xref: /freebsd/contrib/ntp/scripts/update-leap/invoke-update-leap.texi (revision f126d349810fdb512c0b01e101342d430b947488)
1@node update-leap Invocation
2@section Invoking update-leap
3@pindex update-leap
4@cindex leap-seconds file manager/updater
5@ignore
6#
7# EDIT THIS FILE WITH CAUTION  (invoke-update-leap.texi)
8#
9# It has been AutoGen-ed  June 23, 2020 at 02:21:43 AM by AutoGen 5.18.5
10# From the definitions    update-leap-opts.def
11# and the template file   agtexi-cmd.tpl
12@end ignore
13
14
15
16@code{update-leap}
17will validate the file currently on the local system
18and if necessary, updates leap-second definition file.
19
20Ordinarily, the file is found using the "leapfile" directive in
21@code{ntp.conf(5)}.
22However, an alternate location can be specified on the command line.
23
24If the file does not exist, is not valid, has expired, or is expiring soon,
25a new copy will be downloaded.  If the new copy validates, it is installed and
26NTP is (optionally) restarted.
27
28If the current file is acceptable, no download or restart occurs.
29
30-c can also be used to invoke another script to perform administrative
31functions, e.g. to copy the file to other local systems.
32.PP
33This can be run as a cron job.  As the file is rarely updated, and leap
34seconds are announced at least one month in advance (usually longer), it
35need not be run more frequently than about once every three weeks.
36.PP
37For cron-friendly behavior, define CRONJOB=1 in the crontab.
38.PP
39This script depends on$REQUIREDCMDS
40
41This section was generated by @strong{AutoGen},
42using the @code{agtexi-cmd} template and the option descriptions for the @code{update-leap} program.
43
44@menu
45* update-leap usage::                  update-leap help/usage (@option{--help})
46* update-leap source-url::             source-url option (-s)
47* update-leap ipv4::                   ipv4 option (-4)
48* update-leap destination::            destination option (-d)
49* update-leap expiration::             expiration option (-e)
50* update-leap ntp-conf-file::          ntp-conf-file option (-f)
51* update-leap force-update::           force-update option (-F)
52* update-leap exit status::            exit status
53* update-leap Usage::                  Usage
54* update-leap Authors::                Authors
55@end menu
56
57@node update-leap usage
58@subsection update-leap help/usage (@option{--help})
59@cindex update-leap help
60
61This is the automatically generated usage text for update-leap.
62
63The text printed is the same whether selected with the @code{help} option
64(@option{--help}) or the @code{more-help} option (@option{--more-help}).  @code{more-help} will print
65the usage text by passing it through a pager program.
66@code{more-help} is disabled on platforms without a working
67@code{fork(2)} function.  The @code{PAGER} environment variable is
68used to select the program, defaulting to @file{more}.  Both will exit
69with a status code of 0.
70
71@exampleindent 0
72@example
73
74Usage: update-leap [options]
75
76Verifies and if necessary, updates leap-second definition file
77
78All arguments are optional:  Default (or current value) shown:
79    -C    Absolute path to CA Cert (see SSL/TLS Considerations)
80    -D    Path to a CAdir (see SSL/TLS Considerations)
81    -e    Specify how long (in days) before expiration the file is to be
82              refreshed.  Note that larger values imply more frequent refreshes.
83          60
84    -F    Force update even if current file is OK and not close to expiring.
85    -f    Absolute path ntp.conf file (default /etc/ntp.conf)
86          /etc/ntp.conf
87    -h    show help
88    -i    Specify number of minutes between retries
89          10
90    -L    Absolute path to leapfile on the local system
91          (overrides value in ntp.conf)
92    -l    Specify the syslog(3) facility for logging
93          LOG_USER
94    -q    Only report errors (cannot be used with -v)
95    -r    Specify number of attempts to retrieve file
96          6
97    -s    Send output to syslog(3) - implied if STDOUT has no tty or redirected
98    -t    Send output to terminal - implied if STDOUT attached to terminal
99    -u    Specify the URL of the master copy to download
100          https://www.ietf.org/timezones/data/leap-seconds.list
101    -v    Verbose - show debug messages (cannot be used with -q)
102
103The following options are not (yet) implemented in the perl version:
104    -4    Use only IPv4
105    -6    Use only IPv6
106    -c    Command to restart NTP after installing a new file
107          <none> - ntpd checks file daily
108    -p 4|6
109          Prefer IPv4 or IPv6 (as specified) addresses, but use either
110
111update-leap will validate the file currently on the local system.
112
113Ordinarily, the leapfile is found using the 'leapfile' directive in
114/etc/ntp.conf.  However, an alternate location can be specified on the
115command line with the -L flag.
116
117If the leapfile does not exist, is not valid, has expired, or is
118expiring soon, a new copy will be downloaded.  If the new copy is
119valid, it is installed.
120
121If the current file is acceptable, no download or restart occurs.
122
123This can be run as a cron job.  As the file is rarely updated, and
124leap seconds are announced at least one month in advance (usually
125longer), it need not be run more frequently than about once every
126three weeks.
127
128SSL/TLS Considerations
129-----------------------
130The perl modules can usually locate the CA certificate used to verify
131the peer's identity.
132
133On BSDs, the default is typically the file /etc/ssl/certs.pem.  On
134Linux, the location is typically a path to a CAdir - a directory of
135symlinks named according to a hash of the certificates' subject names.
136
137The -C or -D options are available to pass in a location if no CA cert
138is found in the default location.
139
140External Dependencies
141---------------------
142The following perl modules are required:
143HTTP::Tiny         - version >= 0.056
144IO::Socket::SSL - version >= 1.56
145NET::SSLeay         - version >= 1.49
146
147Version: 1.004
148@end example
149@exampleindent 4
150
151@node update-leap source-url
152@subsection source-url option (-s)
153@cindex update-leap-source-url
154
155This is the ``the url of the master copy of the leapseconds file'' option.
156This option takes a string argument.
157Specify the URL of the master copy to download
158$LEAPSRC
159@node update-leap ipv4
160@subsection ipv4 option (-4)
161@cindex update-leap-ipv4
162
163This is the ``use only ipv4 addresses for dns name resolution'' option.
164
165@noindent
166This option has some usage constraints.  It:
167@itemize @bullet
168@item
169must not appear in combination with any of the following options:
170ipv6.
171@end itemize
172
173        Force DNS resolution of following host names on the command line
174        to the IPv4 namespace.
175        _EndOfDoc_;
176};
177
178flag = {
179    name      = ipv6;
180    flags-cant = ipv4, prefer;
181    value     = 6;
182    descrip   = "Use only IPv6 addresses for DNS name resolution";
183    doc = <<-  _EndOfDoc_
184        Force DNS resolution of following host names on the command line
185        to the IPv6 namespace.
186        _EndOfDoc_;
187};
188
189flag = {
190    name        = prefer;
191    flags-cant	= ipv4, ipv6;
192    value	= p;
193    arg-type    = keyword;
194    keyword	= 4, 6;
195    descrip     = 'Prefer IPv4 or IPv6 (as specified) addresses, but use either';
196    doc         = <<-  _EndOfDoc_
197Prefer IPv4 or IPv6 (as specified) addresses, but use either.
198@node update-leap destination
199@subsection destination option (-d)
200@cindex update-leap-destination
201
202This is the ``filename on the local system'' option.
203This option takes a string argument @file{float}.
204The name to use to store the leapfile on the local system.
205$LEAPFILE
206@node update-leap expiration
207@subsection expiration option (-e)
208@cindex update-leap-expiration
209
210This is the ``refresh the leapfile this long before it expires'' option.
211This option takes a string argument.
212Specify how long before expiration the file is to be refreshed
213Units are required, e.g. "-e 60 days"  Note that larger values
214imply more frequent refreshes.
215"$PREFETCH"
216@node update-leap ntp-conf-file
217@subsection ntp-conf-file option (-f)
218@cindex update-leap-ntp-conf-file
219
220This is the ``location of the ntp.conf file'' option.
221This option takes a string argument.
222Specify location of ntp.conf (used to make sure leapfile directive is
223present and to default  leapfile)
224/etc/ntp.conf
225@node update-leap force-update
226@subsection force-update option (-F)
227@cindex update-leap-force-update
228
229This is the ``force update of the leapfile'' option.
230Force update even if current file is OK and not close to expiring.
231@node update-leap exit status
232@subsection update-leap exit status
233
234One of the following exit values will be returned:
235@table @samp
236@item 0 (EXIT_SUCCESS)
237Successful program execution.
238@item 1 (EXIT_FAILURE)
239The operation failed or the command syntax was not valid.
240@end table
241@node update-leap Usage
242@subsection update-leap Usage
243@node update-leap Authors
244@subsection update-leap Authors
245