summary refs log tree commit diff
diff options
context:
space:
mode:
authorJohn Darrington <jmd@gnu.org>2016-09-05 13:53:39 +0200
committerJohn Darrington <jmd@gnu.org>2016-09-08 18:08:22 +0200
commit1c6c0ad067b558fcbebd87e8cb51d342d808163e (patch)
tree01d58c5b4233b9d9cd20abfcf79c5385a4a4fba5
parent7fb461d2feec88de0f0cc713acf79300c7d6c3ae (diff)
downloadguix-1c6c0ad067b558fcbebd87e8cb51d342d808163e.tar.gz
services: ntpd: Use a dedicated directory for drift file.
Fixes <https://bugs.gnu.org/24366>.  Drift file now resides in a
dedicated directory owned by the daemon.

* gnu/services/networking.scm (ntp-service-activation): New procedure,
(ntp-service-type): Add new service-extension.
-rw-r--r--gnu/services/networking.scm19
1 files changed, 17 insertions, 2 deletions
diff --git a/gnu/services/networking.scm b/gnu/services/networking.scm
index 71f49a03a5..dee1b74d81 100644
--- a/gnu/services/networking.scm
+++ b/gnu/services/networking.scm
@@ -2,6 +2,7 @@
 ;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2015 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016 John Darrington <jmd@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -272,7 +273,7 @@ Protocol (DHCP) client, on all the non-loopback network interfaces."
      (let ()
        ;; TODO: Add authentication support.
        (define config
-         (string-append "driftfile /var/run/ntp.drift\n"
+         (string-append "driftfile /var/run/ntpd/ntp.drift\n"
                         (string-join (map (cut string-append "server " <>)
                                           servers)
                                      "\n")
@@ -307,13 +308,27 @@ restrict -6 ::1\n"))
          (home-directory "/var/empty")
          (shell #~(string-append #$shadow "/sbin/nologin")))))
 
+
+(define (ntp-service-activation config)
+  "Return the activation gexp for CONFIG."
+  (with-imported-modules '((guix build utils))
+    #~(begin
+        (define %user
+          (getpw "ntpd"))
+
+        (let ((directory "/var/run/ntpd"))
+          (mkdir-p directory)
+          (chown directory (passwd:uid %user) (passwd:gid %user))))))
+
 (define ntp-service-type
   (service-type (name 'ntp)
                 (extensions
                  (list (service-extension shepherd-root-service-type
                                           ntp-shepherd-service)
                        (service-extension account-service-type
-                                          (const %ntp-accounts))))))
+                                          (const %ntp-accounts))
+                       (service-extension activation-service-type
+                                          ntp-service-activation)))))
 
 (define* (ntp-service #:key (ntp ntp)
                       (servers %ntp-servers))