[Cerowrt-devel] DNSSEC & NTP Bootstrapping

[Toke Høiland-Jørgensen]

Phil Pennock <cerowrt-devel+phil at spodhuis.org> writes:

> For context, I'm currently running OpenWRT; attached is the
> /etc/init.d/ntpdate which I'm using. It relies upon having Python and
> dig installed, as I haven't gotten around to building a small C
> utility to do just this task, but perhaps the approach is useful
> enough that someone else might do so?

A functionality similar to this is already implemented in openwrt and
runs as the first thing on boot. It finds the newest file in /etc and
sets the system time to that:

# cat /etc/init.d/sysfixtime 
#!/bin/sh /etc/rc.common
# Copyright (C) 2013-2014 OpenWrt.org

START=00

boot() {
	local curtime="$(date +%s)"
	local maxtime="$(find /etc -type f -exec date +%s -r {} \; | sort -nr | head -n1)"
	[ $curtime -lt $maxtime ] && \
		date -s @$maxtime && \
		logger -t sysfixtime -p daemon.notice "Time fixed"
}


This works well enough that I haven't had any time problems in recent
memory. However I tend to build my images minutes before flashing them,
so for someone downloading an image off somewhere, the ntp lookup is
obviously needed.

I do believe it would be feasible to include your script without the
preseed part pretty much as-is? It adds a dependency on dig, but I guess
that is not unreasonable (certainly not for cerowrt, but maybe for
openwrt default). The ntpdate dependency can probably be gotten away
with by substituting an appropriate ntpd -q command...

-Toke
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <https://lists.bufferbloat.net/pipermail/cerowrt-devel/attachments/20140324/06ace830/attachment.sig>