Date: Thu, 19 Aug 1999 17:29:15 -0700 (PDT)
From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
To: danderse@cs.utah.edu (David G. Andersen)
Cc: brett@lariat.org (Brett Glass), archie@whistle.com (Archie Cobbs), Goran.Lowkrantz@infologigruppen.se (Lowkrantz Goran), freebsd-security@FreeBSD.ORG ('freebsd-security@FreeBSD.ORG')
Subject: Re: Securelevel 3 ant setting time
Message-ID: <199908200029.RAA22415@gndrsh.dnsmgr.net>
In-Reply-To: <14268.33906.359749.40458@torrey.cs.utah.edu> from "David G. Andersen" at "Aug 19, 1999 04:30:47 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> > "Maybe". (Probably?) > > When ntpdate sees a small time delta (less than 1/2 second off), it > will use the adjtime() call to slew the clock time, which is > permitted. However, if the delta is large for some reason, then it > will go in and use the sledgehammer approach - settimeofday(). > > >From the ntpdate manpage: > > The latter technique is less disruptive and > more accurate when the offset is small, and works quite well when ntpdate > is run by cron(8) every hour or two. > > So, you'll probably be OK doing it that way, *but* if you get too far > off during the time period, then you won't be able to correct for it. You can compile ntp/xntpd with the -DSLEWALWAYS option and it will work for you. I had to go grep the source to make sure that ntpdate obeyed this and it does: ntpdate/ntpdate.c:#ifdef SLEWALWAYS ntpdate/ntpdate.c:#else /* SLEWALWAYS */ ntpdate/ntpdate.c:#endif /* SLEWALWAYS */ Though a quick reading of the code shows that it does not remove -b as a valid option, and from a quick lookover this should probably just be a runtime option instead of a compile time option.... > -Dave > > Lo and Behold, Brett Glass said: > > My server uses a cron job and ntpupdate to grab tne time from the > > best of several accurate government servers. Would securelevel 3 allow > > this? > > -- > work: danderse@cs.utah.edu me: angio@pobox.com > University of Utah CS Department http://www.angio.net/ > "If you haul a geek up a crack, you will bloody their fingers for a day... > If you teach a geek to climb, you will bloody their fingers for life." > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908200029.RAA22415>