Bug#941713: buster-pu: package ntpsec/1.1.3+dfsg1-2+deb10u1
In the time since I created the original .debdiff, I have moved the
ntpsec packaging from GitHub to Salsa and switched to DEP-14 branch naming.
Attached is a refreshed .debdiff.2 and an .interdiff comparing that to
the first .debdiff. The only changes are the Vcs-* and debian/gbp.conf
changes related to the above.
I'll proceed with the upload.
--
Richard
diff -Nru ntpsec-1.1.3+dfsg1/debian/changelog ntpsec-1.1.3+dfsg1/debian/changelog
--- ntpsec-1.1.3+dfsg1/debian/changelog 2019-02-04 01:38:48.000000000 -0600
+++ ntpsec-1.1.3+dfsg1/debian/changelog 2019-11-18 00:04:00.000000000 -0600
@@ -1,3 +1,15 @@
+ntpsec (1.1.3+dfsg1-2+deb10u1) buster; urgency=medium
+
+ * Backport fix for slow DNS retries (Closes: 924192)
+ * ntpdate.8: Remove duplicated -o option
+ * ntpdate.8: Remove -p option (Closes: 926877)
+ * ntpdate.8: Remove -e option
+ * ntpdate.8: Remove inaccurate BUGS section
+ * Update ntpdate-debian.8 to match ntpdate.8
+ * Fix ntpdate -s (syslog) to fix the if-up hook (Closes: 931414)
+
+ -- Richard Laager <rlaager@wiktel.com> Mon, 18 Nov 2019 00:04:00 -0600
+
ntpsec (1.1.3+dfsg1-2) unstable; urgency=medium
* Suppress lintian warning
diff -Nru ntpsec-1.1.3+dfsg1/debian/control ntpsec-1.1.3+dfsg1/debian/control
--- ntpsec-1.1.3+dfsg1/debian/control 2019-02-04 01:38:48.000000000 -0600
+++ ntpsec-1.1.3+dfsg1/debian/control 2019-11-17 23:48:21.000000000 -0600
@@ -22,8 +22,8 @@
libwww-ssl-dev
Standards-Version: 4.3.0
Rules-Requires-Root: no
-Vcs-Browser: https://github.com/rlaager/ntpsec-pkg
-Vcs-Git: https://github.com/rlaager/ntpsec-pkg.git
+Vcs-Browser: https://salsa.debian.org/debian/ntpsec
+Vcs-Git: https://salsa.debian.org/debian/ntpsec.git
Homepage: https://www.ntpsec.org
Package: ntpsec
diff -Nru ntpsec-1.1.3+dfsg1/debian/gbp.conf ntpsec-1.1.3+dfsg1/debian/gbp.conf
--- ntpsec-1.1.3+dfsg1/debian/gbp.conf 2019-02-04 01:38:48.000000000 -0600
+++ ntpsec-1.1.3+dfsg1/debian/gbp.conf 2019-11-18 00:04:00.000000000 -0600
@@ -1,9 +1,12 @@
[DEFAULT]
-debian-branch = sid
+debian-branch = debian/buster
+pristine-tar = True
+upstream-branch = upstream/latest
[buildpackage]
-sign-tags = True
+dist = buster
posttag = gbp push
+sign-tags = True
[dch]
meta = True
diff -Nru ntpsec-1.1.3+dfsg1/debian/man/ntpdate.8 ntpsec-1.1.3+dfsg1/debian/man/ntpdate.8
--- ntpsec-1.1.3+dfsg1/debian/man/ntpdate.8 2019-02-04 01:38:48.000000000 -0600
+++ ntpsec-1.1.3+dfsg1/debian/man/ntpdate.8 2019-11-17 21:36:12.000000000 -0600
@@ -3,17 +3,13 @@
ntpdate \- set the date and time via NTP
.SH SYNOPSIS
.B ntpdate
-.RB [\| \-46bBdoqsuv \|]
+.RB [\| \-46bBdqsuv \|]
.RB [\| \-a
.IR key \|]
-.RB [\| \-e
-.IR authdelay \|]
.RB [\| \-k
.IR keyfile \|]
.RB [\| \-o
.IR version \|]
-.RB [\| \-p
-.IR samples \|]
.RB [\| \-t
.IR timeout \|]
.I server
@@ -91,13 +87,6 @@
but not adjust the local clock and using an unprivileged port. Information
useful for general debugging will also be printed.
.TP
-.BI \-e \ authdelay
-Specify the processing delay to perform an authentication
-function as the value authdelay, in seconds and fraction (see
-ntpd for details). This number is usually small enough to be
-negligible for most purposes, though specifying a value may
-improve timekeeping on very slow CPU's.
-.TP
.BI \-k \ keyfile
Specify the path for the authentication key file as the string
keyfile. The default is /etc/ntp.keys. This file should be in
@@ -108,11 +97,6 @@
can be 1, 2, 3 or 4. The default is 4. This allows ntpdate to be used with
older NTP versions.
.TP
-.BI \-p \ samples
-Specify the number of samples to be acquired from each server
-as the integer samples, with values from 1 to 8 inclusive. The
-default is 4.
-.TP
.B \-q
Query only \(en don't set the clock.
.TP
@@ -144,12 +128,6 @@
.TP
.I /etc/ntp.keys
\- encryption keys used by ntpdate.
-.SH BUGS
-The slew adjustment is actually 50% larger than the measured offset,
-since this (it is argued) will tend to keep a badly drifting clock
-more accurate. This is probably not a good idea and may cause a
-troubling hunt for some values of the kernel variables tick and
-tickadj.
.SH AUTHOR
David L. Mills (mills@udel.edu)
.br
diff -Nru ntpsec-1.1.3+dfsg1/debian/man/ntpdate-debian.8 ntpsec-1.1.3+dfsg1/debian/man/ntpdate-debian.8
--- ntpsec-1.1.3+dfsg1/debian/man/ntpdate-debian.8 2019-02-04 01:38:48.000000000 -0600
+++ ntpsec-1.1.3+dfsg1/debian/man/ntpdate-debian.8 2019-11-17 21:36:12.000000000 -0600
@@ -3,19 +3,17 @@
ntpdate-debian \- set the date and time via NTP
.SH SYNOPSIS
.B ntpdate-debian
-.RB [\| \-bBdoqsuv \|]
-.RB [\| \-a
-.IR key \|]
-.RB [\| \-e
-.IR authdelay \|]
-.RB [\| \-k
+.RB [\| \-46bBdqsuv \|]
+.RB [\| \-a
+.IR key \|]
+.RB [\| \-k
.IR keyfile \|]
.RB [\| \-o
.IR version \|]
-.RB [\| \-p
-.IR samples \|]
.RB [\| \-t
.IR timeout \|]
+.I server
+.RB [\| ... \|]
.SH DESCRIPTION
.B ntpdate-debian
is identical to
@@ -24,5 +22,7 @@
.I /etc/default/ntpsec-ntpdate
by default.
.B ntpdate
-sets the local date and time by polling Network Time
-Protocol (NTP) servers.
+sets the local date and time by polling the Network Time
+Protocol (NTP) server(s) given as the
+.I server
+argument(s) to determine the correct time.
diff -Nru ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-for-577-DNS-retry-sloth.patch ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-for-577-DNS-retry-sloth.patch
--- ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-for-577-DNS-retry-sloth.patch 1969-12-31 18:00:00.000000000 -0600
+++ ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-for-577-DNS-retry-sloth.patch 2019-11-17 23:47:13.000000000 -0600
@@ -0,0 +1,56 @@
+From bf3dfbe30ad16b4d345dfe9d6c6d842d9321355f Mon Sep 17 00:00:00 2001
+From: Hal Murray <murray@shuksan.example.com>
+Date: Sat, 16 Mar 2019 11:07:41 -0700
+Subject: [PATCH] Fix for #577, DNS retry sloth
+
+There is only one thread for DNS (and NTS-KE) work. If an attempt
+was made while the thread was busy, it waited for the retry timer
+rather than trying again as soon as the previous DNS work finished.
+---
+ ntpd/ntp_proto.c | 20 +++++++++++++++++---
+ 1 file changed, 17 insertions(+), 3 deletions(-)
+
+--- a/ntpd/ntp_proto.c
++++ b/ntpd/ntp_proto.c
+@@ -811,7 +811,11 @@
+ if ((peer_associations <= 2 * sys_maxclock) &&
+ (peer_associations < sys_maxclock ||
+ sys_survivors < sys_minclock))
+- if (!dns_probe(peer)) return;
++ if (!dns_probe(peer)) {
++ /* DNS thread busy, try again soon */
++ peer->nextdate = current_time;
++ return;
++ }
+ poll_update(peer, hpoll);
+ return;
+ }
+@@ -819,7 +823,10 @@
+ /* Does server need DNS lookup? */
+ if (peer->cfg.flags & FLAG_DNS) {
+ peer->outdate = current_time;
+- if (!dns_probe(peer)) return;
++ if (!dns_probe(peer)) {
++ peer->nextdate = current_time;
++ return;
++ }
+ poll_update(peer, hpoll);
+ return;
+ }
+@@ -2419,8 +2426,15 @@
+ hpoll = 8;
+ break;
+ case DNS_temp:
++ /* DNS not working yet. ??
++ * Want to retry soon,
++ * but also want to avoid log clutter.
++ * Beware, Fedora 29 lies:
++ * What I expect to be temp (no Wifi)
++ * gets EAI_NONAME, Name or service not known
++ */
+ txt = "temp";
+- hpoll += 1;
++ hpoll = 3;
+ break;
+ case DNS_error:
+ txt = "error";
diff -Nru ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-ntpdate-s-syslog.patch ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-ntpdate-s-syslog.patch
--- ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-ntpdate-s-syslog.patch 1969-12-31 18:00:00.000000000 -0600
+++ ntpsec-1.1.3+dfsg1/debian/patches/0001-Fix-ntpdate-s-syslog.patch 2019-11-17 23:47:13.000000000 -0600
@@ -0,0 +1,75 @@
+From 59070b9146de693cb36cdeab2a70be73cfb54bff Mon Sep 17 00:00:00 2001
+From: Richard Laager <rlaager@wiktel.com>
+Date: Thu, 8 Aug 2019 02:30:49 +0000
+Subject: [PATCH] Fix ntpdate -s (syslog)
+
+The ntpdate wrapper script was converting -s (for "log to syslog") to
+ntpdig -p. This is wrong, as ntpdig -p is for the number of samples and
+requires a parameter. The ntpdig man page says, "This version does not
+log to syslog. Pipe standard output and standard error to logger(1) if
+you want this behavior.
+
+Signed-off-by: Richard Laager <rlaager@wiktel.com>
+---
+ attic/ntpdate | 21 ++++++++++++++++-----
+ 1 file changed, 16 insertions(+), 5 deletions(-)
+
+diff --git a/attic/ntpdate b/attic/ntpdate
+index 0af352724..dd1137471 100755
+--- a/attic/ntpdate
++++ b/attic/ntpdate
+@@ -28,7 +28,7 @@
+ # -p N -q How many samples to take
+ # -q default -q query/report only, don't set clock
+ # (implies -u for ntpdate)
+-# -s -p log to syslog (always enabled in ntpd)
++# -s log to syslog (always enabled in ntpd)
+ # -t N.N -t N.N request timeout
+ # -u default unpriv port
+ # -v verbose (ntpd is always more verbose than ntpdate)
+@@ -43,7 +43,8 @@
+ PASSTHROUGH=""
+ TIMEOUT="-t 1"
+ setclock=yes
+-echo=""
++echo=no
++log=no
+ while getopts 46a:bBe:k:no:p:qst:uv opt
+ do
+ case $opt in
+@@ -55,11 +56,11 @@ do
+ d) PASSTHROUGH="$PASSTHROUGH -d";;
+ e) echo "ntpdate: -e is no longer supported." >&2;;
+ k) PASSTHROUGH="$PASSTHROUGH -k $OPTARG";;
+- n) echo=echo ;; # Echo generated command, don't execute
++ n) echo=yes;; # Echo generated command, don't execute
+ o) PASSTHROUGH="$PASSTHROUGH -o $OPTARG";;
+ p) echo "ntpdate: -p is no longer supported." >&2;;
+ q) setclock=no;;
+- s) PASSTHROUGH="$PASSTHROUGH -p";;
++ s) log=yes;;
+ t) PASSTHROUGH="$PASSTHROUGH -t $OPTARG"; TIMEOUT="";;
+ u) ;;
+ v) ;;
+@@ -72,7 +73,17 @@ then
+ ADJUST="-s -j"
+ fi
+
+-$echo ntpdig $ADJUST $TIMEOUT $PASSTHROUGH $*
++if [ "$echo" = yes ]
++then
++ echo ntpdig $ADJUST $TIMEOUT $PASSTHROUGH $*
++else
++ if [ "$log" = yes ]
++ then
++ ntpdig $ADJUST $TIMEOUT $PASSTHROUGH $* 2>&1 | logger -t ntpdate
++ else
++ ntpdig $ADJUST $TIMEOUT $PASSTHROUGH $*
++ fi
++fi
+
+ #end
+
+--
+2.17.1
+
diff -Nru ntpsec-1.1.3+dfsg1/debian/patches/series ntpsec-1.1.3+dfsg1/debian/patches/series
--- ntpsec-1.1.3+dfsg1/debian/patches/series 2019-02-04 01:38:48.000000000 -0600
+++ ntpsec-1.1.3+dfsg1/debian/patches/series 2019-11-17 23:47:13.000000000 -0600
@@ -42,9 +42,10 @@
0001-Use-.egg-info-for-the-Python-info-file.patch
## Fix a spelling error
0001-Fix-a-typo.2.patch
-
-# Forwarded
+## Fix DNS timeouts
+0001-Fix-for-577-DNS-retry-sloth.patch
0001-Add-Documentation-to-ntp-wait.service.patch
+0001-Fix-ntpdate-s-syslog.patch
# Forwarding not needed
systemd-use-wrapper.patch
diff -u ntpsec-1.1.3+dfsg1/debian/changelog ntpsec-1.1.3+dfsg1/debian/changelog
--- ntpsec-1.1.3+dfsg1/debian/changelog 2019-10-04 00:21:09.000000000 -0500
+++ ntpsec-1.1.3+dfsg1/debian/changelog 2019-11-18 00:04:00.000000000 -0600
@@ -8,7 +8,7 @@
* Update ntpdate-debian.8 to match ntpdate.8
* Fix ntpdate -s (syslog) to fix the if-up hook (Closes: 931414)
- -- Richard Laager <rlaager@wiktel.com> Fri, 04 Oct 2019 00:21:09 -0500
+ -- Richard Laager <rlaager@wiktel.com> Mon, 18 Nov 2019 00:04:00 -0600
ntpsec (1.1.3+dfsg1-2) unstable; urgency=medium
diff -u ntpsec-1.1.3+dfsg1/debian/gbp.conf ntpsec-1.1.3+dfsg1/debian/gbp.conf
--- ntpsec-1.1.3+dfsg1/debian/gbp.conf 2019-10-04 00:19:41.000000000 -0500
+++ ntpsec-1.1.3+dfsg1/debian/gbp.conf 2019-11-18 00:04:00.000000000 -0600
@@ -1,9 +1,12 @@
[DEFAULT]
-debian-branch = buster
+debian-branch = debian/buster
+pristine-tar = True
+upstream-branch = upstream/latest
[buildpackage]
-sign-tags = True
+dist = buster
posttag = gbp push
+sign-tags = True
[dch]
meta = True
only in patch2:
unchanged:
--- ntpsec-1.1.3+dfsg1/debian/control 2019-02-04 01:38:48.000000000 -0600
+++ ntpsec-1.1.3+dfsg1/debian/control 2019-11-17 23:48:21.000000000 -0600
@@ -22,8 +22,8 @@
libwww-ssl-dev
Standards-Version: 4.3.0
Rules-Requires-Root: no
-Vcs-Browser: https://github.com/rlaager/ntpsec-pkg
-Vcs-Git: https://github.com/rlaager/ntpsec-pkg.git
+Vcs-Browser: https://salsa.debian.org/debian/ntpsec
+Vcs-Git: https://salsa.debian.org/debian/ntpsec.git
Homepage: https://www.ntpsec.org
Package: ntpsec
Reply to: