Date: Wed, 16 Jun 2004 15:13:00 -0400 From: Harlan Stenn <Harlan.Stenn@pfcs.com> To: Chuck Swiger <cswiger@mac.com> Cc: freebsd-stable@freebsd.org Subject: Re: NTPD and SecureLevel Message-ID: <17742.1087413180@dog.pfcs.com> In-Reply-To: Chuck Swiger's (cswiger@mac.com) message dated Wed, 16 Jun 2004 13:27:28. <40D08300.20004@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I think running ntpwait after starting ntpd and before bumping the securelevel is safer and even better. Also, be sure to us iburst for each server/peer, and use a driftfile. This is somewhat discussed at http://twiki.ntp.org . Feel free to make improvements there. H -- > Pavel M. Rebrov wrote: > > I've installed and configured ntpd daemon and was wondering if it going to > > work with SecureLevel higher than 1. SecureLevel 2 forbids changing the sys > tem > > date and, therefore, ntpdate and rdate won't work. > > You will want to "step" the system time at boot before the securelevel is set > . > Afterwards, ntpd will use another mechanism to "slew" the system time (the > adjtime() call) which ought to still be permitted by the securelevel. > > -- > -Chuck > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17742.1087413180>