#!/bin/sh # $Id: build_ntp.sh,v 1.6 2003/08/27 15:44:45 honx Exp $ # (c) 2003 PRESECURE Consulting GmbH # Here are some variables you can set to tune the script to your environment. # The directory where all the files from the tarball are located. DISTDIR=`pwd` # The directory that will be used to build ntpd in. It must exist and be writable. BUILD_DIR=${DISTDIR} # The ntpd version that will be built. NTP_VERSION=4.1.80-rc1 NTP_TARDIST=ntp-${NTP_VERSION}.tar.gz NTP_DISTDIR=${DISTDIR} # The directory where ntp will be installed. It must exist and be writable. INSTALL_DIR=/usr/local/ntp # The layout of files below of the installation. Should be left as it is. NTP_ETCDIR=${INSTALL_DIR}/etc NTP_KEYSDIR=${NTP_ETCDIR}/keys NTP_VARDIR=${INSTALL_DIR}/var NTP_STATEDIR=${NTP_VARDIR}/run NTP_LOGDIR=${NTP_VARDIR}/log # The hostname of this client. The default is gethostname(2) HOSTNAME=`hostname` # The path to the openssl binary. OPENSSL_BINARY=openssl # The path to the directories with openssl headers and libraries. Only set these if they # are in a non-standard directory and configure does not find them by default. # (Specify just the directories, without -I or -L) OPENSSL_LIBDIR= OPENSSL_INCDIR= # These specify the options to use to set the runtime-path in the binaries. # Uncomment the one you need. # for gcc RPATH_FLAGS="-Wl,-rpath," # for sun workshop #RPATH_FLAGS="-R" # Any further CFLAGS and LDFLAGS you need. CFLAGS= LDFLAGS= # Set this to "yes" if you want to use the enclosed patch. WITH_HOSTNAME_PATCH="no" # The options that get passed to the configure call in ntpd NTP_CONFIG_OPTIONS=" --prefix=${INSTALL_DIR} --with-crypto=openssl --enable-debug" ####################################################### # Change any of these only if you know exactly what you # are doing. # Name of the IFF files IFFKEY_FILE=ntpkey_IFFkey_time.pre-secure.de.3254050662 IFFKEY_LINKNAME=ntpkey_iff_time.pre-secure.de # Keylength to use for the hostkey KEYLENGTH=1024 # Algorithms to use for the hostkey ALGORITHM=RSA-SHA1 # Name of the ntpd-config file NTP_CONFFILE=ntp.conf # The version of the hostname patch HOSTNAME_PATCH_VERSION=1.2 # Name of the patchfile for the hostname patch HOSTNAME_PATCH=config_hostname-${HOSTNAME_PATCH_VERSION}-ntp-${NTP_VERSION}.patch # The password for the keyfiles. KEY_PASSWORD="1234" ###################################################### if [ ! -f ${NTP_DISTDIR}/${NTP_TARDIST} ] ; then echo "The ntp-distfile ${NTP_DISTDIR}/${NTP_TARDIST} was not found. Please download it " echo "from http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/${NTP_TARDIST}" exit fi if [ "X${OPENSSL_LIBDIR}" != "X" ] ; then CFLAGS="${CFLAGS} -I${OPENSSL_INCDIR} " NTP_CONFIG_OPTIONS=" ${NTP_CONFIG_OPTIONS} --with-openssl-incdir=${OPENSSL_INCDIR}" fi if [ "X${OPENSSL_LIBDIR}" != "X" ] ; then LDFLAGS="${LDFLAGS} -L${OPENSSL_LIBDIR} ${RPATH_FLAGS}${OPENSSL_LIBDIR}" NTP_CONFIG_OPTIONS=" ${NTP_CONFIG_OPTIONS} --with-openssl-libdir=${OPENSSL_LIBDIR}" fi cd ${BUILD_DIR} gzip -dc ${NTP_DISTDIR}/${NTP_TARDIST} | tar xvf - || exit cd ntp-${NTP_VERSION} if [ "X${WITH_HOSTNAME_PATCH}" = "Xyes" ]; then patch -p1 < ${DISTDIR}/${HOSTNAME_PATCH} || exit fi CFLAGS=${CFLAGS} LDFLAGS=${LDFLAGS} ./configure ${NTP_CONFIG_OPTIONS} || exit make || exit make install || exit mkdir -p ${NTP_ETCDIR} mkdir -p ${NTP_KEYSDIR} mkdir -p ${INSTALL_DIR}/etc/keys mkdir -p ${NTP_VARDIR} mkdir -p ${NTP_STATEDIR} mkdir -p ${NTP_LOGDIR} cat < ${NTP_ETCDIR}/${NTP_CONFFILE} server time.pre-secure.de autokey logfile ${NTP_LOGDIR}/ntp logconfig =all driftfile ${NTP_STATEDIR}/ntp.drift statistics cryptostats statsdir ${NTP_LOGDIR} filegen cryptostats file cryptostats enable keysdir ${NTP_KEYSDIR} crypto randfile ${NTP_STATEDIR}/rand pw ${KEY_PASSWORD} restrict 127.0.0.1 restrict 212.12.41.19 noquery restrict default ignore EOF if [ "X${WITH_HOSTNAME_PATCH}" = "Xyes" ]; then echo "hostname $HOSTNAME" >> ${NTP_ETCDIR}/${NTP_CONFFILE} fi echo >> ${NTP_ETCDIR}/${NTP_CONFFILE} ${OPENSSL_BINARY} rand 2048 > ${NTP_STATEDIR}/rand cd ${NTP_KEYSDIR} cp $DISTDIR/${IFFKEY_FILE} . ln -s ${IFFKEY_FILE} ${IFFKEY_LINKNAME} chmod go-r * chmod go-rx . RANDFILE="${NTP_STATEDIR}/rand" ${INSTALL_DIR}/bin/ntp-keygen -m ${KEYLENGTH} -s ${HOSTNAME} -p ${KEY_PASSWORD} -c ${ALGORITHM} echo ; echo echo "Installation in ${INSTALL_DIR} is finished. You might want to chown" echo "all the files in that directory to root before starting ntpd."