2019-10-04 06:10:01 UTC
Subject: buster-pu: package ntpsec/1.1.3+dfsg1-2+deb10u1
This is my first time with the Debian proposed update process (though I
have done my own Ubuntu SRU once), so please bear with me and let me
know if I've done anything wrong.
The debdiff from the current version in Buster is attached. All of these
fixes are in the version of ntpsec in Debian unstable.
This upload is to fix several things, most importantly the first two:
* Backport fix for slow DNS retries (Closes: 924192)
The user described this pretty well, "What seems to be happening is that
if DNS is not immediately available when ntpsec starts, it waits about
10 minutes before trying again. Ten minutes is too long."
This is fixed by backporting an upstream commit which has made it into
an upstream point release.
* Fix ntpdate -s (syslog) to fix the if-up hook (Closes: 931414)
Here, the if-up hook script failed to work at all. It did not trigger
the time to be synchronized. This was ultimately due to upstream's
ntpdate wrapper, which was converting -s (for "log to syslog") to
ntpdig -p. This is wrong, as ntpdig -p is for the number of samples and
requires a parameter. The ntpdig man page says, "This version does not
log to syslog. Pipe standard output and standard error to logger(1) if
you want this behavior.
This was fixed by me implementing the syslog (piping to logger) behavior
in the ntpdate wrapper script. I submitted the patch upstream, it was
accepted, has made it into an upstream point release, and I have pulled
it into this backport update.
It may be controversial that I'm including fixes for bugs in man pages,
including some without Debian bug numbers. The fixes below are trivial
and only affect two (related) man pages. I likely would not have made a
buster update for them alone, but since I'm making an update anyway, it
seemed reasonable to me to include those fixes.
* ntpdate.8: Remove -p option (Closes: 926877)
The ntpdate -p option (not to be confused with the above discussion of
ntpdig -p) no longer exists. This bug is not that critical, but the fix
is trivial and low risk (as it's just to a man page).
* ntpdate.8: Remove -e option
No bug was filed for this, but this was discovered while fixing the
other issue. The -e option is gone too. I removed it from the man pages.
Again, this fix is trivial and low risk (just a man pages change).
* ntpdate.8: Remove duplicated -o option
This was also discovered while reviewing the ntpdate man page. The -o
option was listed twice. This is another trivial (single character
removal, in this case) fix to the man pages.
* ntpdate.8: Remove inaccurate BUGS section
The ntpdate man page has a BUGS section that says its "slew adjustment
is actually 50% larger than the measured offset". This is completely
wrong, which I verified with upstream. The NTPsec implementation of
ntpdate is just a wrapper script around ntpdig, which does not have this
behavior. This is fixed by removing the inaccurate information from the
* Update ntpdate-debian.8 to match ntpdate.8
The Debian packaging of NTPsec has an ntpdate-debian utility that is
itself a wrapper around ntpdate. This approach is inherited from the
Debian "ntp" package (upstream ntpsec is a fork of upstream ntp). The
man pages were inconsistent. This fixes the ntpdate-debian man page by
adding the missing -4 and -6 flags, strips some EOL whitespace, and
updates the body text to match, including mentioning the server argument(s).