From owner-freebsd-hackers@FreeBSD.ORG Sun Jun 8 12:10:30 2008 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F0260106568E for ; Sun, 8 Jun 2008 12:10:30 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from mail14.syd.optusnet.com.au (mail14.syd.optusnet.com.au [211.29.132.195]) by mx1.freebsd.org (Postfix) with ESMTP id 6AC1B8FC2A for ; Sun, 8 Jun 2008 12:10:30 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from server.vk2pj.dyndns.org (c122-106-215-175.belrs3.nsw.optusnet.com.au [122.106.215.175]) by mail14.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m58CAR5w012464 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 8 Jun 2008 22:10:28 +1000 Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by server.vk2pj.dyndns.org (8.14.2/8.14.2) with ESMTP id m58CARhY083084; Sun, 8 Jun 2008 22:10:27 +1000 (EST) (envelope-from peter@server.vk2pj.dyndns.org) Received: (from peter@localhost) by server.vk2pj.dyndns.org (8.14.2/8.14.2/Submit) id m58CAR7e083083; Sun, 8 Jun 2008 22:10:27 +1000 (EST) (envelope-from peter) Date: Sun, 8 Jun 2008 22:10:27 +1000 From: Peter Jeremy To: xorquewasp@googlemail.com Message-ID: <20080608121027.GF67629@server.vk2pj.dyndns.org> References: <20080608103254.GA99569@logik.internal.network> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ibvzjYYg+QDzMCy1" Content-Disposition: inline In-Reply-To: <20080608103254.GA99569@logik.internal.network> X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.17 (2007-11-01) Cc: freebsd-hackers@freebsd.org Subject: Re: ntpd jail problem X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Jun 2008 12:10:31 -0000 --ibvzjYYg+QDzMCy1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2008-Jun-08 11:32:54 +0100, xorquewasp@googlemail.com wrote: >I'm running an openntpd instance on the host machine, which syncs the >clock from the pool at pool.ntp.org. From the log output, ntpd claims to >be synced and the time does seem to be correct. > >I'm then running another openntpd in a jail which doesn't set the time, >just serves it to clients. I've never used openntpd but for the base ntpd, you should be able to just use 'server 127.127.1.0' to make it trust (and not alter) the base system time. Note that this openntpd will not have access to the stratum information from the main ntpd but will have a fixed value and may need to be adjusted using a 'fudge' command (or equivalent). I'd be interested in knowing why you chose this approach rather than just syncing clients to the [open]ntpd instance in the host machine. --=20 Peter Jeremy Please excuse any delays as the result of my ISP's inability to implement an MTA that is either RFC2821-compliant or matches their claimed behaviour. --ibvzjYYg+QDzMCy1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkhLzDMACgkQ/opHv/APuIfBuQCeM5Vrs9JBXEJ79RYyMFSMTkMI qaUAnjfY4uv/Qn1eu58vorq22XSIN16s =EVsI -----END PGP SIGNATURE----- --ibvzjYYg+QDzMCy1--