diff options
Diffstat (limited to 'scripts/update-leap/invoke-update-leap.texi')
| -rw-r--r-- | scripts/update-leap/invoke-update-leap.texi | 127 |
1 files changed, 76 insertions, 51 deletions
diff --git a/scripts/update-leap/invoke-update-leap.texi b/scripts/update-leap/invoke-update-leap.texi index 6e76564f7b4c..002193a18e4c 100644 --- a/scripts/update-leap/invoke-update-leap.texi +++ b/scripts/update-leap/invoke-update-leap.texi @@ -6,7 +6,7 @@ # # EDIT THIS FILE WITH CAUTION (invoke-update-leap.texi) # -# It has been AutoGen-ed March 21, 2017 at 10:40:30 AM by AutoGen 5.18.5 +# It has been AutoGen-ed February 27, 2018 at 04:55:50 PM by AutoGen 5.18.5 # From the definitions update-leap-opts.def # and the template file agtexi-cmd.tpl @end ignore @@ -70,56 +70,81 @@ with a status code of 0. @exampleindent 0 @example - update-leap - Usage: $0 [options] [leapfile] - - Verifies and if necessary, updates leap-second definition file - - All arguments are optional: Default (or current value) shown: -s - Specify the URL of the master copy to download $LEAPSRC -d Specify - the filename on the local system $LEAPFILE -e Specify how long (in - days) before expiration the file is to be refreshed. Note that - larger values imply more frequent refreshes. "$PREFETCH" -f Specify - location of ntp.conf (used to make sure leapfile directive is - present and to default leapfile) $NTPCONF -F Force update even if - current file is OK and not close to expiring. -r Specify number of - times to retry on get failure $MAXTRIES -i Specify number of minutes - between retries $INTERVAL -l Use syslog for output (Implied if - CRONJOB is set) -L Don't use syslog for output -P Specify the syslog - facility for logging $LOGFAC -t Name of temporary file used in - validation $TMPFILE -q Only report errors to stdout -v Verbose - output - - The following options are not (yet) implemented in the perl version: - -4 Use only IPv4 -6 Use only IPv6 -c Command to restart NTP after - installing a new file <none> - ntpd checks file daily -p 4|6 Prefer - IPv4 or IPv6 (as specified) addresses, but use either -z Specify - path for utilities $PATHLIST -Z Only use system path - - $0 will validate the file currently on the local system - - Ordinarily, the file is found using the "leapfile" directive in - $NTPCONF. However, an alternate location can be specified on the - command line. - - If the file does not exist, is not valid, has expired, or is - expiring soon, a new copy will be downloaded. If the new copy - validates, it is installed and NTP is (optionally) restarted. - - If the current file is acceptable, no download or restart occurs. - - -c can also be used to invoke another script to perform - administrative functions, e.g. to copy the file to other local - systems. - - This can be run as a cron job. As the file is rarely updated, and - leap seconds are announced at least one month in advance (usually - longer), it need not be run more frequently than about once every - three weeks. - - For cron-friendly behavior, define CRONJOB=1 in the crontab. - - Version $VERSION + +Usage: update-leap [options] + +Verifies and if necessary, updates leap-second definition file + +All arguments are optional: Default (or current value) shown: + -C Absolute path to CA Cert (see SSL/TLS Considerations) + -D Path to a CAdir (see SSL/TLS Considerations) + -e Specify how long (in days) before expiration the file is to be + refreshed. Note that larger values imply more frequent refreshes. + 60 + -F Force update even if current file is OK and not close to expiring. + -f Absolute path ntp.conf file (default /etc/ntp.conf) + /etc/ntp.conf + -h show help + -i Specify number of minutes between retries + 10 + -L Absolute path to leapfile on the local system + (overrides value in ntp.conf) + -l Specify the syslog(3) facility for logging + LOG_USER + -q Only report errors (cannot be used with -v) + -r Specify number of attempts to retrieve file + 6 + -s Send output to syslog(3) - implied if STDOUT has no tty or redirected + -t Send output to terminal - implied if STDOUT attached to terminal + -u Specify the URL of the master copy to download + https://www.ietf.org/timezones/data/leap-seconds.list + -v Verbose - show debug messages (cannot be used with -q) + +The following options are not (yet) implemented in the perl version: + -4 Use only IPv4 + -6 Use only IPv6 + -c Command to restart NTP after installing a new file + <none> - ntpd checks file daily + -p 4|6 + Prefer IPv4 or IPv6 (as specified) addresses, but use either + +update-leap will validate the file currently on the local system. + +Ordinarily, the leapfile is found using the 'leapfile' directive in +/etc/ntp.conf. However, an alternate location can be specified on the +command line with the -L flag. + +If the leapfile does not exist, is not valid, has expired, or is +expiring soon, a new copy will be downloaded. If the new copy is +valid, it is installed. + +If the current file is acceptable, no download or restart occurs. + +This can be run as a cron job. As the file is rarely updated, and +leap seconds are announced at least one month in advance (usually +longer), it need not be run more frequently than about once every +three weeks. + +SSL/TLS Considerations +----------------------- +The perl modules can usually locate the CA certificate used to verify +the peer's identity. + +On BSDs, the default is typically the file /etc/ssl/certs.pem. On +Linux, the location is typically a path to a CAdir - a directory of +symlinks named according to a hash of the certificates' subject names. + +The -C or -D options are available to pass in a location if no CA cert +is found in the default location. + +External Dependencies +--------------------- +The following perl modules are required: +HTTP::Tiny - version >= 0.056 +IO::Socket::SSL - version >= 1.56 +NET::SSLeay - version >= 1.49 + +Version: 1.004 @end example @exampleindent 4 |