Date: Fri, 4 Feb 2005 16:55:01 -0500 From: Scott Robbins <scottro@nyc.rr.com> To: freebsd-stable@freebsd.org Subject: Re: Adjusting time on a secured FreeBSD machine. Message-ID: <20050204215501.GA2845@uws1.starlofashions.com> In-Reply-To: <20050204214140.273335D07@ptavv.es.net> References: <20050204212903.GA2610@uws1.starlofashions.com> <20050204214140.273335D07@ptavv.es.net>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Feb 04, 2005 at 01:41:39PM -0800, Kevin Oberman wrote: > > Date: Fri, 4 Feb 2005 16:29:03 -0500 > > From: Scott Robbins <scottro@nyc.rr.com> > > Sender: owner-freebsd-stable@freebsd.org > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > > > They do conflict with each other, I'm not sure what will happen if you > > have both in rc.conf. Hopefully ntpdate will run first, then ntpd. If > > ntpd is running then you will get an error message running ntpdate. > > > > On an unsecured box (the one that I mentioned, where ntpd choked because > > the BIOS clock was too far off, I simply stopped ntpd, ran ntpdate and > > then restarted ntpd. > > They do not conflict if you use the flags in defaults/rc.conf. > > ntpdate -b sets the time ONCE and is run before ntpd starts, the '-b' > option will cause it to to set the time absolutely no matter hao far off > the clock is at the time. This is exactly how ntpdate is intended to be > used. > > That said, ntpdate is considered obsolete by the ntp folks and may > disappear at some time in the future. Their recommendation is to use > ntpd with the '-g' flag to force an unconditional clock set and to use > the 'iburst' option on your servers in /etc/ntp.conf. I find this works > well, but some have complained that it takes too long. Thank you. I have been using ntpd for awhile, and haven't read the man pages recently, which I should have done before posting. I only ran into the issue once and solved it as I mentioned. Thanks again. I just learned something. - -- Scott GPG KeyID EB3467D6 ( 1B848 077D 66F6 9DB0 FDC2 A409 FA54 D575 EB34 67D6) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Buffy: No, but, see, Mom, that doesn't really work for me. We're just going to the magic shop, no school supplies there. Dawn: Yeah, Mom. I'm not going to Hogwarts. (chuckles) Hog- (looks at Buffy, who's not amused) Jeez, crack a book sometime. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCA+81+lTVdes0Z9YRAhi5AKC9Y2EUCxlsj+m7fhxrM8R5q6v6MACfbzXZ f/Lt+igi9J8TVMwuJ+CX8hE= =GCnT -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050204215501.GA2845>