diff options
| author | Matthias Andree <mandree@FreeBSD.org> | 2024-12-08 15:15:46 +0000 |
|---|---|---|
| committer | Matthias Andree <mandree@FreeBSD.org> | 2024-12-08 15:19:40 +0000 |
| commit | f7c8a6233b5131c572e42a5f4c5bfe8d823e5e01 (patch) | |
| tree | e80d9845ac99b5efeea29d563204a9e38d830043 | |
| parent | 842aa9df3f892a7161a3fe849e6fac8544f7af73 (diff) | |
net/chrony: dns/dnsmasq: change rcfile ordering
Make sure that these services start in proper order, and sooner
such that chrony can synchronize time before other services need it.
Note that there is a circular dependency or bootstrapping problem
here in that the system time needs to be halfway correct if you
require your time servers to be looked up through DNS with DNSSEC
enabled because crypto usually needs correct clocks for expiration
checks on signatures to work so the name service needs a correct time,
and looking up the time server needs a working name service.
So be sure you can bootstrap with a skewed time.
Reported by: Lexi Winter
PR: 282566
I am not MFHing this, it's too intrusive.
| -rw-r--r-- | dns/dnsmasq/Makefile | 2 | ||||
| -rw-r--r-- | dns/dnsmasq/files/dnsmasq.in | 4 | ||||
| -rw-r--r-- | net/chrony/Makefile | 1 | ||||
| -rw-r--r-- | net/chrony/files/chronyd.in | 2 |
4 files changed, 5 insertions, 4 deletions
diff --git a/dns/dnsmasq/Makefile b/dns/dnsmasq/Makefile index e3726648b0ef..82c465cf42c6 100644 --- a/dns/dnsmasq/Makefile +++ b/dns/dnsmasq/Makefile @@ -1,7 +1,7 @@ PORTNAME= dnsmasq DISTVERSION= 2.90 # Leave the PORTREVISION in even if 0 to avoid accidental PORTEPOCH bumps: -PORTREVISION= 3 +PORTREVISION= 4 PORTEPOCH= 1 CATEGORIES= dns MASTER_SITES= https://www.thekelleys.org.uk/dnsmasq/ \ diff --git a/dns/dnsmasq/files/dnsmasq.in b/dns/dnsmasq/files/dnsmasq.in index 1311df694b69..f2178bc8db1a 100644 --- a/dns/dnsmasq/files/dnsmasq.in +++ b/dns/dnsmasq/files/dnsmasq.in @@ -1,8 +1,8 @@ #!/bin/sh # PROVIDE: dnsmasq -# REQUIRE: SERVERS ldconfig -# BEFORE: DAEMON named +# REQUIRE: NETWORKING ldconfig ntpdate +# BEFORE: DAEMON chrony named # KEYWORD: shutdown # # Start before named so as not to break named_wait if named is diff --git a/net/chrony/Makefile b/net/chrony/Makefile index 0fc94be6e698..5cf16e4d51ff 100644 --- a/net/chrony/Makefile +++ b/net/chrony/Makefile @@ -1,5 +1,6 @@ PORTNAME= chrony DISTVERSION= 4.6.1 +PORTREVISION= 1 CATEGORIES= net MASTER_SITES= https://chrony-project.org/releases/ \ LOCAL/mandree diff --git a/net/chrony/files/chronyd.in b/net/chrony/files/chronyd.in index 79e370d3c4c1..1eb20c2b03ca 100644 --- a/net/chrony/files/chronyd.in +++ b/net/chrony/files/chronyd.in @@ -1,7 +1,7 @@ #!/bin/sh # PROVIDE: chronyd -# REQUIRE: DAEMON +# REQUIRE: SERVERS # KEYWORD: nojail shutdown # # Add the following lines to /etc/rc.conf.local or /etc/rc.conf |