From owner-freebsd-security Sun Aug 22 12:42:37 1999 Delivered-To: freebsd-security@freebsd.org Received: from mailgw02.execpc.com (mailgw02.execpc.com [169.207.3.78]) by hub.freebsd.org (Postfix) with ESMTP id 1A3221558D for ; Sun, 22 Aug 1999 12:42:08 -0700 (PDT) (envelope-from hamilton@pobox.com) Received: from woodstock.monkey.net (harconia-2-87.mdm.mke.execpc.com [169.207.132.215]) by mailgw02.execpc.com (8.9.1) id OAA24253; Sun, 22 Aug 1999 14:41:10 -0500 Received: from pobox.com (localhost [127.0.0.1]) by woodstock.monkey.net (Postfix) with ESMTP id 623D211; Sun, 22 Aug 1999 14:41:40 -0500 (CDT) To: Greg Black Cc: Will Andrews , Brett Glass , freebsd-security@FreeBSD.ORG Subject: Re: Securelevel 3 ant setting time In-reply-to: Your message of "Sun, 22 Aug 1999 21:29:22 +1000." <19990822112923.6666.qmail@alice.gba.oz.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 22 Aug 1999 14:41:40 -0500 From: Jon Hamilton Message-Id: <19990822194140.623D211@woodstock.monkey.net> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <19990822112923.6666.qmail@alice.gba.oz.au>, Greg Black wrote: } Jon Hamilton writes: } } > } Just as a bit of extra information, xntpd is useless for small } > } networks that don't have constant connectivity to time servers. } > } > Absolutely untrue. There's value in keeping a group of machines } > synchronized to _each other_, regardless of whether they're also } > synchronized to the correct time. } } It may well be useful to *some* people to maintain a bunch of } machines with the wrong time, but it's utterly useless to me } and, I'm certain, to lots of other people. Because it's useless to you does not make it useless in general. } > It is true that _for some purposes_ } > xntpd isn't all that useful in an intermittently-connected scenario, } } And one of those purposes would be keeping the clocks on the } machines close to the correct time, something that should be } (and is) easy to do with the appropriate tools. } } > but that doesn't render it completely devoid of any value. } } I could say that the QIC-150 tape drive in my gateway machine is } useful because it fills in the gaping hole that would otherwise } disfigure the front of the machine's case, but the fact that it } doesn't perform what I consider to be its primary function (that } of writing data onto tapes) makes it useless in my terms. The } same goes for xntpd in the scenario that I mentioned. But it doesn't; xntpd can still be used to keep your time accurate. Others have pointed out several possibilities, including: - keeping a local clock as a stratum (say) 8 reference, and synching to a lower stratum clock when available. - connecting to a local clock via serial port - some people don't care about "the" correct time, as long as their machines all agree about what they _think_ the time is (e.g. to keep NFS happy on an internal network) Just because you don't like xntpd or because you don't feel it fits your needs does not mean it's useless, it simply means that you think it's useless for your situation. Please stop pretending that the way your environment functions is the only way _anyone's_ environment functions. All the world's not your back yard. -- Jon Hamilton hamilton@pobox.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message