From owner-freebsd-stable@FreeBSD.ORG Thu Feb 3 18:52:16 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9B84F16A4CE for ; Thu, 3 Feb 2005 18:52:16 +0000 (GMT) Received: from lurza.secnetix.de (lurza.secnetix.de [83.120.8.8]) by mx1.FreeBSD.org (Postfix) with ESMTP id BEE4043D39 for ; Thu, 3 Feb 2005 18:52:15 +0000 (GMT) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (uvqlwx@localhost [127.0.0.1]) by lurza.secnetix.de (8.13.1/8.13.1) with ESMTP id j13IqExV051628 for ; Thu, 3 Feb 2005 19:52:14 +0100 (CET) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.13.1/8.13.1/Submit) id j13IqEQS051627; Thu, 3 Feb 2005 19:52:14 +0100 (CET) (envelope-from olli) Date: Thu, 3 Feb 2005 19:52:14 +0100 (CET) Message-Id: <200502031852.j13IqEQS051627@lurza.secnetix.de> From: Oliver Fromme To: freebsd-stable@FreeBSD.ORG In-Reply-To: <200502031834.j13IYKsl050718@lurza.secnetix.de> X-Newsgroups: list.freebsd-stable User-Agent: tin/1.5.4-20000523 ("1959") (UNIX) (FreeBSD/4.11-RELEASE (i386)) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Subject: Re: Adjusting time on a secured FreeBSD machine. X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-stable@FreeBSD.ORG List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Feb 2005 18:52:16 -0000 Sorry for replying to myself ... Oliver Fromme wrote: > Adding to that, the following /bin/sh snippet should do > (untested!). You have to kill ntpd before. > > STEP=100 # number of seconds to step forward > while [ $STEP -gt 0 ]; do > date -f %s $(( `date +%s` + 1 )) > sleep 1 > STEP=$(( $STEP - 1 )) > done > > It will take about 100 seconds to correct the clock forward > by another 100 seconds. If you need to correct backwards, > replace "+ 1" by "- 1". For different numbers of seconds > to correct, replace the 100 in the first line. > > When you have approached the correct time sufficiently (i.e. > within a few seconds), restart ntpd with the -x option. Stepping backwards with that script won't work, I guess, because the steps will be larger than 1 second. If you have to step backwards, try to replace the "date" line with these: NOW=`date +%s` sleep 0.9 date -f %s $NOW Again: it's untested. Also beware that it might be a very bad idea to step the time on a live multi-user system. Some programs don't like it at all. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co KG, Oettingenstr. 2, 80538 München Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "The scanf() function is a large and complex beast that often does something almost but not quite entirely unlike what you desired." -- Chris Torek