Conflicts=systemd-timesyncd.service
[Service]
-Type=forking
+Type=simple
PrivateTmp=true
-EnvironmentFile=-/etc/conf.d/ntp
-ExecStart=/usr/sbin/ntpd ${NTPD_OPTS}
+ExecStart=/usr/sbin/ntpd --configfile=/etc/ntp.conf --panicgate --user=ntp:ntp --nofork
# Specifying -g on the command line allows ntpd to make large adjustments to
# the clock on boot. However, if Restart=yes is set, a malicious (or broken)
# server could send the incorrect time, trip the panic threshold, and when
--- /dev/null
+diff --git a/ntpd/ntp_sandbox.c b/ntpd/ntp_sandbox.c
+index 4e5ceaa36c1a7b452445023e201ddb6211625c52..78ac7aea263ed3d3394b2d32e79a6836f0387434 100644
+--- a/ntpd/ntp_sandbox.c
++++ b/ntpd/ntp_sandbox.c
+@@ -428,6 +428,11 @@ int scmp_sc[] = {
+ /* gentoo 64-bit and 32-bit, Intel and Arm use mmap */
+ SCMP_SYS(mmap),
+ #endif
++#if defined(__aarch64__)
++ SCMP_SYS(faccessat),
++ SCMP_SYS(newfstatat),
++ SCMP_SYS(renameat),
++#endif
+ #if defined(__i386__) || defined(__arm__) || defined(__powerpc__)
+ SCMP_SYS(_newselect),
+ SCMP_SYS(_llseek),
WAF_BINARY="${S}/waf"
-PATCHES=( "${FILESDIR}/${P}-externalize-sys_maxclock-fix-for-bug-708522.patch" )
+PATCHES=( "${FILESDIR}/${P}-externalize-sys_maxclock-fix-for-bug-708522.patch"
+ "${FILESDIR}/${P}-fix-missing-scmp_sys-on-aarch64.patch" )
src_prepare() {
default
projects / gentoo.git / commitdiff