Is there any reason the drift file should be mode 600?

Richard Laager rlaager at wiktel.com
Fri Dec 15 11:30:24 UTC 2017 

On 12/15/2017 03:05 AM, Hal Murray wrote:
> rlaager at wiktel.com said:
>>> That sort of stuff used to be easy before systemd
>> It's still easy. Add this to ntpd.service: 
>> ExecStartPre=-/bin/chmod -f 664 /var/lib/ntp/ntp.drift
> 
> I think I tried something like that to setup the ldattch for the PPS and 
> systemd nuked the backgrounded ldattch job.

The solution has to be tailored to the problem. I gave a solution using
ExecStartPre for the previous problem. But ExecStartPre is probably not
the right solution for ldattach.

Here is how I use ttyS0 for serial (ntpd spectracom driver) and PPS,
including but not limited to the systemd ldattach service, but excluding
ntp.conf.

Setup the module to load on boot, and load it now:
echo pps_ldisc > /etc/modules-load.d/pps-ldisc.conf
modprobe pps_ldisc

Create /etc/udev/rules.d/10-pps.rules with this content, excluding the
dashed lines:
----
KERNEL=="ttyS0", SYMLINK+="spectracom0"
KERNEL=="ttyS0", RUN+="/bin/setserial /dev/ttyS0 low_latency"
----

I assume you're using a different driver, so adjust that (or omit it
entirely), as appropriate.

Fire that udev rule to create the symlink without rebooting:
udevadm trigger

Create /etc/systemd/system/pps-ldisc at .service with this content,
excluding the dashed lines:
----
[Unit]
Description=Line Discipline for PPS Timekeeping for %i
Before=ntpd.service
BindsTo=dev-%i.device
Wants=systemd-modules-load.service
After=systemd-modules-load.service
After=setserial.service

[Service]
ExecStart=/usr/sbin/ldattach pps /dev/%i
Type=forking

[Install]
WantedBy=ntpd.service
----

This creates a _template_ service for calling ldattach pps on a
specified serial port.

Note: I have modified this service to use the upstream NTPsec name of
ntpd.service, not the Debian/Ubuntu name of ntp.service (no "d"). For
other readers on Debian derivatives, change that back to ntp.service.

Enable the service for ttyS0:
systemctl enable pps-ldisc at ttyS0.service

The portion after the @, which is ttyS0, is substituted into the
template service for %i. Since this service has an [Install] section
with WantedBy=ntpd.service, enabling it will create a symlink at
/etc/systemd/system/ntpd.service.wants/pps-ldisc at ttyS0.service, which
makes pps-ldisc at ttyS0.service a dependency of ntpd.service. When
ntpd.service is being started, systemd will start pps-ldisc at ttyS0.service.

I have apparmor, so I have to do this:
sed -i "s|/dev/null|/dev/ttyS0|" /etc/apparmor.d/tunables/ntpd
systemctl restart apparmor

Now configure and restart ntpd.

> Is there a shell command to daemonize a command?

If the process doesn't already daemonize itself, use Type=simple and
systemd will do this for you. For example, with simple shell/Python/Perl
scripts, there is no need to worry about daemonizing in the script if
you're using systemd.

-- 
Richard

More information about the devel mailing list