ntp/Solaris/ntp.sh

172N/A#!/sbin/sh
172N/A#
172N/A# CDDL HEADER START
172N/A#
172N/A# The contents of this file are subject to the terms of the
172N/A# Common Development and Distribution License (the "License").
172N/A# You may not use this file except in compliance with the License.
172N/A#
172N/A# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
172N/A# or http://www.opensolaris.org/os/licensing.
172N/A# See the License for the specific language governing permissions
172N/A# and limitations under the License.
172N/A#
172N/A# When distributing Covered Code, include this CDDL HEADER in each
172N/A# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
172N/A# If applicable, add the following below this CDDL HEADER, with the
172N/A# fields enclosed by brackets "[]" replaced with your own identifying
172N/A# information: Portions Copyright [yyyy] [name of copyright owner]
172N/A#
172N/A# CDDL HEADER END
172N/A#
172N/A
172N/A#
5359N/A# Copyright (c) 2009, 2016, Oracle and/or its affiliates. All rights reserved.
172N/A#
172N/A
172N/A# Standard prolog
172N/A#
172N/A. /lib/svc/share/smf_include.sh
172N/A
172N/Aif [ -z $SMF_FMRI ]; then
172N/A        echo "SMF framework variables are not initialized."
172N/A        exit $SMF_EXIT_ERR
172N/Afi
172N/A
172N/A#
172N/A# Is NTP configured?
172N/A#
172N/Aif [ ! -f /etc/inet/ntp.conf ]; then
172N/A    echo "Error: Configuration file '/etc/inet/ntp.conf' not found." \
172N/A        "  See ntpd(1M)."
172N/A    exit $SMF_EXIT_ERR_CONFIG
172N/Afi
172N/A
172N/A# Disable globbing to prevent privilege escalations by users authorized
172N/A# to set property values for the NTP service.
7414N/Aset -f
172N/A
7414N/A# Do we want to run without setting the clock? If not and we don't have
7414N/A# the priv to set the clock, exit. If so, remove the priv and
7414N/A# continue on. Set env variable to tell ntpd to ignore EPERM errors.
7414N/Aval=`svcprop -c -p config/disable_local_time_adjustment $SMF_FMRI`
7414N/Aif [ "$val" = "true" ]; then
7414N/A        export IGNORE_SYS_TIME_ERROR=1
7414N/A    ppriv -s EIP-sys_time $$
7414N/Aelse
7414N/A    ppriv -q sys_time
7414N/A    if (($? > 0)); then
7414N/A        echo "Error: Insufficient privilege to adjust the system clock." \
7414N/A            " Set the disable_local_time_adjustment property to run anyway."
7414N/A        exit $SMF_EXIT_ERR_CONFIG
7414N/A    fi
7414N/Afi
172N/A#
172N/A# Build the command line flags
172N/A#
172N/Ashift $#
5959N/Aset -- --pidfile /var/run/ntp.pid
432N/A# We allow a step larger than the panic value of 17 minutes only
4484N/A# once when ntpd starts up. If always_allow_large_step is true,
172N/A# then we allow this each time ntpd starts. Otherwise, we allow
172N/A# it only the very first time ntpd starts after a boot. We
172N/A# check that by making ntpd write its pid to a file in /var/run.
172N/A
172N/Aval=`svcprop -c -p config/always_allow_large_step $SMF_FMRI`
172N/Aif [ "$val" = "true" ] || \
172N/A    [ ! -f /var/run/ntp.pid ]; then
5959N/A        set -- "$@" --panicgate
172N/Afi
172N/A
172N/A# Auth was off by default in xntpd now the default is on. Better have a way
432N/A# to turn it off again. Also check for the obsolete "authentication" keyword.
172N/Aval=`svcprop -c -p config/no_auth_required $SMF_FMRI`
172N/Aif [ ! "$val" = "true" ]; then
172N/A        val=`/usr/bin/nawk '/^[ \t]*#/{next}
172N/A            /^[ \t]*authentication[ \t]+no/ {
172N/A                printf("true", $2)
172N/A                next } ' /etc/inet/ntp.conf`
172N/Afi
172N/A[ "$val" = "true" ] && set -- "$@" --authnoreq
172N/A
172N/A# Set up logging if requested.
172N/Alogfile=`svcprop -c -p config/logfile $SMF_FMRI`
172N/Aval=`svcprop -c -p config/verbose_logging $SMF_FMRI`
5959N/A[ "$val" = "true" ] && [ -n "$logfile" ]  && set -- "$@" --logfile $logfile
172N/A
172N/A# Register with mDNS.
172N/Aval=`svcprop -c -p config/mdnsregister $SMF_FMRI`
172N/Amdns=`svcprop -c -p general/enabled svc:/network/dns/multicast:default`
5959N/A[ "$val" = "true" ] && [ "$mdns" = "true" ] && set -- "$@" --mdns
172N/A
172N/A# We used to support the slewalways keyword, but that was a Sun thing
172N/A# and not in V4. Look for "slewalways yes" and set the new slew option.
4484N/Aslew_always=`svcprop -c -p config/slew_always $SMF_FMRI`
4484N/Aif [ ! "$slew_always" = "true" ]; then
4484N/A    slew_always=`/usr/bin/nawk '/^[ \t]*#/{next}
172N/A        /^[ \t]*slewalways[ \t]+yes/ {
172N/A            printf("true", $2)
172N/A            next } ' /etc/inet/ntp.conf`
172N/Afi
4484N/A[ "$slew_always" = "true" ] && set -- "$@" --slew
172N/A
172N/A# Set up debugging.
172N/Adeb=`svcprop -c -p config/debuglevel $SMF_FMRI`
172N/A
4484N/A# If slew_always is set to true, then the large offset after a reboot
4484N/A# might take a very long time to correct the clock. Optionally allow
4484N/A# a step once after a reboot if slew_always is set when allow_step_at_boot
5359N/A# is also set.
4484N/Aval=`svcprop -c -p config/allow_step_at_boot $SMF_FMRI`
4484N/Aif [ "$val" = "true" ] && [ "$slew_always" = "true" ] && \
4484N/A    [ ! -f /var/run/ntp.pid ]; then
5959N/A    set -- "$@" --force-step-once
4484N/Afi
4484N/A
172N/A# Start the daemon. If debugging is requested, put it in the background,
172N/A# since it won't do it on it's own.
172N/Aif [ "$deb" -gt 0 ]; then
172N/A    /usr/lib/inet/ntpd "$@" --set-debug-level=$deb >/var/ntp/ntp.debug &
172N/Aelse
172N/A    /usr/lib/inet/ntpd "$@"
172N/Afi
172N/A
172N/A# Now, wait for the first sync, if requested.
172N/Aval=`svcprop -c -p config/wait_for_sync $SMF_FMRI`
172N/A[ "$val" = "true" ] && /usr/lib/inet/ntp-wait
172N/A
172N/Aexit $SMF_EXIT_OK