From owner-svn-src-head@freebsd.org  Mon Nov 25 19:59:54 2019
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7E57C1B844D;
 Mon, 25 Nov 2019 19:59:54 +0000 (UTC) (envelope-from ian@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 47MHty2plXz3NG4;
 Mon, 25 Nov 2019 19:59:54 +0000 (UTC) (envelope-from ian@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4513319C6D;
 Mon, 25 Nov 2019 19:59:54 +0000 (UTC) (envelope-from ian@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id xAPJxshV088258;
 Mon, 25 Nov 2019 19:59:54 GMT (envelope-from ian@FreeBSD.org)
Received: (from ian@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id xAPJxsJa088257;
 Mon, 25 Nov 2019 19:59:54 GMT (envelope-from ian@FreeBSD.org)
Message-Id: <201911251959.xAPJxsJa088257@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: ian set sender to ian@FreeBSD.org
 using -f
From: Ian Lepore <ian@FreeBSD.org>
Date: Mon, 25 Nov 2019 19:59:54 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r355100 - head/libexec/rc/rc.d
X-SVN-Group: head
X-SVN-Commit-Author: ian
X-SVN-Commit-Paths: head/libexec/rc/rc.d
X-SVN-Commit-Revision: 355100
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Nov 2019 19:59:54 -0000

Author: ian
Date: Mon Nov 25 19:59:53 2019
New Revision: 355100
URL: https://svnweb.freebsd.org/changeset/base/355100

Log:
  Allow opt-out of automatic ntpd leapfile checking/fetching.
  
  When a system has no internet connection, or when it is configured to obtain
  ntpd leapfiles from some source other than the internet, or even when the
  sysadmin has decided for some reason to customize ntp.conf to eliminate use
  of the leapfile, the rc.d/ntpd script emits various error messages related
  to the file.
  
  This change allows setting the rc var ntp_db_leapfile to NONE to disable all
  automatic processing related to that file in rc.d/ntpd.
  
  Differential Revision:	https://reviews.freebsd.org/D22461

Modified:
  head/libexec/rc/rc.d/ntpd

Modified: head/libexec/rc/rc.d/ntpd
==============================================================================
--- head/libexec/rc/rc.d/ntpd	Mon Nov 25 19:38:05 2019	(r355099)
+++ head/libexec/rc/rc.d/ntpd	Mon Nov 25 19:59:53 2019	(r355100)
@@ -28,6 +28,16 @@ pidfile="${_ntp_default_dir}/${name}.pid"
 
 load_rc_config $name
 
+leapfile_is_disabled() {
+	# Return true (0) if automatic leapfile handling is disabled.
+	case "$ntp_db_leapfile" in
+	[Nn][Oo] | [Nn][Oo][Nn][Ee] )
+		return 0;;
+	* )
+		return 1;;
+	esac
+}
+
 can_run_nonroot()
 {
 	# If the admin set what uid to use, we don't change it.
@@ -107,7 +117,12 @@ ntpd_precmd()
 		command_args="${command_args} -g"
 	fi
 
-	# Make sure the leapfile is ready to use.
+	# Make sure the leapfile is ready to use, unless leapfile
+	# handling is disabled.
+	if leapfile_is_disabled; then
+		return
+	fi
+
 	ntpd_init_leapfile
 	if [ ! -f "${ntp_db_leapfile}" ]; then
 		ntpd_fetch_leapfile
@@ -135,6 +150,11 @@ get_ntp_leapfile_expiry() {
 }
 
 ntpd_init_leapfile() {
+
+	if leapfile_is_disabled; then
+		return
+	fi
+
 	# Refresh working leapfile with an invalid hash due to
 	# FreeBSD id header. Ntpd will ignore leapfiles with a
 	# mismatch hash. The file must be the virgin file from
@@ -146,7 +166,12 @@ ntpd_init_leapfile() {
 
 ntpd_needfetch_leapfile() {
 	local rc verbose
-	
+
+	if leapfile_is_disabled; then
+		# Return code 1: ntp leapfile fetch not needed
+		return 1
+	fi
+
 	if checkyesno ntp_leapfile_fetch_verbose; then
 		verbose=echo
 	else
@@ -182,6 +207,11 @@ ntpd_needfetch_leapfile() {
 }
 
 ntpd_fetch_leapfile() {
+
+	if leapfile_is_disabled; then
+		return
+	fi
+
 	if checkyesno ntp_leapfile_fetch_verbose; then
 		verbose=echo
 	else