From owner-freebsd-stable@FreeBSD.ORG  Wed Jun 16 17:27:47 2004
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6A7C316A4CE
	for <freebsd-stable@freebsd.org>;
	Wed, 16 Jun 2004 17:27:47 +0000 (GMT)
Received: from out010.verizon.net (out010pub.verizon.net [206.46.170.133])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0921F43D53
	for <freebsd-stable@freebsd.org>;
	Wed, 16 Jun 2004 17:27:47 +0000 (GMT)	(envelope-from cswiger@mac.com)
Received: from [192.168.1.3] ([68.161.84.3]) by out010.verizon.net
          (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP
          id <20040616172736.RRRT15848.out010.verizon.net@[192.168.1.3]>;
          Wed, 16 Jun 2004 12:27:36 -0500
Message-ID: <40D08300.20004@mac.com>
Date: Wed, 16 Jun 2004 13:27:28 -0400
From: Chuck Swiger <cswiger@mac.com>
Organization: The Courts of Chaos
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.7) Gecko/20040608
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: prebrov@yandex.ru
References: <40CFFAF8.00000C.10717@colgate.yandex.ru>
In-Reply-To: <40CFFAF8.00000C.10717@colgate.yandex.ru>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Authentication-Info: Submitted using SMTP AUTH at out010.verizon.net from
	[68.161.84.3] at Wed, 16 Jun 2004 12:27:35 -0500
cc: freebsd-stable@freebsd.org
Subject: Re: NTPD and SecureLevel
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Production branch of FreeBSD source code
	<freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Jun 2004 17:27:47 -0000

Pavel M. Rebrov wrote:
> I've installed and configured ntpd daemon and was wondering if it going to
> work with SecureLevel higher than 1. SecureLevel 2 forbids changing the system
> date and, therefore, ntpdate and rdate won't work.

You will want to "step" the system time at boot before the securelevel is set. 
  Afterwards, ntpd will use another mechanism to "slew" the system time (the 
adjtime() call) which ought to still be permitted by the securelevel.

-- 
-Chuck