addon chrony

Message ID 20230320201837.1887027-1-gerd@hoerst.net
State New
Headers
Series addon chrony |

Commit Message

Gerd Hoerst March 20, 2023, 8:18 p.m. UTC
  Signed-off-by: Gerd Hoerst <gerd@hoerst.net>
---
 config/chrony/etc/chrony/chrony.conf |  32 +++++++++
 config/chrony/etc/chrony/chrony.keys |  10 +++
 config/chrony/etc/rc.d/init.d/chrony |  56 +++++++++++++++
 config/rootfiles/packages/chrony     |  12 ++++
 lfs/chrony                           | 102 +++++++++++++++++++++++++++
 make.sh                              |   1 +
 src/paks/chrony/install.sh           |  33 +++++++++
 src/paks/chrony/uninstall.sh         |  31 ++++++++
 src/paks/chrony/update.sh            |  26 +++++++
 9 files changed, 303 insertions(+)
 create mode 100644 config/chrony/etc/chrony/chrony.conf
 create mode 100644 config/chrony/etc/chrony/chrony.keys
 create mode 100755 config/chrony/etc/rc.d/init.d/chrony
 create mode 100644 config/rootfiles/packages/chrony
 create mode 100644 lfs/chrony
 create mode 100644 src/paks/chrony/install.sh
 create mode 100644 src/paks/chrony/uninstall.sh
 create mode 100644 src/paks/chrony/update.sh
  

Comments

Michael Tremer March 22, 2023, 10:03 a.m. UTC | #1
Hello Gerd,

Once again, what is the benefit of having a second time sync daemon as an addon?

The one that we use works and it will set the time correctly. So this won’t have any benefit at all. Especially as there is no way to disable the existing ntp-based scripts.

-Michael

> On 20 Mar 2023, at 20:18, Gerd Hoerst <gerd@hoerst.net> wrote:
> 
> Signed-off-by: Gerd Hoerst <gerd@hoerst.net>
> ---
> config/chrony/etc/chrony/chrony.conf |  32 +++++++++
> config/chrony/etc/chrony/chrony.keys |  10 +++
> config/chrony/etc/rc.d/init.d/chrony |  56 +++++++++++++++
> config/rootfiles/packages/chrony     |  12 ++++
> lfs/chrony                           | 102 +++++++++++++++++++++++++++
> make.sh                              |   1 +
> src/paks/chrony/install.sh           |  33 +++++++++
> src/paks/chrony/uninstall.sh         |  31 ++++++++
> src/paks/chrony/update.sh            |  26 +++++++
> 9 files changed, 303 insertions(+)
> create mode 100644 config/chrony/etc/chrony/chrony.conf
> create mode 100644 config/chrony/etc/chrony/chrony.keys
> create mode 100755 config/chrony/etc/rc.d/init.d/chrony
> create mode 100644 config/rootfiles/packages/chrony
> create mode 100644 lfs/chrony
> create mode 100644 src/paks/chrony/install.sh
> create mode 100644 src/paks/chrony/uninstall.sh
> create mode 100644 src/paks/chrony/update.sh
> 
> diff --git a/config/chrony/etc/chrony/chrony.conf b/config/chrony/etc/chrony/chrony.conf
> new file mode 100644
> index 000000000..6c65f5c22
> --- /dev/null
> +++ b/config/chrony/etc/chrony/chrony.conf
> @@ -0,0 +1,32 @@
> +# Welcome to the chrony configuration file. See chrony.conf(5) for more
> +# information about usuable directives.
> +
> +pool 0.ipfire.pool.ntp.org
> +
> +# refclock SOCK /var/run/chrony.ttyAMA0.sock delay 0.0 refid SOCK
> +# refclock PPS /dev/pps0 refid PPS
> +
> +# This directive specify the location of the file containing ID/key pairs for
> +# NTP authentication.
> +keyfile /etc/chrony/chrony.keys
> +
> +# This directive specify the file into which chronyd will store the rate
> +# information.
> +driftfile /var/lib/chrony/chrony.drift
> +
> +# Uncomment the following line to turn logging on.
> +#log tracking measurements statistics
> +
> +# Log files location.
> +logdir /var/log/chrony
> +
> +# Stop bad estimates upsetting machine clock.
> +maxupdateskew 100.0
> +
> +# This directive enables kernel synchronisation (every 11 minutes) of the
> +# real-time clock. Note that it can’t be used along with the 'rtcfile' directive.
> +rtcsync
> +
> +# Step the system clock instead of slewing it if the adjustment is larger than
> +# one second, but only in the first three clock updates.
> +makestep 1 3
> diff --git a/config/chrony/etc/chrony/chrony.keys b/config/chrony/etc/chrony/chrony.keys
> new file mode 100644
> index 000000000..cee70b392
> --- /dev/null
> +++ b/config/chrony/etc/chrony/chrony.keys
> @@ -0,0 +1,10 @@
> +# This file is solely used for NTP authentication with symmetric keys
> +# as defined by RFC 1305 and RFC 5905.
> +#
> +# It can contain ID/key pairs which can be generated using the “keygen” option
> +# from “chronyc”; for example:
> +# chronyc keygen 1 SHA256 256 >> /etc/chrony/chrony.keys
> +# would generate a 256-bit SHA-256 key using ID 1.
> +#
> +# A list of supported hash functions and output encoding can be found in
> +# the "keyfile" section from the "/usr/share/doc/chrony/chrony.txt.gz" file.
> diff --git a/config/chrony/etc/rc.d/init.d/chrony b/config/chrony/etc/rc.d/init.d/chrony
> new file mode 100755
> index 000000000..0a2a0ee8e
> --- /dev/null
> +++ b/config/chrony/etc/rc.d/init.d/chrony
> @@ -0,0 +1,56 @@
> +#!/bin/sh
> +########################################################################
> +# Begin $rc_base/init.d/
> +#
> +# Description : chrony initscript 4 ipfire 2.1x
> +#
> +# Authors     : goerdi
> +#
> +# Version     : 01.00
> +#
> +# Notes       : GPLv3
> +#
> +########################################################################
> +
> +. /etc/sysconfig/rc
> +. $rc_functions
> +
> +SERVER="Chrony Time Server"
> +BINARY=chronyd
> +DAEMON=/usr/sbin/$BINARY
> +CONFIG=/etc/chrony/chrony.conf
> +PIDFILE=/run/chronyd.pid
> +START="$DAEMON -f $CONFIG"
> +
> +#test -f $DAEMON || exit 0
> +[ -x $DAEMON ] || exit 0
> +[ -f $CONFIG ] || exit 0
> +
> +
> +
> +
> +case "$1" in
> +  start)
> +      boot_mesg "Starting $SERVER"
> +      loadproc $START
> +  ;;
> +  stop)
> +      boot_mesg "Stopping $SERVER"
> +      killproc -p $PIDFILE $DAEMON
> +  ;;
> +  restart)
> +    boot_mesg "Restarting $CAMSERVER" 
> +    killproc -p $PIDFILE $DAEMON
> +    sleep 3
> +    loadproc $START
> +  ;;
> +  status)
> +    statusproc $DAEMON
> +  ;;
> +  *)
> +    echo "Usage: /etc/init.d/chrony {start|stop|restart|status}"
> +    exit 1
> +  ;;
> +esac
> +
> +exit 0
> diff --git a/config/rootfiles/packages/chrony b/config/rootfiles/packages/chrony
> new file mode 100644
> index 000000000..8386502d4
> --- /dev/null
> +++ b/config/rootfiles/packages/chrony
> @@ -0,0 +1,12 @@
> +#etc/chrony
> +etc/chrony/chrony.keys
> +etc/chrony/chrony.conf
> +etc/rc.d/init.d/chrony
> +usr/bin/chronyc
> +#usr/lib/chrony
> +usr/lib/chrony/chrony-helper
> +usr/sbin/chronyd
> +#usr/share/man/man1/chronyc.1
> +#usr/share/man/man5/chrony.conf.5
> +#usr/share/man/man8/chronyd.8
> +#var/lib/chrony
> diff --git a/lfs/chrony b/lfs/chrony
> new file mode 100644
> index 000000000..8e471ef77
> --- /dev/null
> +++ b/lfs/chrony
> @@ -0,0 +1,102 @@
> +###############################################################################
> +#                                                                             #
> +# IPFire.org - A linux based firewall                                         #
> +# Copyright (C) 2007-2020  IPFire Team  <info@ipfire.org>                     #
> +#                                                                             #
> +# This program is free software: you can redistribute it and/or modify        #
> +# it under the terms of the GNU General Public License as published by        #
> +# the Free Software Foundation, either version 3 of the License, or           #
> +# (at your option) any later version.                                         #
> +#                                                                             #
> +# This program is distributed in the hope that it will be useful,             #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
> +# GNU General Public License for more details.                                #
> +#                                                                             #
> +# You should have received a copy of the GNU General Public License           #
> +# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
> +#                                                                             #
> +###############################################################################
> +
> +###############################################################################
> +# Definitions
> +###############################################################################
> +
> +include Config
> +
> +VER        = 4.3
> +
> +THISAPP    = chrony-$(VER)
> +DL_FILE    = $(THISAPP).tar.gz
> +DL_FROM    = https://download.tuxfamily.org/chrony
> +DIR_APP    = $(DIR_SRC)/$(THISAPP)
> +TARGET     = $(DIR_INFO)/$(THISAPP)
> +PROG       = chrony
> +PAK_VER    = 1
> +DEPS       = ""
> +###############################################################################
> +# Top-level Rules
> +###############################################################################
> +
> +objects = $(DL_FILE)
> +
> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> +
> +$(DL_FILE)_BLAKE2 = 51ba6d19312fd52cd6d6d8ab9437c886a3779877170674db6dc37d657e849101e2669fd6c8723d24e43c895cd1924c3d8d2ff442baeef9abe8a6c313929edf5f
> +
> +
> +install : $(TARGET)
> +
> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
> +
> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
> +b2 : $(subst %,%_BLAKE2,$(objects))
> +
> +dist: 
> + @$(PAK)
> +###############################################################################
> +# Downloading, checking, md5sum
> +###############################################################################
> +
> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
> + @$(CHECK)
> +
> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
> + @$(LOAD)
> +
> +$(subst %,%_MD5,$(objects)) :
> + @$(MD5)
> +
> +###############################################################################
> +# Installation Details
> +###############################################################################
> +
> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> + @$(PREBUILD)
> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
> + cd $(DIR_APP) && \
> + ./configure \
> + --prefix=/usr \
> + --mandir=/usr/share/man \
> + --sysconfdir=/etc/chrony \
> + --without-readline \
> + --enable-scfilter \
> + --chronyrundir=/run/chrony \
> + --with-ntp-era=$(shell date -d '1970-01-01 00:00:00+00:00' +'%s') \
> + --enable-ntp-signd \
> + --with-hwclockfile=/etc/adjtime \
> + --with-pidfile=/run/chronyd.pid \
> + --host-system=Linux
> +
> +
> + cd $(DIR_APP) && make $(MAKETUNING)
> + cd $(DIR_APP) && make install
> +
> + mkdir -p /etc/chrony
> + cp -avf $(DIR_CONF)/chrony/etc/chrony/* /etc/chrony
> + cp -vrf $(DIR_CONF)/chrony/etc/rc.d/init.d/chrony /etc/rc.d/init.d
> + mkdir -p /usr/lib/chrony
> + cp -avf $(DIR_CONF)/chrony/usr/lib/chrony/* /usr/lib/chrony
> +
> + @rm -rf $(DIR_APP)
> + @$(POSTBUILD)
> diff --git a/make.sh b/make.sh
> index 3b7f9850c..ab995c20e 100755
> --- a/make.sh
> +++ b/make.sh
> @@ -1397,6 +1397,7 @@ buildipfire() {
>   lfsmake2 python3-docutils
>   lfsmake2 python3-daemon
>   lfsmake2 ntp
> +  lfsmake2 chrony
>   lfsmake2 openssh
>   lfsmake2 fontconfig
>   lfsmake2 dejavu-fonts-ttf
> diff --git a/src/paks/chrony/install.sh b/src/paks/chrony/install.sh
> new file mode 100644
> index 000000000..b0b053bd6
> --- /dev/null
> +++ b/src/paks/chrony/install.sh
> @@ -0,0 +1,33 @@
> +#!/bin/bash
> +############################################################################
> +#                                                                          #
> +# This file is part of the IPFire Firewall.                                #
> +#                                                                          #
> +# IPFire is free software; you can redistribute it and/or modify           #
> +# it under the terms of the GNU General Public License as published by     #
> +# the Free Software Foundation; either version 2 of the License, or        #
> +# (at your option) any later version.                                      #
> +#                                                                          #
> +# IPFire is distributed in the hope that it will be useful,                #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
> +# GNU General Public License for more details.                             #
> +#                                                                          #
> +# You should have received a copy of the GNU General Public License        #
> +# along with IPFire; if not, write to the Free Software                    #
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
> +#                                                                          #
> +# Copyright (C) 2007 IPFire-Team <info@ipfire.org>.                        #
> +#                                                                          #
> +############################################################################
> +#
> +. /opt/pakfire/lib/functions.sh 
> +
> +extract_files 
> +restore_backup ${NAME}
> +chmod ugo+x /etc/rc.d/init.d/chrony
> +ln -svf  ../init.d/chrony /etc/rc.d/rc0.d/K46chrony
> +ln -svf  ../init.d/chrony /etc/rc.d/rc3.d/S26chrony
> +ln -svf  ../init.d/chrony /etc/rc.d/rc6.d/K46chrony
> +
> +start_service --background ${NAME}
> diff --git a/src/paks/chrony/uninstall.sh b/src/paks/chrony/uninstall.sh
> new file mode 100644
> index 000000000..9472553d3
> --- /dev/null
> +++ b/src/paks/chrony/uninstall.sh
> @@ -0,0 +1,31 @@
> +#!/bin/bash
> +############################################################################
> +#                                                                          #
> +# This file is part of the IPFire Firewall.                                #
> +#                                                                          #
> +# IPFire is free software; you can redistribute it and/or modify           #
> +# it under the terms of the GNU General Public License as published by     #
> +# the Free Software Foundation; either version 2 of the License, or        #
> +# (at your option) any later version.                                      #
> +#                                                                          #
> +# IPFire is distributed in the hope that it will be useful,                #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
> +# GNU General Public License for more details.                             #
> +#                                                                          #
> +# You should have received a copy of the GNU General Public License        #
> +# along with IPFire; if not, write to the Free Software                    #
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
> +#                                                                          #
> +# Copyright (C) 2007 IPFire-Team <info@ipfire.org>.                        #
> +#                                                                          #
> +############################################################################
> +#
> +. /opt/pakfire/lib/functions.sh
> +stop_service ${NAME}
> +# wait2 terminate
> +sleep 3
> +make_backup ${NAME}
> +remove_files
> +rm -rf /etc/rc.d/rc*.d/*chrony
> +rm /etc/rc.d/rc3.d/off/*chrony
> diff --git a/src/paks/chrony/update.sh b/src/paks/chrony/update.sh
> new file mode 100644
> index 000000000..89c40d0d7
> --- /dev/null
> +++ b/src/paks/chrony/update.sh
> @@ -0,0 +1,26 @@
> +#!/bin/bash
> +############################################################################
> +#                                                                          #
> +# This file is part of the IPFire Firewall.                                #
> +#                                                                          #
> +# IPFire is free software; you can redistribute it and/or modify           #
> +# it under the terms of the GNU General Public License as published by     #
> +# the Free Software Foundation; either version 2 of the License, or        #
> +# (at your option) any later version.                                      #
> +#                                                                          #
> +# IPFire is distributed in the hope that it will be useful,                #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
> +# GNU General Public License for more details.                             #
> +#                                                                          #
> +# You should have received a copy of the GNU General Public License        #
> +# along with IPFire; if not, write to the Free Software                    #
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
> +#                                                                          #
> +# Copyright (C) 2007 IPFire-Team <info@ipfire.org>.                        #
> +#                                                                          #
> +############################################################################
> +#
> +. /opt/pakfire/lib/functions.sh
> +./uninstall.sh
> +./install.sh
> -- 
> 2.25.1
>
  

Patch

diff --git a/config/chrony/etc/chrony/chrony.conf b/config/chrony/etc/chrony/chrony.conf
new file mode 100644
index 000000000..6c65f5c22
--- /dev/null
+++ b/config/chrony/etc/chrony/chrony.conf
@@ -0,0 +1,32 @@ 
+# Welcome to the chrony configuration file. See chrony.conf(5) for more
+# information about usuable directives.
+
+pool 0.ipfire.pool.ntp.org
+
+# refclock SOCK /var/run/chrony.ttyAMA0.sock delay 0.0 refid SOCK
+# refclock PPS /dev/pps0 refid PPS
+
+# This directive specify the location of the file containing ID/key pairs for
+# NTP authentication.
+keyfile /etc/chrony/chrony.keys
+
+# This directive specify the file into which chronyd will store the rate
+# information.
+driftfile /var/lib/chrony/chrony.drift
+
+# Uncomment the following line to turn logging on.
+#log tracking measurements statistics
+
+# Log files location.
+logdir /var/log/chrony
+
+# Stop bad estimates upsetting machine clock.
+maxupdateskew 100.0
+
+# This directive enables kernel synchronisation (every 11 minutes) of the
+# real-time clock. Note that it can’t be used along with the 'rtcfile' directive.
+rtcsync
+
+# Step the system clock instead of slewing it if the adjustment is larger than
+# one second, but only in the first three clock updates.
+makestep 1 3
diff --git a/config/chrony/etc/chrony/chrony.keys b/config/chrony/etc/chrony/chrony.keys
new file mode 100644
index 000000000..cee70b392
--- /dev/null
+++ b/config/chrony/etc/chrony/chrony.keys
@@ -0,0 +1,10 @@ 
+# This file is solely used for NTP authentication with symmetric keys
+# as defined by RFC 1305 and RFC 5905.
+#
+# It can contain ID/key pairs which can be generated using the “keygen” option
+# from “chronyc”; for example:
+# chronyc keygen 1 SHA256 256 >> /etc/chrony/chrony.keys
+# would generate a 256-bit SHA-256 key using ID 1.
+#
+# A list of supported hash functions and output encoding can be found in
+# the "keyfile" section from the "/usr/share/doc/chrony/chrony.txt.gz" file.
diff --git a/config/chrony/etc/rc.d/init.d/chrony b/config/chrony/etc/rc.d/init.d/chrony
new file mode 100755
index 000000000..0a2a0ee8e
--- /dev/null
+++ b/config/chrony/etc/rc.d/init.d/chrony
@@ -0,0 +1,56 @@ 
+#!/bin/sh
+########################################################################
+# Begin $rc_base/init.d/
+#
+# Description : chrony initscript 4 ipfire 2.1x
+#
+# Authors     : goerdi
+#
+# Version     : 01.00
+#
+# Notes       : GPLv3
+#
+########################################################################
+
+. /etc/sysconfig/rc
+. $rc_functions
+
+SERVER="Chrony Time Server"
+BINARY=chronyd
+DAEMON=/usr/sbin/$BINARY
+CONFIG=/etc/chrony/chrony.conf
+PIDFILE=/run/chronyd.pid
+START="$DAEMON -f $CONFIG"
+
+#test -f $DAEMON || exit 0
+[ -x $DAEMON ] || exit 0
+[ -f $CONFIG ] || exit 0
+
+
+
+
+case "$1" in
+  start)
+      boot_mesg "Starting $SERVER"
+      loadproc $START
+  ;;
+  stop)
+      boot_mesg "Stopping $SERVER"
+      killproc -p $PIDFILE $DAEMON
+  ;;
+  restart)
+    boot_mesg "Restarting $CAMSERVER" 
+    killproc -p $PIDFILE $DAEMON
+    sleep 3
+    loadproc $START
+  ;;
+  status)
+    statusproc $DAEMON
+  ;;
+  *)
+    echo "Usage: /etc/init.d/chrony {start|stop|restart|status}"
+    exit 1
+  ;;
+esac
+
+exit 0
diff --git a/config/rootfiles/packages/chrony b/config/rootfiles/packages/chrony
new file mode 100644
index 000000000..8386502d4
--- /dev/null
+++ b/config/rootfiles/packages/chrony
@@ -0,0 +1,12 @@ 
+#etc/chrony
+etc/chrony/chrony.keys
+etc/chrony/chrony.conf
+etc/rc.d/init.d/chrony
+usr/bin/chronyc
+#usr/lib/chrony
+usr/lib/chrony/chrony-helper
+usr/sbin/chronyd
+#usr/share/man/man1/chronyc.1
+#usr/share/man/man5/chrony.conf.5
+#usr/share/man/man8/chronyd.8
+#var/lib/chrony
diff --git a/lfs/chrony b/lfs/chrony
new file mode 100644
index 000000000..8e471ef77
--- /dev/null
+++ b/lfs/chrony
@@ -0,0 +1,102 @@ 
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2007-2020  IPFire Team  <info@ipfire.org>                     #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 4.3
+
+THISAPP    = chrony-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = https://download.tuxfamily.org/chrony
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+PROG       = chrony
+PAK_VER    = 1
+DEPS       = ""
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = 51ba6d19312fd52cd6d6d8ab9437c886a3779877170674db6dc37d657e849101e2669fd6c8723d24e43c895cd1924c3d8d2ff442baeef9abe8a6c313929edf5f
+
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+dist: 
+	@$(PAK)
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+	@$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+	@$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+	@$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+	@$(PREBUILD)
+	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+	cd $(DIR_APP) && \
+		./configure \
+		--prefix=/usr \
+		--mandir=/usr/share/man \
+		--sysconfdir=/etc/chrony \
+		--without-readline \
+		--enable-scfilter \
+		--chronyrundir=/run/chrony \
+		--with-ntp-era=$(shell date -d '1970-01-01 00:00:00+00:00' +'%s') \
+		--enable-ntp-signd \
+		--with-hwclockfile=/etc/adjtime \
+		--with-pidfile=/run/chronyd.pid \
+		--host-system=Linux
+
+
+	cd $(DIR_APP) && make $(MAKETUNING)
+	cd $(DIR_APP) && make install
+
+	mkdir -p /etc/chrony
+	cp -avf $(DIR_CONF)/chrony/etc/chrony/* /etc/chrony
+	cp -vrf $(DIR_CONF)/chrony/etc/rc.d/init.d/chrony /etc/rc.d/init.d
+	mkdir -p /usr/lib/chrony
+	cp -avf $(DIR_CONF)/chrony/usr/lib/chrony/* /usr/lib/chrony
+
+	@rm -rf $(DIR_APP)
+	@$(POSTBUILD)
diff --git a/make.sh b/make.sh
index 3b7f9850c..ab995c20e 100755
--- a/make.sh
+++ b/make.sh
@@ -1397,6 +1397,7 @@  buildipfire() {
   lfsmake2 python3-docutils
   lfsmake2 python3-daemon
   lfsmake2 ntp
+  lfsmake2 chrony
   lfsmake2 openssh
   lfsmake2 fontconfig
   lfsmake2 dejavu-fonts-ttf
diff --git a/src/paks/chrony/install.sh b/src/paks/chrony/install.sh
new file mode 100644
index 000000000..b0b053bd6
--- /dev/null
+++ b/src/paks/chrony/install.sh
@@ -0,0 +1,33 @@ 
+#!/bin/bash
+############################################################################
+#                                                                          #
+# This file is part of the IPFire Firewall.                                #
+#                                                                          #
+# IPFire is free software; you can redistribute it and/or modify           #
+# it under the terms of the GNU General Public License as published by     #
+# the Free Software Foundation; either version 2 of the License, or        #
+# (at your option) any later version.                                      #
+#                                                                          #
+# IPFire is distributed in the hope that it will be useful,                #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
+# GNU General Public License for more details.                             #
+#                                                                          #
+# You should have received a copy of the GNU General Public License        #
+# along with IPFire; if not, write to the Free Software                    #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
+#                                                                          #
+# Copyright (C) 2007 IPFire-Team <info@ipfire.org>.                        #
+#                                                                          #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh 
+
+extract_files 
+restore_backup ${NAME}
+chmod ugo+x /etc/rc.d/init.d/chrony
+ln -svf  ../init.d/chrony /etc/rc.d/rc0.d/K46chrony
+ln -svf  ../init.d/chrony /etc/rc.d/rc3.d/S26chrony
+ln -svf  ../init.d/chrony /etc/rc.d/rc6.d/K46chrony
+
+start_service --background ${NAME}
diff --git a/src/paks/chrony/uninstall.sh b/src/paks/chrony/uninstall.sh
new file mode 100644
index 000000000..9472553d3
--- /dev/null
+++ b/src/paks/chrony/uninstall.sh
@@ -0,0 +1,31 @@ 
+#!/bin/bash
+############################################################################
+#                                                                          #
+# This file is part of the IPFire Firewall.                                #
+#                                                                          #
+# IPFire is free software; you can redistribute it and/or modify           #
+# it under the terms of the GNU General Public License as published by     #
+# the Free Software Foundation; either version 2 of the License, or        #
+# (at your option) any later version.                                      #
+#                                                                          #
+# IPFire is distributed in the hope that it will be useful,                #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
+# GNU General Public License for more details.                             #
+#                                                                          #
+# You should have received a copy of the GNU General Public License        #
+# along with IPFire; if not, write to the Free Software                    #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
+#                                                                          #
+# Copyright (C) 2007 IPFire-Team <info@ipfire.org>.                        #
+#                                                                          #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+stop_service ${NAME}
+# wait2 terminate
+sleep 3
+make_backup ${NAME}
+remove_files
+rm -rf /etc/rc.d/rc*.d/*chrony
+rm /etc/rc.d/rc3.d/off/*chrony
diff --git a/src/paks/chrony/update.sh b/src/paks/chrony/update.sh
new file mode 100644
index 000000000..89c40d0d7
--- /dev/null
+++ b/src/paks/chrony/update.sh
@@ -0,0 +1,26 @@ 
+#!/bin/bash
+############################################################################
+#                                                                          #
+# This file is part of the IPFire Firewall.                                #
+#                                                                          #
+# IPFire is free software; you can redistribute it and/or modify           #
+# it under the terms of the GNU General Public License as published by     #
+# the Free Software Foundation; either version 2 of the License, or        #
+# (at your option) any later version.                                      #
+#                                                                          #
+# IPFire is distributed in the hope that it will be useful,                #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
+# GNU General Public License for more details.                             #
+#                                                                          #
+# You should have received a copy of the GNU General Public License        #
+# along with IPFire; if not, write to the Free Software                    #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
+#                                                                          #
+# Copyright (C) 2007 IPFire-Team <info@ipfire.org>.                        #
+#                                                                          #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+./uninstall.sh
+./install.sh