Please enable PPS in the Ubuntu build of ntpd

Bug #1512980 reported by Mark Shuttleworth on 2015-11-04
14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ntp (Ubuntu)
Undecided
Kick In

Bug Description

NTPD includes a reference clock driver called "pps" which uses a modern kernel mechanism for pulse-per-second devices for very accurate timekeeping. PPS is particularly useful for anybody building a stratum 0 GPS-disciplined time server. Please could we enable the PPS driver in Ubuntu's build of NTP?

http://doc.ntp.org/4.2.6/drivers/driver22.html

Thanks,
Mark

Jon Grimm (jgrimm) on 2015-11-04
Changed in ntp (Ubuntu):
assignee: nobody → Robie Basak (racb)
Download full text (4.9 KiB)

Some initial analysis to support further decisions

#### Version check ####

Version upstream
4.2.8p4 2015/10/21

Latest versions in Ubuntu
1:4.2.6.p3+dfsg-1ubuntu3.6 | precise-security
1:4.2.6.p5+dfsg-3ubuntu2.14.04.5 | trusty-security
1:4.2.6.p5+dfsg-3ubuntu6.2 | vivid-security
1:4.2.6.p5+dfsg-3ubuntu8.1 | wily-security
1:4.2.6.p5+dfsg-3ubuntu8.1 | xenial

Latest versions in Debian
1:4.2.6.p2+dfsg-1+b1 | squeeze
1:4.2.6.p2+dfsg-1+deb6u4 | squeeze-lts
1:4.2.6.p5+dfsg-2+deb7u6 | wheezy-security
1:4.2.6.p5+dfsg-7 | jessie
1:4.2.6.p5+dfsg-7+deb8u1 | jessie-security
1:4.2.8p4+dfsg-3 | stretch
1:4.2.8p4+dfsg-3+b1 | sid

Since Ubuntu is still on 4.2.6 it is worth to check how much the diff 4.2.6p5 to 4.2.8p4 will be.
After doing so it is clear, that this is a new major version.
The changelog between those versions is 2482 entries long.

To the pps functionality alone there were 12 patches.
There are also some preventive security fixing which has no CVE to cause it to go into ubuntu yet which might be worth to leverage.

#### Get it to build ####

Testing "buildability" of debians 4.2.8p4 + PPS in Xenial environment.
A config currently delivers that regarding PPS:
checking for sys/timepps.h... no
checking timepps.h usability... no
checking timepps.h presence... no
checking for timepps.h... no
checking sys/ppsclock.h usability... no
checking sys/ppsclock.h presence... no
checking for sys/ppsclock.h... no
checking sys/ppstime.h usability... no
checking sys/ppstime.h presence... no
checking for sys/ppstime.h... no
checking for struct ppsclockev... no
checking for TTY PPS ioctl TIOCGPPSEV... no
checking for TTY PPS ioctl TIOCSPPS... no
checking for TTY PPS ioctl CIOGETEV... no
checking ATOM PPS interface... yes
checking for sys/timepps.h... no

So most resolve to no due to the lack of sys/timepps.h being around.
The next missing is sys/ppstime.h

There is no explicit pps configure option to be considered, so building with might "just" need providing the headers.
To get those one would "just need" a build dependency to pps-tools.

Installing pps-tools provides sys/timepps.h but that doesn't APPERA to fix everything

checking for sys/timepps.h... yes
checking timepps.h usability... no
checking timepps.h presence... no
checking for timepps.h... no
checking sys/ppsclock.h usability... no
checking sys/ppsclock.h presence... no
checking for sys/ppsclock.h... no
checking sys/ppstime.h usability... no
checking sys/ppstime.h presence... no
checking for sys/ppstime.h... no
checking for struct ppsclockev... no
checking for sys/timepps.h... yes

Most solutions out there for ubuntu/debian recompile ntp and sometimes also the kernel for kernel support.
Whoever works on this should study:
- http://superuser.com/questions/828036/how-can-i-check-whether-my-ntp-daemon-has-pps-support
- http://www.worldtimesolutions.com/support/ntp/Debian_Lenny_Linux_PPS_support_for_ntpd.html

ppsclock.h seems to be an older version and we don't have to care too much.

Also these checks refer to older positions of ...

Read more...

Thank you Christian!

Let's go with 4.2.8 for all the obvious reasons, get it done in Ubuntu
and offer up the patch to Debian.

Mark

Kick In (kick-d) on 2016-01-14
Changed in ntp (Ubuntu):
status: New → In Progress
Mark Shuttleworth (sabdfl) wrote :

Thanks kick-d :)

Robie Basak (racb) on 2016-01-20
Changed in ntp (Ubuntu):
assignee: Robie Basak (racb) → Kick In (kick-d)
Robie Basak (racb) wrote :

Fixed in 1:4.2.8p4+dfsg-3ubuntu1, but I missed that pps-tools is in universe when sponsoring, so it's stuck in dep-wait right now. We need to look into whether we want to MIR pps-tools, or if pps-tools is not needed at runtime, or if there is some way to build NTP with PPS support without pps-tools. At a cursory glance it looks like it's a build time dependency for headers only, in which case the current proposal to not require build deps to be in main may resolve this.

Robie Basak (racb) on 2016-02-11
Changed in ntp (Ubuntu):
status: In Progress → Fix Committed
Mark Shuttleworth (sabdfl) wrote :

Thanks Robie, excited to take it for a spin :)

Launchpad Janitor (janitor) wrote :
Download full text (4.1 KiB)

This bug was fixed in the package ntp - 1:4.2.8p4+dfsg-3ubuntu1

---------------
ntp (1:4.2.8p4+dfsg-3ubuntu1) xenial; urgency=medium

  * Merge from Debian testing. Remaining changes:
    + debian/rules: enable debugging. Ask debian to add this.
    + debian/rules, debian/ntp.dirs, debian/source_ntp.py: Add apport hook.
    + Add enforcing AppArmor profile:
      - debian/control: Add Conflicts/Replaces on apparmor-profiles.
      - debian/control: Add Suggests on apparmor.
      - debian/control: Build-Depends on dh-apparmor.
      - add debian/apparmor-profile*.
      - debian/ntp.dirs: Add apparmor directories.
      - debian/rules: Install apparmor-profile and apparmor-profile.tunable.
      - debian/source_ntp.py: Add filter on AppArmor profile names to prevent
        false positives from denials originating in other packages.
      - debian/README.Debian: Add note on AppArmor.
    + debian/ntpdate.if-up: Fix interaction with openntpd. Stop ntp before
      running ntpdate when an interface comes up, then start again afterwards.
    + debian/ntp.init, debian/rules: Only stop when entering single user mode,
      don't use /var/lib/ntp/ntp.conf.dhcp if /etc/ntp.conf is newer - it can
      get stale. Patch by Simon Déziel.
    + debian/ntp.conf, debian/ntpdate.default: Change default server to
      ntp.ubuntu.com.
    + debian/control: Add bison to Build-Depends (for ntpd/ntp_parser.y).
  * Includes fix for requests with source ports < 123, fixed upstream in
    4.2.8p1 (LP: #1479652).
  * Add PPS support (LP: #1512980):
    + debian/README.Debian: Add a PPS section to the README.Debian,
      removed all PPSkit one.
    + debian/ntp.conf: Add some configuration examples from the offical
      documentation.
    + debian/control: Add Build-Depends on pps-tools
  * Drop Changes:
    + debian/rules: Update config.{guess,sub} for AArch64, because upstream use
      dh_autoreconf now.
    + debian/{control,rules}: Add and enable hardened build for PIE.
      Upstream use fPIC. Options -fPIC and -fPIE are uncompatible, thus this is
      never applied, (cf. dpkg-buildflags manual), checked with Marc
      Deslauriers on freenode #ubuntu-hardened, 2016-01-20~13:11 UTC.
    + debian/rules: Remove update-rcd-params in dh_installinit command. When
      setting up ntp package, the following message is presented to the user
      due to deprecated use:
      "update-rc.d: warning: start and stop actions are no longer
      supported; falling back to defaults". The defaults are taken from the
      init.d script LSB comment header, which contain what we need anyway.
    + debian/rules: Remove ntp/ntp_parser.{c,h} or they don't get properly
      regenerated for some reason. Seems to have been due to ntpd/ntp_parser.y
      patches from CVE-2015-5194 and CVE-2015-5196, already upstreamed.
    + debian/ntpdate.if-up: Drop lockfile mechanism as upstream is using flock
      now.
    + Remove natty timeframe old deltas (transitional code not needed since
      Trusty): Those patches were for an incorrect behaviour of
      system-tools-backend, around natty time
      (https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/83604/comments/23)
      - debi...

Read more...

Changed in ntp (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.