Fincer
/
openntpd-portable
mirror of https://github.com/Fincer/openntpd-portable
1
0
Fork 0
Code Issues 0 Projects 0 Releases 10 Wiki Activity
Portable build framework for OpenNTPD
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
9 Branches
1.4 MiB
Tree: d5b81b8ed2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd5b81b8ed2'
${ noResults }
openntpd-portable/INSTALL

90 lines
2.9 KiB
Raw Normal View History

new OpenNTPD portable tree First attempt at building a new OpenNTPD portable project, based on the latest OpenBSD source.
9 years ago
 
  1. 1. Prerequisites
  2. ----------------
  3. 

  4. You will need an entropy (randomness) source.  If your OS has arc4random or
  5. getentropy then that is ideal. Otherwise, you can use the builtin arc4random
  6. implementation or the one built into LibreSSL.
  7. 

  8. 2. Building / Installation
  9. --------------------------
  10. 

  11. To install OpenNTPD with default options:
  12. 

  13. ./configure
  14. make
  15. make install
  16. 

  17. This will install the OpenNTPD binary in /usr/local/sbin, configuration
  18. files in /usr/local/etc. To specify a different installation prefix,
  19. use the --prefix option to configure:
  20. 

  21. ./configure --prefix=/opt
  22. make
  23. make install
  24. 

  25. Will install OpenNTPD in /opt/{etc,sbin}. You can also override
  26. specific paths, for example:
  27. 

  28. ./configure --prefix=/opt --sysconfdir=/etc/ntp
  29. make
  30. make install
  31. 

  32. This will install the binaries in /opt/sbin, but will place the
  33. configuration files in /etc/ntp.
  34. 

  35. OpenNTPD always uses Privilege Separation (ie the majority of the
  36. processing is done as a chroot'ed, unprivileged user).
  37. 

  38. This requires that a user, group and directory to be created for it.
  39. The user should not be permitted to log in, and its home directory
  40. should be owned by root and be mode 755.
  41. 

  42. If you do "make install", the Makefile will create the directory with
  43. the correct permissions and will prompt you for the rest if required.
  44. If, however, you need to perform all of these tasks yourself (eg if you
  45. are moving the built binaries to another system) then you will need to
  46. do something like the following (although the exact commands required
  47. for creating the user and group are system dependant):
  48. 

  49. # groupadd _ntp
  50. # useradd -g _ntp -s /sbin/nologin -d /var/empty/ntp -c 'OpenNTP daemon' _ntp
  51. # mkdir -p /var/empty/ntp
  52. # chown 0 /var/empty/ntp
  53. # chgrp 0 /var/empty/ntp
  54. # chmod 0755 /var/empty/ntp
  55. 

  56. There are a few options to the configure script in addition to the ones
  57. provided by autoconf itself:
  58. 

  59. --with-privsep-user=[user]
  60. 	Specify unprivileged user used for privilege separation.  The default
  61. 	is "_ntp".
  62. 

  63. --with-privsep-path=path
  64. 	Normally ntpd will always use the home directory of the privsep user
  65. 	to chroot to, however use of this option will cause ntpd to always
  66. 	use the specified directory.
  67. 

  68. If you need to pass special options to the compiler or linker, you
  69. can specify these as environment variables before running ./configure.
  70. For example:
  71. 

  72. CFLAGS="-O -m486" LDFLAGS="-s" LIBS="-lrubbish" LD="/usr/foo/ld" ./configure
  73. 

  74. 

  75. 3. Configuration
  76. ----------------
  77. 

  78. The runtime configuration files are installed by in ${prefix}/etc or
  79. whatever you specified as your --sysconfdir (/usr/local/etc by default).
  80. 

  81. If no configuration file exists, the default one is used.  The default
  82. configuration file uses a selection of publicly accessible "pool" servers
  83. (see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers).
  84. 

  85. 

  86. 4. Problems?
  87. ------------
  88. 

  89. If you experience problems compiling, installing or running OpenNTPD,
  90. please report the problem to the address in the README file.