Bug 252584 - net/chrony-lite: Chrony slimmed down
Summary: net/chrony-lite: Chrony slimmed down
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Bernhard Froehlich
Depends on:
Reported: 2021-01-11 16:26 UTC by Bernhard Froehlich
Modified: 2021-01-19 20:36 UTC (History)
2 users (show)

See Also:

patch for net/chrony to be slave port friendly (908 bytes, patch)
2021-01-11 16:26 UTC, Bernhard Froehlich
mandree: maintainer-approval+
Details | Diff
patch for new net/chrony-lite (430 bytes, patch)
2021-01-11 16:26 UTC, Bernhard Froehlich
no flags Details | Diff
chrony with flavors (642 bytes, text/plain)
2021-01-17 13:25 UTC, Bernhard Froehlich
mandree: maintainer-approval-
Preparations for slave port (546 bytes, patch)
2021-01-19 08:46 UTC, Bernhard Froehlich
mandree: maintainer-approval+
Details | Diff
New net/chrony-lite port (457 bytes, patch)
2021-01-19 08:49 UTC, Bernhard Froehlich
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Bernhard Froehlich freebsd_committer 2021-01-11 16:26:01 UTC
Created attachment 221467 [details]
patch for net/chrony to be slave port friendly

Since chrony 4.0 upstream implemented NTS (Network Time Security) which allows to authenticate NTP packets. This is definitely a good idea in todays internet but also pulls in many (22) runtime dependencies:

* bash
* bash-completion
* ca_root_nss
* gettext-runtime
* glib
* gmp
* gnutls
* indexinfo
* libedit
* libffi
* libiconv
* libidn2
* libtasn1
* libunistring
* libxml2
* nettle
* p11-kit
* pcre
* python37
* readline
* tpm-emulator
* trousers

So I propose a net/chrony-lite port with all options off per default (except USER) then chrony-lite only needs 1 runtime dependency which is libedit.
Comment 1 Bernhard Froehlich freebsd_committer 2021-01-11 16:26:37 UTC
Created attachment 221468 [details]
patch for new net/chrony-lite
Comment 2 Bernhard Froehlich freebsd_committer 2021-01-11 16:28:37 UTC
For the patch to net/chrony and the general idea I want to have some feedback from mandree@
Comment 3 Daniel Engberg freebsd_committer 2021-01-11 18:59:40 UTC
Would this be a good example for using flavors?
Comment 4 Matthias Andree freebsd_committer 2021-01-11 19:53:20 UTC
Comment on attachment 221467 [details]
patch for net/chrony to be slave port friendly

Hi Bernhard, approved of.
Comment 5 Matthias Andree freebsd_committer 2021-01-11 19:56:56 UTC
Comment on attachment 221468 [details]
patch for new net/chrony-lite

Hi Bernhard, 

Is an OPTIONS_DEFAULT override what you want? 

Or do you need OPTIONS_EXCLUDE and/or OPTIONS_SLAVE instead? security/putty-nogtk is a practical example.

Regarding the FLAVOURS proposal by Daniel, it appears not to be a typical use case for now.
Comment 6 Daniel Engberg freebsd_committer 2021-01-16 23:31:29 UTC
It was introduced specifically for this use case
Comment 7 Bernhard Froehlich freebsd_committer 2021-01-17 13:25:37 UTC
Created attachment 221673 [details]
chrony with flavors

It took a bit to get some hands on experience with our flavors. The patch now flavorizes chrony and adds a lite flavor. Default (=as is right now) is not affected.
Comment 8 Matthias Andree freebsd_committer 2021-01-17 22:30:30 UTC
(In reply to daniel.engberg.lists from comment #6)
Yes, but the tool support situation is abysmal, and I will not pollute my port with premature features.
Comment 9 Matthias Andree freebsd_committer 2021-01-17 22:31:42 UTC
Comment on attachment 221673 [details]
chrony with flavors

Please make a traditional slave port for now, instead. 
FLAVORS are not fully integrated into our ports-mgmt toolchains yet.
Comment 10 Daniel Engberg freebsd_committer 2021-01-18 00:48:54 UTC
Can you please elaborate regarding ports-mgmt toolchain(s)?
Comment 11 Matthias Andree freebsd_committer 2021-01-18 17:41:26 UTC
Daniel, for instance, you cannot have pkg(8) list the flavors on ports but need to retroactively re-add those pieces of information, for instance, with this hack to list all installed ports as origins with the @fla4 suffix:

#!/usr/bin/env bash
exec join -t " " -a1 <(pkg query %o |sort) <(pkg query '%o %At @%Av'|grep flavor|sort) | sed 's/ flavor @/@/'

Until this is remedied, I am avoiding FLAVORing my ports.
Comment 12 Bernhard Froehlich freebsd_committer 2021-01-19 08:46:15 UTC
Created attachment 221727 [details]
Preparations for slave port

Okay, based on the discussions we go back to the classic slave port approach.
Comment 13 Bernhard Froehlich freebsd_committer 2021-01-19 08:49:09 UTC
Created attachment 221728 [details]
New net/chrony-lite port

This is the new net/chrony-lite slave port and it uses OPTIONS_EXCLUDE now.

@mandree: I think it makes sense that you become the maintainer for the new port. If you don't want that I can also take it under my umbrella. What do you think?
Comment 14 Matthias Andree freebsd_committer 2021-01-19 16:24:18 UTC
Comment on attachment 221728 [details]
New net/chrony-lite port

Bernhard, it's a new port and your port, you don't require my approval.

Please consider if you want to OPTIONS_EXCLUDE+=DOCS EXAMPLES: I'd think that if people don't want those they'll globally exclude them from /etc/make.conf or thereabouts. If I were to adopt the port, I'd go with OPTIONS_EXCLUDE=HTMLDOCS NETTLE NSS NTS or similar, need to look into their details before deciding on the final set, especially on HTMLDOCS; DOCS EXAMPLES are two framework standard options that everyone should know.

About maintainership, I have no strong feelings either way, on one of my ports I took over temporarily from someone else, I had added a blanket approval for the former maintainer as a comment next to the MAINTAINER line and committed that change myself (so it's traceable via svn blame or further down the road via git blame).
Comment 15 Matthias Andree freebsd_committer 2021-01-19 16:24:57 UTC
Comment on attachment 221727 [details]
Preparations for slave port

Approved of, go ahead.
Comment 16 Matthias Andree freebsd_committer 2021-01-19 16:56:16 UTC
(In reply to Matthias Andree from comment #11)
actually this batch file may produce duplicates. This is a corrected version for bash:

#! /usr/local/bin/bash
join -t " " -a1 -o 1.2,2.2,2.3 <(pkg query '%n-%v %o' |sort) <(pkg query '%n-%v %At @%Av'|grep flavor|sort)  | sed 's/ flavor @/@/'
Comment 17 commit-hook freebsd_committer 2021-01-19 20:25:45 UTC
A commit references this bug:

Author: decke
Date: Tue Jan 19 20:24:46 UTC 2021
New revision: 562078
URL: https://svnweb.freebsd.org/changeset/ports/562078

  net/chrony: Preparations for a new slave port

  PR:		252584
  Submitted by:	myself
  Approved by:	mandree@

Comment 18 commit-hook freebsd_committer 2021-01-19 20:33:46 UTC
A commit references this bug:

Author: decke
Date: Tue Jan 19 20:33:27 UTC 2021
New revision: 562079
URL: https://svnweb.freebsd.org/changeset/ports/562079

  net/chrony-lite: Slimmed down chrony without NTS support

  chrony is a pair of programs which are used to maintain the accuracy of the
  system clock on a computer; the two programs are called chronyd and chronyc.

  chronyd is a daemon which runs in background on the system.  It obtains
  measurements via the network of the system clock's offset relative to time
  servers on other systems and adjusts the system time accordingly.  For
  isolated systems, the user can periodically enter the correct time by hand
  (using chronyc).  In either case, chronyd determines the rate at which the
  computer gains or loses time, and compensates for this.  chronyd implements
  the NTP protocol and can act as either a client or a server.

  chronyc provides a user interface to chronyd for monitoring its performance
  and configuring various settings.  It can do so while running on the same
  computer as the chronyd instance it is controlling or a different computer.

  WWW: http://chrony.tuxfamily.org/

  PR:		252584
  Submitted by:	myself

Comment 19 Bernhard Froehlich freebsd_committer 2021-01-19 20:36:07 UTC
(In reply to Matthias Andree from comment #14)
I've followed your recommendation and removed DOCS and EXAMPLES from the exclude list since they don't pull in any runtime dependencies.

Committed. Thanks!