Date: Tue, 21 Apr 2009 11:29:18 -0700 From: Chuck Swiger <cswiger@mac.com> To: Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net> Cc: "freebsd-questions@freebsd.org Questions -" <freebsd-questions@freebsd.org> Subject: Re: Preventing ntpd from adjusting time (backwards) Message-ID: <344D9702-C894-4E54-B256-43FAB17903F1@mac.com> In-Reply-To: <200904212023.14365.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> References: <200904211106.01965.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> <200904211643.32448.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> <20090421183133.4e0c414f@gumby.homeunix.com> <200904212023.14365.mel.flynn%2Bfbsd.questions@mailing.thruhere.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Apr 21, 2009, at 11:23 AM, Mel Flynn wrote:
> Now I'm also wondering how ntpd handles securelevel 2.
"man init" suggests that stepping the clock by more than a second is
disallowed:
2 Highly secure mode - same as secure mode, plus disks may not
be
opened for writing (except by mount(2)) whether mounted or
not.
This level precludes tampering with file systems by unmounting
them, but also inhibits running newfs(8) while the system is
multi-
user.
In addition, kernel time changes are restricted to less than
or
equal to one second. Attempts to change the time by more
than this
will log the message ``Time adjustment clamped to +1 second''.
Regards,
--
-Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?344D9702-C894-4E54-B256-43FAB17903F1>