debbugs.gnu.org; Mon, 11 Jan 2021 12:05:10 -0500 Received: from mailout.easymail.ca ([64.68.200.34]:49432) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kz0cu-0007zk-VK for 45794@debbugs.gnu.org; Mon, 11 Jan 2021 12:05:09 -0500 Received: from localhost (localhost [127.0.0.1]) by mailout.easymail.ca (Postfix) with ESMTP id 2338921486 for <45794@debbugs.gnu.org>; Mon, 11 Jan 2021 17:05:03 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at emo06-pco.easydns.vpn Received: from mailout.easymail.ca ([127.0.0.1]) by localhost (emo06-pco.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M4tMrs2rpDhK for <45794@debbugs.gnu.org>; Mon, 11 Jan 2021 17:05:02 +0000 (UTC) Received: from localhost.localdomain (unknown [108.162.141.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailout.easymail.ca (Postfix) with ESMTPSA id CA9D720C63 for <45794@debbugs.gnu.org>; Mon, 11 Jan 2021 17:05:02 +0000 (UTC) From: Simon South Date: Mon, 11 Jan 2021 12:04:59 -0500 Message-Id: <29e75ffc49e69c67692bf0b48034b494af671f4a.1610381875.git.simon@simonsouth.net> X-Mailer: git-send-email 2.29.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) * gnu/services/networking.scm (openntpd-configuration): Remove "allow-large-adjustment?" field. (openntpd-shepherd-service): Remove use of "allow-large-adjustment?" configuration field and "-s" daemon option. * tests/networking.scm (%openntpd-conf-sample): Remove "allow-large-adjustment?" field. * doc/guix.texi (Networking Services)[openntpd-service-type]: Remove "allow-large-adjustment?" field from sample configuration. [openntpd-configuration]: Remove description of "allow-large-adjustment?" field. --- doc/guix.texi | 6 +----- gnu/services/networking.scm | 12 +++--------- tests/networking.scm | 3 +-- 3 files changed, 5 insertions(+), 16 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 27224fa0d8..0bb9dee3c1 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -16232,8 +16232,7 @@ clock synchronized with that of the given servers. (listen-on '("127.0.0.1" "::1")) (sensor '("udcf0 correction 70000")) (constraint-from '("www.gnu.org")) - (constraints-from '("https://www.google.com/")) - (allow-large-adjustment? #t))) + (constraints-from '("https://www.google.com/")))) @end lisp @end deffn @@ -16271,9 +16270,6 @@ a constraint. As with constraint from, specify a list of URLs, IP addresses or hostnames of HTTPS servers to provide a constraint. Should the hostname resolve to multiple IP addresses, @code{ntpd} will calculate a median constraint from all of them. -@item @code{allow-large-adjustment?} (default: @code{#f}) -Determines if @code{ntpd} is allowed to make an initial adjustment of more -than 180 seconds. @end table @end deftp diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm index 9ec0f6a9ca..71f8e702a0 100644 --- a/gnu/services/networking.scm +++ b/gnu/services/networking.scm @@ -552,9 +552,7 @@ make an initial adjustment of more than 1,000 seconds." (constraint-from openntpd-constraint-from (default '())) (constraints-from openntpd-constraints-from - (default '())) - (allow-large-adjustment? openntpd-allow-large-adjustment? - (default #f))) ; upstream default + (default '()))) (define (openntpd-configuration->string config) @@ -586,8 +584,7 @@ make an initial adjustment of more than 1,000 seconds." "\n"))) ;add a trailing newline (define (openntpd-shepherd-service config) - (let ((openntpd (openntpd-configuration-openntpd config)) - (allow-large-adjustment? (openntpd-allow-large-adjustment? config))) + (let ((openntpd (openntpd-configuration-openntpd config))) (define ntpd.conf (plain-file "ntpd.conf" (openntpd-configuration->string config))) @@ -599,10 +596,7 @@ make an initial adjustment of more than 1,000 seconds." (start #~(make-forkexec-constructor (list (string-append #$openntpd "/sbin/ntpd") "-f" #$ntpd.conf - "-d" ;; don't daemonize - #$@(if allow-large-adjustment? - '("-s") - '())) + "-d") ;; don't daemonize ;; When ntpd is daemonized it repeatedly tries to respawn ;; while running, leading shepherd to disable it. To ;; prevent spamming stderr, redirect output to logfile. diff --git a/tests/networking.scm b/tests/networking.scm index c494a48067..f2421370d2 100644 --- a/tests/networking.scm +++ b/tests/networking.scm @@ -68,8 +68,7 @@ (listen-on '("127.0.0.1" "::1")) (sensor '("udcf0 correction 70000")) (constraint-from '("www.gnu.org")) - (constraints-from '("https://www.google.com/")) - (allow-large-adjustment? #t))) + (constraints-from '("https://www.google.com/")))) (test-assert "openntpd configuration generation sanity check" -- 2.29.2 From unknown Tue Jun 17 01:43:59 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Simon South Subject: bug#45794: closed (Re: bug#45794: [PATCH 0/1] services: openntpd: Remove support for deprecated "-s" option.) Message-ID: References: <8735z0wlxt.fsf@gnu.org> X-Gnu-PR-Message: they-closed 45794 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 45794@debbugs.gnu.org Date: Sat, 16 Jan 2021 22:35:01 +0000 Content-Type: multipart/mixed; boundary="----------=_1610836501-7883-1" This is a multi-part message in MIME format... ------------=_1610836501-7883-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #45794: [PATCH 0/1] services: openntpd: Remove support for deprecated "-s" = option. which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 45794@debbugs.gnu.org. --=20 45794: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D45794 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1610836501-7883-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 45794-done) by debbugs.gnu.org; 16 Jan 2021 22:34:36 +0000 Received: from localhost ([127.0.0.1]:44238 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l0u9T-00022X-Ql for submit@debbugs.gnu.org; Sat, 16 Jan 2021 17:34:36 -0500 Received: from eggs.gnu.org ([209.51.188.92]:36488) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1l0u9O-00022F-SN for 45794-done@debbugs.gnu.org; Sat, 16 Jan 2021 17:34:34 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]:59031) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1l0u9J-0006CZ-IY; Sat, 16 Jan 2021 17:34:25 -0500 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=38328 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1l0u9J-0003iD-3N; Sat, 16 Jan 2021 17:34:25 -0500 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Simon South Subject: Re: bug#45794: [PATCH 0/1] services: openntpd: Remove support for deprecated "-s" option. References: Date: Sat, 16 Jan 2021 23:34:22 +0100 In-Reply-To: (Simon South's message of "Mon, 11 Jan 2021 12:02:34 -0500") Message-ID: <8735z0wlxt.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 45794-done Cc: 45794-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hi, Simon South skribis: > This patch removes support for OpenNTPD's deprecated "-s" command-line op= tion > and the corresponding "allow-large-adjustment?" field from Guix's > openntpd-configuration record type. > > Previously this option allowed OpenNTPD to make a single, arbitrarily lar= ge > adjustment to the clock at startup. In the current release this option has > been disabled[0] in favour of the use of authenticated constraints, and > configuring a service with "(allow-large-adjustment? #t)" now causes this > message to appear in /var/log/ntpd: > > -s option no longer works and will be removed soon. > Please reconfigure to use constraints or trusted servers. > > For systems like the ROCK64 that lack a battery-backed clock, generally t= he > solution is to replace the "allow-large-adjustment?" option with a setting > like > > (constraint-from '("www.gnu.org")) > > which will give OpenNTPD an independent estimate of the current time and = allow > it to evaluate the trustworthiness of the configured NTP servers. > > [0] https://cvsweb.openbsd.org/src/usr.sbin/ntpd/ntpd.c?rev=3D1.127&conte= nt-type=3Dtext/x-cvsweb-markup Thanks for explaining. > * gnu/services/networking.scm (openntpd-configuration): Remove > "allow-large-adjustment?" field. > (openntpd-shepherd-service): Remove use of "allow-large-adjustment?" > configuration field and "-s" daemon option. > * tests/networking.scm (%openntpd-conf-sample): Remove > "allow-large-adjustment?" field. > * doc/guix.texi (Networking Services)[openntpd-service-type]: Remove > "allow-large-adjustment?" field from sample configuration. > [openntpd-configuration]: Remove description of "allow-large-adjustment?" > field. Applied, thanks! Ludo=E2=80=99. ------------=_1610836501-7883-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 11 Jan 2021 17:02:49 +0000 Received: from localhost ([127.0.0.1]:58129 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kz0af-0007w3-GF for submit@debbugs.gnu.org; Mon, 11 Jan 2021 12:02:49 -0500 Received: from lists.gnu.org ([209.51.188.17]:49498) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kz0ac-0007vt-M5 for submit@debbugs.gnu.org; Mon, 11 Jan 2021 12:02:47 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48032) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kz0ac-0004Tc-Eo for guix-patches@gnu.org; Mon, 11 Jan 2021 12:02:46 -0500 Received: from mailout.easymail.ca ([64.68.200.34]:44416) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kz0aZ-0004l1-0j for guix-patches@gnu.org; Mon, 11 Jan 2021 12:02:46 -0500 Received: from localhost (localhost [127.0.0.1]) by mailout.easymail.ca (Postfix) with ESMTP id B42BBC08E3 for ; Mon, 11 Jan 2021 17:02:39 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at emo04-pco.easydns.vpn Received: from mailout.easymail.ca ([127.0.0.1]) by localhost (emo04-pco.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WmqCDqdZyG2x for ; Mon, 11 Jan 2021 17:02:39 +0000 (UTC) Received: from localhost.localdomain (unknown [108.162.141.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailout.easymail.ca (Postfix) with ESMTPSA id 046B9C08DA for ; Mon, 11 Jan 2021 17:02:38 +0000 (UTC) From: Simon South To: guix-patches@gnu.org Subject: [PATCH 0/1] services: openntpd: Remove support for deprecated "-s" option. Date: Mon, 11 Jan 2021 12:02:34 -0500 Message-Id: X-Mailer: git-send-email 2.29.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=64.68.200.34; envelope-from=simon@simonsouth.net; helo=mailout.easymail.ca X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) This patch removes support for OpenNTPD's deprecated "-s" command-line option and the corresponding "allow-large-adjustment?" field from Guix's openntpd-configuration record type. Previously this option allowed OpenNTPD to make a single, arbitrarily large adjustment to the clock at startup. In the current release this option has been disabled[0] in favour of the use of authenticated constraints, and configuring a service with "(allow-large-adjustment? #t)" now causes this message to appear in /var/log/ntpd: -s option no longer works and will be removed soon. Please reconfigure to use constraints or trusted servers. For systems like the ROCK64 that lack a battery-backed clock, generally the solution is to replace the "allow-large-adjustment?" option with a setting like (constraint-from '("www.gnu.org")) which will give OpenNTPD an independent estimate of the current time and allow it to evaluate the trustworthiness of the configured NTP servers. [0] https://cvsweb.openbsd.org/src/usr.sbin/ntpd/ntpd.c?rev=1.127&content-type=text/x-cvsweb-markup -- Simon South simon@simonsouth.net Simon South (1): services: openntpd: Remove support for deprecated "-s" option. doc/guix.texi | 6 +----- gnu/services/networking.scm | 12 +++--------- tests/networking.scm | 3 +-- 3 files changed, 5 insertions(+), 16 deletions(-) -- 2.29.2 ------------=_1610836501-7883-1--