From owner-freebsd-stable@FreeBSD.ORG Fri Feb 4 21:56:04 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DFC5D16A4CE for ; Fri, 4 Feb 2005 21:56:04 +0000 (GMT) Received: from mail.starlofashions.com (mail.starlofashions.com [12.44.50.125]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5FAF243D46 for ; Fri, 4 Feb 2005 21:56:02 +0000 (GMT) (envelope-from scottro@nyc.rr.com) Received: from uws1.starlofashions.com ([192.168.8.230]) by mail.starlofashions.com (8.9.3/8.9.3) with SMTP id QAA11817 for ; Fri, 4 Feb 2005 16:55:01 -0500 Received: by uws1.starlofashions.com (sSMTP sendmail emulation); Fri, 4 Feb 2005 16:55:01 -0500 Date: Fri, 4 Feb 2005 16:55:01 -0500 From: Scott Robbins To: freebsd-stable@freebsd.org Message-ID: <20050204215501.GA2845@uws1.starlofashions.com> Mail-Followup-To: freebsd-stable@freebsd.org References: <20050204212903.GA2610@uws1.starlofashions.com> <20050204214140.273335D07@ptavv.es.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii; x-action=pgp-signed Content-Disposition: inline In-Reply-To: <20050204214140.273335D07@ptavv.es.net> User-Agent: Mutt/1.5.6i Subject: Re: Adjusting time on a secured FreeBSD machine. X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Feb 2005 21:56:05 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Feb 04, 2005 at 01:41:39PM -0800, Kevin Oberman wrote: > > Date: Fri, 4 Feb 2005 16:29:03 -0500 > > From: Scott Robbins > > Sender: owner-freebsd-stable@freebsd.org > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > > > They do conflict with each other, I'm not sure what will happen if you > > have both in rc.conf. Hopefully ntpdate will run first, then ntpd. If > > ntpd is running then you will get an error message running ntpdate. > > > > On an unsecured box (the one that I mentioned, where ntpd choked because > > the BIOS clock was too far off, I simply stopped ntpd, ran ntpdate and > > then restarted ntpd. > > They do not conflict if you use the flags in defaults/rc.conf. > > ntpdate -b sets the time ONCE and is run before ntpd starts, the '-b' > option will cause it to to set the time absolutely no matter hao far off > the clock is at the time. This is exactly how ntpdate is intended to be > used. > > That said, ntpdate is considered obsolete by the ntp folks and may > disappear at some time in the future. Their recommendation is to use > ntpd with the '-g' flag to force an unconditional clock set and to use > the 'iburst' option on your servers in /etc/ntp.conf. I find this works > well, but some have complained that it takes too long. Thank you. I have been using ntpd for awhile, and haven't read the man pages recently, which I should have done before posting. I only ran into the issue once and solved it as I mentioned. Thanks again. I just learned something. - -- Scott GPG KeyID EB3467D6 ( 1B848 077D 66F6 9DB0 FDC2 A409 FA54 D575 EB34 67D6) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Buffy: No, but, see, Mom, that doesn't really work for me. We're just going to the magic shop, no school supplies there. Dawn: Yeah, Mom. I'm not going to Hogwarts. (chuckles) Hog- (looks at Buffy, who's not amused) Jeez, crack a book sometime. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCA+81+lTVdes0Z9YRAhi5AKC9Y2EUCxlsj+m7fhxrM8R5q6v6MACfbzXZ f/Lt+igi9J8TVMwuJ+CX8hE= =GCnT -----END PGP SIGNATURE-----