notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)

/commits.php is going away

I'm proposing to take /commits.php away - it mainly duplicates the home page. Details in this GitHub issue.
Port details
chrony System clock synchronization client and server
4.1 net on this many watch lists=2 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 4.1Version of this port present on the latest quarterly branch.
Maintainer: mandree@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2014-04-08 17:07:07
Last Update: 2021-05-15 07:21:10
Commit Hash: 5c1774b
People watching this port, also watch:: openjdk8, netdata, coreutils
License: GPLv2
Description:
SVNWeb : git : Homepage
pkg-plist: as obtained via: make generate-plist
Expand this list (18 items)
Collapse this list.
  1. /usr/local/share/licenses/chrony-4.1/catalog.mk
  2. /usr/local/share/licenses/chrony-4.1/LICENSE
  3. /usr/local/share/licenses/chrony-4.1/GPLv2
  4. bin/chronyc
  5. @sample etc/chrony.conf.sample
  6. man/man1/chronyc.1.gz
  7. man/man5/chrony.conf.5.gz
  8. man/man8/chronyd.8.gz
  9. sbin/chronyd
  10. @dir(chronyd,chronyd) /var/db/chrony
  11. @comment share/doc/chrony/chrony.conf.html
  12. @comment share/doc/chrony/chronyc.html
  13. @comment share/doc/chrony/chronyd.html
  14. @comment share/doc/chrony/faq.html
  15. @comment share/doc/chrony/installation.html
  16. @owner
  17. @group
  18. @mode
Collapse this list.
Dependency lines:
  • chrony>0:net/chrony
Conflicts:
CONFLICTS_INSTALL:
  • chrony-lite
Conflicts Matches:
There are no Conflicts Matches for this port. This is usually an error.
To install the port: cd /usr/ports/net/chrony/ && make install clean
To add the package, run one of these commands:
  • pkg install net/chrony
  • pkg install chrony
PKGNAME: chrony
Flavors: there is no flavor information for this port.
distinfo:
Packages (timestamps in pop-ups are UTC):
chrony
ABIlatestquarterly
FreeBSD:11:aarch643.33.5_3
FreeBSD:11:amd644.14.1
FreeBSD:11:armv62.43.5.1
FreeBSD:11:i3864.14.1
FreeBSD:11:mips--
FreeBSD:11:mips64--
FreeBSD:12:aarch643.34.1
FreeBSD:12:amd644.14.1
FreeBSD:12:armv63.33.5.1
FreeBSD:12:armv73.33.5.1
FreeBSD:12:i3864.14.1
FreeBSD:12:mips--
FreeBSD:12:mips643.3-
FreeBSD:12:powerpc64-4.0
FreeBSD:13:aarch644.04.1
FreeBSD:13:amd644.14.1
FreeBSD:13:armv64.0-
FreeBSD:13:armv74.04.0
FreeBSD:13:i3864.14.1
FreeBSD:13:mips--
FreeBSD:13:mips64--
FreeBSD:13:powerpc64-4.1
FreeBSD:14:aarch644.1-
FreeBSD:14:amd644.1-
FreeBSD:14:armv6--
FreeBSD:14:armv74.0_1-
FreeBSD:14:i3864.1-
FreeBSD:14:mips--
FreeBSD:14:mips64--
FreeBSD:14:powerpc644.0_1-
 

Slave ports:
  1. net/chrony-lite

Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. gmake>=4.3 : devel/gmake
  2. pkgconf>=1.3.0_1 : devel/pkgconf
Library dependencies:
  1. libnettle.so : security/nettle
  2. libgnutls.so : security/gnutls
  3. libedit.so.0 : devel/libedit
There are no ports dependent upon this port

Configuration Options:
Options name:

USES:

FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (5 items)
Collapse this list.
  1. http://distcache.FreeBSD.org/local-distfiles/mandree/
  2. http://distcache.eu.FreeBSD.org/local-distfiles/mandree/
  3. http://distcache.us-east.FreeBSD.org/local-distfiles/mandree/
  4. http://distcache.us-west.FreeBSD.org/local-distfiles/mandree/
  5. https://download.tuxfamily.org/chrony/
Collapse this list.

Number of commits found: 39

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
15 May 2021 07:21:10
 files touched by this commit commit hash:5c1774b557b5b7a2b9f24b875a57fb6d15810966  4.1
mandree search for other commits by this committer
net/chrony: update to 4.1

ChangeLog:
https://chrony.tuxfamily.org/news.html#_13_may_2021_chrony_4_1_released
07 Apr 2021 18:59:33
 files touched by this commit commit hash:11ff2d7e81002e788f8e54ad7b60daba43db8e50  4.0_1
mandree search for other commits by this committer
net/chrony: enable MS-SNTP authentication (SIGND)
PR:		254859
Reported by:	Andrej Ebert
06 Apr 2021 14:31:13
 files touched by this commit commit hash:135fdeebb99c3569e42d8162b265e15d29bd937d  4.0
mat search for other commits by this committer
all: Remove all other $FreeBSD keywords.
06 Apr 2021 14:31:07
 files touched by this commit commit hash:305f148f482daf30dcf728039d03d019f88344eb  4.0
mat search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
19 Jan 2021 20:24:46
Original commit files touched by this commit Revision:562078  4.0
decke search for other commits by this committer
net/chrony: Preparations for a new slave port

PR:		252584
Submitted by:	myself
Approved by:	mandree@
07 Oct 2020 17:40:56
Original commit files touched by this commit Revision:551656  4.0
mandree search for other commits by this committer
net/chrony: update to 4.0 release

Changelog: https://git.tuxfamily.org/chrony/chrony.git/tree/NEWS?id=4.0#n1

Update options (unfortunately the crypto stuff is a bit contorted
with NSS <-> Nettle incompatibilities and NTS requiring GnuTLS and Nettle).
22 Aug 2020 11:03:03
Original commit files touched by this commit Revision:545759  3.5.1
mandree search for other commits by this committer
net/chrony: security update to 3.5.1

This upstream update essentially contains one Git commit:
https://git.tuxfamily.org/chrony/chrony.git/commit/?h=3.5-stable&id=f00fed20092b6a42283f29c6ee1f58244d74b545

It is to fix a symlink vulnerability when writing the pidfile.

Changelog:
https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2020/08/msg00000.html

MFH:		2020Q2 (blanket: upstream has one specific git commit between 3.5 and
3.5.1)
Security:	CVE-2020-14367
Security:	719f06af-e45e-11ea-95a1-c3b8167b8026
16 May 2020 10:51:33
Original commit files touched by this commit Revision:535391  3.5_3 This port version is marked as vulnerable.
sunpoet search for other commits by this committer
Bump PORTREVISION for security/nettle shlib change
08 May 2020 01:35:58
Original commit files touched by this commit Revision:534317  3.5_2 This port version is marked as vulnerable.
mandree search for other commits by this committer
net/chrony: option to use system ntpd user/group

USER_DESC was reworded to make purpose clearer.

While here, shuffle things a bit to appease portclippy.

PR:		246293
Submitted by:	olivier@
06 Apr 2020 16:27:48
Original commit files touched by this commit Revision:530887  3.5_2 This port version is marked as vulnerable.
mandree search for other commits by this committer
net/chrony: fix regression, remove pidfile= from rc.d script

chrony handles its own pidfile, and still our status method works,
so avoid missing chrony's own lock management.

PR:		245399
Reported by:	Peter Putzer
05 Apr 2020 21:27:56
Original commit files touched by this commit Revision:530842  3.5_1 This port version is marked as vulnerable.
mandree search for other commits by this committer
net/chrony: take maintainership, repeated timeouts from yonas@fizk.net
05 Apr 2020 21:20:11
Original commit files touched by this commit Revision:530840  3.5_1 This port version is marked as vulnerable.
mandree search for other commits by this committer
net/chrony: make NETTLE build robust, improve rc script, re-enable NSS

Changes by Colin T.:
* Always require pkgconfig instead of only requiring it for NSS,
  because otherwise chrony does not link reliably to nettle. [1]
* Add pidfile to rc.d script to stop it from complaining when
  stopping chronyd. [1]
* Document chronyd_* options in rc.d script. [1]

Changes by Matthias Andree:
* Move USES line up to please portlint.
* Add HTMLDOCS option, to build and install HTML docs. IMPLIES DOCS.
  Needs textproc/asciidoctor (rubygem) as build requisite.
* Turn CRYPTLIB into a _RADIO to choose at most one from NSS + NETTLE.
* Under WITH_DEBUG, add --enable-debug to CONFIGURE_ARGS.
* Remove @ (silent) from Makefile commands.
* Remove NSS_BROKEN, chrony 3.5 appears to work with NSS. Updates [3].

PR:		244534 [1]
PR:		242510 [2]
PR:		223840 [3]
Submitted by:	Colin T. <bugzilla@nulldir.e4ward.com> [1]
Reported by:	Matt Smith <freebsd@xtaz.uk> [2]
Approved by:	maintainer timeout (yonas@fizk.net, 36 days)
09 Oct 2019 12:17:15
Original commit files touched by this commit Revision:514143  3.5 This port version is marked as vulnerable.
bapt search for other commits by this committer
Drop the ipv6 virtual category for n* category as it is not relevant anymore
02 Sep 2019 22:35:05
Original commit files touched by this commit Revision:510861  3.5 This port version is marked as vulnerable.
swills search for other commits by this committer
net/chrony: Update to 3.5

PR:		239596
Submitted by:	Colin T. <bugzilla@nulldir.e4ward.com>
Approved by:	maintainer timeout (yonas@fizk.net, >1 month)
09 Jul 2019 17:13:07
Original commit files touched by this commit Revision:506289  3.4_2 This port version is marked as vulnerable.
sunpoet search for other commits by this committer
Update security/nettle to 3.5.1

- Bump PORTREVISION of dependent ports for shlib change
- Fix build of devel/pijul [1]

Changes:	https://git.lysator.liu.se/nettle/nettle/blob/master/NEWS
PR:		238991
Exp-run by:	antoine
Thanks to:	tobik [1]
27 Dec 2018 20:41:54
Original commit files touched by this commit Revision:488567  3.4_1 This port version is marked as vulnerable.
decke search for other commits by this committer
net/chrony: Fix chrony running as server and using bindaddress

On FreeBSD, sendmsg() fails when IP_SENDSRCADDR specifies a source
address on a socket that is bound to the address. This prevents a server
configured with the bindaddress directive from responding to clients.

Add a new variable to check whether the server IPv4 socket is not bound
before setting the source address.

PR:		233644
Submitted by:	Colin T <bugzilla@nulldir.e4ward.com>
Reported by:	ddrinnon@cdor.net
Approved by:	maintainer timeout (> 3 weeks)
Obtained
from:	https://git.tuxfamily.org/chrony/chrony.git/commit/?id=6af39d63aa9323b4b8c39efe24ae0c88c949a901
23 Nov 2018 20:46:27
Original commit files touched by this commit Revision:485706  3.4 This port version is marked as vulnerable.
swills search for other commits by this committer
net/chrony: Update to 3.4

PR:		232823
Submitted by:	Colin T. <bugzilla@nulldir.e4ward.com>
Approved by:	maintainer timeout (yonas@fizk.net, >3 weeks)
30 Aug 2018 04:05:08
Original commit files touched by this commit Revision:478429  3.3 This port version is marked as vulnerable.
danfe search for other commits by this committer
Remove redundant DOCS, NLS, EXAMPLES, and IPV6 from OPTIONS_DEFAULT as they
are put there by the framework (see line 200 of Mk/bsd.options.mk), except
for `finance/quantlib' which makes very unorthodoxal usage of port options.
09 May 2018 03:01:58
Original commit files touched by this commit Revision:469426  3.3 This port version is marked as vulnerable.
tobik search for other commits by this committer
net/chrony: Update to 3.3

- Add explicit DOCS, EXAMPLES options
- Replace %%PREFIX%% in sample files
- Make sure chronyc is really linked with libedit from ports
- Add support for security/nettle and use it by default since chrony crashes
  on startup when built with NSS. [1]

PR:		227779, 223840 [1]
Submitted by:	takefu@airport.fm
Approved by:	maintainer
20 Nov 2017 13:49:59
Original commit files touched by this commit Revision:454559  3.1_3 This port version is marked as vulnerable.
rodrigo search for other commits by this committer
Add missing lib dependency in the original patch
Bump PORTREVISION

PR:		217691
Submitted by:	John Hein  <z7dr6ut7gs@snkmail.com>
Approved by:	Yonas Yanfa <yonas@fizk.net>
18 Nov 2017 22:41:34
Original commit files touched by this commit Revision:454465  3.1_2 This port version is marked as vulnerable.
rodrigo search for other commits by this committer
Makes the NSS dependency explicit, and perform cleanup
Bump PORTREVISION

Before this patch if nss is installed when crony is built, there's a silent lib
dependency on nss, and if nss is subsequently uninstalled chrony breaks.

NSS is now turned on by default adding support for a number of more modern
hashing algorithms than md5.

Cleanup:
 - --infodir is not a valid configure option (since 2.3 I think)
 - USES=localbase instead of LDFLAGS
 - add explicit --without-tomcrypt [1]
 - add support for passing chronyd_flags to chronyd in rc.d script
 - fix some hard-coded /usr/local in examples

PR:		217691
Submitted by:	John Hein <z7dr6ut7gs@snkmail.com>
Approved by:	Yonas Yanfa <yonas@fizk.net> (maintainer)
16 Nov 2017 19:11:42
Original commit files touched by this commit Revision:454328  3.1_1 This port version is marked as vulnerable.
feld search for other commits by this committer
net/chrony: Remove dubious security warnings in pkg-message

PR:		223647
MFH:		2017Q4
06 Mar 2017 06:53:39
Original commit files touched by this commit Revision:435517  3.1 This port version is marked as vulnerable.
wen search for other commits by this committer
- Update to 3.1

PR:		217573
Submitted by:	yonas@fizk.net(maintainer)
13 Feb 2017 18:05:34
Original commit files touched by this commit Revision:434012  3.0 This port version is marked as vulnerable.
krion search for other commits by this committer
Update net/chrony: enable privilege separation and other minor changes.

- enables privilege separation
- removes the build dependency on asciidoctor
- removes the runtime dependency on makeinfo and readline
- add a runtime dependency on libedit
- do not install the HTML documentation (in favour of man pages)
- update the post-install message (pkg-message) in light of privilege separation
- set the permission of /var/db/chrony to the new "chronyd" user and group

PR:		216737
Submitted by:	maintainer
Approved by:	mat (mentor)
Differential Revision:	https://reviews.freebsd.org/D9570
31 Jan 2017 03:40:46
Original commit files touched by this commit Revision:432897  3.0 This port version is marked as vulnerable.
linimon search for other commits by this committer
Mark various ports broken on aarch64 and armv6.

Approved by:	portmgr (tier-2 blanket)
17 Jan 2017 17:37:21
Original commit files touched by this commit Revision:431765  3.0 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Update to 3.0
- While here, add LICENSE_FILE and remove unneeded @dir

PR:		216184
Submitted by:	yonas@fizk.net (maintainer)
02 Dec 2016 11:58:22
Original commit files touched by this commit Revision:427552  2.4.1 This port version is marked as vulnerable.
mat search for other commits by this committer
Do not use post-stage.  Use post-install instead.

The only reason to use post-stage is because the port needs to do
"things" at a later time, like some plist manipulation.
While there, fold post-install in do-install targets when they are
defined.

PR:		214780
Submitted by:	mat
Exp-run by:	antoine
Sponsored by:	Absolight
29 Nov 2016 23:53:36
Original commit files touched by this commit Revision:427407  2.4.1 This port version is marked as vulnerable.
junovitch search for other commits by this committer
net/chrony: update 2.4 -> 2.4.1

PR:		214749
Submitted by:	Yonas Yanfa <yonas@fizk.net> (maintainer)
12 Jun 2016 10:41:45
Original commit files touched by this commit Revision:416792  2.4 This port version is marked as vulnerable.
pi search for other commits by this committer
net/chrony: 2.3 -> 2.4

Changes:
  http://chrony.tuxfamily.org/news.html

PR:		210190
Submitted by:	Yonas Yanfa <yonas@fizk.net> (maintainer)
06 Jun 2016 16:50:14
Original commit files touched by this commit Revision:416474  2.3 This port version is marked as vulnerable.
danfe search for other commits by this committer
- Remove ONLY_FOR_ARCHS restriction as chronyd(8) runs fine on PowerPC now
- Remove no-op OPTIONS_DEFAULT=IPV6, which was bogusly re-added in r416385
  by pi@ after it was previously removed by amdmi3@ in r416447
- Sanitize `post-stage' target recipe (still needs more work to decouple
  extra docs and examples properly and add them to OPTIONS_DEFINE)

Tested on:	Mac mini G4 (powerpc)
05 Jun 2016 03:35:27
Original commit files touched by this commit Revision:416385  2.3 This port version is marked as vulnerable.
pi search for other commits by this committer
net/chrony: 2.2 -> 2.3

- submitter becomes maintainer after repeated maintainer timeouts

Enhancements
- Add support for NTP and command response rate limiting
- Add support for dropping root privileges on Mac OS X, FreeBSD, Solaris
- Add require and trust options for source selection
- Enable logchange by default (1 second threshold)
- Set RTC on Mac OS X with rtcsync directive
- Allow binding to NTP port after dropping root privileges on NetBSD
- Drop CAP_NET_BIND_SERVICE capability on Linux when NTP port is disabled
- Resolve names in separate process when seccomp filter is enabled
- Replace old records in client log when memory limit is reached
- Don't reveal local time and synchronisation state in client packets
(Only the first 15 lines of the commit message are shown above View all of this commit message)
23 May 2016 20:35:01
Original commit files touched by this commit Revision:415742  2.2 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
Remove NLS, DOCS, EXAMPLES and IPV6 from OPTIONS_DEFAULT, they are enabled by
default anyway and don't need to be listed

Approved by:	portmgr blanket
27 Dec 2015 12:53:33
Original commit files touched by this commit Revision:404564  2.2 This port version is marked as vulnerable.
riggs search for other commits by this committer
Update to upstream version 2.2; general cleanup

Detailed log by submitter:
- Update net/chrony to latest upstream version - 2.2
- install info
- point to /var/db instead of /var/lib (per hier(7))
- use doc/install-docs target; install more docs (PORTDOCS)
- use @sample to a sample .conf file (not for .keys which will require
  manual intervention); others in examples dir (use PORTEXAMPLES)
- rm old post-install target
- fix example files for freebsd/prefix paths & ntp server names, add
  info regarding how to do log rotation if logging turned on.

PR:		204817
Submitted by:	z7dr6ut7gs@snkmail.com
Approved by:	maintainer timeout
23 Nov 2015 20:04:20
Original commit files touched by this commit Revision:402324  1.31.1 This port version is marked as vulnerable.
pi search for other commits by this committer
net/chrony: prefix fix, remove setuid-root mode

PR:		204018
Submitted by:	John Hein <z7dr6ut7gs@snkmail.com>
Reviewed by:	koobs
Approved by:	masaki@club.kyutech.ac.jp (maintainer timeout)
23 May 2015 18:59:12
Original commit files touched by this commit Revision:387180  1.31.1 This port version is marked as vulnerable.
pi search for other commits by this committer
net/chrony: 1.31 -> 1.31.1

- Update to 1.31.1 to resolve CVE-2015-1799, CVE-2015-1821, and CVE-2015-1822
- Regenerate patches with `make makepatch` to quiet portlint
- Strip binaries

PR:		199508
Submitted by:	Jason Unovitch <jason.unovitch@gmail.com>
Approved by:	masaki@club.kyutech.ac.jp (maintainer timeout)
22 Apr 2015 11:43:13
Original commit files touched by this commit Revision:384486  1.31 This port version is marked as vulnerable.
robak search for other commits by this committer
net/chrony: add CPE info

PR:		199513
Submitted by:	jbeich
Approved by:	portmgr blanket
01 Nov 2014 16:17:49
Original commit files touched by this commit Revision:372019  1.31 This port version is marked as vulnerable.
madpilot search for other commits by this committer
- Update to 1.31 [1]

While here:

- Add makeinfo and readline uses
- Fix plist orphans

PR:		194079 [1]
Submitted by:	Kevin Thompson <antiduh at csh.rit.edu>
Approved by:	maintainer timeout
09 Apr 2014 09:01:41
Original commit files touched by this commit Revision:350671  1.29.1 This port version is marked as vulnerable.
danfe search for other commits by this committer
Some minor, non-functional wording and grammar nits.
08 Apr 2014 17:06:59
Original commit files touched by this commit Revision:350635  1.29.1 This port version is marked as vulnerable.
danfe search for other commits by this committer
Add a port of system clock synchronization client and server (chrony).

WWW: http://chrony.tuxfamily.org/

PR:	ports/174263

Number of commits found: 39