Package Details: ntpsec 1.2.3-2

Git Clone URL: https://aur.archlinux.org/ntpsec.git (read-only, click to copy)
Package Base: ntpsec
Description: Security-hardened Network Time Protocol implementation
Upstream URL: https://www.ntpsec.org/
Licenses: Apache-2.0,BSD-2-Clause,BSD-4-Clause,ISC,NTP,Beerware,BSD-3-Clause,CC-BY-4.0,MIT
Conflicts: ntp
Provides: ntp
Submitter: chungy
Maintainer: gdfuego
Last Packager: gdfuego
Votes: 12
Popularity: 0.004126
First Submitted: 2016-12-01 10:10 (UTC)
Last Updated: 2023-12-31 17:37 (UTC)

Dependencies (12)

Required by (16)

Sources (4)

Latest Comments

« First ‹ Previous 1 2 3 Next › Last »

gdfuego commented on 2021-03-12 19:09 (UTC)

I just removed seccomp. Can you confirm it's working for you now?

kql commented on 2021-03-12 16:26 (UTC)

After a fresh install and default config, the service crashed with ntpd.service: Main process exited, code=killed, status=31/SYS. After removing --enable-seccomp as suggested here https://lists.ntpsec.org/pipermail/devel/2021-January/009680.html the service seems to run as expected.

Perhaps the switch should be removed from build()?

gdfuego commented on 2019-11-26 01:53 (UTC)

I updated to the latest version and added arm7h support

eimis commented on 2019-11-24 18:45 (UTC)

took around 6 and a half minutes to compile on armv7h allwinner h3. it works well. maybe add armv7h as supported arch?

pcmoore commented on 2019-07-22 13:41 (UTC)

Version 1.1.6 was tagged on July 10th. Any chance you can update this package and fix the build problem (stray comma causing build failures, see comment below)?

pcmoore commented on 2019-06-30 14:19 (UTC)

It looks like commit 7cd5c2ab410a ("Add binutils to makedepends") breaks the build with an extra comma.

==> ERROR: makedepends contains invalid characters: ','

pcmoore commented on 2019-06-25 01:52 (UTC)

FYI: it looks like v1.1.4 has been released today.

gdfuego commented on 2018-09-18 19:38 (UTC)

I've updated the package to the latest upstream version, and I've configured it to include a stock set of configs. These are handled through /etc/ntp.d, but it should use ntp.conf instead if you do have one.

akrieger commented on 2017-05-01 00:17 (UTC)

I also ran into trouble running ntpsec (possibly the same error as Eremiell). There seems to be an issue with seccomp blocking syscalls in ntpd. seccomp is meant as an extra defense measure that forbids the use of arbitrary syscalls, but it requires a list of every syscall used (legitimately) by ntpd. Of course, different versions of libc use different syscalls (or even the same version of libc on different platforms), and apparently Arch's version of glibc uses "extra" syscalls. There's an upstream issue here: <https://gitlab.com/NTPsec/ntpsec/issues/275> In the meantime, editing PKGBUILD to remove '--enable-seccomp' on line 42 will build ntpd without seccomp as a temporary workaround (although this does weaken security against an attacker who gains the ability to execute arbitrary code in ntpd's process). The alternative is to patch ntpsec sources to add the "extra" syscalls to the seccomp whitelist. I'm holding off on that since it seems like a really messy fix (it's too platform- and library-dependent), but the upstream issue has details for anyone wanting to go that route.

Eremiell commented on 2017-04-10 22:29 (UTC) (edited on 2017-04-10 23:12 (UTC) by Eremiell)

It looks like this package doesn't bring in any default ntp.conf. While I always edit it in hand, I prefer to have some skeleton available, so I check if the defaults are sane, switch servers for local pool and few proven static ones, more like do minor edits and not write the whole thing anew. You should be able to grab one from the ntp package, possibly editing it a bit if you don't find it sane enough. Edit: OK, looking at it, the default one in ntp package is quite brief compared to what I'm used to. Guess I nicked my previous skeleton elsewhere. Still, it's at least there. ;) More edit: ntpsec for some reason doesn't work at all for me. It starts to listen and then just flops and get killed by systemd. Rollbacked to ntp for now. While it is certainly suboptimal, I lived with it for years and it still "just works". Apr 11 01:05:57 taurus sudo[14208]: eremiell : TTY=pts/1 ; PWD=/home/eremiell/builds/ntpsec ; USER=root ; COMMAND=/usr/bin/systemctl start ntpd.service Apr 11 01:05:57 taurus sudo[14208]: pam_unix(sudo:session): session opened for user root by eremiell(uid=0) Apr 11 01:05:57 taurus systemd[1]: Starting Network Time Service... -- Subject: Unit ntpd.service has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit ntpd.service has begun starting up. Apr 11 01:05:57 taurus ntpd[14211]: ntpd ntpsec-0.9.7+7 2017-03-23T07:41:51Z: Starting Apr 11 01:05:57 taurus ntpd[14211]: Command line: /usr/bin/ntpd -g -u ntp:ntp Apr 11 01:05:57 taurus systemd[1]: Started Network Time Service. -- Subject: Unit ntpd.service has finished start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit ntpd.service has finished starting up. -- -- The start-up result is done. Apr 11 01:05:57 taurus ntpd[14212]: proto: precision = 0.099 usec (-23) Apr 11 01:05:57 taurus systemd[1]: ntpd.service: Main process exited, code=killed, status=31/SYS Apr 11 01:05:57 taurus ntpd[14212]: successfully locked into RAM Apr 11 01:05:57 taurus ntpd[14212]: restrict default: notrap keyword is ignored. Apr 11 01:05:57 taurus ntpd[14212]: Listen and drop on 0 v6wildcard [::]:123 Apr 11 01:05:57 taurus ntpd[14212]: Listen and drop on 1 v4wildcard 0.0.0.0:123 Apr 11 01:05:57 taurus ntpd[14212]: Listen normally on 2 lo 127.0.0.1:123 Apr 11 01:05:57 taurus ntpd[14212]: Listen normally on 3 wlp13s0 192.168.13.24:123 Apr 11 01:05:57 taurus ntpd[14212]: Listen normally on 4 enp14s0 192.168.13.1:123 Apr 11 01:05:57 taurus ntpd[14212]: Listen normally on 5 lo [::1]:123 Apr 11 01:05:57 taurus ntpd[14212]: Listen normally on 6 wlp13s0 [fe80::1acf:5eff:fe91:42eb%2]:123 Apr 11 01:05:57 taurus ntpd[14212]: Listen normally on 7 enp14s0 [fe80::6202:92ff:fe3f:c29f%3]:123 Apr 11 01:05:57 taurus ntpd[14212]: Listening on routing socket on fd #24 for interface updates Apr 11 01:05:57 taurus ntpd[14212]: sandbox: seccomp_init() succeeded Apr 11 01:05:57 taurus sudo[14208]: pam_unix(sudo:session): session closed for user root

« First ‹ Previous 1 2 3 Next › Last »