From owner-freebsd-stable@FreeBSD.ORG Thu Feb 3 00:05:32 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CFE7116A4CE for ; Thu, 3 Feb 2005 00:05:32 +0000 (GMT) Received: from tomts10-srv.bellnexxia.net (tomts10.bellnexxia.net [209.226.175.54]) by mx1.FreeBSD.org (Postfix) with ESMTP id D06F143D3F for ; Thu, 3 Feb 2005 00:05:31 +0000 (GMT) (envelope-from dmagda@ee.ryerson.ca) Received: from number6.magda.ca ([67.68.50.146]) by tomts10-srv.bellnexxia.netESMTP <20050203000530.YFWJ19622.tomts10-srv.bellnexxia.net@number6.magda.ca>; Wed, 2 Feb 2005 19:05:30 -0500 Received: from [192.168.1.132] (gandalf.magda.ca [192.168.1.132]) by number6.magda.ca (8.13.1/8.13.1) with ESMTP id j1305PoN001977; Wed, 2 Feb 2005 19:05:25 -0500 (EST) (envelope-from dmagda@ee.ryerson.ca) In-Reply-To: <42014C9B.7090609@gopostal.ca> References: <42014C9B.7090609@gopostal.ca> Mime-Version: 1.0 (Apple Message framework v619.2) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <64c5e2ba1167d18c672dadc0c93a0879@ee.ryerson.ca> Content-Transfer-Encoding: 7bit From: David Magda Date: Wed, 2 Feb 2005 19:05:27 -0500 To: "Eli K. Breen" X-Mailer: Apple Mail (2.619.2) cc: freebsd-stable@freebsd.org Subject: Re: Adjusting time on a secured FreeBSD machine. X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: David Magda List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Feb 2005 00:05:32 -0000 On Feb 2, 2005, at 16:56, Eli K. Breen wrote: > Lastly this machine is in production and cannot be rebooted. Stop the NTP daemon and restart it so that it uses the "-x" option. From ntpd(8): > -x Normally, the time is slewed if the offset is less than > the step > threshold, which is 128 ms by default, and stepped if > above the > threshold. This option forces the time to be slewed in > all > cases. If the step threshold is set to zero, all offsets > are > stepped, regardless of value and regardless of the -x > option. In > general, this is not a good idea, as it bypasses the > clock state > machine which is designed to cope with large time and > frequency > errors Note: Since the slew rate is limited to 0.5 ms/s, > each > second of adjustment requires an amortization interval of > 2000 s. > Thus, an adjustment of many seconds can take hours or > days to > amortize. This option can be used with the -q option. When you restart it make sure it's done with all the CLI options it has now, with the addition of the "-x".