On Fri, Jul 19, 2013 at 2:37 PM, Miloslav Trmač wrote:
> On Wed, Jul 17, 2013 at 12:43 PM, Jaroslav Reznik
> wrote:
> > = Proposed Self Contained Change: Remove deprecated calls of using
> ntpdate in
> > favor of ntpd =
> > https://fedoraproject.org/wiki/Changes/ntpdate
>
> Given what has been d
On Wed, Jul 17, 2013 at 12:43 PM, Jaroslav Reznik wrote:
> = Proposed Self Contained Change: Remove deprecated calls of using ntpdate in
> favor of ntpd =
> https://fedoraproject.org/wiki/Changes/ntpdate
Given what has been discussed/learned in this thread, it seems that
the change proposal needs
On Thu, Jul 18, 2013 at 01:34:40PM -0700, Adam Williamson wrote:
> Sure, but that's part of ntp, and we're supposed to be using chrony as
> Fedora's default time sync software now. It just seems untidy for
> anaconda to configure chrony but need to use a part of ntp (ntpdate or
> sntp) to test serv
Once upon a time, Adam Williamson said:
> Sure, but that's part of ntp, and we're supposed to be using chrony as
> Fedora's default time sync software now. It just seems untidy for
> anaconda to configure chrony but need to use a part of ntp (ntpdate or
> sntp) to test server functionality.
Well,
On Thu, 2013-07-18 at 09:39 +0200, Miroslav Lichvar wrote:
> > In fact, now I look at it, ntpd as it stands cannot replace ntpdate for
> > anaconda's purposes, because anaconda calls ntpdate with the -q option,
> > which means "query only, do not set the clock" - obviously, this is
> > appropriate
>> > Once upon a time, Jaroslav Reznik said:
>> >> ntpdate is slowly being depricated. STIG enhancements for RHEL 6 penalize
>> >> systems that make use of ntpdate. Also documentation from the NSA
>> >> Hardening
>> >> Guidelines as well as CIS Hardening documentation recommends disabling the
>> >
- Original Message -
> On Wed, 17 Jul 2013, Chris Adams wrote:
>
> > Once upon a time, Jaroslav Reznik said:
> >> ntpdate is slowly being depricated. STIG enhancements for RHEL 6 penalize
> >> systems that make use of ntpdate. Also documentation from the NSA
> >> Hardening
> >> Guidelines
On Wed, Jul 17, 2013 at 01:56:13PM -0400, Paul Wouters wrote:
> Okay, so perhaps chrony should be extended to use a "saved clock" as a
> time source on boot if available, and save the time in a file regularly,
> if it does not do so already.
I'd say that should be a new separate service run on boo
On Wed, Jul 17, 2013 at 01:48:04PM -0700, Adam Williamson wrote:
> On Wed, 2013-07-17 at 13:44 -0700, Adam Williamson wrote:
> > On Wed, 2013-07-17 at 16:09 +0200, Miroslav Lichvar wrote:
> >
> > > > e. Why isn't this functionality being added to chrony, rather than
> > > > bouncing us back to nt
> From: miked...@gmail.com
> To:
> Date: 07/17/2013 17:11
> Subject: Re: F20 Self Contained Change: Remove deprecated calls of
> using ntpdate in favor of ntpd
> Sent by: devel-boun...@lists.fedoraproject.org
>
> Which gets me wondering if that is the best way t
On Wed, 2013-07-17 at 15:10 -0600, Mike wrote:
> Which gets me wondering if that is the best way to test for remote ntp
> connectivity.
>
>
> So, I'm curious now, if there is no remote NTP server listening, will
> the anaconda server reject you from using that as a NTP server?
It lists the serve
d, 17 Jul 2013 13:48:04 -0700
> From: Adam Williamson
> To: Development discussions related to Fedora
>
> Subject: Re: F20 Self Contained Change: Remove deprecated calls of
> using ntpdate in favor of ntpd
> Message-ID: <1374094084.1594.8.camel@adam>
>
> From: awill...@redhat.com
>
> On Wed, 2013-07-17 at 16:09 +0200, Miroslav Lichvar wrote:
>
> > > e. Why isn't this functionality being added to chrony, rather
> than bouncing us back to ntpd?
> >
> > Which functionality exactly? Both ntpd and chronyd (in default
> > configuration) let the ker
On Jul 17, 2013, at 2:41 PM, Adam Williamson wrote:
> On Wed, 2013-07-17 at 07:59 -0600, Chris Murphy wrote:
>> a. ntpd/ntpdate aren't installed by default with Fedora 19.
>
> In fact, ntpdate is, in many installs.
OK well I don't have it on any of the clean F19 installs I've got here, and I
On Wed, 2013-07-17 at 13:44 -0700, Adam Williamson wrote:
> On Wed, 2013-07-17 at 16:09 +0200, Miroslav Lichvar wrote:
>
> > > e. Why isn't this functionality being added to chrony, rather than
> > > bouncing us back to ntpd?
> >
> > Which functionality exactly? Both ntpd and chronyd (in default
On Wed, 2013-07-17 at 16:09 +0200, Miroslav Lichvar wrote:
> > e. Why isn't this functionality being added to chrony, rather than bouncing
> > us back to ntpd?
>
> Which functionality exactly? Both ntpd and chronyd (in default
> configuration) let the kernel sync the RTC.
The ability to invoke
On Wed, 2013-07-17 at 07:59 -0600, Chris Murphy wrote:
> a. ntpd/ntpdate aren't installed by default with Fedora 19.
In fact, ntpdate is, in many installs.
anaconda requires ntpdate, because we use it to check if the NTP server
addresses entered in anaconda's Time / Date spoke are valid.
initial-
On Wed, 17 Jul 2013, Chris Adams wrote:
Once upon a time, Paul Wouters said:
On Wed, 17 Jul 2013, Chris Murphy wrote:
a. ntpd/ntpdate aren't installed by default with Fedora 19. I
don't see the feature proposing this be changed.
That's a bug then. It is needed for DNSSEC.
No, ntpd is not
On Wed, 17 Jul 2013, Chris Adams wrote:
Once upon a time, Paul Wouters said:
I understand the query. But you would either need to bypass the local
dns caching resolver or flush the cache afterwards. The second option has
a race condition, but the first has the problem that we are trying to red
On Wed, 17 Jul 2013, Till Maas wrote:
On Wed, Jul 17, 2013 at 09:23:44AM -0400, Paul Wouters wrote:
Finally, for an easy fix for rebooting raspberry pi and co, I would
really like to save the timestamp and load it on reboot, similar to the
ranseed file.
Debian has a package for this:
http://
On Wed, Jul 17, 2013 at 09:23:44AM -0400, Paul Wouters wrote:
> Finally, for an easy fix for rebooting raspberry pi and co, I would
> really like to save the timestamp and load it on reboot, similar to the
> ranseed file.
Debian has a package for this:
http://packages.debian.org/sid/fake-hwclock
On Jul 17, 2013, at 9:09 AM, Miroslav Lichvar wrote:
> On Wed, Jul 17, 2013 at 08:41:23AM -0600, Chris Murphy wrote:
>>
>> On Jul 17, 2013, at 8:09 AM, Miroslav Lichvar wrote:
>>
>>> It was fixed in kernel 3.10, which should be in f19 soon.
>>
>>> Which functionality exactly? Both ntpd and c
On Wed, Jul 17, 2013 at 08:41:23AM -0600, Chris Murphy wrote:
>
> On Jul 17, 2013, at 8:09 AM, Miroslav Lichvar wrote:
>
> > It was fixed in kernel 3.10, which should be in f19 soon.
>
> > Which functionality exactly? Both ntpd and chronyd (in default
> > configuration) let the kernel sync the
On Jul 17, 2013, at 8:09 AM, Miroslav Lichvar wrote:
> It was fixed in kernel 3.10, which should be in f19 soon.
> Which functionality exactly? Both ntpd and chronyd (in default
> configuration) let the kernel sync the RTC.
OK I just set the RTC clock wrong by two months, manually and then I'
On 17/07/13 15:20, Chris Adams wrote:
Once upon a time, Paul Wouters said:
On Wed, 17 Jul 2013, Chris Murphy wrote:
a. ntpd/ntpdate aren't installed by default with Fedora 19. I
don't see the feature proposing this be changed.
That's a bug then. It is needed for DNSSEC.
No, ntpd is not ne
On Jul 17, 2013, at 8:10 AM, Chris Adams wrote:
> Once upon a time, Chris Murphy said:
>> b. A default installation of Fedora 18/19, has no means of updating the RTC
>> correctly if it's off by more than 15 minutes; and 60 minutes with newer
>> kernels. An RTC wrong by more than an hour, e.g.
On Wed, 17 Jul 2013, Chris Murphy wrote:
a. ntpd/ntpdate aren't installed by default with Fedora 19. I don't see the
feature proposing this be changed.
That's a bug then. It is needed for DNSSEC.
b. A default installation of Fedora 18/19, has no means of updating the RTC
correctly if it's of
Once upon a time, Paul Wouters said:
> On Wed, 17 Jul 2013, Chris Murphy wrote:
> >a. ntpd/ntpdate aren't installed by default with Fedora 19. I
> >don't see the feature proposing this be changed.
>
> That's a bug then. It is needed for DNSSEC.
No, ntpd is not needed for DNSSEC. A correct clock
Once upon a time, Chris Murphy said:
> b. A default installation of Fedora 18/19, has no means of updating the RTC
> correctly if it's off by more than 15 minutes; and 60 minutes with newer
> kernels. An RTC wrong by more than an hour, e.g. two months ago, if I have an
> internet connection chr
On Wed, 17 Jul 2013, Chris Adams wrote:
Once upon a time, Paul Wouters said:
That's easiest said then done. It takes a lot of queries before you hit
pool.ntp.org. And then you have to 1) ensure no one else uses those DNS
answers and 2) flush the cache when enabling DNSSEC.
Well, it would be
Once upon a time, Paul Wouters said:
> I understand the query. But you would either need to bypass the local
> dns caching resolver or flush the cache afterwards. The second option has
> a race condition, but the first has the problem that we are trying to reduce
> the
> number of applications th
On Wed, Jul 17, 2013 at 07:59:11AM -0600, Chris Murphy wrote:
>
> a. ntpd/ntpdate aren't installed by default with Fedora 19. I don't see the
> feature proposing this be changed.
Also, there is already a replacement for ntpdate, it's in the sntp
package.
> b. A default installation of Fedora 18
a. ntpd/ntpdate aren't installed by default with Fedora 19. I don't see the
feature proposing this be changed.
b. A default installation of Fedora 18/19, has no means of updating the RTC
correctly if it's off by more than 15 minutes; and 60 minutes with newer
kernels. An RTC wrong by more than
Once upon a time, Paul Wouters said:
> That's easiest said then done. It takes a lot of queries before you hit
> pool.ntp.org. And then you have to 1) ensure no one else uses those DNS
> answers and 2) flush the cache when enabling DNSSEC.
Well, it would be an ugly hack, but you could use somethi
On Wed, Jul 17, 2013 at 12:43:41PM +0200, Jaroslav Reznik wrote:
> https://fedoraproject.org/wiki/Changes/ntpdate
>
> Change owner(s): Michael Harris
> ntpdate is slowly being depricated in favor of ntpd. DoD STIGs now penalize
> for the use of ntpdate on Red Hat Enterprise systems. I would li
On Wed, 17 Jul 2013, Chris Adams wrote:
Have you tried the -q, -g, and -x options to ntpd?
Yes, see other email. I saw it and provided we allow large clock skew
providing all 3 options, I'm okay with replacing ntpdate.
I have been thinking about how to solve that properly. One idea is to
use
Once upon a time, Paul Wouters said:
> Additionally, with systems without a realtime clock, like the raspberry
> pi, we have a new problem where we need to obtain the time from an
> external source. That might seem easy, but with DNSSEC, we might not be
> able to resolve pool.ntp.org without first
On Wed, 17 Jul 2013, Jaroslav Reznik wrote:
= Proposed Self Contained Change: Remove deprecated calls of using ntpdate in
favor of ntpd =
https://fedoraproject.org/wiki/Changes/ntpdate
Having just read "man ntpd" for -q -g -x, I see that it is a valid
replacement for using ntpdate on boot. (I
On Wed, 17 Jul 2013, Chris Adams wrote:
Once upon a time, Jaroslav Reznik said:
ntpdate is slowly being depricated. STIG enhancements for RHEL 6 penalize
systems that make use of ntpdate. Also documentation from the NSA Hardening
Guidelines as well as CIS Hardening documentation recommends dis
On Wed, Jul 17, 2013 at 08:07:03AM -0500, Chris Adams wrote:
> Once upon a time, Jaroslav Reznik said:
> > ntpdate is slowly being depricated. STIG enhancements for RHEL 6 penalize
> > systems that make use of ntpdate. Also documentation from the NSA Hardening
> > Guidelines as well as CIS Harde
Once upon a time, Jaroslav Reznik said:
> ntpdate is slowly being depricated. STIG enhancements for RHEL 6 penalize
> systems that make use of ntpdate. Also documentation from the NSA Hardening
> Guidelines as well as CIS Hardening documentation recommends disabling the
> use
> of ntpd as a fu
= Proposed Self Contained Change: Remove deprecated calls of using ntpdate in
favor of ntpd =
https://fedoraproject.org/wiki/Changes/ntpdate
Change owner(s): Michael Harris
ntpdate is slowly being depricated. STIG enhancements for RHEL 6 penalize
systems that make use of ntpdate. Also documen
42 matches
Mail list logo
