diff --git a/ROCKY/CFG/cloud-init.cfg b/ROCKY/CFG/cloud-init.cfg
index 4fa4432e87754f3a68037bd31753dc6eb1247b7f..d3a890e1fdc3ee23053f509134c34b401703ec95 100644
--- a/ROCKY/CFG/cloud-init.cfg
+++ b/ROCKY/CFG/cloud-init.cfg
@@ -2,15 +2,24 @@ add {
file: "ROCKY/_supporting/0001-Ensure-cloud-user-is-applied-to-Rocky-Linux.patch"
}
+add {
+ file: "ROCKY/_supporting/0001-ntp-Fix-Rocky-Linux-NTP-configuration.patch"
+}
+
spec_change {
file {
name: "0001-Ensure-cloud-user-is-applied-to-Rocky-Linux.patch"
type: Patch
add: true
+ }
+ file {
+ name: "0001-ntp-Fix-Rocky-Linux-NTP-configuration.patch"
+ type: Patch
+ add: true
}
append {
field: "Release"
- value: ".0.1"
+ value: ".0.2"
}
changelog {
author_name: "Release Engineering"
diff --git a/ROCKY/_supporting/0001-ntp-Fix-Rocky-Linux-NTP-configuration.patch b/ROCKY/_supporting/0001-ntp-Fix-Rocky-Linux-NTP-configuration.patch
new file mode 100644
index 0000000000000000000000000000000000000000..893f7960685c8888e892fae5440cc528f9726e42
--- /dev/null
+++ b/ROCKY/_supporting/0001-ntp-Fix-Rocky-Linux-NTP-configuration.patch
@@ -0,0 +1,157 @@
+From ea397bc9dad3fb3047ded5e321bfdaef5eb69ced Mon Sep 17 00:00:00 2001
+From: Louis Abel <label@rockylinux.org>
+Date: Thu, 14 Nov 2024 09:06:19 -0700
+Subject: [PATCH] ntp: Fix Rocky Linux NTP configuration
+
+---
+ cloudinit/config/cc_ntp.py | 3 ++
+ templates/chrony.conf.rocky.tmpl | 51 +++++++++++++++++++++++++
+ templates/ntp.conf.rocky.tmpl | 64 ++++++++++++++++++++++++++++++++
+ 3 files changed, 118 insertions(+)
+ create mode 100644 templates/chrony.conf.rocky.tmpl
+ create mode 100644 templates/ntp.conf.rocky.tmpl
+
+diff --git a/cloudinit/config/cc_ntp.py b/cloudinit/config/cc_ntp.py
+index 9eef24f..653db7d 100644
+--- a/cloudinit/config/cc_ntp.py
++++ b/cloudinit/config/cc_ntp.py
+@@ -227,6 +227,9 @@ for distro in ("opensuse-microos", "opensuse-tumbleweed", "opensuse-leap"):
+ for distro in ("sle_hpc", "sle-micro"):
+ DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["sles"]
+
++for distro in ("almalinux", "cloudlinux", "rocky"):
++ DISTRO_CLIENT_CONFIG[distro] = DISTRO_CLIENT_CONFIG["rhel"]
++
+ # The schema definition for each cloud-config module is a strict contract for
+ # describing supported configuration parameters for each cloud-config section.
+ # It allows cloud-config to validate and alert users to invalid or ignored
+diff --git a/templates/chrony.conf.rocky.tmpl b/templates/chrony.conf.rocky.tmpl
+new file mode 100644
+index 0000000..43b1f5d
+--- /dev/null
++++ b/templates/chrony.conf.rocky.tmpl
+@@ -0,0 +1,51 @@
++## template:jinja
++# Use public servers from the pool.ntp.org project.
++# Please consider joining the pool (http://www.pool.ntp.org/join.html).
++{% if pools %}# pools
++{% endif %}
++{% for pool in pools -%}
++pool {{pool}} iburst
++{% endfor %}
++{%- if servers %}# servers
++{% endif %}
++{% for server in servers -%}
++server {{server}} iburst
++{% endfor %}
++{% for peer in peers -%}
++peer {{peer}}
++{% endfor %}
++{% for a in allow -%}
++allow {{a}}
++{% endfor %}
++
++# Record the rate at which the system clock gains/losses time.
++driftfile /var/lib/chrony/drift
++
++# Allow the system clock to be stepped in the first three updates
++# if its offset is larger than 1 second.
++makestep 1.0 3
++
++# Enable kernel synchronization of the real-time clock (RTC).
++rtcsync
++
++# Enable hardware timestamping on all interfaces that support it.
++#hwtimestamp *
++
++# Increase the minimum number of selectable sources required to adjust
++# the system clock.
++#minsources 2
++
++# Allow NTP client access from local network.
++#allow 192.168.0.0/16
++
++# Serve time even if not synchronized to a time source.
++#local stratum 10
++
++# Specify file containing keys for NTP authentication.
++#keyfile /etc/chrony.keys
++
++# Specify directory for log files.
++logdir /var/log/chrony
++
++# Select which information is logged.
++#log measurements statistics tracking
+diff --git a/templates/ntp.conf.rocky.tmpl b/templates/ntp.conf.rocky.tmpl
+new file mode 100644
+index 0000000..6d166aa
+--- /dev/null
++++ b/templates/ntp.conf.rocky.tmpl
+@@ -0,0 +1,64 @@
++## template:jinja
++
++# For more information about this file, see the man pages
++# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).
++
++driftfile /var/lib/ntp/drift
++
++# Permit time synchronization with our time source, but do not
++# permit the source to query or modify the service on this system.
++restrict default kod nomodify notrap nopeer noquery
++restrict -6 default kod nomodify notrap nopeer noquery
++
++# Permit all access over the loopback interface. This could
++# be tightened as well, but to do so would effect some of
++# the administrative functions.
++restrict 127.0.0.1
++restrict -6 ::1
++
++# Hosts on local network are less restricted.
++#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
++
++# Use public servers from the pool.ntp.org project.
++# Please consider joining the pool (http://www.pool.ntp.org/join.html).
++{% if pools %}# pools
++{% endif %}
++{% for pool in pools -%}
++pool {{pool}} iburst
++{% endfor %}
++{%- if servers %}# servers
++{% endif %}
++{% for server in servers -%}
++server {{server}} iburst
++{% endfor %}
++{% for peer in peers -%}
++peer {{peer}}
++{% endfor %}
++
++#broadcast 192.168.1.255 autokey # broadcast server
++#broadcastclient # broadcast client
++#broadcast 224.0.1.1 autokey # multicast server
++#multicastclient 224.0.1.1 # multicast client
++#manycastserver 239.255.254.254 # manycast server
++#manycastclient 239.255.254.254 autokey # manycast client
++
++# Enable public key cryptography.
++#crypto
++
++includefile /etc/ntp/crypto/pw
++
++# Key file containing the keys and key identifiers used when operating
++# with symmetric key cryptography.
++keys /etc/ntp/keys
++
++# Specify the key identifiers which are trusted.
++#trustedkey 4 8 42
++
++# Specify the key identifier to use with the ntpdc utility.
++#requestkey 8
++
++# Specify the key identifier to use with the ntpq utility.
++#controlkey 8
++
++# Enable writing of statistics records.
++#statistics clockstats cryptostats loopstats peerstats
+--
+2.47.0
+